Prohibition on Unauthorized Use or Disclosure The Business Associate will neither use nor disclose the Covered Entity’s Protected Health Information, except as permitted or required by this Addendum or in writing by the Covered Entity or as Required by Law. This Agreement does not authorize the Business Associate to use or disclose the Covered Entity’s Protected Health Information in a manner that will violate Subpart E of 45 CFR Part 164 if done by the Covered Entity.
Reporting of Unauthorized Disclosure The Contractor shall immediately report to the State any unauthorized disclosure of confidential information.
Information on Postings a) All job postings shall indicate the following: - date of posting and closing date of posting - hours of work, including start and stop times and days off - pay rate - worksite and work area - start date of position - summary of job description/duties - required qualifications
Notification of Xxxxxx and Unauthorized Release (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release.
Confidentiality and Safeguarding of University Records; Press Releases; Public Information Under this Agreement, Contractor may (1) create, (2) receive from or on behalf of University, or (3) have access to, records or record systems (collectively, University Records). Among other things, University Records may contain social security numbers, credit card numbers, or data protected or made confidential or sensitive by Applicable Laws. [Option (Include if University Records are subject to FERPA.): Additional mandatory confidentiality and security compliance requirements with respect to University Records subject to the Family Educational Rights and Privacy Act, 20 United States Code (USC) §1232g (FERPA) are addressed in Section 12.41.] [Option (Include if University is a HIPAA Covered Entity and University Records are subject to HIPAA.): Additional mandatory confidentiality and security compliance requirements with respect to University Records subject to the Health Insurance Portability and Accountability Act and 45 Code of Federal Regulations (CFR) Part 160 and subparts A and E of Part 164 (collectively, HIPAA) are addressed in Section 12.26.] Contractor represents, warrants, and agrees that it will: (1) hold University Records in strict confidence and will not use or disclose University Records except as (a) permitted or required by this Agreement, (b) required by Applicable Laws, or (c) otherwise authorized by University in writing; (2) safeguard University Records according to reasonable administrative, physical and technical standards (such as standards established by the National Institute of Standards and Technology and the Center for Internet Security [Option (Include if Section 12.39 related to Payment Card Industry Data Security Standards is not include in this Agreement.):, as well as the Payment Card Industry Data Security Standards]) that are no less rigorous than the standards by which Contractor protects its own confidential information; (3) continually monitor its operations and take any action necessary to assure that University Records are safeguarded and the confidentiality of University Records is maintained in accordance with all Applicable Laws and the terms of this Agreement; and (4) comply with University Rules regarding access to and use of University’s computer systems, including UTS165 at xxxx://xxx.xxxxxxxx.xxx/board-of-regents/policy-library/policies/uts165-information-resources-use-and-security-policy. At the request of University, Contractor agrees to provide University with a written summary of the procedures Contractor uses to safeguard and maintain the confidentiality of University Records.
Data Security and Unauthorized Data Release The Requester and Approved Users, including the Requester’s IT Director, acknowledge NIH’s expectation that they have reviewed and agree to manage the requested controlled-access dataset(s) and any Data Derivatives of controlled-access datasets according to NIH’s expectations set forth in the current NIH Security Best Practices for Controlled-Access Data Subject to the GDS Policy and the Requester’s IT security requirements and policies. The Requester, including the Requester’s IT Director, agree that the Requester’s IT security requirements and policies are sufficient to protect the confidentiality and integrity of the NIH controlled-access data entrusted to the Requester. If approved by NIH to use cloud computing for the proposed research project, as outlined in the Research and Cloud Computing Use Statements of the Data Access Request, the Requester acknowledges that the IT Director has reviewed and understands the cloud computing guidelines in the NIH Security Best Practices for Controlled-Access Data Subject to the NIH GDS Policy. The Requester and PI agree to notify the appropriate DAC(s) of any unauthorized data sharing, breaches of data security, or inadvertent data releases that may compromise data confidentiality within 24 hours of when the incident is identified. As permitted by law, notifications should include any known information regarding the incident and a general description of the activities or process in place to define and remediate the situation fully. Within 3 business days of the DAC notification, the Requester agrees to submit to the DAC(s) a detailed written report including the date and nature of the event, actions taken or to be taken to remediate the issue(s), and plans or processes developed to prevent further problems, including specific information on timelines anticipated for action. The Requester agrees to provide documentation verifying that the remediation plans have been implemented. Repeated violations or unresponsiveness to NIH requests may result in further compliance measures affecting the Requester. All notifications and written reports of data security incidents and policy compliance violations should be sent to the DAC(s) indicated in the Addendum to this Agreement. NIH, or another entity designated by NIH may, as permitted by law, also investigate any data security incident or policy violation. Approved Users and their associates agree to support such investigations and provide information, within the limits of applicable local, state, tribal, and federal laws and regulations. In addition, Requester and Approved Users agree to work with the NIH to assure that plans and procedures that are developed to address identified problems are mutually acceptable and consistent with applicable law.
