Common use of CONFIDENTIALITY OF DATA Clause in Contracts

CONFIDENTIALITY OF DATA. a) All Customer Data made available to the Contractor in order to carry out this Contract, or which become available to the Contractor in carrying out this Contract, shall be protected by the Contractor from unauthorized use and disclosure by use of the same or more effective confidentiality requirements as are applicable to the State. The identification of all such confidential data and information as well as the State's confidentiality requirements for protection of such data and information from unauthorized use and disclosure shall be provided by the State in writing to the Contractor. If the methods and procedures employed by the Contractor for the protection of the Contractor's data and information are deemed by the State to be adequate for the protection of the State's confidential information, such methods and procedures may be used, with the written consent of the State, to carry out the intent of this paragraph. Any additional requirements to ensure confidentiality of data shall be set forth in the SOW. The Contractor shall not be required under the provisions of this paragraph to keep confidential any data or information which is or becomes publicly available, is already rightfully in the Contractor's possession without obligation of confidentiality, is independently developed by the Contractor outside the scope of this Contract, or is rightfully obtained from third parties. Contractor shall sign a security and confidentiality statement. Contractor is responsible for all Contractor personnel assigned to this Contract and will have appropriate agreements in place to enable Contractor to meet its obligations hereunder. b) The parties acknowledge information transmitted by the State to the Contractor and/or Service Provider may inadvertently contain Federal Tax Information (FTI). The State will use all reasonable efforts to prevent the transmittal of FTI to Contractor and/or Service Provider under this Contract. The State further acknowledges that the Contractor and/or Service Provider does not require any “access” to, or “receipt” or “storage” of FTI to perform the Services under the Contract. The Contractor and/or Service Provider further acknowledges that Contractor and/or Service Provider shall not knowingly access or permit access to such FTI, unless directed by the State. Access to FTI is out-of-scope of the Services. To the extent that Contractor’s and/or Service Provider’s access to FTI is “incidental” to Contractor’s provision of Services, it is the parties’ view that such incidental exposure should not legally subject Contractor and/or Service Provider to the Internal Revenue Service (IRS) requirements set forth in IRS Publication 1075, section 11.

CONFIDENTIALITY OF DATA. a) All Customer Data made available to the Contractor in order to carry out this Contract, or which become available to the Contractor in carrying out this Contract, shall be protected by the Contractor from unauthorized use and disclosure by use of the same or more effective confidentiality requirements as are applicable to the State. The identification of all such confidential data and information as well as the State's confidentiality requirements for protection of such data and information from unauthorized use and disclosure shall be provided by the State in writing to the Contractor. If the methods and procedures employed by the Contractor for the protection of the Contractor's data and information are deemed by the State to be adequate for the protection of the State's confidential information, such methods and procedures may be used, with the written consent of the State, to carry out the intent of this paragraph. Any additional requirements to ensure confidentiality of data shall be set forth in the SOW. The Contractor shall not be required under the provisions of this paragraph to keep confidential any data or information which is or becomes publicly available, is already rightfully in the Contractor's possession without obligation of confidentiality, is independently developed by the Contractor outside the scope of this Contract, or is rightfully obtained from third parties. Contractor shall sign a security and confidentiality statement. Contractor is responsible for all Contractor personnel assigned to this Contract and will have appropriate agreements in place to enable Contractor to meet its obligations hereunder. b) The parties acknowledge information transmitted by the State to the Contractor and/or Service Provider may inadvertently contain Federal Tax Information (FTI). The State will use all reasonable efforts to prevent the transmittal of FTI to Contractor and/or Service Provider under this Contract. The State further acknowledges that the Contractor and/or Service Provider does not require any “access” to, or “receipt” or “storage” of FTI to perform the Services under the Contract. The Contractor and/or Service Provider further acknowledges that Contractor and/or Service Provider shall not knowingly access or permit access to such FTI, unless directed by the State. Access to FTI is out-of-scope of the Services. To the extent that Contractor’s and/or Service Provider’s access to FTI is “incidental” to Contractor’s provision of Services, it is the parties’ view that such incidental exposure should not legally subject Contractor and/or Service Provider to the Internal Revenue Service (IRS) requirements set forth in IRS Publication 1075, section 11.the

