Common use of Confidentiality Data Protection and Freedom of Information Clause in Contracts

Confidentiality Data Protection and Freedom of Information. The Parties agree to adhere to the principles of medical confidentiality in relation to Participants and shall comply with the requirements of the common law of confidentiality, the Data Protection Xxx 0000 and the NHS Confidentiality Code of Practice. Personal data shall not be disclosed to the University by the Trust, save where this is required directly or indirectly to satisfy the requirements of the Protocol, or for the purpose of monitoring or reporting adverse events. Neither Party shall disclose the identity of Participants to third parties without the prior written consent of the Participant except in accordance with the Data Protection Xxx 0000 or the NHS Confidentiality Code of Practice. If either Party receives a request under the Freedom of Information Xxx 0000 (FOIA) to disclose any information that belongs to the other Party it shall notify and consult that Party within five working days of receiving the request. The Parties acknowledge and agree that the decision on whether any exemption applies to a request for disclosure of recorded information under FOIA is a decision solely for the Party responding to the request. Where the Party responding to an FOIA request determines that it will disclose information it will notify the other Party in writing, giving at least two working days notice of its intended disclosure. Each Party agrees: To ensure that any of its employees, students, consultants, sub-contractors or agents who participate in the operation of the Study are made aware of, and abide by, the requirements of Clause 7; To use the Confidential Information solely in connection with the operation of the Agreement and not otherwise; Not to disclose the Confidential Information in whole or in part to any person without the other Party’s written consent; The provision of clause 7.7.3 shall not apply to the whole or any part of the Confidential Information that is: Lawfully obtained free of any duty of confidentiality; Already in the possession of the Party receiving such information and which they can show from written records (other than as a result of a breach of Clause 7.7); In the public domain (other than as a result of a breach of Clause 7.7); Necessarily disclosed pursuant to a statutory obligation; Disclosed with prior written consent of the other Party. The restrictions contained in clause 7 shall continue to apply after the termination of this Agreement for 10 years.

Confidentiality Data Protection and Freedom of Information. The Parties agree 19.1 Both parties and any other person acting on their behalf, shall keep confidential any and all information obtained whether under this Agreement or otherwise and shall not divulge the same to adhere any third party and neither dispose of nor part with possession of any confidential material provided by one party to the principles other pursuant to this Agreement without the express permission of medical confidentiality the other party. This clause shall apply notwithstanding termination or expiry of the Agreement but shall not apply to: 19.1.1 any information in relation the public domain otherwise than by breach of this Agreement; or 19.1.2 any information in the possession of the receiving party other than disclosure by the Provider contrary to Participants this Agreement; or 19.1.3 any information obtained from a third party who is free to divulge the same; or 19.1.4 any information required to be disclosed by law. 19.2 The parties shall only divulge confidential information relating to the provision of the Services or any part thereof under this Agreement to those members of staff who are directly involved in the same and shall use their best endeavours to ensure that such persons are aware of or comply with these obligations as to confidentiality. 19.3 Each party agrees that in performance of its respective obligations under this Agreement it shall comply with the requirements provisions of the common law of confidentiality, the Data Protection Xxx 0000 Act 1998 (“the 1998 Act”) to the extent that it applies to each of them. Where used in this clause the expressions “process” and “personal data” shall bear their respective meanings given in the NHS Confidentiality Code 1998 Act. 19.4 The parties agree that they shall not process any personal data provided or made available in connection with this Agreement for any purpose other than that which is strictly necessary for the performance of Practiceany obligation hereunder. The Parties expressly agree that personal data may be disclosed without consent if either party is required to do so by law or any authority or competent jurisdiction. 19.5 Personal data shall not be disclosed to the University treated as confidential information by the Trustparties who shall each take such appropriate operational, save where this is required directly technical and organisational security measures and not disclose it or indirectly allow access to satisfy such personal data other than to persons engaged in the requirements performance of the Protocol, Agreement or for the purpose of monitoring or reporting adverse events. Neither Party shall disclose the identity of Participants to third parties without the prior written consent of the Participant except in accordance with as otherwise permitted by the Data Protection Xxx 0000 Act 1998. 19.6 Each party warrants to the other that it holds and has complied with the notification provisions of the 1998 Act (or that it is deemed to have so complied by virtue of paragraph 2 of Schedule 14 to the NHS Confidentiality Code 1998 Act) in respect of Practice. If either Party receives a request its obligations under this Agreement and that performance of its obligations hereunder shall not breach or contravene such notification. 19.7 The Provider shall assist the Authority in meeting any requests for information in relation to this Agreement that are made to the Authority under the Freedom of Information Xxx 0000 Act 2000 (FOIAthe “2000 Act”). The Authority may from time to time serve upon the Provider an information notice requiring the Provider within such reasonable time (having regard to the total time which the Authority has to respond to the information notice) and in such form as is reasonably specified in the information notice, to furnish to the Authority such information as the Authority may reasonably require relating to such requests for information made to the Authority. 