Data Disclosure Under Minnesota Statute § 270C.65, Subdivision 3 and other applicable law, the Contractor consents to disclosure of its social security number, federal employer tax identification number, and/or Minnesota tax identification number, already provided to the State, to federal and state agencies and state personnel involved in the payment of state obligations. These identification numbers may be used in the enforcement of federal and state laws which could result in action requiring the Contractor to file state tax returns, pay delinquent state tax liabilities, if any, or pay other state liabilities.
Contractor Communication or Disclosure The Contractor shall not make any public statements, press releases, publicity releases, or other similar communications concerning the Contract or its subject matter or otherwise disclose or permit to be disclosed any of the data or other information obtained or furnished in compliance with the Contract, without first notifying the Customer’s Contract Manager and securing the Customer’s prior written consent.
RELEASE OF BID EVALUATION MATERIALS Requests concerning the evaluation of Bids may be submitted under the Freedom of Information Law. Information, other than statistical or factual tabulations or data such as the Bid Tabulation, shall only be released as required by law after Contract award. Bid Tabulations are not maintained for all procurements. Names of Bidders may be disclosed after Bid opening upon request. Written requests should be directed to the Commissioner.
Unauthorized Disclosure The Executive agrees and understands that in the Executive’s position with the Company, the Executive has been and will be exposed to and has and will receive information relating to the confidential affairs of the Company Group, including, without limitation, technical information, intellectual property, business and marketing plans, strategies, customer information, software, other information concerning the products, promotions, development, financing, expansion plans, business policies and practices of the Company Group and other forms of information considered by the Company Group to be confidential or in the nature of trade secrets (including, without limitation, ideas, research and development, know-how, formulas, technical data, designs, drawings, specifications, customer and supplier lists, pricing and cost information and business and marketing plans and proposals) (collectively, the “Confidential Information”). Confidential Information shall not include information that is generally known to the public or within the relevant trade or industry other than due to the Executive’s violation of this Section 4.1 or disclosure by a third party who is known by the Executive to owe the Company an obligation of confidentiality with respect to such information. The Executive agrees that at all times during the Executive’s employment with the Company and thereafter, the Executive shall not disclose such Confidential Information, either directly or indirectly, to any individual, corporation, partnership, limited liability company, association, trust or other entity or organization, including a government or political subdivision or an agency or instrumentality thereof (each a “Person”) without the prior written consent of the Company and shall not use or attempt to use any such information in any manner other than in connection with his employment with the Company, unless required by law to disclose such information, in which case the Executive shall provide the Company with written notice of such requirement as far in advance of such anticipated disclosure as possible. This confidentiality covenant has no temporal, geographical or territorial restriction. Upon termination of the Executive’s employment with the Company, the Executive shall promptly supply to the Company all property, keys, notes, memoranda, writings, lists, files, reports, customer lists, correspondence, tapes, disks, cards, surveys, maps, logs, machines, technical data and any other tangible product or document which has been produced by, received by or otherwise submitted to the Executive during or prior to the Executive’s employment with the Company, and any copies thereof in his (or reasonably capable of being reduced to his) possession; provided that nothing in this Employment Agreement or elsewhere shall prevent the Executive from retaining and utilizing: documents relating to his personal benefits, entitlements and obligations; documents relating to his personal tax obligations; his desk calendar, rolodex, and the like; and such other records and documents as may reasonably be approved by the Company.
