Freedom of Information and Protection of Privacy Act Any information provided on this contract may be subject to release under the Freedom of Information and Protection of Privacy Act. The Contractor may be consulted prior to release of any information.
Applicability of Data Privacy Protections In the event that Personal Information will be Processed by Supplier in connection with the performance under this Agreement (including any SOW), then and only then shall the provisions of this Section ‘Data Protection and Privacy’ be applicable. For the avoidance of doubt, the data security requirements contained in section ‘Information Security’ shall apply regardless of whether Personal Information is Processed under this Agreement or any SOW. All Personal Information obtained from or on behalf of DXC or in connection with performance pursuant to this Agreement shall be Processed and protected pursuant to this Section ‘Data Protection and Privacy’, the Section ‘Information Security’ and any other Sections of this Agreement that address Personal Information.
Transparency and Freedom of Information 15.1 The Contractor acknowledges that the Authority is subject to the requirements of FOISA and the Environmental Information Regulations. The Contractor shall: (a) provide all necessary assistance and cooperation as the Authority may reasonably request to enable the Authority to comply with its obligations under FOISA and Environmental Information Regulations; (b) transfer to the Authority all Requests for Information relating to this Agreement that the Contractor receives as soon as practicable and in any event within 2 Working Days of receipt; (c) provide the Authority with a copy of all information held on behalf of the Authority which is requested in a Request For Information and which is in the Contractor’s possession or control. The information must be provided within 5 Working Days (or such other period as the Authority may reasonably specify) in the form that the Authority requires. (d) not respond directly to a Request For Information addressed to the Authority unless authorised in writing to do so by the Authority. 15.2 If the Request for Information appears to be directed to information held by the Authority, the Contractor must promptly inform the applicant in writing that the Request for Information can be directed to the Authority. 15.3 If the Authority receives a Request for Information concerning the Framework Agreement, the Authority is responsible for determining at its absolute discretion whether the information requested is to be disclosed to the applicant or whether the information requested is exempt from disclosure in accordance with FOISA or the Environmental Information Regulations. 15.4 The Contractor acknowledges that the Authority may, acting in accordance with the Authority’s Code of Practice on the Discharge of Functions of Public Authorities issued under section 60(5) of FOISA (as may be issued and revised from time to time), be obliged under FOISA or the Environmental Information Regulations to disclose information requested concerning the Contractor or the Framework Agreement: 15.4.1 in certain circumstances without consulting the Contractor, or 15.4.2 following consultation with the Contractor and having taken its views into account.
Data Protection Act 7.1 With respect to the parties' rights and obligations under this Contract, the parties agree that the Department is the Data Controller and that the Contractor is the Data Processor. 7.2 The Contractor shall: 7.2.1 Process the Personal Data only in accordance with instructions from the Department (which may be specific instructions or instructions of a general nature as set out in this Contract or as otherwise notified by the Department to the Contractor during the Term); 7.2.2 Process the Personal Data only to the extent, and in such manner, as is necessary for the provision of the Services or as is required by Law or any Regulatory Body; 7.2.3 The Contractor shall employ appropriate organisational, operational and technological processes and procedures to keep the Personal Data safe from unauthorised use or access, loss, destruction, theft or disclosure. The organisational, operational and technological processes and procedures adopted are required to comply with the requirements of ISO/IEC 27001 as appropriate to the services being provided to the Department; 7.2.4 Take reasonable steps to ensure the reliability of any Contractor Personnel who have access to the Personal Data; 7.2.5 Obtain prior written consent from the Department in order to transfer the Personal Data to any Sub-contractors or Affiliates for the provision of the Services; 7.2.6 Ensure that all Contractor Personnel required to access the Personal Data are informed of the confidential nature of the Personal Data and comply with the obligations set out in this clause 7; 7.2.7 Ensure that none of Contractor Personnel publish, disclose or divulge any of the Personal Data to any third party unless directed in writing to do so by the Department; 7.2.8 Notify the Department within five Working Days if it receives: a request from a Data Subject to have access to that person's Personal Data; or a complaint or request relating to the Department's obligations under the Data Protection Legislation; 7.2.9 Provide the Department with full cooperation and assistance in relation to any complaint or request made, including by: - providing the Department with full details of the complaint or request; - complying with a data access request within the relevant timescales set out in the Data Protection Legislation and in accordance with the Department's instructions; - providing the Department with any Personal Data it holds in relation to a Data Subject (within the timescales required by the Department); and - providing the Department with any information requested by the Department; 7.2.10 Permit the Department or the Department’s Representative (subject to reasonable and appropriate confidentiality undertakings), to inspect and audit the Contractor's data Processing activities (and/or those of its agents, subsidiaries and Sub-contractors) and comply with all reasonable requests or directions by the Department to enable the Department to verify and/or procure that the Contractor is in full compliance with its obligations under this Contract; 7.2.11 Provide a written description of the technical and organisational methods employed by the Contractor for processing Personal Data (within the timescales required by the Department) to be used solely for the purposes of this contract and provided that to do so would not be in breach of the Intellectual Property Rights (including Copyright) of a third party; and 7.2.12 Not process Personal Data outside the European Economic Area without the prior written consent of the Department and, where the Department consents to a transfer, to comply with: - the obligations of a Data Controller under the Eighth Data Protection Principle set out in Schedule 1 of the Data Protection Act 1998 by providing -an adequate level of protection to any Personal Data that is transferred; and - any reasonable instructions notified to it by the Department. 7.3 The Contractor shall comply at all times with the Data Protection Legislation and shall not perform its obligations under this Contract in such a way as to cause the Department to breach any of its applicable obligations under the Data Protection Legislation.
