Information Security IET information security management practices, policies and regulatory compliance requirements are aimed at assuring the confidentiality, integrity and availability of Customer information. The UC Xxxxx Cyber-safety Policy, UC Xxxxx Security Standards Policy (PPM Section 310-22), is adopted by the campus and IET to define the responsibilities and key practices for assuring the security of UC Xxxxx computing systems and electronic data.
System Security and Data Safeguards When SAP is given access to Licensee’s systems and data, SAP shall comply with Licensee’s reasonable administrative, technical, and physical safeguards to protect such data and guard against unauthorized access. In connection with such access, Licensee shall be responsible for providing Consultants with user authorizations and passwords to access its systems and revoking such authorizations and terminating such access, as Licensee deems appropriate from time to time. Licensee shall not grant SAP access to Licensee systems or personal information (of Licensee or any third party) unless such access is essential for the performance of Services under the Agreement. The parties agree that no breach of this provision shall be deemed to have occurred in the event of SAP non-conformance with the aforementioned safeguard but where no personal information has been compromised.
Information Security Requirements In cases where the State is not permitted to manage/modify the automation equipment (server/computer/other) that controls testing or monitoring devices, the Contractor agrees to update and provide patches for the automation equipment and any installed operating systems or applications on a quarterly basis (at minimum). The Contractor will submit a report to the State of updates installed within 30 days of the installation as well as a Plan of Actions and Milestones (POA&M) to remediate any vulnerabilities ranging from Critical to Low. The contractor will provide an upgrade path or compensatory security controls for any operating systems and applications listed as beyond “end-of-life” or EOL, within 90 days of the EOL and complete the EOL system’s upgrade within 90 days of the approved plan.
Security and Data Transfers Party shall comply with all applicable State and Agency of Human Services' policies and standards, especially those related to privacy and security. The State will advise the Party of any new policies, procedures, or protocols developed during the term of this agreement as they are issued and will work with the Party to implement any required. Party will ensure the physical and data security associated with computer equipment, including desktops, notebooks, and other portable devices, used in connection with this Agreement. Party will also assure that any media or mechanism used to store or transfer data to or from the State includes industry standard security mechanisms such as continually up-to-date malware protection and encryption. Party will make every reasonable effort to ensure media or data files transferred to the State are virus and spyware free. At the conclusion of this agreement and after successful delivery of the data to the State, Party shall securely delete data (including archival backups) from Party’s equipment that contains individually identifiable records, in accordance with standards adopted by the Agency of Human Services. Party, in the event of a data breach, shall comply with the terms of Section 7 above.
Confidentiality and Data Security (a) The Custodian agrees to keep confidential, and to cause its employees and agents to keep confidential, all records of the Funds and information relating to the Funds, including without limitation information as to their respective shareholders and their respective portfolio holdings, unless the release of such records or information is made (i) in connection with the services provided under this Agreement, (ii) at the written direction of the applicable Fund or otherwise consented to, in writing, by the respective Funds, (iii) in response to a request of a governmental, regulatory or self-regulatory authority or agency or pursuant to a subpoena, court order or other legal process, in each case with respect to which the Custodian has determined, on the advice of counsel, that it is required to comply, or (iv) where the Custodian has determined, on the advice of counsel, that the failure to release such information would expose the Custodian to civil or criminal contempt proceedings; provided in the case of clause (iii) or (iv) the Custodian provides the applicable Fund written notice of such requirement to release such records or information, to the extent such notice is permitted. The foregoing shall not be applicable to any information that is publicly available when provided and shall cease to be applicable to any information that thereafter becomes publicly available, other than through a breach of this Section 10(a), or that is independently derived by any party hereto without the use of any information derived in connection with the services provided under this Agreement. Notwithstanding the foregoing but subject to Section 10(d), (1) the Custodian may use information regarding the Funds in connection with certain functions performed on a centralized basis by the Custodian, its affiliates or its or their service providers (including audit, accounting, risk, legal, compliance, sales, administration, product communication, relationship management, compilation and analysis of customer-related data and storage) and disclose such information to its affiliates and to its or their service providers who are subject to the confidentiality obligations hereunder with respect to such information, but only for the purpose of servicing the Funds in connection with the relationship contemplated by this Agreement or providing additional services to the Funds, and (2) the Custodian may aggregate Fund or Portfolio data with similar data of other customers of the Custodian (“Aggregated Data”) and may use Aggregated Data so long as such Aggregated Data represents such a sufficiently large sample that no Fund or Portfolio data can be identified either directly or by inference or implication.
Data Security and Privacy 12.1 SERVICE PROVIDER acknowledges the importance of Data Security and agrees to adhere to the Terms and Conditions of the Data Security Policy of IIMC.
Security and Access The Executive agrees and covenants (a) to comply with all Company security policies and procedures as in force from time to time including without limitation those regarding computer equipment, telephone systems, voicemail systems, facilities access, monitoring, key cards, access codes, Company intranet, internet, social media and instant messaging systems, computer systems, e-mail systems, computer networks, document storage systems, software, data security, encryption, firewalls, passwords and any and all other Company facilities, IT resources and communication technologies (“Facilities Information Technology and Access Resources”); (b) not to access or use any Facilities and Information Technology Resources except as authorized by the Company; and (iii) not to access or use any Facilities and Information Technology Resources in any manner after the termination of the Executive’s employment by the Company, whether termination is voluntary or involuntary. The Executive agrees to notify the Company promptly in the event he learns of any violation of the foregoing by others, or of any other misappropriation or unauthorized access, use, reproduction or reverse engineering of, or tampering with any Facilities and Information Technology Access Resources or other Company property or materials by others.
Information Integrity and Security Contractor shall immediately notify County of any known or suspected breach of personal, sensitive and confidential information related to Contractor’s work under this Agreement.
Security and Data Privacy Each party will comply with applicable data privacy laws governing the protection of personal data in relation to their respective obligations under this Agreement. Where Siemens acts as Customer’s processor of personal data provided by Customer, the Data Privacy Terms available at xxxxx://xxx.xxxxxxx.xxx/dpt/sw, including the technical and organizational measures described therein, apply to the use of the relevant Learning Services and are incorporated herein by reference.
Aviation Security (1) Each Contracting Party reaffirms that its obligation to the other Contracting Party to protect the security of civil aviation against unlawful interference forms an integral part of this Agreement. Each Contracting Party shall in particular act in conformity with the aviation security provisions of the Convention on Offences and Certain Other Acts Committed on Board Aircraft, signed at Tokyo on 14 September 1963, the Convention for the Suppression of Unlawful Seizure of Aircraft, signed at The Hague on 16 December 1970 and the Convention for the Suppression of Unlawful Acts against the Safety of Civil Aviation, signed at Montreal on 23 September 1971.
