The National Academies Press

Currently Skimming:

Pages 20-23

The Chapter Skim interface presents what we've algorithmically identified as the most significant single chunk of text within every page in the chapter.
Select key terms on the right to highlight them within pages of the chapter.

From page 20... ... 20 Omnitrans reported that it "upgraded its legacy Integrated Vehicle Logic Units (IVLU) Mobile Display Terminal (MDT) Read the entire page →
From page 21... ... 21 adoption: efficiency, accessibility, collaboration, rapidity of innovation, reliability, and security.265 However, there are challenges as agencies transition to cloud computing and services; for example, some agency chief information officers (CIOs) have stated that in spite of the stated security advantages of cloud computing, they are, in fact, concerned about moving their data from their data centers, which they manage and control, to outsourced cloud services. Read the entire page →
From page 22... ... 22 litigation.284 Information that is retrievable on demand by a CSP client is considered to be within the client's control for purposes of discovery.285 According to one source, a CSP could refuse to allow sufficient access to enable a client to comply with its e-discovery obligations.286 Because a CSP could be subpoenaed for the same data,287 a CSP contract should require that a CSP notify a transit agency of a subpoena before the CSP discloses any data.288 C Negotiating the Terms of a CSP Contract Scholars have analyzed the terms and conditions used by CSPs and have determined that the issues that providers and users tend to negotiate mostly are as follows: 1. Read the entire page →
From page 23... ... 23 security.302 If an audit discloses flaws that are not corrected timely to a transit agency's satisfaction, the agreement should give a transit agency the right to terminate the contract.303 The agreement should include provisions to mitigate the risk of a data breach, for example, by providing that data may not be shared with third parties or subsidiaries without a transit agency's prior written consent.304 An agreement should provide for the protection of a transit agency's data305 and for the backing-up and recovery of data.306 A transit agency's agreement should specify required standards of performance and promised level of service by the CSP, that a CSP will comply with applicable laws on data security and notification of a data breach, and that a CSP will install the necessary and appropriate measures to prevent intrusions and viruses.307 If a CSP agreement allows a CSP to use data for certain purposes, a transit agency should consider whether the use or uses are acceptable to the agency and/or its patrons.308 As noted in part V.A with respect to contracts with vendors, a CSP contract should state whether a provider is entitled to retain and market a transit agency's data after contract termination. An agreement should require a CSP to identify its employees, agents, contractors and/or subcontractors who may have access to a transit agency's data. Read the entire page →

From page 20...

... 20 Omnitrans reported that it "upgraded its legacy Integrated Vehicle Logic Units (IVLU) Mobile Display Terminal (MDT)

Read the entire page →

From page 21...

... 21 adoption: efficiency, accessibility, collaboration, rapidity of innovation, reliability, and security.265 However, there are challenges as agencies transition to cloud computing and services; for example, some agency chief information officers (CIOs) have stated that in spite of the stated security advantages of cloud computing, they are, in fact, concerned about moving their data from their data centers, which they manage and control, to outsourced cloud services.

Read the entire page →

From page 22...

... 22 litigation.284 Information that is retrievable on demand by a CSP client is considered to be within the client's control for purposes of discovery.285 According to one source, a CSP could refuse to allow sufficient access to enable a client to comply with its e-discovery obligations.286 Because a CSP could be subpoenaed for the same data,287 a CSP contract should require that a CSP notify a transit agency of a subpoena before the CSP discloses any data.288 C Negotiating the Terms of a CSP Contract Scholars have analyzed the terms and conditions used by CSPs and have determined that the issues that providers and users tend to negotiate mostly are as follows: 1.

Read the entire page →

From page 23...

... 23 security.302 If an audit discloses flaws that are not corrected timely to a transit agency's satisfaction, the agreement should give a transit agency the right to terminate the contract.303 The agreement should include provisions to mitigate the risk of a data breach, for example, by providing that data may not be shared with third parties or subsidiaries without a transit agency's prior written consent.304 An agreement should provide for the protection of a transit agency's data305 and for the backing-up and recovery of data.306 A transit agency's agreement should specify required standards of performance and promised level of service by the CSP, that a CSP will comply with applicable laws on data security and notification of a data breach, and that a CSP will install the necessary and appropriate measures to prevent intrusions and viruses.307 If a CSP agreement allows a CSP to use data for certain purposes, a transit agency should consider whether the use or uses are acceptable to the agency and/or its patrons.308 As noted in part V.A with respect to contracts with vendors, a CSP contract should state whether a provider is entitled to retain and market a transit agency's data after contract termination. An agreement should require a CSP to identify its employees, agents, contractors and/or subcontractors who may have access to a transit agency's data.

Read the entire page →

Key Terms

← Previous Chapter Skim

Next Chapter Skim →

This material may be derived from roughly machine-read images, and so is provided only to facilitate research.
More information on Chapter Skim is available.