{"component": "clause", "props": {"groups": [{"snippet": "Servers containing unencrypted PHI COUNTY discloses to 7 CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY 8 must have sufficient administrative, physical, and technical controls in place to protect that data, based 9 upon a risk assessment/system security review.", "samples": [{"hash": "guDtYbXnEJ0", "uri": "/contracts/guDtYbXnEJ0#server-security", "label": "Contract for Inpatient Mental Health Services for Youth", "score": 31.7764453888, "published": true}, {"hash": "7eWYv8NiE7S", "uri": "/contracts/7eWYv8NiE7S#server-security", "label": "K 12 Mental Health Community Networking Services", "score": 30.2223453522, "published": true}, {"hash": "jmw0aMDoVM4", "uri": "/contracts/jmw0aMDoVM4#server-security", "label": "Contract for Provision of Services", "score": 28.2623901367, "published": true}], "size": 30, "snippet_links": [{"key": "of-county", "type": "clause", "offset": [135, 144]}, {"key": "technical-controls", "type": "clause", "offset": [198, 216]}, {"key": "in-place", "type": "clause", "offset": [217, 225]}, {"key": "risk-assessment", "type": "definition", "offset": [263, 278]}, {"key": "system-security-review", "type": "clause", "offset": [279, 301]}], "hash": "337d4f32cffb1114c2996545942f855d", "id": 5}, {"snippet": "Servers containing unencrypted PHI COUNTY discloses to 4 CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY 5 must have sufficient administrative, physical, and technical controls in place to protect that data, based 6 upon a risk assessment/system security review.", "samples": [{"hash": "ifQaDHBN3it", "uri": "/contracts/ifQaDHBN3it#server-security", "label": "Contract for Provision of Services", "score": 33.2096748352, "published": true}, {"hash": "NCx1RueUS8", "uri": "/contracts/NCx1RueUS8#server-security", "label": "Contract for Provision of Services", "score": 32.2981300354, "published": true}, {"hash": "cv7gfYWWOF8", "uri": "/contracts/cv7gfYWWOF8#server-security", "label": "Contract for Provision of in Custody Substance Use Disorder Treatment Services", "score": 32.1174659729, "published": true}], "size": 429, "snippet_links": [{"key": "of-county", "type": "clause", "offset": [135, 144]}, {"key": "technical-controls", "type": "clause", "offset": [198, 216]}, {"key": "in-place", "type": "clause", "offset": [217, 225]}, {"key": "risk-assessment", "type": "definition", "offset": [263, 278]}, {"key": "system-security-review", "type": "clause", "offset": [279, 301]}], "hash": "a2c2451283af54680fbaa76b0e2e000e", "id": 1}, {"snippet": "Servers containing unencrypted PII must have sufficient administrative, physical, and technical controls in place to protect that data, based upon a risk assessment/system security review. It is recommended to follow the guidelines documented in the latest revision of the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, Security and Privacy Controls for Federal Information Systems and Organizations.", "samples": [{"hash": "fWksrVFLk8j", "uri": "/contracts/fWksrVFLk8j#server-security", "label": "Contract for Family Resource Center Services", "score": 36.2044639587, "published": true}, {"hash": "4WFFZrUHaLj", "uri": "/contracts/4WFFZrUHaLj#server-security", "label": "Contract for the Provision of Bringing Families Home Services", "score": 36.1462593079, "published": true}, {"hash": "lCt47oxUe5k", "uri": "/contracts/lCt47oxUe5k#server-security", "label": "Contract for the Provision of Bridge Program Child Care Navigator, Trauma Informed Training and Coaching, and Emergency Child Care Voucher Services", "score": 36.1309661865, "published": true}], "size": 41, "snippet_links": [{"key": "technical-controls", "type": "clause", "offset": [86, 104]}, {"key": "in-place", "type": "clause", "offset": [105, 113]}, {"key": "risk-assessment", "type": "definition", "offset": [149, 164]}, {"key": "system-security-review", "type": "clause", "offset": [165, 187]}, {"key": "the-guidelines", "type": "clause", "offset": [217, 231]}, {"key": "revision-of", "type": "clause", "offset": [257, 268]}, {"key": "national-institute-of-standards-and-technology", "type": "definition", "offset": [273, 319]}, {"key": "security-and-privacy-controls-for-federal-information-systems-and-organizations", "type": "clause", "offset": [360, 439]}], "hash": "9b06ec7168a12f365c0664e9f0c63235", "id": 4}, {"snippet": "Servers containing unencrypted DBH PHI or PI must have sufficient administrative, physical, and technical controls in place to protect that data, based upon a risk assessment/system security review.", "samples": [{"hash": "eMSrvyZk5om", "uri": "/contracts/eMSrvyZk5om#server-security", "label": "Contract", "score": 