Handling Sensitive Personal Information and Breach Notification A. As part of its contract with HHSC Contractor may receive or create sensitive personal information, as section 521.002 of the Business and Commerce Code defines that phrase. Contractor must use appropriate safeguards to protect this sensitive personal information. These safeguards must include maintaining the sensitive personal information in a form that is unusable, unreadable, or indecipherable to unauthorized persons. Contractor may consult the “Guidance to Render Unsecured Protected Health Information Unusable, Unreadable, or Indecipherable to Unauthorized Individuals” issued by the U.S. Department of Health and Human Services to determine ways to meet this standard.
B. Contractor must notify HHSC of any confirmed or suspected unauthorized acquisition, access, use or disclosure of sensitive personal information related to this Contract, including any breach of system security, as section 521.053 of the Business and Commerce Code defines that phrase. Contractor must submit a written report to HHSC as soon as possible but no later than 10 business days after discovering the unauthorized acquisition, access, use or disclosure. The written report must identify everyone whose sensitive personal information has been or is reasonably believed to have been compromised.
C. Contractor must either disclose the unauthorized acquisition, access, use or disclosure to everyone whose sensitive personal information has been or is reasonably believed to have been compromised or pay the expenses associated with HHSC doing the disclosure if:
1. Contractor experiences a breach of system security involving information owned by HHSC for which disclosure or notification is required under section 521.053 of the Business and Commerce Code; or
2. Contractor experiences a breach of unsecured protected health information, as 45 C.F.R. §164.402 defines that phrase, and HHSC becomes responsible for doing the notification required by 45 C.F.R. §164.404. HHSC may, at its discretion, waive Contractor's payment of expenses associated with HHSC doing the disclosure.
Release of Confidential Information No Party shall release or disclose Confidential Information to any other person, except to its Affiliates (limited by FERC Standards of Conduct requirements), subcontractors, employees, consultants, or to parties who may be considering providing financing to or equity participation with Developer, or to potential purchasers or assignees of a Party, on a need-to-know basis in connection with this Agreement, unless such person has first been advised of the confidentiality provisions of this Article 22 and has agreed to comply with such provisions. Notwithstanding the foregoing, a Party providing Confidential Information to any person shall remain primarily responsible for any release of Confidential Information in contravention of this Article 22.
Definition of Confidential Information The term “Confidential Information” shall mean all information that either party discloses (a “Disclosing Party”) to the other party (a “Receiving Party”), whether in writing, electronically, or orally and in any form (tangible or intangible), that is confidential, proprietary, or relates to clients or shareholders (each either existing or potential). Confidential Information includes, but is not limited to:
Treatment of Confidential Information (A) Each party agrees that at all times during and after the terms of this Agreement, it shall use, handle, collect, maintain, and safeguard Confidential Information in accordance with (1) the confidentiality and non-disclosure requirements of this Agreement; (2) the GLB Act, as applicable and as it may be amended; and (3) such other Applicable Law, whether in effect now or in the future.
(B) Without limiting the foregoing, the Receiving Party shall apply to any Confidential Information at least the same degree of reasonable care used for its own confidential and proprietary information to avoid unauthorized disclosure or use of Confidential Information under this Agreement.
(C) Each party further agrees that:
(1) The Receiving Party will hold all Confidential Information it obtains in strictest confidence and will use and permit use of Confidential Information solely for the purposes of this Agreement or as otherwise provided for in this Agreement, and consistent therewith, may disclose or provide access to its responsible employees or agents who have a need to know and are under adequate confidentiality agreements or arrangements and make copies of Confidential Information to the extent reasonably necessary to carry out its obligations under this Agreement;
(2) Notwithstanding the foregoing, the Receiving Party may release Confidential Information as permitted or required by law or approved in writing by the Disclosing party, which approval shall not be unreasonably withheld and may not be withheld where the Receiving Party may be exposed to civil or criminal liability or proceedings for failure to release such information;
(3) Additionally, Ultimus may provide Confidential Information typically supplied in the investment company industry to companies that track or report price, performance or other information regarding investment companies; and
(4) The Receiving Party will immediately notify the Disclosing Party of any unauthorized disclosure or use, and will cooperate with the Disclosing Party to protect all proprietary rights in any Confidential Information.
Contractor Designation of Trade Secrets or Otherwise Confidential Information If the Contractor considers any portion of materials to be trade secret under section 688.002 or 812.081, F.S., or otherwise confidential under Florida or federal law, the Contractor must clearly designate that portion of the materials as trade secret or otherwise confidential when submitted to the Department. The Contractor will be responsible for responding to and resolving all claims for access to Contract-related materials it has designated trade secret or otherwise confidential.
Destruction of Confidential Information Upon the written request of the disclosing Party, the receiving Party shall cease using and arrange for the destruction of all copies of any Confidential Information then in the receiving Party’s possession or under such Party’s control. The receiving Party agrees to dispose of the Confidential Information in such a manner that the information cannot be read or reconstructed after destruction. Upon the written request of the disclosing Party, the receiving Party shall certify in writing that it has complied with the obligations set forth in this paragraph.
