Data Protection and Privacy:
Protected Health Information Party shall maintain the privacy and security of all individually identifiable health information acquired by or provided to it as a part of the performance of this Agreement. Party shall follow federal and state law relating to privacy and security of individually identifiable health information as applicable, including the Health Insurance Portability and Accountability Act (HIPAA) and its federal regulations.
Third-Party Information; Privacy or Data Protection Laws Each Party acknowledges that it and its respective Subsidiaries may presently have and, after the Effective Time, may gain access to or possession of confidential or proprietary Information of, or personal Information relating to, Third Parties: (i) that was received under confidentiality or non-disclosure agreements entered into between such Third Parties, on the one hand, and the other Party or the other Party’s Subsidiaries, on the other hand, prior to the Effective Time or (ii) that, as between the two parties, was originally collected by the other Party or the other Party’s Subsidiaries and that may be subject to and protected by privacy, data protection or other applicable Laws. Each Party agrees that it shall hold, protect and use, and shall cause its Subsidiaries and its and their respective Representatives to hold, protect and use, in strict confidence the confidential and proprietary Information of, or personal Information relating to, Third Parties in accordance with privacy, data protection or other applicable Laws and the terms of any agreements that were either entered into before the Effective Time or affirmative commitments or representations that were made before the Effective Time by, between or among the other Party or the other Party’s Subsidiaries, on the one hand, and such Third Parties, on the other hand.
Employee Data Privacy Pursuant to applicable personal data protection laws, the Company hereby notifies you of the following in relation to your personal data and the collection, use, processing and transfer (collectively, the “Use”) of such data in relation to the Company’s grant of the RSUs and your participation in the Plan. The Use of your personal data is necessary for the Company’s administration of the Plan and your participation in the Plan. Your denial and/or objection to the Use of personal data may affect your participation in the Plan. As such, you voluntarily acknowledge, consent and agree (where required by applicable law) to the Use of personal data as described in this Paragraph 8. The Company and the Employer hold certain personal information about you, which may include your name, home address and telephone number, date of birth, social security number or other employee identification number, salary, nationality, job title, any Shares held by you, details of all RSUs or any other entitlement to Shares awarded in your favor, for the purpose of managing and administering the Plan (“Data”). The Data may be provided by you or collected, where lawful, from the Company, Affiliates or third parties, and the Company or Employer will process the Data for the exclusive purpose of implementing, administering and managing your participation in the Plan. The data processing will take place through electronic and non-electronic means according to logics and procedures strictly correlated to the purposes for which Data are collected and with confidentiality and security provisions as set forth by applicable laws and regulations in your country of residence (and country of employment, if different). Data processing operations will be performed minimizing the use of personal and identification data when such data are unnecessary for the processing purposes sought. Data will be accessible within the Company’s organization only by those persons requiring access for purposes of the implementation, administration and operation of the Plan and for your participation in the Plan. The Company and the Employer will transfer Data amongst themselves as necessary for the purpose of implementation, administration and management of your participation in the Plan, and the Company and the Employer may each further transfer Data to any third parties assisting the Company in the implementation, administration and management of the Plan. These recipients may be located in the European Economic Area, or elsewhere throughout the world, such as the United States. You hereby authorize them to receive, possess, use, retain and transfer the Data, in electronic or other form, for purposes of implementing, administering and managing your participation in the Plan, including any requisite transfer of such Data as may be required for the administration of the Plan and/or the subsequent holding of Shares on your behalf to a broker or other third party with whom you may elect to deposit any Shares acquired pursuant to the Plan. You may, at any time, exercise your rights provided under applicable personal data protection laws, which may include the right to (a) obtain confirmation as to the existence of the Data, (b) verify the content, origin and accuracy of the Data, (c) request the integration, update, amendment, deletion, or blockage (for breach of applicable laws) of the Data, and (d) oppose, for legal reasons, the Use of the Data that is not necessary or required for the implementation, administration and/or operation of the Plan and your participation in the Plan. You may seek to exercise these rights by contacting your Employer’s human resources manager or Invesco, Ltd., Manager, Executive Compensation, 0000 Xxxxxxxxx Xxxxxx, XX, Xxxxxxx, Xxxxxxx 00000.
CONFIDENTIALITY AND PRIVACY POLICIES AND LAWS The Contractor shall comply to the extent applicable with all State and Authorized User policies regarding compliance with various confidentiality and privacy laws, rules and regulations, including but not limited to the IRS Publication 1075, Family Educational Rights and Privacy Act (FERPA), the Health Insurance and Portability Act of 1996 (HIPAA) and the Health Information Technology for Economic and Clinical Health Act (HITECH). Contractor shall cooperate in executing a written confidentiality agreement under FERPA and/or a Business Associate Agreement (HIPAA/HITECH) or other contractual provisions upon request by the State or any Authorized User.
Privacy Policies Each party will make available a Privacy Policy that complies with Law. Xxxxxx’s Privacy Policy explains how and for what purposes Stripe collects, uses, retains, discloses and safeguards the Personal Data you provide to Stripe.
ACCESS TO PROTECTED HEALTH INFORMATION 7.1 To the extent Covered Entity determines that Protected Health Information is maintained by Business Associate or its agents or Subcontractors in a Designated Record Set, Business Associate shall, within two (2) business days after receipt of a request from Covered Entity, make the Protected Health Information specified by Covered Entity available to the Individual(s) identified by Covered Entity as being entitled to access and shall provide such Individuals(s) or other person(s) designated by Covered Entity with a copy the specified Protected Health Information, in order for Covered Entity to meet the requirements of 45 C.F.R. § 164.524.
7.2 If any Individual requests access to Protected Health Information directly from Business Associate or its agents or Subcontractors, Business Associate shall notify Covered Entity in writing within two (2) days of the receipt of the request. Whether access shall be provided or denied shall be determined by Covered Entity.
