Use and Protection of Information Recipient agrees to protect such Information of the Discloser provided to Recipient from whatever source from distribution, disclosure or dissemination to anyone except employees of Recipient with a need to know such Information solely in conjunction with Recipient’s analysis of the Information and for no other purpose except as authorized herein or as otherwise authorized in writing by the Discloser. Recipient will not make any copies of the Information inspected by it.
Return or Destruction of Information Upon termination of this Agreement and at the request of ODM, the MCP will return to ODM or destroy all PHI in MCP’s possession stemming from this Agreement as soon as possible but no later than 90 calendar days and will not keep copies of the PHI except as may be requested by ODM or required by law, or as otherwise allowed for under this Agreement. If the MCP, its agent(s), or subcontractor(s) destroy any PHI, then the MCP will provide to ODM documentation evidencing such destruction. Any PHI retained by the MCP will continue to be extended the same protections set forth in this section, HIPAA regulations, and this Agreement for as long as it is maintained.
Protection of Information E1 Data Protection Xxx X0 Official Secrets Acts 1911, 1989, Section 182 of the Finance Xxx 0000 E3 Confidentiality E4 Freedom of Information E5 Security of Confidential Information E6 Publicity, Media and Official Enquiries E7 Security E8 Intellectual Property Rights and Assigned Deliverables E9 Audit and the National Audit Office
Security of Information Unless otherwise specifically authorized by the DOH Chief Information Security Officer, Contractor receiving confidential information under this contract assures that: • Encryption is selected and applied using industry standard algorithms validated by the National Institute of Standards and Technology (NIST) Cryptographic Algorithm Validation Program against all information stored locally and off-site. Information must be encrypted both in-transit and at rest and applied in such a way that it renders data unusable to anyone but authorized personnel, and the confidential process, encryption key or other means to decipher the information is protected from unauthorized access. • It is compliant with the applicable provisions of the Washington State Office of the Chief Information Officer (OCIO) policy 141, Securing Information Technology Assets, available at: xxxxx://xxxx.xx.xxx/policy/securing-information-technology-assets. • It will provide DOH copies of its IT security policies, practices and procedures upon the request of the DOH Chief Information Security Officer. • DOH may at any time conduct an audit of the Contractor’s security practices and/or infrastructure to assure compliance with the security requirements of this contract. • It has implemented physical, electronic and administrative safeguards that are consistent with OCIO security standard 141.10 and ISB IT guidelines to prevent unauthorized access, use, modification or disclosure of DOH Confidential Information in any form. This includes, but is not limited to, restricting access to specifically authorized individuals and services through the use of: o Documented access authorization and change control procedures; o Card key systems that restrict, monitor and log access; o Locked racks for the storage of servers that contain Confidential Information or use AES encryption (key lengths of 256 bits or greater) to protect confidential data at rest, standard algorithms validated by the National Institute of Standards and Technology (NIST) Cryptographic Algorithm Validation Program (CMVP); o Documented patch management practices that assure all network systems are running critical security updates within 6 days of release when the exploit is in the wild, and within 30 days of release for all others; o Documented anti-virus strategies that assure all systems are running the most current anti-virus signatures within 1 day of release; o Complex passwords that are systematically enforced and password expiration not to exceed 120 days, dependent user authentication types as defined in OCIO security standards; o Strong multi-factor authentication mechanisms that assure the identity of individuals who access Confidential Information; o Account lock-out after 5 failed authentication attempts for a minimum of 15 minutes, or for Confidential Information, until administrator reset; o AES encryption (using key lengths 128 bits or greater) session for all data transmissions, standard algorithms validated by NIST CMVP; o Firewall rules and network address translation that isolate database servers from web servers and public networks; o Regular review of firewall rules and configurations to assure compliance with authorization and change control procedures; o Log management and intrusion detection/prevention systems; o A documented and tested incident response plan Any breach of this clause may result in termination of the contract and the demand for return of all personal information.
ACKNOWLEDGEMENT AND PROTECTION OF INTELLECTUAL PROPERTY RIGHTS 9.1 The Institution acknowledges that all copyrights, patent rights, trade marks, database rights, trade secrets and other intellectual property rights relating to the Licensed Material are the sole and exclusive property of Publisher or are duly licensed to the Publisher and that this Licence does not assign or transfer to the Institution any right, title or interest therein except for the right to use the Licensed Material in accordance with the terms and conditions of this Licence.
Collection of Information You authorize us to access and download information from your Meter or from your PC Postage account. We may disclose this information to the USPS or other authorized governmental entity. We won’t share with any third parties (except the USPS or other governmental entity) individually identifiable information that we obtain about you in this manner unless required to by law or court order. We may elect to share aggregate data about our clients’ postage usage with third parties.