Treatment of Proprietary and Confidential Information A. Both parties agree that it may be necessary to provide each other during the term of this Agreement with certain confidential information, including trade secret information, including but not limited to, technical and business plans, technical information, proposals, specifications, drawings, procedures, customer account data and like information (hereinafter collectively referred to as “Information”). Both parties agree that all Information shall either be in writing or other tangible format and clearly marked with a confidential, private or proprietary legend, or, when the Information is communicated orally, it shall also be communicated that the Information is confidential, private or proprietary. The Information will be returned to the owner within a reasonable time. Both parties agree that the Information shall not be copied or reproduced in any form. Both parties agree to receive such Information and not disclose such Information. Both parties agree to protect the Information received from distribution, disclosure or dissemination to anyone except employees of the parties with a need to know such Information and which employees agree to be bound by the terms of this Section. Both parties will use the same standard of care to protect Information received as they would use to protect their own confidential and proprietary Information.
B. Notwithstanding the foregoing, both parties agree that there will be no obligation to protect any portion of the Information that is either: 1) made publicly available by the owner of the Information or lawfully disclosed by a nonparty to this Agreement; 2) lawfully obtained from any source other than the owner of the Information; or 3) previously known to the receiving party without an obligation to keep it confidential.
Return of Confidential Information Subject to Section 4.2(e) of this Agreement, upon the request of a party, the other party shall return all Confidential Information to the other; provided, however, (i) each party shall be permitted to retain copies of the other party’s Confidential Information solely for archival, audit, disaster recovery, legal and/or regulatory purposes, and (ii) neither party will be required to search archived electronic back-up files of its computer systems for the other party’s Confidential Information in order to purge the other party’s Confidential Information from its archived files; provided further, that any Confidential Information so retained will (x) remain subject to the obligations and restrictions contained in this Agreement, (y) will be maintained in accordance with the retaining party’s document retention policies and procedures, and (z) the retaining party will not use the retained Confidential Information for any other purpose.
HANDLING OF CONFIDENTIAL INFORMATION The Company agrees to undertake the following in relation to IHiS’ Confidential Information: to maintain the same in confidence and to use it only for the Purpose and for no other purpose; not to make any commercial use thereof; not to use the same for the benefit of itself or of any third party other than pursuant to a further agreement with IHiS; not to use the same for the purpose of guiding or conducting a search of any information, materials or sources, whether or not available to the public, for any purpose whatsoever, including without limitation, for the purpose of demonstrating that any information falls within one of the exceptions in Clause 1.1(b); not to copy, reproduce, reverse engineer or reduce to writing any part thereof except as may be reasonably necessary for the Purpose and that any copies, reproductions or reductions to writing so made shall be the property of IHiS; not to disclose the Confidential Information whether to its employees or to third parties except in confidence to such of its Representatives who have been informed of the confidential nature thereof and who need to know the same for the Purpose and that: such Representatives are contractually obliged (whether by their contracts of employment or service, or otherwise) not to disclose the same or to use the same otherwise than for the Purpose; and the Company shall enforce such obligations at its expense, and to such extent as may be required by IHiS, in the event of a breach thereof that relates to IHiS' Confidential Information; to ensure the compliance to this NDA (including sub-clauses (a) to (f) above) on the part of its Representatives to whom Confidential Information is disclosed; and to apply to the Confidential Information no lesser security measures and degree of care than those which the Company applies to its own confidential or proprietary information of similar nature, but in no event less than reasonable care, and which the Company warrants as being adequate protection of such information from unauthorised disclosure, copying or use. The Company, as the principal party, shall be responsible and held liable for any breach of this NDA by any of its Representatives. If the Company is uncertain as to whether any information is Confidential Information, the Company shall treat the information as if it was Confidential Information, unless otherwise agreed by IHiS in writing. The Company shall immediately notify IHiS of any unauthorised disclosure or use of the Confidential Information of which the Company becomes aware and will take all steps which IHiS may require in relation to such unauthorised disclosure or use, or to prevent further unauthorised disclosure or use. Notwithstanding the foregoing, the Company shall be entitled to make any disclosure of the Confidential Information as required by law, but shall give IHiS not less than TWO (2) business days' notice of such disclosure and shall consult with IHiS prior to such disclosure with a view to avoiding such disclosure, if legally possible.
Protection of Confidential Information; Non-Competition 4.1. Executive acknowledges that:
(1) As a result of his current employment with the Company, Executive will obtain secret and confidential information concerning the business of the Company and its subsidiaries and affiliates (referred to collectively in this Article 4 as the “Company”), including, without limitations, financial information, designs and other proprietary rights, trade secrets and “know-how,” customers and sources (“Confidential Information”).
