Handling Sensitive Personal Information and Breach Notification A. As part of its contract with HHSC Contractor may receive or create sensitive personal information, as section 521.002 of the Business and Commerce Code defines that phrase. Contractor must use appropriate safeguards to protect this sensitive personal information. These safeguards must include maintaining the sensitive personal information in a form that is unusable, unreadable, or indecipherable to unauthorized persons. Contractor may consult the “Guidance to Render Unsecured Protected Health Information Unusable, Unreadable, or Indecipherable to Unauthorized Individuals” issued by the U.S. Department of Health and Human Services to determine ways to meet this standard.
B. Contractor must notify HHSC of any confirmed or suspected unauthorized acquisition, access, use or disclosure of sensitive personal information related to this Contract, including any breach of system security, as section 521.053 of the Business and Commerce Code defines that phrase. Contractor must submit a written report to HHSC as soon as possible but no later than 10 business days after discovering the unauthorized acquisition, access, use or disclosure. The written report must identify everyone whose sensitive personal information has been or is reasonably believed to have been compromised.
C. Contractor must either disclose the unauthorized acquisition, access, use or disclosure to everyone whose sensitive personal information has been or is reasonably believed to have been compromised or pay the expenses associated with HHSC doing the disclosure if:
1. Contractor experiences a breach of system security involving information owned by HHSC for which disclosure or notification is required under section 521.053 of the Business and Commerce Code; or
2. Contractor experiences a breach of unsecured protected health information, as 45 C.F.R. §164.402 defines that phrase, and HHSC becomes responsible for doing the notification required by 45 C.F.R. §164.404. HHSC may, at its discretion, waive Contractor's payment of expenses associated with HHSC doing the disclosure.
OBLIGATIONS AND ACTIVITIES OF CONTRACTOR AS BUSINESS ASSOCIATE 1. CONTRACTOR agrees not to use or further disclose PHI COUNTY discloses to CONTRACTOR other than as permitted or required by this Business Associate Contract or as required by law.
2. XXXXXXXXXX agrees to use appropriate safeguards, as provided for in this Business Associate Contract and the Agreement, to prevent use or disclosure of PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY other than as provided for by this Business Associate Contract.
3. XXXXXXXXXX agrees to comply with the HIPAA Security Rule at Subpart C of 45 CFR Part 164 with respect to electronic PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY.
4. CONTRACTOR agrees to mitigate, to the extent practicable, any harmful effect that is known to CONTRACTOR of a Use or Disclosure of PHI by CONTRACTOR in violation of the requirements of this Business Associate Contract.
5. XXXXXXXXXX agrees to report to COUNTY immediately any Use or Disclosure of PHI not provided for by this Business Associate Contract of which CONTRACTOR becomes aware. CONTRACTOR must report Breaches of Unsecured PHI in accordance with Paragraph E below and as required by 45 CFR § 164.410.
6. CONTRACTOR agrees to ensure that any Subcontractors that create, receive, maintain, or transmit PHI on behalf of CONTRACTOR agree to the same restrictions and conditions that apply through this Business Associate Contract to CONTRACTOR with respect to such information.
7. CONTRACTOR agrees to provide access, within fifteen (15) calendar days of receipt of a written request by COUNTY, to PHI in a Designated Record Set, to COUNTY or, as directed by COUNTY, to an Individual in order to meet the requirements under 45 CFR § 164.524. If CONTRACTOR maintains an Electronic Health Record with PHI, and an individual requests a copy of such information in an electronic format, CONTRACTOR shall provide such information in an electronic format.
8. CONTRACTOR agrees to make any amendment(s) to PHI in a Designated Record Set that COUNTY directs or agrees to pursuant to 45 CFR § 164.526 at the request of COUNTY or an Individual, within thirty (30) calendar days of receipt of said request by COUNTY. XXXXXXXXXX agrees to notify COUNTY in writing no later than ten (10) calendar days after said amendment is completed.
9. CONTRACTOR agrees to make internal practices, books, and records, including policies and procedures, relating to the use and disclosure of PHI received from, or created or received by CONTRACTOR on behalf of, COUNTY available to COUNTY and the Secretary in a time and manner as determined by COUNTY or as designated by the Secretary for purposes of the Secretary determining COUNTY’S compliance with the HIPAA Privacy Rule.
10. CONTRACTOR agrees to document any Disclosures of PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY, and to make information related to such Disclosures available as would be required for COUNTY to respond to a request by an Individual for an accounting of Disclosures of PHI in accordance with 45 CFR § 164.528.
11. CONTRACTOR agrees to provide COUNTY or an Individual, as directed by COUNTY, in a time and manner to be determined by COUNTY, that information collected in accordance with the Agreement, in order to permit COUNTY to respond to a request by an Individual for an accounting of Disclosures of PHI in accordance with 45 CFR § 164.528.
