• Within the bounds of this agreement and the contract, and only as allowed
• In strict adherence to all relevant laws and regulations that are applicable to the service provider
• Unless granted prior written authorization by the client, the transfer, conveyance, or retention of client data beyond the primary server to local desktop or laptop computers in the parish office is strictly prohibited

The service provider acknowledges and commits to handling client data with the utmost care, adhering to industry-standard best practices. This involves maintaining the confidentiality, availability, and integrity of client data, as well as compliance with applicable state and federal laws and regulations. To achieve this, the following measures will be put in place.

In the event that the service provider becomes aware of any unauthorized access, disclosure, or acquisition of client data that contravenes the terms of this agreement or the contract, the service provider will make every reasonable effort to promptly inform the client of such a data breach within one business day. Additionally, the service provider will immediately take appropriate actions to safeguard forensic evidence and rectify the root cause of the data breach. Rectifying the data breach will be the service provider's utmost priority, and the necessary resources will be allocated to achieve this objective. The service provider will furnish the client with all essential information to facilitate a comprehensive understanding of the nature and extent of the data breach.

If applicable laws mandate it, the service provider will notify affected parties of the data breach and provide credit monitoring services. Upon request, the service provider will also disclose the actions taken or planned to mitigate the adverse effects of unauthorized access, disclosure, or use of client data. If the data breach necessitates assistance from the service provider in reinstalling software, such assistance will be provided to the Client at no cost. The client retains the discretion to discontinue any services or products provided by the service provider until it is satisfied that the cause of the data breach has been adequately addressed.

Service provider warrants that, to the best of its knowledge, the system is free of and does not contain any code or mechanism that collects personal information or asserts control of the system without client’s consent, or which may restrict client’s access to or use of client data. Service provider further warrants that it will not knowingly introduce, via any means, spyware, adware, ransomware, rootkit, keylogger, virus, trojan, worm, or other code or mechanism designed to permit unauthorized access to client data, or which may restrict client’s access to or use of client data.

If service provider is served with any subpoena, discovery request, court order, or other legal request or command that calls for disclosure of any client data, service provider shall promptly notify the client in writing and provide the client sufficient time to obtain a court order or take any other action the client deems necessary to prevent disclosure or otherwise protect client data. In such event, service provider shall provide client prompt and full assistance in client’s efforts to protect client data. Where service provider is prohibited by law from notifying the client of a legal request for client data, Service provider will comply with all applicable laws and regulations with respect to the requested client data.

Upon the expiration or termination of the contract, the service provider will ensure that no data breach occurs and will comply with the client's instructions regarding the preservation, transfer, or destruction of client data. Industry-standard methods of destruction, such as "purging" or "physical destruction," will be employed. Upon request, the service provider will furnish the client with written certification of the completion of data return or destruction. Prior to such return or destruction, client data will continue to be protected in accordance with the terms of this Agreement.

This agreement will remain in effect even after the expiration or earlier termination of the contract. however, either party may terminate this agreement upon the expiration or termination of the contract. In the event of any conflict between the provisions of this agreement and those of the contract, service provider's warranties, support contract, or service level agreement, the provisions of this agreement shall take precedence.

Refers to all data disclosed by the client to the service provider. For the purposes of this agreement, client data remains as such even if it is transmitted or transferred beyond the immediate possession, custody, or control of the client

Denotes the unauthorized access and acquisition of computerized data that significantly compromises the security or confidentiality of confidential or sensitive personal information stored by the client as part of a database containing personal information about multiple individuals. Such a breach is believed to have caused or is reasonably expected to cause loss or harm to any constituent of the client

Comprises a collection of components that support an operational function or achieve a specific objective. This may encompass various information resources such as networks, servers, computers, software, applications, operating systems, or storage devices, organized for the purpose of collecting, processing, maintaining, using, sharing, disseminating, or disposing of information

A formal process employed to ensure controlled and coordinated introduction of changes to a system, reducing the likelihood of unnecessary modifications, introduction of faults or vulnerabilities, or undoing changes made by other users