Orange County NC Website
Browse       Search
DocuSign Envelope ID: 1 F5180CC-F9F6-4D55-A9A8-581 CB73213A5 <br /> suspicious internal activity(including, without limitation, unauthorized system administrator access, unauthorized <br /> changes to its system or network, system or network misuse or program information theft or mishandling). <br /> Innovative will notify Client as soon as reasonably possible of any known security breaches or suspicious <br /> activities involving Client's production data or environment, including, without limitation, unauthorized access and <br /> service attacks, e.g., denial of service attacks. <br /> f. Physical Security. The Software resides in systems configured for the customer out of <br /> Innovative's hosting location. The physical infrastructure used to support Software licensed to Client (and <br /> services purchased by Client from Innovative, as applicable), including the servers, storage, switches, and <br /> firewalls, are either provided by the Hosting Provider or owned by Innovative. Innovative partners with datacenter <br /> providers who are designed to satisfy requirements of most security sensitive customers with constant monitoring, <br /> high automation, high availability, and highly accredited to global security standards, including: PCI DSS Level 1, <br /> ISO 27001, FISMA Moderate, FedRAMP, HIPAA, and SOC 1 (formerly referred to as SAS 70 and/or SSAE 16) <br /> and SOC 2. <br /> g. Security Audits. Client may perform audits of Innovative's security best practices. Innovative will <br /> share various security audit reports as requested by Client. <br /> h. Information Security Auditing/Compliance. Innovative's hosting providers undergo SOC 1/SOC 2 <br /> Type 2/ISO 27001 audits each year by independent third-party audit firms. Innovative also holds the <br /> internationally-recognized ISO 27001:2013 standard for its information security management system supporting <br /> the hosting solutions. <br /> i. "The 99.9% guaranteed infrastructure uptime is subject to the following Service Level Agreement <br /> (SLA): <br /> i. Hours of operation/exclusive remedy for service unavailability. Innovative offers a <br /> monthly infrastructure uptime target of 99.9% of Scheduled Up-Time to Client. Scheduled Up-Time means all of <br /> the time in a month that is not Scheduled Downtime or Third Party Unavailability. In the event that Innovative fails <br /> to provide Client with 99.9% infrastructure uptime for three consecutive months, Client will be entitled to receive a <br /> credit equal to the prorated amount of the Fees for the period in which Innovative failed to provide such <br /> infrastructure uptime during such months upon receipt of written notice from Client. The remedies set forth in this <br /> Paragraph (i) are the exclusive remedies of the Client for Innovative's failure to provide Client with 99.9% <br /> infrastructure uptime. <br /> ii. Scheduled Downtime. Scheduled Downtime means the period of time which Innovative or <br /> the Hosting Provider, conduct periodic scheduled system maintenance for which Innovative will provide the Client <br /> with advance notice. Innovative will make commercially reasonable efforts to provide Client notice of scheduled <br /> system maintenance 48 hours in advance. <br />