12. XXXXXXXXXX agrees that to the extent CONTRACTOR carries out COUNTY’s obligation under the HIPAA Privacy and/or Security rules CONTRACTOR will comply with the requirements of 45 CFR Part 164 that apply to COUNTY in the performance of such obligation.
13. If CONTRACTOR receives Social Security data from COUNTY provided to COUNTY by a state agency, upon request by COUNTY, CONTRACTOR shall provide COUNTY with a list of all employees, subcontractors and agents who have access to the Social Security data, including employees, agents, subcontractors and agents of its subcontractors.
14. CONTRACTOR will notify COUNTY if CONTRACTOR is named as a defendant in a criminal proceeding for a violation of HIPAA. COUNTY may terminate the Agreement, if CONTRACTOR is found guilty of a criminal violation in connection with HIPAA. COUNTY may terminate the Agreement, if a finding or stipulation that CONTRACTOR has violated any standard or requirement of the privacy or security provisions of HIPAA, or other security or privacy laws are made in any administrative or civil proceeding in which CONTRACTOR is a party or has been joined. COUNTY will consider the nature and seriousness of the violation in deciding whether or not to terminate the Agreement.
Obligations and Activities of Business Associate Business Associate agrees to:
a. Not use or disclose Protected Health Information other than as permitted or required by this BAA, the Agreement, or as required by law;
b. Use appropriate safeguards, and comply with Subpart C of 45 CFR Part 164 with respect to electronic Protected Health Information, to prevent Use or Disclosure of Protected Health Information other than as provided for by this BAA;
c. Report to Covered Entity any Use or Disclosure of Protected Health Information not provided for by this BAA of which it becomes aware, including breaches of Unsecured Protected Health Information as required at 45 CFR 164.410, and any Security Incident of which it becomes aware;
d. In accordance with 45 CFR 164.502(e)(1)(ii) and 164.308(b)(2), if applicable, ensure that any Subcontractors that create, receive, maintain, or transmit Protected Health Information on behalf of the Business Associate agree to the same restrictions, conditions, and requirements that apply to Business Associate with respect to such information;
e. Make available Protected Health Information in a Designated Record Set to Covered Entity or to an individual whose Protected Health Information is maintained by Business Associate, or the individual’s designee, and document and retain the documentation required by 45 CFR 164.530(j), as necessary to satisfy Covered Entity’s obligations under 45 CFR 164.524;
f. Make any amendment(s) to Protected Health Information in a Designated Record Set as directed or agreed to by the Covered Entity pursuant to 45 CFR 164.526, or take other measures as necessary to satisfy Covered Entity’s obligations under 45 CFR 164.526;
g. Maintain and make available the information required to provide an accounting of Disclosures to the Covered Entity as necessary to satisfy Covered Entity’s obligations under 45 CFR 164.528;
h. To the extent the Business Associate is to carry out one or more of Covered Entity's obligation(s) under Subpart E of 45 CFR Part 164, comply with the requirements of Subpart E that apply to the Covered Entity in the performance of such obligation(s); and
i. Make its internal practices, books, and records available to the Secretary for purposes of determining Business Associate’s or Covered Entity’s compliance with HIPAA and HIPAA Regulations.
Personal Data Breach Notification SAP will notify Customer without undue delay after becoming aware of any Personal Data Breach and provide reasonable information in its possession to assist Customer to meet Customer’s obligations to report a Personal Data Breach as required under Data Protection Law. SAP may provide such information in phases as it becomes available. Such notification shall not be interpreted or construed as an admission of fault or liability by SAP.
Leave With Pay for Family-Related Responsibilities (a) For the purpose of this clause, “family” is defined as:
(i) spouse (including common law spouse resident with the employee);
(ii) children (including xxxxxx children, children of legal or common-law partner and xxxx of the employee);
(iii) parents (including step-parents or xxxxxx parents), father-in-law, mother-in-law;
(iv) brother, sister, step-brother, step-sister;
(v) grandparents and grandchildren of the employee;
(vi) any relative, residing in the employee’s household or with whom the employee permanently resides; or
(vii) any relative for whom the employee has a duty of care, irrespective of whether they reside with the employee.
(b) The total leave with pay which may be granted under this clause shall not exceed thirty-seven decimal five (37.5) hours in a fiscal year.