(2) The Company will suffer substantial damage which will be difficult to compute if, during the period of his employment with the Company or thereafter, Executive should enter a business competitive with the Company or divulge Confidential Information.
(3) The provisions of this Agreement are reasonable and necessary for the protection of the business of the Company.
4.2. Executive agrees that he will not at any time, either during the term of this Agreement or thereafter, divulge to any person or entity any Confidential Information obtained or learned by him as a result of his employment with the Company, except (i) in the course of performing his duties hereunder, (ii) to the extent that any such information is in the public domain other than as a result of Executive’s breach of any of his obligations hereunder, (iii) where required to be disclosed by court order, subpoena or other government process or (iv) if such disclosure is made without Executive’s knowing intent to cause material harm to the Company. If Executive shall be required to make disclosure pursuant to the provisions of clause (iii) of the preceding sentence, Executive promptly, but in no event more than 72 hours after learning of such subpoena, court order, or other government process, shall notify, by personal delivery or by electronic means, confirmed by mail, the Company and, at the Company’s expense, Executive shall: (a) take reasonably necessary and lawful steps required by the Company to defend against the enforcement of such subpoena, court order or other government process, and (b) permit the Company to intervene and participate with counsel of its choice in any proceeding relating to the enforcement thereof.
4.3. Upon termination of his employment with the Company, Executive will promptly deliver to the Company all memoranda, notes, records, reports, manuals, drawings, blue-prints and other documents (and all copies thereof) relating to the business of the Company and all property associated therewith, which he may then possess or have under his control; provided, however, that the Executive shall be entitled to retain one copy of such documents for his personal use and records.
4.4. During the period commencing with the start date of employment under this agreement and terminating three years after termination of employment: (A) Executive, without the prior written permission of the Company, shall not, anywhere in the People’s Republic of China, Hong Kong SAR and Taiwan, (i) enter into the employ of or render any services to any person, firm or corporation engaged in any business which is directly in competition with the Company’s principal existing business at the time of termination (“Competitive Business”); (ii) engage in any Competitive Business as an individual, partner, shareholder, creditor, director, officer, principal, agent, employee, trustee consultant, advisor or in any other relationship or capacity; (iv) employ, or have or cause any other person or entity to employ, any person who was employed by the Company at the time of termination of Executive’s employment by the Company (other than Executive’s personal secretary and assistant); or (v) solicit, interfere with, or endeavor to entice away from the Company, for the benefit of a Competitive Business, any of its customers. Notwithstanding the foregoing, Executive shall not be precluded from investing and managing the investment of, his or his family’s assets in the securities of any corporation or other business entity which is engaged in a Competitive Business if such securities are traded on a national stock exchange or in the over-the-counter market and if such investment does not result in his beneficially owning, at any time, more than 5% of any class of the publicly-traded equity securities of such Competitive Business; provided, however, that for a period commencing with the start date of employment under this agreement and terminating three years after termination of Executive’s employment (except for investments in a class of securities trading on public markets), Executive shall refer to the Company for consideration (before any other party) any and all opportunities to acquire or purchase, or otherwise make equity or debt investments in, companies primarily involved in a Competitive Business if such opportunities becomes known to Executive while he is the Chief Executive Officer of the Company. If the Company determines not to exploit any opportunity referred to in the foregoing sentence, the Company shall determine what, if anything, should be done with such opportunity. Executive shall not be entitled to any compensation, as a finder or otherwise, if either the Company or Executive introduces such opportunity to other persons, it being understood that all such compensation shall be paid to the Company. Notwithstanding the foregoing, in the event the Company terminates this Agreement without “cause” or if Executive terminates this Agreement for Good Reason under Section 3.5 hereof, Executive’s obligations under this Section 4.4 shall terminate one month following termination.
4.5. If Executive commits a breach of any of the provisions of Sections 4.2 or 4.4, the Company shall have the right:
(1) to have the provisions of this Agreement specifically enforced by any court having equity jurisdiction, it being acknowledged and agreed by Executive that the services being rendered hereunder to the Company are of a special, unique and extraordinary character and that any breach or threatened breach will cause irreparable injury to the Company and that money damages will not provide an adequate remedy to the Company; and
(2) to require Executive to account for and pay over to the Company all monetary damages determined by a non-appealable decision by a court of law to have been suffered by the Company as the result of any actions constituting a breach of any of the provisions of Section 4.2 or 4.4, and Executive hereby agrees to account for and pay over such damages to the Company (up to the maximum of all payments made under the Agreement).
4.6. If Executive shall violate any covenant contained in Section 4.4, the duration of such covenant so violated shall be automatically extended for a period of time equal to the period of such violation.
4.7. If any provision of Sections 4.2 or 4.4 is held to be unenforceable because of the scope, duration or area of its applicability, the tribunal making such determination shall not have the power to modify such scope, duration, or area, or all of them and such provision or provisions shall be void ab initio.
