Monopolies and Exclusive Service Suppliers 1. Each Party shall ensure that any monopoly supplier of a service in its territory does not, in the supply of the monopoly service in the relevant market, act in a manner inconsistent with that Party's Schedule of specific commitments.
2. Where a Party's monopoly supplier competes, either directly or through an affiliated company, in the supply of a service outside the scope of its monopoly rights and which is subject to that Party's Schedule of specific commitments, the Party shall ensure that such a supplier does not abuse its monopoly position to act in its territory in a manner inconsistent with such commitments.
3. If a Party has reason to believe that a monopoly supplier of a service of the other Party is acting in a manner inconsistent with paragraphs 1 or 2 above, it may request that Party establishing, maintaining or authorising such supplier to provide specific information concerning the relevant operations.
4. The provisions of this Article shall also apply to cases of exclusive service suppliers, where a Party, formally or in effect:
(a) authorises or establishes a small number of service suppliers; and
(b) substantially prevents competition among those suppliers in its territory.
OBLIGATIONS AND ACTIVITIES OF CONTRACTOR AS BUSINESS ASSOCIATE 1. CONTRACTOR agrees not to use or further disclose PHI COUNTY discloses to CONTRACTOR other than as permitted or required by this Business Associate Contract or as required by law.
2. XXXXXXXXXX agrees to use appropriate safeguards, as provided for in this Business Associate Contract and the Agreement, to prevent use or disclosure of PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY other than as provided for by this Business Associate Contract.
3. XXXXXXXXXX agrees to comply with the HIPAA Security Rule at Subpart C of 45 CFR Part 164 with respect to electronic PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY.
4. CONTRACTOR agrees to mitigate, to the extent practicable, any harmful effect that is known to CONTRACTOR of a Use or Disclosure of PHI by CONTRACTOR in violation of the requirements of this Business Associate Contract.
5. XXXXXXXXXX agrees to report to COUNTY immediately any Use or Disclosure of PHI not provided for by this Business Associate Contract of which CONTRACTOR becomes aware. CONTRACTOR must report Breaches of Unsecured PHI in accordance with Paragraph E below and as required by 45 CFR § 164.410.
6. CONTRACTOR agrees to ensure that any Subcontractors that create, receive, maintain, or transmit PHI on behalf of CONTRACTOR agree to the same restrictions and conditions that apply through this Business Associate Contract to CONTRACTOR with respect to such information.
7. CONTRACTOR agrees to provide access, within fifteen (15) calendar days of receipt of a written request by COUNTY, to PHI in a Designated Record Set, to COUNTY or, as directed by COUNTY, to an Individual in order to meet the requirements under 45 CFR § 164.524. If CONTRACTOR maintains an Electronic Health Record with PHI, and an individual requests a copy of such information in an electronic format, CONTRACTOR shall provide such information in an electronic format.
8. CONTRACTOR agrees to make any amendment(s) to PHI in a Designated Record Set that COUNTY directs or agrees to pursuant to 45 CFR § 164.526 at the request of COUNTY or an Individual, within thirty (30) calendar days of receipt of said request by COUNTY. XXXXXXXXXX agrees to notify COUNTY in writing no later than ten (10) calendar days after said amendment is completed.
9. CONTRACTOR agrees to make internal practices, books, and records, including policies and procedures, relating to the use and disclosure of PHI received from, or created or received by CONTRACTOR on behalf of, COUNTY available to COUNTY and the Secretary in a time and manner as determined by COUNTY or as designated by the Secretary for purposes of the Secretary determining COUNTY’S compliance with the HIPAA Privacy Rule.
10. CONTRACTOR agrees to document any Disclosures of PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY, and to make information related to such Disclosures available as would be required for COUNTY to respond to a request by an Individual for an accounting of Disclosures of PHI in accordance with 45 CFR § 164.528.
11. CONTRACTOR agrees to provide COUNTY or an Individual, as directed by COUNTY, in a time and manner to be determined by COUNTY, that information collected in accordance with the Agreement, in order to permit COUNTY to respond to a request by an Individual for an accounting of Disclosures of PHI in accordance with 45 CFR § 164.528.
