By registering for access to HistoGenetics services, the User Entity (Client) acknowledges and agrees to the following security responsibilities:
1. Data Integrity and Security : The User Entity is responsible for the security, confidentiality, and integrity of all data and reports once retrieved from HistoGenetics’ secure platforms and housed under the User Entity's control.
2. Access Authorization : The determination of which personnel require access to HistoGenetics’ file-sharing platform (Example: ShareFile) and the granting of such access is the sole responsibility of authorized personnel at the User Entity.
3. Credential Management : The User Entity is responsible for managing all internal credentials and ensuring that access to HistoGenetics’ platforms is restricted to authorized individuals. Sharing of accounts or passwords is strictly prohibited.
4. Periodic Access Review : The User Entity agrees to perform periodic reviews of its authorized users and their associated access levels to ensure that access remains appropriate and is revoked immediately upon a user's termination or change in job role.
5. Data Protection in Transit : The User Entity is responsible for ensuring that adequate protective measures are in place for data as it traverses from HistoGenetics’ secure endpoints to the User Entity’s local network environment.
6. Physical and Endpoint Security : The User Entity shall establish adequate physical security and environmental controls for all devices and workstations residing at their operational facilities, including those used by remote or at-home employees, to prevent unauthorized access to HistoGenetics information.