{"component": "clause", "props": {"groups": [{"samples": [{"hash": "2RGClh4Z49s", "uri": "/contracts/2RGClh4Z49s#security-practices", "label": "Reseller Terms of Sale", "score": 35.6893386841, "published": true}, {"hash": "gMuU14mhHTG", "uri": "/contracts/gMuU14mhHTG#security-practices", "label": "Reseller Terms of Sale", "score": 34.9257507324, "published": true}, {"hash": "6NjG8f5P6md", "uri": "/contracts/6NjG8f5P6md#security-practices", "label": "Reseller Terms of Sale", "score": 34.8728752136, "published": true}], "size": 31, "snippet": "Dell has implemented corporate information security practices and standards that are designed to safeguard the Dell\u2019s corporate environment and to address: (1) information security; (2) system and asset management; (3) development; and (4) governance. These practices and standards are approved by the Dell CIO and undergo a formal review on an annual basis.", "snippet_links": [{"key": "information-security", "type": "definition", "offset": [31, 51]}, {"key": "and-standards", "type": "clause", "offset": [62, 75]}, {"key": "corporate-environment", "type": "clause", "offset": [118, 139]}, {"key": "asset-management", "type": "clause", "offset": [197, 213]}, {"key": "approved-by", "type": "clause", "offset": [286, 297]}, {"key": "formal-review", "type": "definition", "offset": [325, 338]}, {"key": "annual-basis", "type": "definition", "offset": [345, 357]}], "hash": "a0d3907d1b10a247fc9174827c3c44df", "id": 1}, {"samples": [{"hash": "dV2IJtJBTfZ", "uri": "/contracts/dV2IJtJBTfZ#security-practices", "label": "Terms of Use", "score": 27.25872612, "published": true}, {"hash": "4nM49GHOqvN", "uri": "/contracts/4nM49GHOqvN#security-practices", "label": "Terms of Use", "score": 24.8822727203, "published": true}, {"hash": "lEzIaDO6Pgy", "uri": "/contracts/lEzIaDO6Pgy#security-practices", "label": "Terms of Use", "score": 24.4688568115, "published": true}], "size": 7, "snippet": "IBM implements and maintains practices and procedures, which may be revised periodically, regarding the systems used to host and operate the IBM SaaS. These practices and procedures are designed to reduce the vulnerability of our systems to accidental loss, unlawful intrusions, unauthorized access, disclosure or alteration, or wrongful conduct that may interfere with, misappropriate, or otherwise damage the Content or Customer's use of the IBM SaaS. A description of the practices and procedures applicable to the IBM SaaS, including applicable technical and operational measures, is available to Customer upon request. Customer is responsible for determining whether these practices and procedures are appropriate to meet Customer's requirements. By using the IBM SaaS, Customer acknowledges its acceptance of the IBM practices and procedures and their adequacy for Customer's purposes. Except as specifically provided in the Security Practices for the IBM SaaS, IBM makes no representations or warranties regarding any security functions.", "snippet_links": [{"key": "practices-and-procedures", "type": "clause", "offset": [29, 53]}, {"key": "the-systems", "type": "clause", "offset": [100, 111]}, {"key": "to-host", "type": "definition", "offset": [117, 124]}, {"key": "ibm-saas", "type": "clause", "offset": [141, 149]}, {"key": "our-systems", "type": "definition", "offset": [226, 237]}, {"key": "accidental-loss", "type": "clause", "offset": [241, 256]}, {"key": "unauthorized-access", "type": "definition", "offset": [279, 298]}, {"key": "wrongful-conduct", "type": "definition", "offset": [329, 345]}, {"key": "the-content", "type": "clause", "offset": [407, 418]}, {"key": "description-of-the", "type": "definition", "offset": [456, 474]}, {"key": "applicable-to", "type": "definition", "offset": [500, 513]}, {"key": "technical-and-operational-measures", "type": "clause", "offset": [549, 583]}, {"key": "to-customer", "type": "clause", "offset": [598, 609]}, {"key": "upon-request", "type": "clause", "offset": [610, 622]}, {"key": "responsible-for", "type": "clause", "offset": [636, 