Security of Information. Unless otherwise specifically authorized by the DOH Chief Information Security Officer, Contractor receiving confidential information under this contract assures that: • Encryption is selected and applied using industry standard algorithms validated by the National Institute of Standards and Technology (NIST) Cryptographic Algorithm Validation Program against all information stored locally and off-site. Information must be encrypted both in-transit and at rest and applied in such a way that it renders data unusable to anyone but authorized personnel, and the confidential process, encryption key or other means to decipher the information is protected from unauthorized access. • It is compliant with the applicable provisions of the Washington State Office of the Chief Information Officer (OCIO) policy 141, Securing Information Technology Assets, available at: xxxxx://xxxx.xx.xxx/policy/securing-information-technology-assets. • It will provide DOH copies of its IT security policies, practices and procedures upon the request of the DOH Chief Information Security Officer. • DOH may at any time conduct an audit of the Contractor’s security practices and/or infrastructure to assure compliance with the security requirements of this contract. • It has implemented physical, electronic and administrative safeguards that are consistent with OCIO security standard 141.10 and ISB IT guidelines to prevent unauthorized access, use, modification or disclosure of DOH Confidential Information in any form. This includes, but is not limited to, restricting access to specifically authorized individuals and services through the use of: o Documented access authorization and change control procedures; o Card key systems that restrict, monitor and log access; o Locked racks for the storage of servers that contain Confidential Information or use AES encryption (key lengths of 256 bits or greater) to protect confidential data at rest, standard algorithms validated by the National Institute of Standards and Technology (NIST) Cryptographic Algorithm Validation Program (CMVP); o Documented patch management practices that assure all network systems are running critical security updates within 6 days of release when the exploit is in the wild, and within 30 days of release for all others; o Documented anti-virus strategies that assure all systems are running the most current anti-virus signatures within 1 day of release; o Complex passwords that are systematically enforced and password ex...
Security of Information. 17.1 Neither party shall use the other party’s Information for any purpose other than the purpose for which it was provided and/or only to the extent necessary to enable each party to perform its obligations under this Agreement.
Security of Information. 28.1 The County is required to notify its customers if any electronically stored information or written document that contains personal information has been subject to a security breach. Any Contractor of the County who becomes aware of any potential breach of a document or electronic file containing personal information of client of the County will immediately notify the Contract Administrator, who will work with the County Public Information Officer to notify the affected persons. A breach occurs when any unauthorized individual or entity gains access to personal information or when unintended disclosure of personal information is made, for example loss or theft of a electronic device containing personal information, loss or theft of a paper document containing personal information, unauthorized access to a network containing personal information, or a document containing personal information being sent to the wrong address.
Security of Information. No data transmission over the Internet can be guaranteed as totally secure. Whilst we strive to protect such information we do not warrant and cannot ensure the security of information which you transmit to us. Accordingly, any information which you transmit to us is transmitted at your own risk.
Security of Information. 26.1 ARESC does not represent, warrant or covenant that the User’s use of the Services will be entirely secure and private. The User acknowledges that it may be possible for third parties to monitor communications while the User uses the Services.
Security of Information a. Chapter agrees to secure all APS data ensuring protections from unauthorized access, use, or disclosure.
Security of Information. We take reasonable precautions to protect Our users’ information. Please note, however, that electronic transmissions via the Internet are not necessarily secure from interception, and We do not guarantee the security or confidentiality of transmissions. Except as may be otherwise provided in a specific agreement for services, We undertake no responsibility or liability for the deletion or failure to store any information or communications submitted through any of Our Online Platforms.
Security of Information. 5.5.1. Security of information is the application of general protective measures and procedures to prevent, detect and recover from the loss or compromise of information. Classified information shall be protected throughout its life cycle to a level commensurate with its level of classification. It shall be managed to ensure that it is appropriately classified, is clearly identified as classified and remains classified only as long as this is necessary.
Security of Information. 6.1. All classified computer storage media shall be properly identified, stored and protected in a manner commensurate with the highest classification of the stored information.
Security of Information. Customer acknowledges that the Provider Information includes personally identifiable information (“PII”) and that it is Customer’s obligation to keep all such PII secure by taking all commercially reasonable means to ensure that access is limited only to those authorized individuals or organizations. Accordingly, Customer shall