COMPLIANCE WITH NEW YORK STATE INFORMATION SECURITY BREACH AND NOTIFICATION ACT Contractor shall comply with the provisions of the New York State Information Security Breach and Notification Act (General Business Law Section 899-aa; State Technology Law Section 208).
Freedom of Information and Transparency 20.1 The Recipient acknowledges that the Commissioner is subject to the provisions of the FOIA and agrees to assist and co-operate with the Commissioner (at the Recipient’s expense) where necessary to enable the Commissioner to comply with any requests received under the FOIA relating to this Agreement. This includes, but is not limited to, transferring to the Commissioner any request received by the Recipient under the FOIA relating to this Agreement as soon as practicable following receipt and in any event within three working days of receipt. 20.2 In no event shall the Recipient respond to a request under the FOIA relating to this Agreement without obtaining the prior written consent of the Commissioner. 20.3 The Recipient acknowledges that the Commissioner may be obliged to disclose information under the FOIA: 20.3.1 Without consulting the Recipient; or 20.3.2 Following consultation with the Recipient and having taken into account its views. Provided that where clause 20.3.1 applies the Commissioner shall, in accordance with the recommendations of the Secretary of State for Constitutional Affairs’ Code of Practice on the discharge of a public authorities’ functions under Part 1 of FOIA, take reasonable steps, to give the Recipient advanced notice or to draw the disclosure to the Recipient’s attention after any such disclosure. 20.4 The Recipient shall ensure it retains for disclosure all information (as defined in the FOIA) produced in the course of this Agreement or relating to this Agreement and shall allow the Commissioner to inspect such records from time to time upon request. 20.5 The Recipient acknowledges that the Commissioner is subject to certain transparency and disclosure obligations set out in the Elected Local Policing Bodies Specified Information Order 2011 (as amended) (“Transparency Obligations”) 20.6 The Recipient consents to the Commissioner publishing the contents of this Agreement and information regarding any tender process related to the Purpose of the Agreement to enable the Commissioner to comply with their Transparency Obligations. 20.7 The Recipient acknowledges that: 20.7.1 The Commissioner shall be responsible for determining, at their absolute discretion, whether any information is exempt from disclosure or should be disclosed pursuant to the FOIA and/or the Transparency Obligations and to what extent any information disclosed shall be redacted; and 20.7.2 Any lists or schedules provided by the Recipient outlining confidential information are of an indicative value only and that the Commissioner may be obliged to disclose confidential information in accordance with Clause 20.3 and/or Clause 20.5.
Data Protection and Privacy: Protected Health Information Party shall maintain the privacy and security of all individually identifiable health information acquired by or provided to it as a part of the performance of this Agreement. Party shall follow federal and state law relating to privacy and security of individually identifiable health information as applicable, including the Health Insurance Portability and Accountability Act (HIPAA) and its federal regulations.
Data Protection All personal data contained in the agreement shall be processed in accordance with Regulation (EC) No 45/2001 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data by the EU institutions and bodies and on the free movement of such data. Such data shall be processed solely in connection with the implementation and follow-up of the agreement by the sending institution, the National Agency and the European Commission, without prejudice to the possibility of passing the data to the bodies responsible for inspection and audit in accordance with EU legislation (Court of Auditors or European Antifraud Office (XXXX)). The participant may, on written request, gain access to his personal data and correct any information that is inaccurate or incomplete. He/she should address any questions regarding the processing of his/her personal data to the sending institution and/or the National Agency. The participant may lodge a complaint against the processing of his personal data with the [national supervising body for data protection] with regard to the use of these data by the sending institution, the National Agency, or to the European Data Protection Supervisor with regard to the use of the data by the European Commission.
Freedom of Information Act Provider acknowledges that this Agreement and all documents submitted to the Board related to this contract are a matter of public record and are subject to the Illinois Freedom of Information Act (5 ILCS 140/1) and any other comparable state and federal laws and that this Agreement is subject to reporting requirements under 105 ILCS 5/10-20.44. Provider further acknowledges that this Agreement shall be posted on the Board’s website at xxx.xxx.xxx.
Whistleblower Protections and Trade Secrets Notwithstanding anything to the contrary contained herein, nothing in this Agreement prohibits Executive from reporting possible violations of federal law or regulation to any United States governmental agency or entity in accordance with the provisions of and rules promulgated under Section 21F of the Securities Exchange Act of 1934 or Section 806 of the Xxxxxxxx-Xxxxx Act of 2002, or any other whistleblower protection provisions of state or federal law or regulation (including the right to receive an award for information provided to any such government agencies). Furthermore, in accordance with 18 U.S.C. § 1833, notwithstanding anything to the contrary in this Agreement: (i) Executive shall not be in breach of this Agreement, and shall not be held criminally or civilly liable under any federal or state trade secret law (x) for the disclosure of a trade secret that is made in confidence to a federal, state, or local government official or to an attorney solely for the purpose of reporting or investigating a suspected violation of law, or (y) for the disclosure of a trade secret that is made in a complaint or other document filed in a lawsuit or other proceeding, if such filing is made under seal; and (ii) if Executive files a lawsuit for retaliation by the Company for reporting a suspected violation of law, Executive may disclose the trade secret to Executive’s attorney, and may use the trade secret information in the court proceeding, if Executive files any document containing the trade secret under seal, and does not disclose the trade secret, except pursuant to court order.