12. XXXXXXXXXX agrees that to the extent CONTRACTOR carries out COUNTY’s obligation under the HIPAA Privacy and/or Security rules CONTRACTOR will comply with the requirements of 45 CFR Part 164 that apply to COUNTY in the performance of such obligation.
13. If CONTRACTOR receives Social Security data from COUNTY provided to COUNTY by a state agency, upon request by COUNTY, CONTRACTOR shall provide COUNTY with a list of all employees, subcontractors and agents who have access to the Social Security data, including employees, agents, subcontractors and agents of its subcontractors.
14. CONTRACTOR will notify COUNTY if CONTRACTOR is named as a defendant in a criminal proceeding for a violation of HIPAA. COUNTY may terminate the Agreement, if CONTRACTOR is found guilty of a criminal violation in connection with HIPAA. COUNTY may terminate the Agreement, if a finding or stipulation that CONTRACTOR has violated any standard or requirement of the privacy or security provisions of HIPAA, or other security or privacy laws are made in any administrative or civil proceeding in which CONTRACTOR is a party or has been joined. COUNTY will consider the nature and seriousness of the violation in deciding whether or not to terminate the Agreement.
Competitive Activities During the term of this Agreement, Consultant will not, directly or indirectly, in any individual or representative capacity, engage or participate in or provide services to any business that is competitive with the types and kinds of business being conducted by Company.
License to Customer Vendor grants to Customer, a perpetual, irrevocable, royalty free license, solely for the Customer’s internal business purposes, to use, copy, modify, display, perform (by any means), transmit and prepare derivative works of any Vendor IP embodied in or delivered to Customer in conjunction with the Work Product. The foregoing license includes the right to sublicense third parties, solely for the purpose of engaging such third parties to assist or carryout Customer’s internal business use of the Work Product. Except for the preceding license, all rights in Vendor IP remain in Vendor.
Handling Sensitive Personal Information and Breach Notification A. As part of its contract with HHSC Contractor may receive or create sensitive personal information, as section 521.002 of the Business and Commerce Code defines that phrase. Contractor must use appropriate safeguards to protect this sensitive personal information. These safeguards must include maintaining the sensitive personal information in a form that is unusable, unreadable, or indecipherable to unauthorized persons. Contractor may consult the “Guidance to Render Unsecured Protected Health Information Unusable, Unreadable, or Indecipherable to Unauthorized Individuals” issued by the U.S. Department of Health and Human Services to determine ways to meet this standard.
B. Contractor must notify HHSC of any confirmed or suspected unauthorized acquisition, access, use or disclosure of sensitive personal information related to this Contract, including any breach of system security, as section 521.053 of the Business and Commerce Code defines that phrase. Contractor must submit a written report to HHSC as soon as possible but no later than 10 business days after discovering the unauthorized acquisition, access, use or disclosure. The written report must identify everyone whose sensitive personal information has been or is reasonably believed to have been compromised.
C. Contractor must either disclose the unauthorized acquisition, access, use or disclosure to everyone whose sensitive personal information has been or is reasonably believed to have been compromised or pay the expenses associated with HHSC doing the disclosure if:
1. Contractor experiences a breach of system security involving information owned by HHSC for which disclosure or notification is required under section 521.053 of the Business and Commerce Code; or
2. Contractor experiences a breach of unsecured protected health information, as 45 C.F.R. §164.402 defines that phrase, and HHSC becomes responsible for doing the notification required by 45 C.F.R. §164.404. HHSC may, at its discretion, waive Contractor's payment of expenses associated with HHSC doing the disclosure.
Processing of Customer Personal Data 3.1 UKG will:
3.1.1 comply with all applicable Data Protection Laws in the Processing of Customer Personal Data; and
3.1.2 not Process Customer Personal Data other than for the purpose, and in accordance with, the relevant Customer’s instructions as documented in the Agreement and this DPA, unless Processing is required by the Data Protection Laws to which the relevant UKG Processor is subject, in which case UKG to the extent permitted by the Data Protection Laws, will inform Customer of that legal requirement before the Processing of that Customer Personal Data.