19.8 The Provider acknowledges that in responding to requests for information described in this clause 19 the Authority shall be entitled to provide information relating to this Agreement to third parties. The Provider hereby further expressly agrees that the Authority may disclose any information that belongs relating to this Agreement without consent if required to do so by law or any authority of competent jurisdiction. 19.9 Without prejudice to the other Party it shall notify and consult that Party within five working days generality of receiving the request. The Parties acknowledge and agree that the decision on whether any exemption applies to a request for disclosure of recorded information under FOIA is a decision solely clause 20 for the Party responding to the request. Where the Party responding to an FOIA request determines avoidance of doubt it is hereby specifically provided that it will disclose information it will notify each party shall fully, promptly and effectively indemnify and keep so indemnified the other Party in writingfrom and against all and any reasonably foreseeable actions, giving at least two working days notice of its intended disclosure. Each Party agrees: To ensure that any of its employeescharges, studentsclaims, consultantsreasonable costs, sub-contractors or agents who participate in damages, demands, reasonable expenses (including legal and administrative expenses), liabilities, losses and proceedings whatsoever arising from the operation breach by the indemnifying party of the Study are made aware of, and abide by, the requirements of Clause 7; To use the Confidential Information solely in connection with the operation of the Agreement and not otherwise; Not to disclose the Confidential Information in whole or in part to any person without the other Party’s written consent; The provision of clause 7.7.3 shall not apply to the whole or any part of the Confidential Information that is: Lawfully obtained free of any duty of confidentiality; Already in the possession of the Party receiving such information and which they can show from written records (other than as a result of a breach of Clause 7.7); In the public domain (other than as a result of a breach of Clause 7.7); Necessarily disclosed pursuant to a statutory obligation; Disclosed with prior written consent of the other Party. The restrictions contained in clause 7 shall continue to apply after the termination provisions of this Agreement for 10 yearsclause 19.

Confidentiality Data Protection and Freedom of Information. Medical confidentiality The Parties agree to adhere to the principles all applicable statutory requirements and mandatory codes of practice in respect of medical confidentiality in relation to Participants and shall comply with the requirements of the common law of confidentiality, Personal Data (as defined by the Data Protection Xxx 0000 and the NHS Confidentiality Code of Practice. Personal data Act) shall not be disclosed to the University Sponsor by the TrustParticipating Site, save where this is required directly or indirectly to satisfy the requirements of the Protocol, or for the purpose of monitoring or reporting adverse events. Neither Party the Sponsor nor the Participating Site shall disclose the identity of Participants to third parties without the prior written consent of the Participant except in accordance with the Data Protection Xxx 0000 or the NHS Confidentiality Code applicable statutory requirements and codes of Practicepractice. If either Party receives a request under Freedom of Information Parties to this Agreement which are subject to the Freedom of Information Xxx 0000 (FOIA) or the Freedom of Information (Scotland) Xxx 0000 (FOI(S)A) and which receive a request under FOIA or FOI(S)A to disclose any information that belongs to the other another Party it shall notify and consult that Party within five working in accordance with clause 14, as soon as reasonably practicable, and in any event, not later than seven calendar days of after receiving the request. The Parties acknowledge and agree that the decision on whether any exemption applies to a request for disclosure of recorded information under FOIA or FOI(S)A is a decision solely for the Party responding to the request. Where the Party responding to an FOIA or FOI(S)A request determines that it will disclose information it will notify the other Party in writing, giving at least two working days four calendar days’ notice of its intended disclosure. Each Confidential information The Receiving Party agrees to take all reasonable steps to protect the confidentiality of the Confidential Information and to prevent it from being disclosed otherwise than in accordance with this Agreement. Subject to clause 6 below, the Participating Site agrees to treat the Results excluding any Clinical Data of the Study as Confidential Information disclosed by the Sponsor and the Sponsor agrees to treat Personal Data, including any Clinical Data as Confidential Information disclosed by the Participating Site. The Receiving Party agrees: To ensure that any of its employees, students, consultants, consultants or sub-contractors or agents who participate in the operation of the Study are made aware of, and abide by, the requirements requirement of Clause 7; this clause 4.3. To use the Confidential Information solely in connection with the operation of the Agreement and not otherwise; . Not to disclose the Confidential Information in whole or in part to any person without the other Disclosing Party’s written consent; . The provision of clause 7.7.3 4.3 shall not apply to the whole or any part of the Confidential Information that is: Lawfully lawfully obtained by the Receiving Party free of any duty of confidentiality; Already . already in the possession of the Party receiving such information Receiving and which they the Receiving Party can show from written records (other than as a result of a breach of Clause 7.7clause 4.3.1 or 4.3.2); In . in the public domain (other than as a result of a breach of Clause 7.7clause 4.3.1 or 4.3.2); . independently discovered by employees of the Receiving Party without access to or use of Confidential Information. Necessarily disclosed pursuant to a statutory obligation; . Disclosed with prior written consent of the other Disclosing Party. Necessarily disclosed by the Receiving Party by virtue of its status as a public authority in terms of the Freedom of Information Xxx 0000 or the Freedom of Information (Scotland) Xxx 0000. Published in accordance with the provisions of Clause 6. The restrictions contained in clause 7 4.3 shall continue to apply after the termination of this Agreement [for 10 XX years].