651]}, {"key": "customer-acknowledges", "type": "clause", "offset": [775, 796]}, {"key": "acceptance-of-the", "type": "clause", "offset": [801, 818]}, {"key": "for-customer", "type": "clause", "offset": [867, 879]}, {"key": "except-as-specifically", "type": "clause", "offset": [892, 914]}, {"key": "the-security", "type": "clause", "offset": [927, 939]}, {"key": "no-representations-or-warranties", "type": "clause", "offset": [978, 1010]}], "hash": "891eb43ed7e8077006f75774e4deb6cf", "id": 5}, {"samples": [{"hash": "aMnvgzwN43m", "uri": "/contracts/aMnvgzwN43m#security-practices", "label": "Data Sharing and Confidentiality Agreement", "score": 33.9499664307, "published": true}, {"hash": "kgoMicyA040", "uri": "/contracts/kgoMicyA040#security-practices", "label": "Data Sharing and Confidentiality Agreement", "score": 29.6994476318, "published": true}, {"hash": "3Tb9zhVBiZG", "uri": "/contracts/3Tb9zhVBiZG#security-practices", "label": "Data Sharing and Confidentiality Agreement", "score": 25.0903491974, "published": true}], "size": 21, "snippet": "A. Protected data provided to the contractor will be stored: (include where and how) B. The security protections taken to ensure data will be protected that align with the NIST Cybersecurity Framework and industry best practices include:", "snippet_links": [{"key": "data-provided", "type": "clause", "offset": [13, 26]}, {"key": "the-contractor-will", "type": "clause", "offset": [30, 49]}, {"key": "the-security", "type": "clause", "offset": [88, 100]}, {"key": "to-ensure", "type": "clause", "offset": [119, 128]}, {"key": "be-protected", "type": "clause", "offset": [139, 151]}, {"key": "nist-cybersecurity-framework", "type": "definition", "offset": [172, 200]}, {"key": "industry-best-practices", "type": "definition", "offset": [205, 228]}], "hash": "273cbcadacf077dc7b59ee4015523209", "id": 2}, {"samples": [{"hash": "iTnuK0v6CWC", "uri": "/contracts/iTnuK0v6CWC#security-practices", "label": "Provider Agreement", "score": 27.258638382, "published": true}, {"hash": "gcRDkcndjNg", "uri": "/contracts/gcRDkcndjNg#security-practices", "label": "Provider Agreement", "score": 27.258638382, "published": true}, {"hash": "gAe3qIgP13h", "uri": "/contracts/gAe3qIgP13h#security-practices", "label": "Provider Agreement", "score": 27.258638382, "published": true}], "size": 20, "snippet": "The Provider that creates, receives, maintains, or transmits electronic protected health information in its role as a provider shall undertake the following acts regarding such information:\na. Ensure the information\u2019s confidentiality, integrity, and availability. 45 C.F.R. 164.308 (administrative safeguards), 164.310 (physical safeguards), 164.312 (technical safeguards), and 164.316 (policies, procedures and documentation requirements) shall apply to the Provider in the same manner that such sections apply to DHSS, and shall be implemented in accordance with HIPAA, the HITECH Act, and the Privacy and Security Rule. The additional requirements of Title XIII of the HITECH Act contained in Public Law 111-5 that relate to security and that are made applicable to covered entities shall also apply to the Provider and are incorporated into this Privacy and Security Procedures.\nb. Protect against any reasonably anticipated threats or hazards to the security or integrity of such information, including during its transmission to and from the provider.\nc. Protect against reasonably anticipated uses or disclosures of such information when the use or disclosure is not required or permitted by law.\nd. Implement protections that govern the receipt, removal, disposition, and re-use of hardware and electronic media (which includes, but is not limited to hard disks, magnetic tapes, compact disks, videotapes, audiotapes, handheld electronic devices and removable storage devices such as floppy disks, zip disks, and memory cards) that contain or have contained electronic protected health information. In particular, the provider shall:\ni. Ensure that all hardware used or electronic media developed by the provider through the provision of services under the agreement be cleaned with a wipe utility that prevents the recovery of any information from the device, prior to the hardware or device being re-used, salvaged, surplussed, or disposed.