Specifications include, but are not limited to: The solution must outline the following features and requirements • User Licenses – per user, concurrent users, or site license • Hosted (SaaS) solution • Implementation costs • Software licenses – per module and /or database costs • End-user and Administrator Training The Contractor shall: 1) Implement administrative, physical, and technical safeguards to protect State data that are no less rigorous than accepted industry best practices for information security. 2) Ensure that all such safeguards, including the manner in which State data is collected, accessed, used, stored, processed, disposed of and disclosed, comply with applicable data protection and privacy laws as well as the terms and conditions of the Contract; and 3) The Contractor, and Contractor Personnel, shall (i) abide by all applicable federal, State and local laws, rules and regulations concerning security of Information Systems and Information Technology and (ii) comply with and adhere to the State IT Security Policy and Standards as each may be amended or revised from time to time. Updated and revised versions of the State IT Policy and Standards are available online at: www.doit.maryland.gov – keyword: Security Policy.