33.8576126099, "published": true}, {"hash": "iRfMijDVeMB", "uri": "/contracts/iRfMijDVeMB#server-security", "label": "Contract for Mental Health Services", "score": 32.6107025146, "published": true}, {"hash": "YrrPVWV86R", "uri": "/contracts/YrrPVWV86R#server-security", "label": "Contract", "score": 31.4741840363, "published": true}], "size": 16, "snippet_links": [{"key": "technical-controls", "type": "clause", "offset": [96, 114]}, {"key": "in-place", "type": "clause", "offset": [115, 123]}, {"key": "risk-assessment", "type": "definition", "offset": [159, 174]}, {"key": "system-security-review", "type": "clause", "offset": [175, 197]}], "hash": "73c495df5b998d2467dd8d6b7241e640", "id": 10}, {"snippet": "Servers containing unencrypted County PHI or PI must have sufficient administrative, physical, and technical controls in place to protect that data, based upon a risk assessment/system security review.", "samples": [{"hash": "A8Z2DruOfA", "uri": "/contracts/A8Z2DruOfA#server-security", "label": "Agreement for Special Services", "score": 36.5167694092, "published": true}, {"hash": "g35dmch1iEF", "uri": "/contracts/g35dmch1iEF#server-security", "label": "Agreement for Special Services", "score": 36.4552307129, "published": true}, {"hash": "hOOj5zXQ3av", "uri": "/contracts/hOOj5zXQ3av#server-security", "label": "Contract No. 2020243", "score": 36.4019546509, "published": true}], "size": 80, "snippet_links": [{"key": "county-phi", "type": "definition", "offset": [31, 41]}, {"key": "technical-controls", "type": "clause", "offset": [99, 117]}, {"key": "in-place", "type": "clause", "offset": [118, 126]}, {"key": "risk-assessment", "type": "definition", "offset": [162, 177]}, {"key": "system-security-review", "type": "clause", "offset": [178, 200]}], "hash": "75980ce3c4c5f0c75532118cc2de10b1", "id": 2}, {"snippet": "Servers containing unencrypted DHCS PHI or PI must have sufficient administrative, physical, and technical controls in place to protect that data, based upon a risk assessment/system security review.", "samples": [{"hash": "dXINGLKtoBw", "uri": "/contracts/dXINGLKtoBw#server-security", "label": "Participation Agreement", "score": 35.6633338928, "published": true}, {"hash": "avifs6Fydd3", "uri": "/contracts/avifs6Fydd3#server-security", "label": "Participation Agreement", "score": 35.6080169678, "published": true}, {"hash": "42k8szd3mKx", "uri": "/contracts/42k8szd3mKx#server-security", "label": "Standard Services Agreement", "score": 35.2479972839, "published": true}], "size": 63, "snippet_links": [{"key": "technical-controls", "type": "clause", "offset": [97, 115]}, {"key": "in-place", "type": "clause", "offset": [116, 124]}, {"key": "risk-assessment", "type": "definition", "offset": [160, 175]}, {"key": "system-security-review", "type": "clause", "offset": [176, 198]}], "hash": "fd89dea4220de01889be8be7bdd6202e", "id": 3}, {"snippet": "Servers containing unencrypted PHI COUNTY discloses to", "samples": [{"hash": "e0ZOX87ruB", "uri": "/contracts/e0ZOX87ruB#server-security", "label": "Agreement for Provision of Services", "score": 25.7968845367, "published": true}, {"hash": "kvgENkGYIod", "uri": "/contracts/kvgENkGYIod#server-security", "label": "Agreement for Provision of Volunteer to Work Project Program Services", "score": 24.2995433807, "published": true}, {"hash": "k34rMKse0wW", "uri": "/contracts/k34rMKse0wW#server-security", "label": "Agreement for Provision of Transitional Age Youth Full Service Partnership/Wraparound Services", "score": 24.2994823456, "published": true}], "size": 23, "snippet_links": [], "hash": "52e4bd21a9059b42b292bf29eb500f4e", "id": 7}, {"snippet": "Access to any of Computershare\u2019s computer servers used to perform development Services for Customer shall be limited to only Computershare Personnel performing Services. Computershare will back-up the server files daily", "samples": [{"hash": "lIKVElYETr5", "uri": "/contracts/lIKVElYETr5#server-security", "label": "Transfer Agency and Service Agreement (Blackrock Muniassets Fund, Inc.)", "score": 31.4010944366, "published": true}, {"hash": "bgjcMmHFdE9", "uri": "/contracts/bgjcMmHFdE9#server-security", "label": "Transfer Agency and Service Agreement", "score": 31.3408622742, "published": true}, {"hash": "cr2xvTNWBtj", "uri": "/contracts/cr2xvTNWBtj#server-security", "label": "Transfer Agency and Service Agreement (Blackrock Credit Allocation Income Trust)", "score": 31.0013694763, "published": true}], "size": 18, "snippet_links": [{"key": "access-to", "type": "definition", "offset": [0, 9]}, {"key": "customer-shall", "type": "clause", "offset": [91, 105]}, {"key": "performing-services", "type": "definition", "offset": [149, 