(c) At the request of an employee, leave with pay for family related responsibilities may be granted as follows:
(i) to take a dependent family member for medical or dental appointments, or for appointments with school authorities or adoption agencies; the employee who requests a leave pursuant to this clause should make every reasonable effort to schedule these appointments to minimize or preclude his or her absence from work;
(ii) for the temporary care of a sick member of the employee's family and to provide the employee with time to make alternate care arrangements where the illness is of a longer duration;
(iii) for needs directly related to the birth or adoption of his or her child;
(iv) to attend school functions, if the supervisor was notified of the functions as far in advance as possible;
(v) to provide for the employee’s child in the case of an unforeseeable closure of the school or daycare facility;
(vi) seven decimal five (7.5) hours out of the thirty-seven decimal five (37.5) hours stipulated in paragraph (b) above may be used to attend an appointment with a legal or paralegal representative for non-employment related matters, or with a financial or other professional representative, if the supervisor was notified of the appointment as far in advance as possible.
DEPENDENT PERSONAL SERVICES 1. Subject to the provisions of Articles 16, 18 and 19, salaries, wages and other similar remuneration derived by a resident of a Contracting State in respect of an employment shall be taxable only in that State unless the employment is exercised in the other Contracting State. If the employment is so exercised, such remuneration as is derived therefrom may be taxed in that other State.
2. Notwithstanding the provisions of paragraph 1, remuneration derived by a resident of a Contracting State in respect of an employment exercised in the other Contracting State shall be taxable only in the first-mentioned State if:
a) the recipient is present in the other State for a period or periods not exceeding in the aggregate 183 days in any twelve-month period commencing or ending in the tax year concerned, and
b) the remuneration is paid by, or on behalf of, an employer who is not a resident of the other State, and
c) the remuneration is not borne by a permanent establishment or a fixed base which the employer has in the other State.
3. Notwithstanding the preceding provisions of this Article, remuneration derived in respect of an employment exercised aboard a ship or aircraft operated in international traffic by a resident of a Contracting State, may be taxed in that State.
Acknowledgement of Services and Responsibility of the Manager The Resident acknowledges that neither the Manager nor the Institution stands in loco parentis with respect to the Resident. The Residence provides living accommodations for independent students who are to be responsible and accountable for their personal needs and their interactions with their fellow residents as opposed to residential care. The Manager is responsible for the maintenance and operation of the residence. The Manager, in consultation with the Institution, may from time to time, in its sole and unfettered discretion, establish and/or amend policies, protocols and guidelines to uphold and ensure compliance with the standards set forth by the Manager, all of which will constitute part of the Residence Community Living Standards or Institution Code of Conduct, as appropriate. The Resident hereby acknowledges and agrees that they are solely responsible for their compliance with / review of such policies, protocols and guidelines (as may be created, amended, revised or restated by the Manager) found at xxx.xxxxxxxxxxxxxxxxx.xx.
Responsibilities of Client a. Client shall exclusively retain the services of Consultant to perform the Scope of Work, in accordance with, and subject to, the other provisions of this Agreement.
b. Client shall provide access for Consultant and its subcontractors to the Site, and shall enter into access agreements with other third party property owners, as necessary for Consultant to complete the performance of the Scope of Work.
c. Client shall, as necessary to complete the Scope of Work: (i) cooperate and assist Consultant with the preparation and submittal, to PADEP, PAUSTIF, local governing authorities and others, of all information and documents including, without limitation, correspondence, notices, reports, data submittals, restrictive covenants, engineering and institutional controls, and the like; and (ii) implement and maintain any engineering or institutional controls.
d. Client shall transmit to Consultant copies of all documentation, correspondence, reports, and the like, sent or received by Client, regarding the Scope of Work at the Site.
e. Client shall make a good faith effort to minimize any and all interference with the progress of the Scope of Work if the Site is remodeled or otherwise modified. Client shall also make a good faith effort to place this condition on third parties that are not a party to this Agreement including, but not limited to, current owners, future owners, current operators, future operators, current lessees and future lessees.
Anti-Money Laundering and Identity Theft Prevention Related Duties Subject to the terms and conditions set forth herein, the Trust hereby delegates to the Transfer Agent the Delegated Anti-Money Laundering Duties and, where applicable, the Delegated Identity Theft Prevention Duties that are set forth in the Trust’s Anti-Money Laundering (“AML”) Program and Identity Theft Prevention Program (“IDTPP”) as described below. The Transfer Agent agrees to perform the Delegated Anti-Money Laundering Duties and the Delegated Identity Theft Prevention Duties, with respect to ownership of shares in the Fund for which the Transfer Agent maintains the applicable information subject to and in accordance with the terms and conditions of the Contract.
Contractor Responsibility for System Agency’s Termination Costs If the System Agency terminates the Contract for cause, the Contractor shall be responsible to the System Agency for all costs incurred by the System Agency and the State of Texas to replace the Contractor. These costs include, but are not limited to, the costs of procuring a substitute vendor and the cost of any claim or litigation attributable to Contractor’s failure to perform any Work in accordance with the terms of the Contract.