CONFIDENTIALITY OF DATA. a) All Customer Data financial, statistical, personal, technical and other data and information relating to the VIHFA’s operation, or gathered pursuant to the Scope of Work to be performed, which are designated confidential by the VIHFA or in the regular course of busine,ss and made available to the Contractor in order to carry out this the Contract, or which become available to the Contractor in carrying out this the Contract, shall be protected by the Contractor from unauthorized use and disclosure by use through the observance of the same or more effective confidentiality procedural requirements as are applicable to the StateVIHFA. The identification of all such confidential data and information as well as the StateVIHFA's confidentiality requirements procedural requiremen ts for protection of such data and information from unauthorized use and disclosure shall be provided by the State VIHFA in writing to the Contractor. If the methods and procedures employed by the Contractor for the protection of the Contractor's ’s data and information are deemed by the State VIHFA to be adequate for the protection of the StateVIHFA's confidential information, such methods and procedures may be used, with the written consent of the StateVIHFA, to carry out the intent of this paragraph. Any additional requirements to ensure confidentiality of data shall be set forth in the SOW. The Contractor shall not be required under the provisions of this paragraph to keep confidential any data or information which is or becomes publicly available, is already rightfully in the Contractor's possession without obligation of confidentiality’s possession, is independently developed by the Contractor outside the scope of this Contract, is obtained from other public agencies, or is rightfully obtained from third parties. All of the reports, information, and data prepared or assembled by Contractor under this Contract are confidential and Contractor agrees that they shall not be made available to any individual or organization without the prior written approval of the VIHFA. This does not extend to information that was obtained from the public domain such as public agencies or sources of information available to the public. i. Contractor must implement procedures to ensure the protection and confidentiality of all data, files, and records involved with this Contract. ii. Except as necessary to fulfill the terms of this Contract and with the permission of VIHFA, Contractor shall sign a not divulge to third parties any confidential information obtained by Contractor or its agents, distributors, resellers, subcontractor, officers, or employees in the Contractor’s Initials: VIHFA Initials: course of performing contract work, including, but not limited to, security and confidentiality statementprocedures, business operations information, or commercial proprietary information in the possession of the Territory or VIHFA. iii. No member, officer, or employee of Contractor, or agents, Subcontractor, member of the governing body of Contractor or the locality in which the program is responsible for all Contractor personnel assigned situated, or other public official who exercises or has exercised any functions or responsibilities with respect to this Contract during his or her tenure agrees not to use or disclose any information concerning a re cipient of services under this Contract for any purpose not in conformity with state and will have appropriate agreements in place to enable Contractor to meet its obligations hereunderFederal law or regulations except upon written consent of the recipient, or his responsible parent or guardian when authorized by law, if applicable. biv. Contractor shall notify VIHFA in writing of any disclosure of unsecured confidential information of VIHFA by Contractor, its employees, agents or representatives which is not in compliance with the terms of the Contract (of which it becomes aware). Contractor also shall report to VIHFA any Security Incidents of which it becomes aware, including those incidents reported to Contractor by its sub-construction Managers or agents. For purposes of this Contract, “Security Incident” means the attempted or successful unauthorized access, use, disclosure, modification, or destruction of VIHFA’s or applicant’s information in Contractor possession or electronic interference with VIHFA operations; however, random attempts at access shall not be considered a security incident. Contractor shall make a report to VIHFA not more than seven (7) The parties acknowledge information transmitted by the State business days after Contractor learns of such use or disclosure. Contractor’s report shall identify, to the Contractor and/or Service Provider may inadvertently contain Federal Tax Information extent known: (FTI). The State will use all reasonable efforts to prevent i) the transmittal of FTI to Contractor and/or Service Provider under this Contract. The State further acknowledges that the Contractor and/or Service Provider does not require any “access” to, or “receipt” or “storage” of FTI to perform the Services under the Contract. The Contractor and/or Service Provider further acknowledges that Contractor and/or Service Provider shall not knowingly access or permit access to such FTI, unless directed by the State. Access to FTI is out-of-scope nature of the Services. To unauthorized use or disclosure, (ii) the extent that Contractor’s and/or Service Provider’s access to FTI is “incidental” to Contractor’s provision of Services, it is the parties’ view that such incidental exposure should not legally subject Contractor and/or Service Provider to the Internal Revenue Service (IRS) requirements set forth in IRS Publication 1075, section 11.confidential information used or disclosed,

CONFIDENTIALITY OF DATA. a) All Customer Data financial, statistical, personal, technical and other data and information relating to the State's operation which are designated confidential by the State and made available to the Contractor in order to carry out this Contract, or which become available to the Contractor in carrying out this Contract, shall be protected by the Contractor from unauthorized use and disclosure by use through the observance of the same or more effective confidentiality procedural requirements as are applicable to the State, but in no event less than reasonable care. The identification of all such confidential data and information as well as the State's confidentiality procedural requirements for protection of such data and information from unauthorized use and disclosure shall be provided by the State in writing to the Contractor. If the methods and procedures employed by the Contractor for the protection of the Contractor's data and information are deemed by the State to be adequate for the protection of the State's confidential information, such methods and procedures may be used, with the written consent of the State, to carry out the intent of this paragraph. Any additional requirements to ensure confidentiality of data shall be set forth in the SOW. The Contractor shall not be required under the provisions of this paragraph to keep confidential any data or information which is