\nii. For each piece of hardware or electronic media to be re-used, salvaged, surplused, or disposed, furnish a Disposal Assurance Form (attached as Exhibit 1 to these procedures) to the contact person named in the Provider Agreement.\ne. Ensure that its workforce protect the security of such information.", "snippet_links": [{"key": "electronic-protected-health-information", "type": "definition", "offset": [61, 100]}, {"key": "such-information", "type": "definition", "offset": [172, 188]}, {"key": "the-information", "type": "clause", "offset": [200, 215]}, {"key": "administrative-safeguards", "type": "definition", "offset": [283, 308]}, {"key": "physical-safeguards", "type": "definition", "offset": [320, 339]}, {"key": "technical-safeguards", "type": "definition", "offset": [351, 371]}, {"key": "documentation-requirements", "type": "clause", "offset": [412, 438]}, {"key": "in-the-same-manner", "type": "definition", "offset": [468, 486]}, {"key": "in-accordance-with", "type": "clause", "offset": [546, 564]}, {"key": "the-hitech-act", "type": "definition", "offset": [572, 586]}, {"key": "privacy-and-security-rule", "type": "definition", "offset": [596, 621]}, {"key": "additional-requirements", "type": "definition", "offset": [627, 650]}, {"key": "public-law", "type": "clause", "offset": [696, 706]}, {"key": "relate-to", "type": "definition", "offset": [718, 727]}, {"key": "security-and", "type": "clause", "offset": [728, 740]}, {"key": "applicable-to", "type": "definition", "offset": [755, 768]}, {"key": "covered-entities", "type": "definition", "offset": [769, 785]}, {"key": "security-procedures", "type": "definition", "offset": [862, 881]}, {"key": "the-security", "type": "clause", "offset": [951, 963]}, {"key": "integrity-of", "type": "clause", "offset": [967, 979]}, {"key": "uses-or-disclosures", "type": "clause", "offset": [1100, 1119]}, {"key": "use-or-disclosure", "type": "clause", "offset": [1149, 1166]}, {"key": "not-required", "type": "definition", "offset": [1170, 1182]}, {"key": "permitted-by-law", "type": "clause", "offset": [1186, 1202]}, {"key": "use-of-hardware", "type": "clause", "offset": [1283, 1298]}, {"key": "electronic-media", "type": "clause", "offset": [1303, 1319]}, {"key": "not-limited", "type": "clause", "offset": [1344, 1355]}, {"key": "magnetic-tapes", "type": "definition", "offset": [1371, 1385]}, {"key": "electronic-devices", "type": "clause", "offset": [1435, 1453]}, {"key": "storage-devices", "type": "clause", "offset": [1468, 1483]}, {"key": "in-particular", "type": "clause", "offset": [1607, 1620]}, {"key": "the-provider-shall", "type": "clause", "offset": [1622, 1640]}, {"key": "by-the-provider", "type": "clause", "offset": [1705, 1720]}, {"key": "the-provision-of-services", "type": "clause", "offset": [1729, 1754]}, {"key": "the-agreement", "type": "clause", "offset": [1761, 1774]}, {"key": "recovery-of", "type": "clause", "offset": [1824, 1835]}, {"key": "information-from", "type": "clause", "offset": [1840, 1856]}, {"key": "the-device", "type": "clause", "offset": [1857, 1867]}, {"key": "prior-to-the", "type": "clause", "offset": [1869, 1881]}, {"key": "exhibit-1", "type": "definition", "offset": [2098, 2107]}, {"key": "contact-person", "type": "definition", "offset": [2136, 2150]}, {"key": "provider-agreement", "type": "clause", "offset": [2164, 2182]}, {"key": "security-of", "type": "clause", "offset": [2225, 2236]}], "hash": "ce69c177c03f4e404b779cc0abf27fb6", "id": 3}, {"samples": [{"hash": "9zWl2juqvQp", "uri": "/contracts/9zWl2juqvQp#security-practices", "label": "Data Privacy Agreement", "score": 32.5386810303, "published": true}, {"hash": "8QQsNXSlWAo", "uri": "/contracts/8QQsNXSlWAo#security-practices", "label": "Data Privacy Agreement", "score": 25.9158115387, "published": true}], "size": 9, "snippet": "Confidential Data provided to Contractor by the School