3.2 Customer hereby:
3.2.1 instructs UKG (and authorizes UKG to instruct each Subprocessor) to: (a) Process Customer Personal Data; and (b) in particular, transfer Customer Personal Data to any country or territory subject to the provisions of this DPA, in each case as reasonably necessary for the provision of the Services and consistent with the Agreement.
3.2.2 warrants and represents that it is and will at all relevant times remain duly and effectively authorized to give the instructions set out in Section 3.2.1 on behalf of each relevant Customer Affiliate; and
3.2.3 warrants and represents that it has all necessary rights in relation to the Customer Personal Data and/or has collected all necessary consents from Data Subjects to Process Customer Personal Data to the extent required by Applicable Law.
3.3 Schedule 1 to this DPA sets out certain information regarding UKG’s Processing of Customer Personal Data as required by Article 28(3) of the GDPR (and equivalent requirements of other Data Protection Laws).
PROPRIETARY/RESTRICTIVE SPECIFICATIONS If a prospective bidder considers the specification contained herein to be proprietary or restrictive in nature, thus potentially resulting in reduced competition, they are urged to contact the Procurement Division prior to bid opening. Specifications which are unrelated to performance will be considered for deletion via addendum to this Invitation for Bids.
Permitted Uses and Disclosures by Business Associate Except as otherwise limited by this Agreement, Business Associate may make any uses and disclosures of Protected Health Information necessary to perform its services to Covered Entity and otherwise meet its obligations under this Agreement, if such use or disclosure would not violate the Privacy Rule if done by Covered Entity. All other uses or disclosures by Business Associate not authorized by this Agreement or by specific instruction of Covered Entity are prohibited.
Permitted Uses and Disclosures of Phi by Business Associate Except as otherwise indicated in this Agreement, Business Associate may use or disclose PHI, inclusive of de-identified data derived from such PHI, only to perform functions, activities or services specified in this Agreement on behalf of DHCS, provided that such use or disclosure would not violate HIPAA or other applicable laws if done by DHCS.
Non-Solicitation of Customers and Suppliers Each Subject Party agrees that, during the Restricted Period, such Subject Party will not, without the prior written consent of Parent (which may be withheld in its sole discretion), individually or on behalf of any other Person (other than, if applicable, a Covered Party in the performance of such Subject Party’s duties on behalf of the Covered Parties), directly or indirectly: (i) solicit, induce, encourage or otherwise cause (or attempt to do any of the foregoing) any Covered Customer (as defined below) to (A) cease being, or not become, a client or customer of any Covered Party with respect to the Business or (B) reduce the amount of business of such Covered Customer with any Covered Party, or otherwise alter such business relationship in a manner adverse to any Covered Party, in either case, with respect to or relating to the Business; (ii) interfere with or disrupt (or attempt to interfere with or disrupt) the contractual relationship between any Covered Party and any Covered Customer; (iii) divert any business with any Covered Customer relating to the Business from a Covered Party; (iv) solicit for business, provide services to, engage in or do business with, any Covered Customer for products or services that are part of the Business; or (v) interfere with or disrupt (or attempt to interfere with or disrupt), any Person that was a vendor, supplier, distributor, agent or other service provider of a Covered Party at the time of such interference or disruption, for a purpose competitive with a Covered Party as it relates to the Business. For purposes of this Agreement, a “Covered Customer” shall mean any Person who is or was an actual customer or client (or prospective customer or client with whom a Covered Party actively marketed or made or taken specific action to make a proposal) of a Covered Party, (A) if the relevant time of determination is before the Termination Date, as of such date of determination or during the one (1) year period preceding such date and, (B) if the relevant time of determination is after the Termination Date, as of the Termination Date or during the one (1) year period preceding the Termination Date.