or becomes publicly availableavailable other than through a breach of Contractor’s or a third party’s confidentiality obligations, is already rightfully in the Contractor's possession without obligation of confidentiality, is independently developed by the Contractor outside the scope of this ContractContract and without reference to the State’s confidential data information, or is rightfully obtained from third parties. parties without an obligation of confidentiality or is required to be disclosed by subpoena or other legal process, limited to the extent required by the terms of such subpoena or other legal process. a) The Contractor shall sign a security not use or share CPNI for any activity other than as permitted by applicable law and confidentiality statement. Contractor is responsible for all Contractor personnel assigned to this Contract and will have appropriate agreements in place to enable Contractor to meet its obligations hereunder. b) The parties acknowledge information transmitted by with the State to approval of the Contractor and/or Service Provider may inadvertently contain Federal Tax Information (FTI). The State will use all reasonable efforts to prevent the transmittal of FTI to Contractor and/or Service Provider under this Contract. The State further acknowledges that the Contractor and/or Service Provider does not require any “access” to, or “receipt” or “storage” of FTI to perform the Services under the ContractCustomer. The Contractor and/or Service Provider further acknowledges that Contractor and/or Service Provider shall not knowingly access or permit access provide reasonable written notification to such FTIthe Customer prior to the disclosure of CPNI, unless directed except where expressly authorized by the StateCustomer. Access to FTI is out-of-scope Such notification shall indicate the reason for the CPNI disclosure. A description of the Services. To the extent that Contractor’s and/or Service Providerprocess for obtaining the Customer’s access authorization to FTI is “incidental” to Contractorrelease CPNI shall be provided upon the State’s provision of Services, it is the parties’ view that such incidental exposure should not legally subject Contractor and/or Service Provider to the Internal Revenue Service (IRS) requirements set forth in IRS Publication 1075, section 11request.

CONFIDENTIALITY OF DATA. a) All Customer Data financial, statistical, personal, technical and other data and information relating to the OCD/DRU's operation which are designated confidential by the OCD/DRU and made available to the Contractor in order to carry out this Contract, or which become available to the Contractor in carrying out this Contract, shall be protected by the Contractor from unauthorized use and disclosure by use through the observance of the same or more effective confidentiality procedural requirements as are applicable to the StateOCD/DRU. The identification of all such confidential data and information as well as the StateOCD/DRU's confidentiality procedural requirements for protection of such data and information from unauthorized use and disclosure shall be provided by the State OCD/DRU in writing to the Contractor. If the methods and procedures employed by the Contractor for the protection of the Contractor's data and information are deemed by the State OCD/DRU to be adequate for the protection of the StateOCD/DRU's confidential information, such methods and procedures may be used, with the written consent of the StateOCD/DRU, to carry out the intent of this paragraph. Any additional requirements to ensure confidentiality of data shall be set forth in the SOW. The Contractor shall not be required under the provisions of this paragraph to keep confidential any data or information which is or becomes publicly available, is already rightfully in the Contractor's possession without obligation of confidentialitypossession, is independently developed by the Contractor outside the scope of this Contract, is obtained from other public agencies, or is rightfully obtained from third parties. All of the reports, information, data, et cetera, prepared or assembled by Contractor under this Contract are confidential and Contractor agrees that they shall sign a security not be made available to any individual or organization without the prior written approval of the OCD/DRU. This does not extend to information that was obtained from the public domain such as public agencies or sources of information available to the general public. All records, reports, documents and confidentiality statementother material delivered or transmitted to Contractor by State shall remain the property of State, and shall be returned by Contractor to State, at Contractor's expense, at termination or expiration of this contract. Contractor is responsible for all Contractor personnel assigned All records, reports, documents, pleadings, exhibits or other material related to this Contract contract and/or obtained or prepared by Contractor in connection with the performance of the services contracted for herein shall become the property State, and will have appropriate agreements in place to enable shall, upon request, be returned by Contractor to meet its obligations hereunderState, at Contractor's expense, at termination or expiration of this contract. b) The parties acknowledge information transmitted by the State to the Contractor and/or Service Provider may inadvertently contain Federal Tax Information (FTI). The State will use all reasonable efforts to prevent the transmittal of FTI to Contractor and/or Service Provider under this Contract. The State further acknowledges that the Contractor and/or Service Provider does not require any “access” to, or “receipt” or “storage” of FTI to perform the Services under the Contract. The Contractor and/or Service Provider further acknowledges that Contractor and/or Service Provider shall not knowingly access or permit access to such FTI, unless directed by the State. Access to FTI is out-of-scope of the Services. To the extent that Contractor’s and/or Service Provider’s access to FTI is “incidental” to Contractor’s provision of Services, it is the parties’ view that such incidental exposure should not legally subject Contractor and/or Service Provider to the Internal Revenue Service (IRS) requirements set forth in IRS Publication 1075, section 11.

