User Access Controls. 3.1 The Applicant shall ensure that access to Personal Data shall be controlled through access privileges (described above), usernames and appropriately secure passwords. 3.2 The Applicant shall ensure that employees or contractors should not share or use the same username, and exceptions must be documented with adequate mitigations described and auditable. 3.3 Use of multi-factor authentication should be used to authenticate authorised users of IT systems.
Appears in 2 contracts
Sources: Material Transfer Agreement, Material Transfer Agreement