Browse
Search
2024-391-E-Housing Dept-Submittable Holdings-Online Application Software Process
OrangeCountyNC
>
Board of County Commissioners
>
Contracts and Agreements
>
General Contracts and Agreements
>
2020's
>
2024
>
2024-391-E-Housing Dept-Submittable Holdings-Online Application Software Process
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
7/30/2024 1:57:13 PM
Creation date
7/30/2024 1:56:54 PM
Metadata
Fields
Template:
Contract
Date
4/5/2024
Contract Starting Date
4/5/2024
Contract Ending Date
7/9/2024
Contract Document Type
Contract
Amount
$14,137.00
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
47
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
<br />Submittable Customer Terms of Service <br />v1.4 <br /> Page 20 of 28 <br />Appendix 2 <br />Security Measures <br /> <br />1. ORGANIZATIONAL MEASURES. <br />1.1. Submittable has appointed one or more security officers responsible for coordinating and monitoring the <br />security rules and procedures. <br />1.2. Submittable personnel with access to Personal Information are subject to confidentiality obligations. <br />1.3. Submittable has performed a risk assessment before Processing Personal Information. <br />1.4. Submittable has implemented and will maintain an information security program that establishes roles and <br />responsibilities for information security, and supports the confidentiality, integr ity, and availability of <br />information systems operated by Submittable and its Subcontractors. <br />1.5. Submittable has implemented and will maintain information security policies that define requirements for <br />acceptable use, access control, application, and system development, passwords, remote access, <br />information classification, operational security, workstation security, network security, media handling and <br />disposal, mobile computing, and physical security. <br />1.6. Submittable has implemented and will maintain a governance framework with supporting risk management <br />policies that enables risk identification, analysis, and mitigation. <br />1.7. Submittable conducts data security training upon hiring and annually for all employees. <br />2. PHYSICAL ACCESS CONTROLS <br />2.1. Entries for secure areas are controlled by security personnel, identification badges, and/or electronic key <br />cards. <br />2.2. All physical access is logged. <br />2.3. Physical access logs are reviewed quarterly for unusual activity. <br />3. SYSTEM ACCESS CONTROLS. <br />3.1. System access is based on the principle of least privilege, i.e., Submittable restricts access to Personal <br />Information to only those individuals who require such access to perform their job function. <br />3.2. System access is revoked immediately upon employment termination or other change resulting in an <br />individual no longer needing such access. <br />3.3. Management conducts quarterly review of accounts, system access, and permission levels. <br />4. DATA ACCESS CONTROLS <br />4.1. Data access is based on the principle of least privilege, i.e., Submittable restricts access to Personal <br />Information to only those individuals who require such access to perform their job function. <br />4.2. Data access, including access to Personal Information, is revoked immediately upon employment <br />termination or other change resulting in an individual no longer needing such access. <br />4.3. Management reviews access to Personal Information, on a monthly basis. <br />4.4. Submittable uses industry standard practices to identify and authenticate users who attempt to access <br />information systems. <br />4.5. Submittable employees may not store Personal Information on a personally owned device. <br />4.6. Submittable classifies Personal Information to allow for appropriate access restrictions. <br />4.7. Submittable has implemented an anti-virus solution that shall be kept up to date to protect against viruses <br />and other malicious code. <br />4.8. Submittable maintains a policy for recording Security Breaches where such records include a description <br />of the breach, the time period, the consequences of the breach, the name of the reporter, and to whom the <br />breach was reported, and the procedure for recovering data. <br />5. TRANSMISSION CONTROLS <br />DocuSign Envelope ID: 367666E5-0A49-40C9-BFB5-74D495BAB8F1
The URL can be used to link to this page
Your browser does not support the video tag.