7.3 To the extent that Business Associate maintains Protected Health Information that is subject to access as set forth above in one or more Designated Record Sets electronically and if the Individual requests an electronic copy of such information, Business Associate shall provide the Individual with access to the Protected Health Information in the electronic form and format requested by the Individual, if it is readily producible in such form and format; or, if not, in a readable electronic form and format as agreed to by Covered Entity and the Individual.
Data Security and Privacy Plan As more fully described herein, throughout the term of the Subscription Agreement, Vendor will have a Data Security and Privacy Plan in place to protect the confidentiality, privacy and security of the Protected Data it receives from the District. Vendor’s Plan for protecting the District’s Protected Data includes, but is not limited to, its agreement to comply with the terms of the District’s Bill of Rights for Data Security and Privacy, a copy of which is set forth below and has been signed by the Vendor. Additional components of Vendor’s Data Security and Privacy Plan for protection of the District’s Protected Data throughout the term of the Subscription Agreement are as follows:
(a) Vendor will implement all state, federal, and local data security and privacy requirements including those contained within the Subscription Agreement and this Data Sharing and Confidentiality Agreement, consistent with the District’s data security and privacy policy.
(b) Vendor will have specific administrative, operational and technical safeguards and practices in place to protect Protected Data that it receives from the District under the Subscription Agreement.
(c) Vendor will comply with all obligations contained within the section set forth in this Exhibit below entitled “Supplemental Information about a Subscription Agreement between [Xxxxx-Fultonville Central School District] and [Vendor Name].” Vendor’s obligations described within this section include, but are not limited to:
(i) its obligation to require subcontractors or other authorized persons or entities to whom it may disclose Protected Data (if any) to execute written agreements acknowledging that the data protection obligations imposed on Vendor by state and federal law and the Subscription Agreement shall apply to the subcontractor, and
(ii) its obligation to follow certain procedures for the return, transition, deletion and/or destruction of Protected Data upon termination, expiration or assignment (to the extent authorized) of the Subscription Agreement.
(d) Vendor has provided or will provide training on the federal and state laws governing confidentiality of Protected Data for any of its officers or employees (or officers or employees of any of its subcontractors or assignees) who will have access to Protected Data, prior to their receiving access.
(e) Vendor will manage data security and privacy incidents that implicate Protected Data and will develop and implement plans to identify breaches and unauthorized disclosures. Vendor will provide prompt notification to the District of any breaches or unauthorized disclosures of Protected Data in accordance with the provisions of Section 5 of this Data Sharing and Confidentiality Agreement.
Whistleblower Protections and Trade Secrets Notwithstanding anything to the contrary contained herein, nothing in this Agreement prohibits Executive from reporting possible violations of federal law or regulation to any United States governmental agency or entity in accordance with the provisions of and rules promulgated under Section 21F of the Securities Exchange Act of 1934 or Section 806 of the Xxxxxxxx-Xxxxx Act of 2002, or any other whistleblower protection provisions of state or federal law or regulation (including the right to receive an award for information provided to any such government agencies). Furthermore, in accordance with 18 U.S.C. § 1833, notwithstanding anything to the contrary in this Agreement: (i) Executive shall not be in breach of this Agreement, and shall not be held criminally or civilly liable under any federal or state trade secret law (x) for the disclosure of a trade secret that is made in confidence to a federal, state, or local government official or to an attorney solely for the purpose of reporting or investigating a suspected violation of law, or (y) for the disclosure of a trade secret that is made in a complaint or other document filed in a lawsuit or other proceeding, if such filing is made under seal; and (ii) if Executive files a lawsuit for retaliation by the Company for reporting a suspected violation of law, Executive may disclose the trade secret to Executive’s attorney, and may use the trade secret information in the court proceeding, if Executive files any document containing the trade secret under seal, and does not disclose the trade secret, except pursuant to court order.
Access to Information Systems Access, if any, to DXC’s Information Systems is granted solely to perform the Services under this Order, and is limited to those specific DXC Information Systems, time periods and personnel as are separately agreed to by DXC and Supplier from time to time. DXC may require Supplier’s employees, subcontractors or agents to sign individual agreements prior to access to DXC’s Information Systems. Use of DXC Information Systems during other time periods or by individuals not authorized by DXC is expressly prohibited. Access is subject to DXC business control and information protection policies, standards and guidelines as may be modified from time to time. Use of any other DXC Information Systems is expressly prohibited. This prohibition applies even when an DXC Information System that Supplier is authorized to access, serves as a gateway to other Information Systems outside Supplier’s scope of authorization. Supplier agrees to access Information Systems only from specific locations approved for access by DXC. For access outside of DXC premises, DXC will designate the specific network connections to be used to access Information Systems.
Certification Regarding Lobbying Applicable to Grants Subgrants, Cooperative Agreements, and Contracts Exceeding $100,000 in Federal Funds Submission of this certification is a prerequisite for making or entering into this transaction and is imposed by section 1352, Title 31, U.S. Code. This certification is a material representation of fact upon which reliance was placed when this transaction was made or entered into. Any person who fails to file the required certification shall be subject to a civil penalty of not less than $10,000 and not more than $100,000 for each such failure. The undersigned certifies, to the best of his or her knowledge and belief, that: (1) No Federal appropriated funds have been paid or will be paid by or on behalf of the undersigned, to any person for influencing or attempting to influence an officer or employee of any agency, a Member of Congress, an officer or employee of congress, or an employee of a Member of Congress in connection with the awarding of a Federal contract, the making of a Federal grant, the making of a Federal loan, the entering into a cooperative agreement, and the extension, continuation, renewal, amendment, or modification of a Federal contract, grant, loan, or cooperative agreement.
