HomeMy WebLinkAboutSecurity Addendum 111924DATA 0
TICKET'ncCALIFORNIA CA_ii CORPORATION FOUNDED IN 1989
Contract Addendum for Security and Permissible Use:
ARTICLE XIV — SECURITY AND PERMISSIBLE USE PROVISIONS
14.1 Security Provisions: AGENCY agrees to follow all defined security requirements including but not limited to:
A) All AGENCY employees who are provided access to services provided by CONTRACTOR must complete
a background check and must complete annual security awareness trainings.
B) All AGENCY employees must sign security agreement documents subject to the source state or
government agency where the vehicle registered owner information is being obtained.
C) AGENCY must inform CONTRACTOR within 24 hours of a AGENCY employee with access to
CONTRACTOR services leaving their role.
D) AGENCY must inform CONTRACTOR of any breach of information within 24 hours, so the appropriate
government agencies can be notified of the breach.
E) AGENCY understands and agrees that security requirements may change and be updated to reflect
the most current security requirements of the government agencies CONTRACTOR works with to obtain
registered vehicle information.
F) AGENCY understands that evidence of the security requirements may be requested to comply with
CONTRACTOR audit requirements of the governmental agencies CONTRACTOR works with.
G) AGENCY understands and agrees that access to confidential registered owner information may be
immediately restricted or terminated if any of the mandatory provisions above are found to be violated
or abused.
14.2 Permissible Use Provisions: AGENCY agrees to follow all defined permissible use requirements including but
not limited to:
A) All AGENCY employees who are provided access to services provided by CONTRACTOR must receive
annual training on permissible use of state agency information.
B) All AGENCY employees must sign permissible use agreement documents subject to the source state
or government agency where the vehicle registered owner information is
being obtained.
2603 Main Street
300
C) All AGENCY employees will be instructed of the confidentiality of Irvine, CA Suite to 300
information obtained from a government agency and the proper use of
92614
949.752.6937
fax: 949,281.3195
tivww.DataTicket.com
DATA � ;-,
TICKET 'ncCALIFORNIACAICORPORAT ION FOUN
DED IN 1989
that information based on job responsibility, which must not involve immigration purposes.
D) AGENCY must inform CONTRACTOR within 24 hours if data has been misused in such a manner that
might constitute data misuse or a data breach.
E) AGENCY must inform CONTRACTOR of any breach of information within 24 hours, so the appropriate
government agencies can be notified of the breach.
F) AGENCY understands and agrees that permissible use requirements may change and be updated to
reflect the most current permissible use requirements of the government agencies CONTRACTOR works
with to obtain vehicle registered information.
G) AGENCY understands that evidence of the permissible use requirements may be requested to comply
with CONTRACTOR audit requirements of the governmental agencies CONTRACTOR works with.
H) AGENCY understands that tracking of activity will occur for annual reviews to be conducted by
CONTRACTOR to ensure the confidentiality and privacy required for government agency provided
information.
1) AGENCY understands and agrees that access to confidential registered owner information may be
immediately restricted or terminated if any of the mandatory provisions above are found to be violated
or abused.
J) AGENCY understands that all information obtained through government agencies is considered
subject to the Drivers Privacy Act (DPPA) and agrees that no disclosures of information will be made that
would constitute a violation of this act.
AGREEMENT TO ADDENDUM — SIGN BELOW:
" 7
L e��
Signature:
Name of Signee:
1,1L R��-
Title: CJ
Date: 1 -Z - eLz(n
2603 Main Street
Suite 300
Irvine, CA 92614
949.752.6937
fax: 949.281.3195
www.DataTicket.com