CONFIDENTIALITY OF DATA. a) All Customer Data made available The Company and Issuer each agree that all confidential information (“Confidential Information”), including, but not limited to, information and data about Participants, individually and in the aggregate (such confidential information referred to as “Participant Information”), communicated to each other during the Contractor term of the Agreement shall be received in order to carry out this Contract, or which become available to the Contractor in carrying out this Contractstrict confidence, shall be protected used only for the purposes of the Agreement, and no such Confidential Information shall be disclosed to third parties by the Contractor from unauthorized use and disclosure by use of receiving party without the same or more effective confidentiality requirements as are applicable to the State. The identification of all such confidential data and information as well as the State's confidentiality requirements for protection of such data and information from unauthorized use and disclosure shall be provided by the State in writing to the Contractor. If the methods and procedures employed by the Contractor for the protection of the Contractor's data and information are deemed by the State to be adequate for the protection of the State's confidential information, such methods and procedures may be used, with the prior written consent of the Statedisclosing party; provided, to carry out however, that the intent foregoing shall not preclude such disclosure of Confidential Information by the Company where (i) expressly provided in the Agreement, (ii) such disclosure is customary or appropriate in the provision of Services by the Company under the Agreement or (iii) the Company may be directed in advance by Issuer. If in the course of providing Services contemplated under this paragraph. Any additional requirements to ensure confidentiality Agreement the Company collects Participant data on behalf of data itself or third-party service providers, the Company shall be set forth permitted to retain access to such data and provide such data to such third-party service providers. In addition, each party agrees to take all reasonable precautions to prevent the disclosure to third parties of such Confidential Information, except as may be reasonably necessary to comply with applicable law, legal subpoena, summons or other lawful process, accounting or other regulatory requirements. The obligation to treat Confidential Information as confidential shall not apply to information that: a. was in the SOW. The Contractor shall not be required under public domain, other than by any material breach of the provisions of this paragraph to keep confidential any data or information which is or becomes publicly available, is Agreement; b. was already rightfully in known by the Contractor's possession without obligation of confidentiality, is receiving party prior to being disclosed by or obtained from the disclosing party; c. was independently developed or obtained by the Contractor receiving party outside the scope of this Contract, or is rightfully any agreement with the disclosing party; or d. was obtained legally from a third parties. Contractor shall sign a security party and without violation of such third party’s confidentiality statement. Contractor is responsible for all Contractor personnel assigned to this Contract and will have appropriate agreements in place to enable Contractor to meet its obligations hereunder. b) The parties acknowledge information transmitted by the State to the Contractor and/or Service Provider may inadvertently contain Federal Tax Information (FTI). The State will use all reasonable efforts to prevent the transmittal of FTI to Contractor and/or Service Provider under this Contract. The State further acknowledges that the Contractor and/or Service Provider does not require any “access” to, or “receipt” or “storage” of FTI to perform the Services under the Contract. The Contractor and/or Service Provider further acknowledges that Contractor and/or Service Provider shall not knowingly access or permit access to such FTI, unless directed by the State. Access to FTI is out-of-scope owner of the Services. To the extent that Contractor’s and/or Service Provider’s access to FTI is “incidental” to Contractor’s provision of Services, it is the parties’ view that such incidental exposure should not legally subject Contractor and/or Service Provider to the Internal Revenue Service (IRS) requirements set forth in IRS Publication 1075, section 11Confidential Information.