Home » American Home Shield Annual Reports » 2010 Annual Report - page 246

American Home Shield 2010 Annual Report Download - page 246

Download and view the complete annual report

Please find page 246 of the 2010 American Home Shield annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

11.5. Loss of or Unauthorized Access to Company Information; Intrusions

(a) Safeguards. Service Provider shall comply with the security safeguards set forth in the "Customer

Security Requirements" Exhibit.

(b) Security Assessment. Without limiting the generality of the foregoing, Service Provider's information

security policies set forth in the "Customer Security Requirements" Exhibit shall also address (i) regular assessment and re-

assessment of the risks to the security of Customer Data and systems acquired or maintained by Service Provider and its agents and

contractors, including (A) identification of internal and external threats that could result in a Security Breach, (B) assessment of the

likelihood and potential damage of such threats, taking into account the sensitivity of such data and systems, and (C) assessment of

the sufficiency of policies, procedures, and information systems of Service Provider and its agents and subcontractors, and other

arrangements in place, to control risks; and (ii) protection against such risks.

destroy or securely erase such media in accordance with the Security Requirements and otherwise in a manner designed to protect

against unauthorized access to or use of any Customer Data in connection with such destruction or erasure.

(d) Security Breach. In the event Service Provider becomes aware of any Security Breach caused by Service

Provider acts or failure to act in accordance with the terms of this Agreement, Service Provider shall,[***]. In the event that Service

Provider becomes aware of any Security Breach which is not caused by Service Provider acts or failure to act other than in

accordance with the terms of this Agreement, Service Provider shall promptly (and in any event, within no less than [***]) notify

Customer of such Security Breach, and the Parties shall reasonably cooperate with Customer and, at Customer's request, any law

enforcement or regulatory officials, credit reporting companies, and credit card associations, with respect to the investigation and

remediation of such Security Breach [***].

(e) Intrusion Detection/Interception. Service Provider will provide Customer and its representatives with

reasonable access to Service Provider's systems, policies and procedures relating to intrusion detection and interception with respect

to Service Provider systems used to provide the Services for the purpose of examining, testing and assessing those systems, policies

and procedures in accordance with Section 9.7.

11.6. Limitation

The covenants of confidentiality and other restrictive covenants set forth herein (a) will apply after the Original

Effective Date to any Company Information disclosed to the receiving Party before and after the Original Effective Date and (b) will

continue and must be maintained from the Original Effective Date through the termination of the Services and (i) with respect to

Trade Secrets, until such Trade Secrets no longer qualify as Trade Secrets under applicable Law; (ii) with respect to Confidential

Information, for a period equal to the longer of [***] after termination of the Parties' relationship under the Agreement, or as long as

required by applicable Law; and (iii) with respect to Personally Identifiable Information, in perpetuity.