168]}], "hash": "d32f50bd63fce6bb708ab80ab9f0d63b", "id": 9}, {"snippet": "Servers containing unencrypted PHI COUNTY discloses to 33 CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY 34 must have sufficient administrative, physical, and technical controls in place to protect that data, based 35 upon a risk assessment/system security review.", "samples": [{"hash": "bgU3c3DhiKo", "uri": "/contracts/bgU3c3DhiKo#server-security", "label": "Contract for Provision of Services", "score": 30.8464660645, "published": true}, {"hash": "kY7XffFF2Gh", "uri": "/contracts/kY7XffFF2Gh#server-security", "label": "Contract for Provision of Services", "score": 30.8273048401, "published": true}, {"hash": "ihDg6x1GHJV", "uri": "/contracts/ihDg6x1GHJV#server-security", "label": "Contract for Provision of Services", "score": 30.2606697083, "published": true}], "size": 27, "snippet_links": [{"key": "of-county", "type": "clause", "offset": [136, 145]}, {"key": "technical-controls", "type": "clause", "offset": [200, 218]}, {"key": "in-place", "type": "clause", "offset": [219, 227]}, {"key": "risk-assessment", "type": "definition", "offset": [266, 281]}, {"key": "system-security-review", "type": "clause", "offset": [282, 304]}], "hash": "d5028c7443f160a043fc5fe33d980828", "id": 6}, {"snippet": "Servers containing unencrypted CDPH PCI must have sufficient administrative, physical, and technical controls in place to protect that data, based upon a risk assessment/system security review.", "samples": [{"hash": "G5pgAwJI89", "uri": "/contracts/G5pgAwJI89#server-security", "label": "Grant Agreement", "score": 34.3090820312, "published": true}, {"hash": "kMD2zpY7R5i", "uri": "/contracts/kMD2zpY7R5i#server-security", "label": "Grant Agreement", "score": 33.7150726318, "published": true}, {"hash": "jhVoY8F33JH", "uri": "/contracts/jhVoY8F33JH#server-security", "label": "Grant Agreement", "score": 32.8747024536, "published": true}], "size": 23, "snippet_links": [{"key": "technical-controls", "type": "clause", "offset": [91, 109]}, {"key": "in-place", "type": "clause", "offset": [110, 118]}, {"key": "risk-assessment", "type": "definition", "offset": [154, 169]}, {"key": "system-security-review", "type": "clause", "offset": [170, 192]}], "hash": "e5bf469a5adc59e966f342a8174e1976", "id": 8}], "next_curs": "ClgSUmoVc35sYXdpbnNpZGVyY29udHJhY3RzcjQLEhZDbGF1c2VTbmlwcGV0R3JvdXBfdjU2IhhzZXJ2ZXItc2VjdXJpdHkjMDAwMDAwMGEMogECZW4YACAA", "clause": {"parents": [["technical-security-controls", "Technical Security Controls"], ["business-associate-contract", "Business Associate Contract"], ["business-associate-data-security-requirements", "Business Associate Data Security Requirements"], ["submission-of-insurance-documents", "SUBMISSION OF INSURANCE DOCUMENTS"], ["data-security-requirements", "Data Security Requirements"]], "size": 880, "title": "Server Security", "children": [["cloud-services-and-systems", "Cloud Services and Systems"], ["intrusion-detection", "Intrusion Detection"], ["virtualized-system", "Virtualized System"], ["system-timeout", "System Timeout"], ["", ""]], "id": "server-security", "related": [["cyber-security", "Cyber Security", "Cyber Security"], ["user-security", "User Security", "User Security"], ["tender-security", "Tender Security", "Tender Security"], ["other-security", "Other Security", "Other Security"], ["e7-security", "E7 Security", "E7 Security"]], "related_snippets": [], "updated": "2025-07-24T04:27:51+00:00", "also_ask": ["What minimum security standards should be mandated for server protection?", "How can liability for data breaches be allocated or limited in this clause?", "What audit and compliance rights should be included for effective oversight?", "How does this clause compare to industry best practices and regulatory requirements?", "What are the most common enforceability challenges for server security clauses in court?"], "drafting_tip": "Specify minimum security standards to ensure compliance, require regular audits to verify ongoing protection, and mandate breach notification to enable prompt response.", "explanation": "The Server Security clause establishes requirements and standards for protecting servers from unauthorized access, data breaches, and other security threats. It typically outlines the technical and organizational measures that must be implemented, such as firewalls, encryption, regular security audits, and access controls. By setting clear expectations for server protection, this clause helps ensure the confidentiality, integrity, and availability of data, thereby reducing the risk of security incidents and safeguarding sensitive information."}, "json": true, "cursor": ""}}