District will be stored [insert location]. The measures that Contractor takes to protect Confidential Data will align with the NIST Cybersecurity Framework, including but not necessarily limited to, disk encryption, file encryption, firewalls, and password protection.", "snippet_links": [{"key": "data-provided", "type": "clause", "offset": [13, 26]}, {"key": "the-school-district", "type": "clause", "offset": [44, 63]}, {"key": "nist-cybersecurity-framework", "type": "definition", "offset": [182, 210]}, {"key": "file-encryption", "type": "clause", "offset": [271, 286]}, {"key": "password-protection", "type": "definition", "offset": [303, 322]}], "hash": "a51ac7ccc5f6065abf3c6867ac5435e6", "id": 4}, {"samples": [{"hash": "dsuhszCQWlM", "uri": "/contracts/dsuhszCQWlM#security-practices", "label": "School Resource Officer Agreement", "score": 33.4697265625, "published": true}, {"hash": "jXCQQxhgYaC", "uri": "/contracts/jXCQQxhgYaC#security-practices", "label": "School Resource Officer Agreement", "score": 33.3963928223, "published": true}, {"hash": "lV5SScG43NV", "uri": "/contracts/lV5SScG43NV#security-practices", "label": "School Resource Officer Agreement", "score": 32.4204521179, "published": true}], "size": 6, "snippet": "Confidential Data provided to Contractor by the School District will be stored physically in the Office of the SRO at the School District and/or electronically on the School District\u2019s computer system. The measures that Contractor takes to protect Confidential Data will align with the NIST Cybersecurity Framework, including but not necessarily limited to, disk encryption, file encryption, firewalls, and password protection.", "snippet_links": [{"key": "data-provided", "type": "clause", "offset": [13, 26]}, {"key": "the-school-district", "type": "clause", "offset": [44, 63]}, {"key": "office-of-the", "type": "clause", "offset": [97, 110]}, {"key": "computer-system", "type": "definition", "offset": [185, 200]}, {"key": "nist-cybersecurity-framework", "type": "definition", "offset": [286, 314]}, {"key": "file-encryption", "type": "clause", "offset": [375, 390]}, {"key": "password-protection", "type": "definition", "offset": [407, 426]}], "hash": "30aee1af72aca6bf7934825975ba7a8a", "id": 6}, {"samples": [{"hash": "f8DtEUvZGWn", "uri": "/contracts/f8DtEUvZGWn#security-practices", "label": "Master Saas and Service Level Agreement", "score": 35.0791282654, "published": true}, {"hash": "6b37czz0pAX", "uri": "/contracts/6b37czz0pAX#security-practices", "label": "Master Saas and Service Level Agreement", "score": 34.5656013489, "published": true}, {"hash": "3Vtw2j0YdpK", "uri": "/contracts/3Vtw2j0YdpK#security-practices", "label": "Master Saas and Service Level Agreement", "score": 34.4047813416, "published": true}], "size": 5, "snippet": "LVT must at all times implement reasonable and appropriate technical and organizational measures designed to safeguard Customer Data against unauthorized or illegal access, destruction, use, modification, processing, copying, or disclosure and against accidental loss, destruction, or damage including, but not limited to, the security compliance requirements set forth in Appendix A (\u201cSecurity Compliance Requirements\u201d) attached to this DPA. LVT must document those measures in writing and periodically review them, at least annually, to ensure they remain current and complete. Further, LVT must take reasonable precautions to preserve the integrity of any Personal Information it processes and to prevent any corruption or loss of the Personal Information, including but not limited to establishing effective back-up and data restoration procedures.", "snippet_links": [{"key": "at-all-times", "type": "definition", "offset": [9, 21]}, {"key": "appropriate-technical-and-organizational-measures", "type": "clause", "offset": [47, 96]}, {"key": "customer-data", "type": "clause", "offset": [119, 132]}, {"key": "accidental-loss", "type": "clause", "offset": [252, 267]}, {"key": "not-limited", "type": "clause", "offset": [307, 