Confidentiality Data Protection and Freedom of Information. 9.1 The Parties agree to adhere to the principles of medical confidentiality in relation to Participants shall at all times during and shall comply with the requirements of the common law of confidentiality, the Data Protection Xxx 0000 and the NHS Confidentiality Code of Practice. Personal data shall not be disclosed to the University by the Trust, save where this is required directly or indirectly to satisfy the requirements of the Protocol, or for the purpose of monitoring or reporting adverse events. Neither Party shall disclose the identity of Participants to third parties without the prior written consent of the Participant except in accordance with the Data Protection Xxx 0000 or the NHS Confidentiality Code of Practice. If either Party receives a request under the Freedom of Information Xxx 0000 (FOIA) to disclose any information that belongs to the other Party it shall notify and consult that Party within five working days of receiving the request. The Parties acknowledge and agree that the decision on whether any exemption applies to a request for disclosure of recorded information under FOIA is a decision solely for the Party responding to the request. Where the Party responding to an FOIA request determines that it will disclose information it will notify the other Party in writing, giving at least two working days notice of its intended disclosure. Each Party agrees: To ensure that any of its employees, students, consultants, sub-contractors or agents who participate in the operation of the Study are made aware of, and abide by, the requirements of Clause 7; To use the Confidential Information solely in connection with the operation of the Agreement and not otherwise; Not to disclose the Confidential Information in whole or in part to any person without the other Party’s written consent; The provision of clause 7.7.3 shall not apply to the whole or any part of the Confidential Information that is: Lawfully obtained free of any duty of confidentiality; Already in the possession of the Party receiving such information and which they can show from written records (other than as a result of a breach of Clause 7.7); In the public domain (other than as a result of a breach of Clause 7.7); Necessarily disclosed pursuant to a statutory obligation; Disclosed with prior written consent of the other Party. The restrictions contained in clause 7 shall continue to apply after the termination of this Agreement treat as strictly confidential all information of a confidential nature (whether or not marked as such) received or obtained as a result of entering into or performing this Agreement which relates to the business of the other, provisions or subject matters of this Agreement, to the Product, the Services, to any other party or to the negotiations relating to this Agreement. 9.2 Either Party may disclose information which would otherwise be confidential if and to the extent (a) that it is required to do so by law or any regulatory or governmental body to which it is subject wherever situated provided that it immediately notifies the other of this obligation and provided that wherever possible it does so on a confidential basis; (b) it considers it necessary to disclose the information to its professional advisers, auditors and bankers provided that it does so on a confidential basis; (c) the information has come into the public domain through no fault of that party or members of its group; (d) the information was previously disclosed to it without any obligation of confidence; or (e) the party to whom it relates has given its consent in writing. 9.3 The Customer agrees to ensure that any data supplied to PEP HEALTH can be used in compliance with applicable data protection laws ("Data Protection Laws".) PEP HEALTH agrees to ensure that adequate security measures are taken in respect of personal data (as defined by Data Protection Laws). 9.4 PEP HEALTH acknowledges and understands that the Customer may be under obligations under the Freedom of Information Act 2000 (“FOIA”). If necessary and without prejudice to the specific provisions of this Agreement regarding confidentiality and data protection, PEP HEALTH shall use its reasonable endeavours to co-operate and aid the Customer, at Customer's cost, so as to enable the Customer to meet its obligations under the FOIA or any successive legislation. Where the Customer receives a request for 10 yearsinformation that is held on behalf of the Customer by PEP HEALTH then such cooperation shall include the provision of the requested information to the Customer within a reasonable timescale to enable the Customer to comply with its obligations within the timescales required by the FOIA provided that PEP HEALTH has been given reasonable notice of such request. 9.5 The Customer acknowledges that the value of the Fee is commercially sensitive information and agrees that it shall take all reasonable steps so that it does not have to disclose this and any other commercially sensitive information as a result of any request made pursuant to the FOIA. The Customer further agrees so far as it is lawfully able to do so, to allow PEP HEALTH to review and comment upon any disclosure relating to PEP HEALTH’s provision of Services prior to releasing that disclosure.