Source of Data A description of (1) the process used to identify claims in the Population, and (2) the specific documentation relied upon by the IRO when performing the Quarterly Claims Review (e.g., medical records, physician orders, certificates of medical necessity, requisition forms, local medical review policies (including title and policy number), CMS program memoranda (including title and issuance number), Medicare contractor manual or bulletins (including issue and date), other policies, regulations, or directives).
Use of Data (a) In connection with the provision of the services and the discharge of its other obligations under this Agreement, State Street (which term for purposes of this Section XXIX includes each of its parent company, branches and affiliates (''Affiliates")) may collect and store information regarding a Trust and share such information with its Affiliates, agents and service providers in order and to the extent reasonably necessary (i) to carry out the provision of services contemplated under this Agreement and other agreements between the Trusts and State Street or any of its Affiliates and (ii) to carry out management of its businesses, including, but not limited to, financial and operational management and reporting, risk management, legal and regulatory compliance and client service management.
Categories of Data Data relating to individuals provided to Google via the Services, by (or at the direction of) Customer or End Users. Data subjects include the individuals about whom data is provided to Google via the Services by (or at the direction of) Customer or End Users.
Protection of Data The Contractor agrees to store Data on one or more of the following media and protect the Data as described:
a. Hard disk drives. For Data stored on local workstation hard disks, access to the Data will be restricted to Authorized User(s) by requiring logon to the local workstation using a Unique User ID and Hardened Password or other authentication mechanisms which provide equal or greater security, such as biometrics or smart cards.
b. Network server disks. For Data stored on hard disks mounted on network servers and made available through shared folders, access to the Data will be restricted to Authorized Users through the use of access control lists which will grant access only after the Authorized User has authenticated to the network using a Unique User ID and Hardened Password or other authentication mechanisms which provide equal or greater security, such as biometrics or smart cards. Data on disks mounted to such servers must be located in an area which is accessible only to authorized personnel, with access controlled through use of a key, card key, combination lock, or comparable mechanism. For DSHS Confidential Information stored on these disks, deleting unneeded Data is sufficient as long as the disks remain in a Secure Area and otherwise meet the requirements listed in the above paragraph. Destruction of the Data, as outlined below in Section 8 Data Disposition, may be deferred until the disks are retired, replaced, or otherwise taken out of the Secure Area.
c. Optical discs (CDs or DVDs) in local workstation optical disc drives. Data provided by DSHS on optical discs which will be used in local workstation optical disc drives and which will not be transported out of a Secure Area. When not in use for the contracted purpose, such discs must be Stored in a Secure Area. Workstations which access DSHS Data on optical discs must be located in an area which is accessible only to authorized personnel, with access controlled through use of a key, card key, combination lock, or comparable mechanism.
d. Optical discs (CDs or DVDs) in drives or jukeboxes attached to servers. Data provided by DSHS on optical discs which will be attached to network servers and which will not be transported out of a Secure Area. Access to Data on these discs will be restricted to Authorized Users through the use of access control lists which will grant access only after the Authorized User has authenticated to the network using a Unique User ID and Hardened Password or other authentication mechanisms which provide equal or greater security, such as biometrics or smart cards. Data on discs attached to such servers must be located in an area which is accessible only to authorized personnel, with access controlled through use of a key, card key, combination lock, or comparable mechanism.
Use of Data by User Registry Operator will permit user to use the zone file for lawful purposes; provided that (a) user takes all reasonable steps to protect against unauthorized access to and use and disclosure of the data and (b) under no circumstances will Registry Operator be required or permitted to allow user to use the data to, (i) allow, enable, or otherwise support the transmission by email, telephone, or facsimile of mass unsolicited, commercial advertising or solicitations to entities other than user’s own existing customers, or (ii) enable high volume, automated, electronic processes that send queries or data to the systems of Registry Operator or any ICANN-‐accredited registrar.