318]}, {"key": "compliance-requirements", "type": "clause", "offset": [336, 359]}, {"key": "appendix-a", "type": "clause", "offset": [373, 383]}, {"key": "in-writing", "type": "clause", "offset": [476, 486]}, {"key": "to-ensure", "type": "clause", "offset": [536, 545]}, {"key": "reasonable-precautions", "type": "definition", "offset": [603, 625]}, {"key": "integrity-of", "type": "clause", "offset": [642, 654]}, {"key": "personal-information", "type": "definition", "offset": [659, 679]}, {"key": "loss-of", "type": "clause", "offset": [726, 733]}, {"key": "the-personal", "type": "clause", "offset": [734, 746]}, {"key": "restoration-procedures", "type": "clause", "offset": [829, 851]}], "hash": "2f64c7e3fbc2fd91109143b0102e226f", "id": 7}, {"samples": [{"hash": "2w7jN1GACzk", "uri": "/contracts/2w7jN1GACzk#security-practices", "label": "Terms of Use", "score": 24.7262153625, "published": true}, {"hash": "aN5QS70ZxS", "uri": "/contracts/aN5QS70ZxS#security-practices", "label": "Terms of Use", "score": 24.6741962433, "published": true}, {"hash": "1jK3jHGfCSE", "uri": "/contracts/1jK3jHGfCSE#security-practices", "label": "Terms of Use", "score": 24.3552360535, "published": true}], "size": 4, "snippet": "IBM maintains practices and procedures, which may be revised periodically, regarding the systems used to host and operate the IBM SaaS, which practices and procedures are designed to reduce the vulnerability of our systems to intrusions or wrongful conduct that may interfere with, misappropriate, or otherwise damage the Content or Customer's use of the IBM SaaS. A description of the practices and procedures applicable to the IBM SaaS, including applicable technical and operational measures, is available to Customer upon request. Customer is responsible for determining whether these practices and procedures are adequate to meet Customer's requirements. By using the IBM SaaS, Customer acknowledges its acceptance of the IBM practices and procedures and their adequacy for Customer's purposes. Except as specifically provided in the Security Practices for the IBM SaaS, IBM makes no representations or warranties regarding any security functions or that the IBM SaaS or Customer's content are secure from any intrusions or wrongful conduct.", "snippet_links": [{"key": "practices-and-procedures", "type": "clause", "offset": [14, 38]}, {"key": "the-systems", "type": "clause", "offset": [85, 96]}, {"key": "to-host", "type": "definition", "offset": [102, 109]}, {"key": "ibm-saas", "type": "clause", "offset": [126, 134]}, {"key": "our-systems", "type": "definition", "offset": [211, 222]}, {"key": "wrongful-conduct", "type": "definition", "offset": [240, 256]}, {"key": "the-content", "type": "clause", "offset": [318, 329]}, {"key": "description-of-the", "type": "definition", "offset": [367, 385]}, {"key": "applicable-to", "type": "definition", "offset": [411, 424]}, {"key": "technical-and-operational-measures", "type": "clause", "offset": [460, 494]}, {"key": "to-customer", "type": "clause", "offset": [509, 520]}, {"key": "upon-request", "type": "clause", "offset": [521, 533]}, {"key": "responsible-for", "type": "clause", "offset": [547, 562]}, {"key": "customer-acknowledges", "type": "clause", "offset": [683, 704]}, {"key": "acceptance-of-the", "type": "clause", "offset": [709, 726]}, {"key": "for-customer", "type": "clause", "offset": [775, 787]}, {"key": "except-as-specifically", "type": "clause", "offset": [800, 822]}, {"key": "the-security", "type": "clause", "offset": [835, 847]}, {"key": "no-representations-or-warranties", "type": "clause", "offset": [886, 918]}], "hash": "d95505bba9dd25ba01fe4ac649db4cbd", "id": 8}, {"samples": [{"hash": "4hcI5yxvxLx", "uri": "/contracts/4hcI5yxvxLx#security-practices", "label": "Data Processing Addendum", "score": 35.9828643799, "published": true}, {"hash": "fDope7yoWSZ", "uri": "/contracts/fDope7yoWSZ#security-practices", "label": "Master Service Agreement", "score": 35.8174667358, "published": true}, {"hash": "23SDMwoFHry", "uri": "/contracts/23SDMwoFHry#security-practices", "label": "Data Processing Addendum", "score": 