Security Best Practices. External Party shall implement security best practices to ensure data integrity so that the repudiation of significant facts is negated by functionality involving a secure digital signature or another form of adequate proof that a certain person (and no other) performed a particular task. a. Once an Employee has been authenticated as described above, External Party shall employ a verification scheme that identifies the Employee and provides an acceptable measure of security for access to Information Assets. b. External Party must have procedures in place that create appropriate audit trails for all transactions and retain those audit trails for not less than ninety (90) days online and one (1) year offline. c. External Party must take steps to protect Employee access by timing out the Employee session after a period of inactivity not to exceed fifteen (15) minutes.
Appears in 2 contracts
Sources: Master Services Agreement, Master Services Agreement