Protection of Customer Data The Supplier shall not delete or remove any proprietary notices contained within or relating to the Customer Data. The Supplier shall not store, copy, disclose, or use the Customer Data except as necessary for the performance by the Supplier of its obligations under this Call Off Contract or as otherwise Approved by the Customer. To the extent that the Customer Data is held and/or Processed by the Supplier, the Supplier shall supply that Customer Data to the Customer as requested by the Customer and in the format (if any) specified by the Customer in the Call Off Order Form and, in any event, as specified by the Customer from time to time in writing. The Supplier shall take responsibility for preserving the integrity of Customer Data and preventing the corruption or loss of Customer Data. The Supplier shall perform secure back-ups of all Customer Data and shall ensure that up-to-date back-ups are stored off-site at an Approved location in accordance with any BCDR Plan or otherwise. The Supplier shall ensure that such back-ups are available to the Customer (or to such other person as the Customer may direct) at all times upon request and are delivered to the Customer at no less than six (6) Monthly intervals (or such other intervals as may be agreed in writing between the Parties). The Supplier shall ensure that any system on which the Supplier holds any Customer Data, including back-up data, is a secure system that complies with the Security Policy and the Security Management Plan (if any). If at any time the Supplier suspects or has reason to believe that the Customer Data is corrupted, lost or sufficiently degraded in any way for any reason, then the Supplier shall notify the Customer immediately and inform the Customer of the remedial action the Supplier proposes to take. If the Customer Data is corrupted, lost or sufficiently degraded as a result of a Default so as to be unusable, the Supplier may: require the Supplier (at the Supplier's expense) to restore or procure the restoration of Customer Data to the extent and in accordance with the requirements specified in Call Off Schedule 8 (Business Continuity and Disaster Recovery) or as otherwise required by the Customer, and the Supplier shall do so as soon as practicable but not later than five (5) Working Days from the date of receipt of the Customer’s notice; and/or itself restore or procure the restoration of Customer Data, and shall be repaid by the Supplier any reasonable expenses incurred in doing so to the extent and in accordance with the requirements specified in Call Off Schedule 8 (Business Continuity and Disaster Recovery) or as otherwise required by the Customer.
Rights of Data Subjects 5.1 You control access to Your Services environment that holds Personal Information about Your end users, and Your end users should direct any requests related to their rights under Applicable Data Protection Law to You.
5.2 To the extent such access is not available to You, Oracle will provide assistance with requests from individuals to access, delete or erase, restrict, rectify, receive and transmit, block access to or object to processing related to Personal Information held in Your Services environment on Oracle systems, insofar as reasonably and technically possible.
5.3 If Oracle directly receives any requests or inquiries from Your end users that have identified You as the Controller, it will promptly pass on such requests to You without responding to the end user.
Contents of Personnel File A. Adverse statements prepared by the County shall not be included in an employee's official personnel file unless a copy is provided to the employee.
B. An employee shall have the right to inspect and review the contents of his or her official personnel file at reasonable intervals.
C. In addition, an employee shall have the right to inspect and review the contents of his or her official personnel file in any case where the employee has a grievance related to performance; to a performance evaluation; or is contesting his or her suspension or discharge from County service.
D. Letters of reference and reports concerning criminal investigations concerning the employee shall be excluded from the provisions of B. and C., above.
E. An employee shall have the right to respond in writing or personal interview to any information contained in his or her official personnel file, such reply to become a permanent part of such employee's official personnel file.
F. Any contents of an employee's official personnel file may be destroyed pursuant to an agreement between the Chief of Employee Relations and the employee concerned or by an order of an arbitrator, court or impartial hearing officer unless the particular item is otherwise required by law to be kept.
Background Data The Disclosing Party's Background Data, if any, will be identified in a separate technical document.
Identification of Data a. All Background, Third Party Proprietary and Controlled Government Data provided by Disclosing Party shall be identified in the Annex under which it will be provided.
b. NASA software and related Data provided to Partner shall be identified in the Annex under which it will be used. Notwithstanding H.4., Software and related Data will be provided to Partner under a separate Software Usage Agreement (SUA). Partner shall use and protect the related Data in accordance with this Article. Unless the SUA authorizes retention, or Partner enters into a license under 37 C.F.R. Part 404, the related Data shall be disposed of as instructed by NASA.
