Secure Destruction. 2.11.1 The Data Processor shall ensure that information held in paper form regardless of whether as originally provided by the Data Controller or printed from the Data Processor’s IT systems) is destroyed using a cross cut shredder or subcontracted to a confidential waste company that complies with European Standard EN15713 (BS15713 (BS 15713) The Secure Destruction of Confidential Material). The Data Processor shall ensure that electronic storage media used to hold or process Information is destroyed or overwritten to current CESG standards as defined at xxx.xxxx.xxx.xx
Secure Destruction. 11.1 The Data Processor shall ensure that NHS information held in paper form regardless of whether as originally provided by the Data Controller or printed from the Data Processor’s IT systems) is destroyed using a cross cut shredder or subcontracted to a confidential waste company that complies with European Standard EN15713.
Secure Destruction. Securely Destroy and Securely Destroyed mean shredding, erasing or otherwise modifying a record so as to make it unreadable or indecipherable.
Secure Destruction. The Data Processor shall ensure that personal data held in paper form (regardless of whether originally provided by the Data Controller or printed from the Data Processor’s IT systems) is destroyed using a cross cut shredder or subcontracted to a confidential waste company that complies with European Standard EN15713. • The Data Processor shall ensure that electronic storage media used to hold or process NHS Information is destroyed or overwritten to current CESG standards as defined at xxx.xxxx.xxx.xx • In the event of any bad or unusable sectors that cannot be overwritten, the Data Processor shall ensure complete and irretrievable destruction of the media itself. • The Data Processor shall provide the Data Controller with copies of all relevant overwriting verification reports and/or certificates of secure destruction of personal data at the conclusion of the contract. Exit from contract In order to protect the personal data, the Data Processor agrees: • To store and process personal data securely, and destroy it confidentially when it is no longer necessary and instructed by the Data Controller. • To return to the Data Controller any personal data held at the end of the contract, ensuring secure transfer, or to makes arrangements for its secure disposal upon the instruction of the Data Controller. Liability and Indemnity • Without affecting its liability for breach of any of its obligations under the service contract, the Data Processor shall indemnify the Data Controller in full for costs, losses, charges or expenses it suffers arising out of the Data Processor’s loss of the personal data or unauthorised or unlawful use of it whether arising in negligence or is otherwise a breach of this Data Protection Contract and including any fine imposed on the Data Controller by the Information Commissioner by way of civil monetary penalty under s55 of the DPA. REFERENCES • Data Protection Act (1998). • DOH (2012/13) NHS Stop Smoking Services, Service and Monitoring Guidance. DOH. London. DH Publications. • DOH (2008) Code of Practice for the Promotion of NHS Funded Services. Available at: xxxx://xxx.xx.xxx.xx/en/Publicationsandstatistics/Lettersandcirculars/Dearcolleaguelett ers/DH_083697. • NCSCT Website. Available on xxx.xxxxx.xx.xx • NHS Contract for Community Services. Available at xxxx://xxx.xx.xxx.xx/prod_consum_dh/groups/dh_digitalassets/@dh/@en/documents/ digitalasset/dh_091454.doc • NICE (2008) Smoking cessation services in primary care, local authoriti...
Secure Destruction. When required under this Agreement and in any case when any of Customer’s Confidential Information is no longer needed by RIB to perform the Services, RIB will take reasonable steps to ensure the Confidential Information is (at RIB’s discretion) permanently destroyed, de-identified, deleted or put beyond use. In this paragraph, “put beyond use” means that RIB: (i) is not able, or will not attempt, to use the Confidential Information for any purpose; (ii) does not give any other organisation access to the Confidential Information; (iii) surrounds the Confidential Information with appropriate technical and organisational security measures; and (iv) commits to permanent deletion of the Confidential Information if, or when, this becomes possible.
Secure Destruction i. NHS data is subject to legal retention periods and should not be destroyed unless the Contractor has received specific instruction to do so from the Customer. Where data has been identified for disposal:
Secure Destruction. The Data Processor shall ensure that University information held in paper form regardless of whether as originally provided by the Data Controller or printed from the Data Processor’s IT systems) is destroyed using a cross cut shredder or subcontracted to a confidential waste company that complies with European Standard EN15713. The Data Processor shall ensure that electronic storage media used to hold or process University Information is destroyed or overwritten to current CESG standards as defined at xxx.xxxx.xxx.xx In the event of any bad or unusable sectors that cannot be overwritten, the Data Processor shall ensure complete and irretrievable destruction of the media itself. Subject to Clause 2.5, the Data Processor shall provide the Data Controller with copies of all relevant overwriting verification reports and/or certificates of secure destruction of University information at the conclusion of the service. Monitoring & Audit The Data Processor shall permit the Data Controller to monitor compliance with the terms of this Agreement, by: The Data Processor shall permit the Data Controller employees or nominated representatives to enter any premises where University information is held, at all reasonable time, with or without prior notice, for the purpose of inspection. The Data Processor shall compile and return a Data Processing Monitoring Form at the request of the Data Controller. The Data Processor shall provide independent assurance of the self-audited University Digital Data Security and Protection Toolkit (DSPT) performance measures where the Data Processor is required to comply.
Secure Destruction. When required under this Agreement and in any case when any of Customer’s Confidential Information is no longer needed by RIB to perform the Services, the media on which such Confidential Information is stored or recorded shall be destroyed as follows: (i) paper, film, or other hard copy media shall be shredded or destroyed such that the Confidential Information cannot be read or otherwise cannot be reconstructed; and (ii) electronic media shall be cleared, purged, or destroyed consistent with NIST Special Publication 800 88, Guidelines for Media Sanitization, such that the Customer’s Confidential Information cannot be retrieved.
Secure Destruction. Requesting Program shall retain NJDOH data received from Early Intervention Program for only the period required to utilize NJDOH data for the purpose authorized under this Agreement. At the end of this Agreement, Requesting Program will, and will certify in writing, that it has securely destroyed or returned all data files containing Early Intervention DATA.