Intellectual Property Protection The Group Companies shall establish and maintain appropriate intellectual inspection system to protect the Proprietary Rights of the Group Companies. The Group Companies shall, and the Founders shall cause the Group Companies to fully comply with the laws and regulations in respect of the protection of the Proprietary Rights and refrain from infringing the Proprietary Rights of other parties. Ecommerce Company shall, and the other Warrantors shall procure Ecommerce Company to, use its best efforts to obtain as soon as possible and maintain the registration of the core trademarks used in the Business (including without limitation, the marks of “perfect diary”, “完美日记” and the combination of the foregoing) in the appropriate goods and services (including without limitation, cosmetics, cosmetics tools and advertisement). The Group Companies shall take all necessary or desirable actions to protect their trademarks, including initiating trademark petitions against any trademark applications filed by any third party for a trademark identical or similar to the Group Companies’ trademarks.
Protection of Intellectual Property 1. The Parties shall grant and ensure adequate, effective and non-discriminatory protection of intellectual property rights, and provide for measures for the enforcement of such rights against infringement thereof, counterfeiting and piracy, in accordance with the provisions of this Article, Annex VI and the international agreements referred to therein.
Protection of Customer Data The Supplier shall not delete or remove any proprietary notices contained within or relating to the Customer Data. The Supplier shall not store, copy, disclose, or use the Customer Data except as necessary for the performance by the Supplier of its obligations under this Call Off Contract or as otherwise Approved by the Customer. To the extent that the Customer Data is held and/or Processed by the Supplier, the Supplier shall supply that Customer Data to the Customer as requested by the Customer and in the format (if any) specified by the Customer in the Call Off Order Form and, in any event, as specified by the Customer from time to time in writing. The Supplier shall take responsibility for preserving the integrity of Customer Data and preventing the corruption or loss of Customer Data. The Supplier shall perform secure back-ups of all Customer Data and shall ensure that up-to-date back-ups are stored off-site at an Approved location in accordance with any BCDR Plan or otherwise. The Supplier shall ensure that such back-ups are available to the Customer (or to such other person as the Customer may direct) at all times upon request and are delivered to the Customer at no less than six (6) Monthly intervals (or such other intervals as may be agreed in writing between the Parties). The Supplier shall ensure that any system on which the Supplier holds any Customer Data, including back-up data, is a secure system that complies with the Security Policy and the Security Management Plan (if any). If at any time the Supplier suspects or has reason to believe that the Customer Data is corrupted, lost or sufficiently degraded in any way for any reason, then the Supplier shall notify the Customer immediately and inform the Customer of the remedial action the Supplier proposes to take. If the Customer Data is corrupted, lost or sufficiently degraded as a result of a Default so as to be unusable, the Supplier may: require the Supplier (at the Supplier's expense) to restore or procure the restoration of Customer Data to the extent and in accordance with the requirements specified in Call Off Schedule 8 (Business Continuity and Disaster Recovery) or as otherwise required by the Customer, and the Supplier shall do so as soon as practicable but not later than five (5) Working Days from the date of receipt of the Customer’s notice; and/or itself restore or procure the restoration of Customer Data, and shall be repaid by the Supplier any reasonable expenses incurred in doing so to the extent and in accordance with the requirements specified in Call Off Schedule 8 (Business Continuity and Disaster Recovery) or as otherwise required by the Customer. Confidentiality
Accessibility of Information Technology Contractor represents and warrants that any software/ hardware/ communications system/ equipment (collectively “technology”), if any, provided under this Agreement adheres to the standards and/or specifications as may be set forth in the Section 508 of the Rehabilitation Act of 1973 standards guide and is fully compliant with WCAG 2.0 AA standards for accessibility and compliant with any applicable FCC regulations. Technology that will be used on a mobile device must also be navigable with Voiceover on iOS devices in addition to meeting WCAG 2.0 level AA. If portions of the technology or user experience are alleged to be non-compliant or non- accessible at any point, District will provide Contractor with notice of such allegation and Contractor shall use its best efforts to make the technology compliant and accessible. If a state or federal department, office or regulatory agency, or if any other third party administrative agency or organization (“Claimants”), make a claim, allegation, initiates legal or regulatory process, or if a court finds or otherwise determines that technology is non-compliant or non-accessible, Contractor shall indemnify, defend and hold harmless the District from and against any and all such claims, allegations, liabilities, damages, penalties, fees, costs (including but not limited to reasonable attorneys’ fees), arising out of or related to Xxxxxxxxx’ claims. Contractor shall also fully indemnify District for the full cost of any user accommodation that is found to be necessary due to an identifiable lack of accessibility in the Contractor’s technology. If necessary, an independent 3rd party accessibility firm using POUR standards (Perceivable, Operable, Understandable and Robust) may be used to validate the accessibility of the technology.
