PROCEDURES FOR SECURITY. A. Contractor agrees to safeguard the DHHS Data received under this Contract, and any derivative data or files, as follows:
PROCEDURES FOR SECURITY. In order to safeguard the Confidential Data shared under this Agreement, and any derivative data or files, ENTITY agrees: To maintain proper security controls to protect the Confidential Data collected, processed, managed, and/or stored during completion of the proposed purpose of the Agreement; To maintain written policies and procedures including breach notification and incident response, which protect the Confidential Information throughout the information lifecycle, from creation, transformation, use, storage, and secure destruction regardless of the media used to store the data (i.e., tape, disk, paper, etc.); To maintain appropriate authentication and role based access controls to DHHS systems that collect, transmit, or store the Confidential Data or to ENTITY’s systems that collect, transmit, or store the Confidential Data. ENTITY shall not subcontract the collection, transmission, or maintenance of the data without prior approval from the DHHS Information Security Office consistent with this Agreement; To ensure proper security monitoring capabilities are in place to detect potential security events that can affect State of NH systems and/or Department Confidential Information for ENTITY provided systems; In the event of any security breach by ENTITY, that all efforts shall be made to contain and investigate the causes of the breach, promptly take measures to prevent future breach, and minimize any damage or loss resulting from the breach. ENTITY is responsible for all costs of response and recovery from the breach, including but not limited to, credit monitoring services, mailing costs, and costs associated with website and telephone call center services necessary due to the breach; To comply with all applicable statutes and regulations regarding the privacy and security of Confidential Information, and maintain the privacy and security of PI and PHI at a level and scope that is not less than the level and scope of requirements applicable to federal agencies, including, but not limited to, provisions of the Privacy Act of 1974 (5 U.S.C. § 000x), XXXX Privacy Act Regulations (45 C.F.R. §5b), HIPAA Privacy and Security Rules (45 C.F.R. Parts 160 and 164) and all other laws that govern protections for individually identifiable health information as applicable under State law; To establish and maintain appropriate administrative, technical, and physical safeguards to protect the confidentiality of the Confidential Data and to prevent unauthorized use ...
PROCEDURES FOR SECURITY. SSA and DHS will comply with the requirements of the Federal Information Security Management Act (FISMA), 44 U.S.C. §§ 3541-3549; related OMB circulars and memoranda, such as Circular A-130, Management of Federal Information Resources (Nov. 28, 2000), and Memorandum M-06-16, Protection of Sensitive Agency Information (June 23, 2006); National Institute of Standards and Technology (NIST) directives; and the Federal Acquisition Regulations, including any applicable amendments published after the effective date of this agreement. These laws, directives, and regulations include requirements for safeguarding Federal information systems and personally identifiable information (PII) used in Federal agency business processes, as well as related reporting requirements. Both agencies recognize and will implement the laws, regulations, NIST standards, and OMB directives including those published subsequent to the effective date of this agreement. FISMA requirements apply to all Federal contractors, organizations, or entities that possess or use Federal information, or that operate, use, or have access to Federal information systems on behalf of an agency. Both agencies are responsible for oversight and compliance of their contractors and agents.
PROCEDURES FOR SECURITY. USCIS and DOL will comply with the following procedures for ensuring the administrative, technical, and physical security of the information exchanged and the results of such programs:
PROCEDURES FOR SECURITY. The Privacy Act requires that each matching agreement specify procedures for ensuring the administrative, technical, and physical security of the records matched and the results of such programs. 5 U.S.C. §552a(o)(1)(G). SSA and OCSE will comply with the requirements of the Federal Information Security Management Act (FISMA), 44 U.S.C. Chapter 35, Subchapter II, as amended by the Federal Information Security Modernization Act of 2014 (Pub. L. 113-283); related Office of Management and Budget (OMB) circulars and memoranda, such as Circular A-130, Managing Federal Information as a Strategic Resource (July 28, 2016); National Institute of Standards and Technology (NIST) directives; and the Federal Acquisition Regulations, including any applicable amendments published after the effective date of this agreement. These laws, directives, and regulations include requirements for safeguarding federal information systems and personally identifiable information (PII) used in Federal agency business processes, as well as related reporting requirements. Both agencies recognize, and will implement, the laws, regulations, NIST standards, and OMB directives including those published subsequent to the effective date of this agreement. FISMA requirements apply to all federal contractors, organizations, or entities that possess or use Federal information, or that operate, use, or have access to federal information systems on behalf of an agency. Both agencies are responsible for oversight and compliance of their contractors and agents. The security addendum to this agreement specifies these security procedures, and shall be taken and considered as part of this agreement as if the provisions contained in the addendum were fully set out here.
PROCEDURES FOR SECURITY. In order to safeguard the Confidential Data shared under this Agreement, and any derivative data or files, ENTITY agrees:
PROCEDURES FOR SECURITY. X. Xxxxxxx agrees to safeguard the DHHS Data received under this Grant Agreement, and any derivative data or files, as follows:
PROCEDURES FOR SECURITY. SSA and DHS will comply with the requirements of the Federal Information Security Management Act (FISMA), 44 U.S.C. §§ Chapter 35, Subchapter II, as amended by the Federal Information Security Modernization Act of 2014 (Pub.
PROCEDURES FOR SECURITY. A. Participating State Agency agrees to safeguard the CMS Data received under this Agreement, and any derivative data or files, as follows:
PROCEDURES FOR SECURITY. The Privacy Act requires that each matching agreement specify procedures for ensuring the administrative, technical, and physical security of the records matched and the results of such programs. 5 U.S.C. §552a(o)(1)(G). SSA and OCSE will comply with the requirements of the Federal Information Security Management Act (FISMA), 44 U.S.C. §3541 et seq.; related OMB circulars and memoranda, such as Circular A-130, Managing Information as a Strategic Resource (July 28, 2016); and National Institute of Science and Technology (NIST) directives. These laws, directives, and regulations include requirements for safeguarding federal information systems and personally identifiable information (PII) used in federal agency business processes, as well as related reporting requirements. Laws, regulations, NIST standards, and Office of Management and Budget directives relating to the subject of this agreement and published subsequent to the effective date must be implemented by both agencies. FISMA requirements apply to all federal contractors, organizations, or entities that possess or use federal information, or that operate, use, or have access to federal information systems on behalf of an agency. Both agencies are responsible for the oversight and compliance of their contractors and agents. The security addendum to this agreement specifies these security procedures, and shall be taken and considered as a part of this agreement as if the provisions contained in the addendum were fully set out here.