34.5828399658, "published": true}], "size": 4, "snippet": "\u25cf Data Processor takes regular backups of customer data to prevent any major data loss during a security incident. \u25cf All data stored is encrypted so that the customer\u2019s personal data is stored securely. \u25cf Servers and data are managed by Amazon Web Services (AWS \u2013 Cloud Computing Services). \u25cf Security policies and security groups are intact so that only authorized people have access to Servers. Please see our security page for more information.", "snippet_links": [{"key": "data-processor", "type": "definition", "offset": [2, 16]}, {"key": "regular-backups", "type": "clause", "offset": [23, 38]}, {"key": "customer-data", "type": "clause", "offset": [42, 55]}, {"key": "data-loss", "type": "definition", "offset": [77, 86]}, {"key": "security-incident", "type": "clause", "offset": [96, 113]}, {"key": "the-customer", "type": "definition", "offset": [154, 166]}, {"key": "personal-data", "type": "definition", "offset": [169, 182]}, {"key": "amazon-web-services", "type": "clause", "offset": [237, 256]}, {"key": "cloud-computing-services", "type": "definition", "offset": [264, 288]}, {"key": "security-policies", "type": "definition", "offset": [293, 310]}, {"key": "and-security", "type": "clause", "offset": [311, 323]}, {"key": "access-to", "type": "definition", "offset": [378, 387]}, {"key": "security-page", "type": "definition", "offset": [412, 425]}, {"key": "for-more-information", "type": "clause", "offset": [426, 446]}], "hash": "9007c52a4d71fa265f11a8436412292f", "id": 9}, {"samples": [{"hash": "bnCqPRSbmlL", "uri": "/contracts/bnCqPRSbmlL#security-practices", "label": "Master Service Agreement", "score": 36.2367286682, "published": true}, {"hash": "40DokXHb9hG", "uri": "/contracts/40DokXHb9hG#security-practices", "label": "Master Service Agreement", "score": 36.2367286682, "published": true}, {"hash": "iJ34InoWsbq", "uri": "/contracts/iJ34InoWsbq#security-practices", "label": "Master Service Agreement", "score": 36.2353820801, "published": true}], "size": 4, "snippet": "LIT has implemented corporate information security practices and standards that are designed to safeguard the LIT\u2019s corporate environment and to address: (1) information security; (2) system and asset management; (3) development; and (4) governance. These practices and standards are approved by the LIT CIO and undergo a formal review on an annual basis.", "snippet_links": [{"key": "information-security", "type": "definition", "offset": [30, 50]}, {"key": "and-standards", "type": "clause", "offset": [61, 74]}, {"key": "corporate-environment", "type": "clause", "offset": [116, 137]}, {"key": "asset-management", "type": "clause", "offset": [195, 211]}, {"key": "approved-by", "type": "clause", "offset": [284, 295]}, {"key": "formal-review", "type": "definition", "offset": [322, 335]}, {"key": "annual-basis", "type": "definition", "offset": [342, 354]}], "hash": "32a680dc1d4e89e4ff8447128ed53b15", "id": 10}], "next_curs": "ClsSVWoVc35sYXdpbnNpZGVyY29udHJhY3RzcjcLEhZDbGF1c2VTbmlwcGV0R3JvdXBfdjU2IhtzZWN1cml0eS1wcmFjdGljZXMjMDAwMDAwMGEMogECZW4YACAA", "clause": {"size": 225, "parents": [["termination-or-expiration-of-contract-and-or-agreement", "Termination or Expiration of Contract and/or Agreement"], ["entire-agreement", "Entire Agreement"], ["general-terms", "General Terms"], ["miscellaneous", "Miscellaneous"], ["definitions", "Definitions"]], "children": [["security-incident", "Security Incident"], ["other-incidents", "Other Incidents"], ["personal-data", "Personal Data"], ["", ""]], "title": "Security Practices", "id": "security-practices", "related": [["safety-practices", "SAFETY PRACTICES", "SAFETY PRACTICES"], ["pay-practices", "Pay Practices", "Pay Practices"], ["security-policies", "Security Policies", "Security Policies"], ["security-protocols", "Security Protocols", "Security Protocols"], ["data-practices", "Data Practices", "Data Practices"]], "related_snippets": [], "updated": "2025-07-24T06:49:03+00:00"}, "json": true, "cursor": ""}}