Data Security and Integrity. All facilities, whether Vendor hosted or Third-Party Hosted, used to store and process City Data will implement and maintain administrative, physical, technical, and procedural safeguards and best practices at a level sufficient to provide the requested Service(s) availability and to secure City Data from unauthorized access, destruction, use, modification, or disclosure appropriate for City Data. Such measures, when applicable due to the presence of Protected Information, include, but are not limited to, all applicable laws, rules, policies, publications, and guidelines including, without limitation: (i) the most recently promulgated IRS Publication 1075 for all Tax Information, (ii) the most recently updated PCI Data Security Standard from the PCI Security Standards Council for all PCI, (iii) the most recently issued version of the U.S. Department of Justice, Federal Bureau of Investigation, Criminal Justice Information Services Security Policy for all CJI, (iv) the Colorado Consumer Protection Act, (v) the Children’s Online Privacy Protection Act (COPPA), (vi) the Family Education Rights and Privacy Act (FERPA), (vii) §00-00-000 et seq., (viii) the Telecommunications Industry Association (TIA) Telecommunications Infrastructure Standard for Data Centers (TIA-942); (ix) the federal Health Insurance Portability and Accountability Act for all PHI and the HIPAA Business Associate Addendum attached to this Agreement, if applicable. Vendor shall submit to Xxxxxxxx, within fifteen (15) Calendar Days of Xxxxxxxx’x written request, copies of Vendor’s policies and procedures to maintain the confidentiality of protected health information to which Vendor has access, and if applicable, Vendor shall comply with all HIPAA requirements contained herein or attached as an exhibit. Vendor warrants that all City Data will be encrypted in transmission (including via web interface) and in storage by a mutually agreed upon National Institute of Standards and Technology (NIST) approved strong encryption method and standard. Vendor shall use industry-standard and up-to-date security tools, technologies and procedures including, but not limited to, anti-virus and anti-malware protections and intrusion detection and reporting in providing Services under this Agreement. Vendor shall ensure that any underlying or integrated software employed by the Service(s) is updated on a regular basis and does not pose a threat to the security of the Service(s). Vendor shall, and shall cause it...
Data Security and Integrity. The SI shall maintain and design the NFPS to maintain the security of NFPS Data in accordance with Section 23 (Security). The SI shall similarly design the NFPS to maintain the integrity of NFPS Data in accordance with applicable Key Performance Indicators (including those set out in Technical Specifications Section 5.14 (Performance Requirements)) and to otherwise ensure that the collection, processing, storage, management, and use of collected NFPS Data is done in a manner that complies with all Applicable Laws. Where the Technical Specifications do not establish a specific integrity requirement for components of NFPS Data, then the SI shall maintain, and shall cause the NFPS to maintain, the integrity of NFPS Data in accordance with Good Industry Practices, and throughout the data lifecycle, including collection, processing, storage and archiving of such NFPS Data.
Data Security and Integrity. 6.1 Customer shall ensure that Market Data is protected to prevent unauthorized access. In addition, Customer shall ensure that its employees and agents observe the requirements of the Data Protection Xxx 0000 and any amendments or revisions thereto and all subordinate legislation in the performance of their obligations under this Addendum and shall comply with any request made or direction given by Xxxx or the Disseminating Party which is directly due to the requirements of such Act.
Data Security and Integrity. 1. Canada shall implement regulatory, procedural or technical measures to protect PNR data against accidental, unlawful or unauthorized access, processing or loss.
Data Security and Integrity. The Contractor shall employ methods to ensure reliable file transfer, backups, and referential integrity of the database. Original data shall remain unaltered and intact. Corrections and modifications shall be accomplished using adjusting entries which do not affect the original data. All adjustments must include the identification code of the person who made the adjustment. Computer Access Security: Access to the system shall be password-protected and shall provide for assignable access user levels. The assigned level shall allow the user, once verified by the CSC computer, to access any system function based on their level of security via any system workstation. External access shall require passwords and incorporate dial-back features.
Data Security and Integrity. 6.1. All HRTec facilities used to store and process [Customer/Agency] and End User Data will implement and maintain administrative, physical, technical, and procedural safeguards and best practices at a level sufficient to secure such Data from unauthorized access, destruction, use, modification, or disclosure. Such measures will be no less protective than those used to secure HRTec’s own Data of a similar type, and in no event less than reasonable in view of the type and nature of the Data involved.
Data Security and Integrity. All HRTec facilities used to store and process Participating Entity and End User Data will implement and maintain administrative, physical, technical, and procedural safeguards and best practices at a level sufficient to secure such Data from unauthorized access, destruction, use, modification, or disclosure. Such measures will be no less protective than those used to secure HRTec’s own Data of a similar type, and in no event less than reasonable in view of the type and nature of the Data involved. HRTec shall maintain the administrative, physical, technical, and procedural infrastructure associated with the provision of FedHIVE Cloud Computing Services to the Participating Entity in a manner that is, at all times during the term of this Agreement, at a level equal to or more stringent than those specified in the NASPO Master Agreement, and Participating Addendum which is incorporated herein by reference. Without limiting the foregoing, HRTec warrants that all Participating Entity Data and End User Data will be encrypted in transmission (including via web interface) and in storage at a level equivalent to or stronger than 256-bit level encryption. HRTec shall at all times use industry-standard and up-to-date security tools, technologies and procedures including, but not limited to anti-virus and anti-malware protections and intrusion detection and reporting methods in providing Services under this Agreement. HRTec will configure the Services to filter spam while permitting communications from Third Party Internet Protocol addresses identified by the Participating Entity as legitimate. Prior to the Effective Date of this Agreement, HRTec will at its expense conduct or have conducted the following, and thereafter, HRTec will at its expense conduct or have conducted the following at least once per year, and immediately after any actual or reasonably suspected Data Compromise:
Data Security and Integrity. 5.1 All facilities used to store and process County and End User Data will implement and maintain administrative, physical, technical, and procedural safeguards and best practices at a level sufficient to secure such Data in accordance of the American Institute of CPAs (AICPA)’s Service Organization Control (SOC) reporting platform SOC II compliance requirements. Vendor will provide proof of a current SOC II Compliance certification.
Data Security and Integrity. 7.1 The Data Processor, considering the state of the art, the costs of implementation, the nature, scope, context, purposes, and risks involved in the Services and Processing, and the rights of Data Subjects under Data Protection Laws, will implement appropriate technical and organizational measures to protect against Security Incidents and ensure the confidentiality, security, and integrity of the Data Controller's Personal Data, including during transmission, as described in Annex 2: Technical and Organizational Measures for Confidentiality, Security, and Integrity.
Data Security and Integrity. All facilities used to store and process District and End User Data will implement and maintain administrative, physical, technical, and procedural safeguards and best practices at a level sufficient to secure such Data from unauthorized access, destruction, use, modification, or disclosure. Such measures will be no less protective than those used to secure Contractor’s own Data of a similar type, and in no event less than reasonable in view of the type and nature of Data involved. Contractor shall at all times use industry-standard and up to date security tools, technologies and procedures, including, but not limited to anti-virus and anti-malware protections and intrusion detection and reporting methods in providing services to this Agreement. When required by District, Contractor warrants that all District Data and End User Data will be encrypted in transmission (including via web interface) and in storage at a level equivalent to or stronger than requested by District.
