COMPLIANCE WITH NEW YORK STATE INFORMATION SECURITY BREACH AND NOTIFICATION ACT Contractor shall comply with the provisions of the New York State Information Security Breach and Notification Act (General Business Law Section 899-aa; State Technology Law Section 208).
COMPLIANCE WITH BREACH NOTIFICATION AND DATA SECURITY LAWS Contractor shall comply with the provisions of the New York State Information Security Breach and Notification Act (General Business Law § 899-aa and State Technology Law § 208) and commencing March 21, 2020 shall also comply with General Business Law § 899-bb.
Limitation of Vendor Indemnification and Similar Clauses This is a requirement of the TIPS Contract and is non-negotiable TIPS, a department of Region 8 Education Service Center, a political subdivision, and local government entity of the State of Texas, is prohibited from indemnifying third-parties (pursuant to the Article 3, Section 52 of the Texas Constitution) except as otherwise specifically provided for by law or as ordered by a court of competent jurisdiction. Article 3, Section 52 of the Texas Constitution states that "no debt shall be created by or on behalf of the State … " and the Texas Attorney General has opined that a contractually imposed obligation of indemnity creates a "debt" in the constitutional sense. Tex. Att'y Gen. Op. No. MW-475 (1982). Thus, contract clauses which require TIPS to indemnify Vendor, pay liquidated damages, pay attorney's fees, waive Vendor's liability, or waive any applicable statute of limitations must be deleted or qualified with ''to the extent permitted by the Constitution and Laws of the State of Texas." Does Vendor agree? Yes, I Agree TIPS, a department of Region 8 Education Service Center, a political subdivision, and local government entity of the State of Texas, does not agree to binding arbitration as a remedy to dispute and no such provision shall be permitted in this Agreement with TIPS. Vendor agrees that any claim arising out of or related to this Agreement, except those specifically and expressly waived or negotiated within this Agreement, may be subject to non-binding mediation at the request of either party to be conducted by a mutually agreed upon mediator as prerequisite to the filing of any lawsuit arising out of or related to this Agreement. Mediation shall be held in either Camp or Titus County, Texas. Agreements reached in mediation will be subject to the approval by the Region 8 ESC's Board of Directors, authorized signature of the Parties if approved by the Board of Directors, and, once approved by the Board of Directors and properly signed, shall thereafter be enforceable as provided by the laws of the State of Texas. Does Vendor agree? Yes, Vendor agrees Does Vendor agree? Yes, Vendor agrees Vendor agrees that nothing in this Agreement shall be construed as a waiver of sovereign or government immunity; nor constitute or be construed as a waiver of any of the privileges, rights, defenses, remedies, or immunities available to Region 8 Education Service Center or its TIPS Department. The failure to enforce, or any delay in the enforcement, of any privileges, rights, defenses, remedies, or immunities available to Region 8 Education Service Center or its TIPS Department under this Agreement or under applicable law shall not constitute a waiver of such privileges, rights, defenses, remedies, or immunities or be considered as a basis for estoppel. Does Vendor agree? Yes, Vendor agrees Vendor agrees that TIPS and TIPS Members shall not be liable for interest or late-payment fees on past-due balances at a rate higher than permitted by the laws or regulations of the jurisdiction of the TIPS Member. Funding-Out Clause: Vendor agrees to abide by the applicable laws and regulations, including but not limited to Texas Local Government Code § 271.903, or any other statutory or regulatory limitation of the jurisdiction of any TIPS Member, which requires that contracts approved by TIPS or a TIPS Member are subject to the budgeting and appropriation of currently available funds by the entity or its governing body.
BREACH DISCOVERY AND NOTIFICATION 17 1. Following the discovery of a Breach of Unsecured PHI, CONTRACTOR shall notify 18 COUNTY of such Breach, however both parties agree to a delay in the notification if so advised by a 19 law enforcement official pursuant to 45 CFR § 164.412. 20 a. A Breach shall be treated as discovered by CONTRACTOR as of the first day on which 21 such Breach is known to CONTRACTOR or, by exercising reasonable diligence, would have been 22 known to CONTRACTOR. 23 b. CONTRACTOR shall be deemed to have knowledge of a Breach, if the Breach is 24 known, or by exercising reasonable diligence would have known, to any person who is an employee, 25 officer, or other agent of CONTRACTOR, as determined by federal common law of agency. 26 2. CONTRACTOR shall provide the notification of the Breach immediately to the COUNTY 27 Privacy Officer. CONTRACTOR’s notification may be oral, but shall be followed by written 28 notification within twenty four (24) hours of the oral notification. 29 3. CONTRACTOR’s notification shall include, to the extent possible: 30 a. The identification of each Individual whose Unsecured PHI has been, or is reasonably 31 believed by CONTRACTOR to have been, accessed, acquired, used, or disclosed during the Breach; 32 b. Any other information that COUNTY is required to include in the notification to 33 Individual under 45 CFR §164.404 (c) at the time CONTRACTOR is required to notify COUNTY or 34 promptly thereafter as this information becomes available, even after the regulatory sixty (60) day 35 period set forth in 45 CFR § 164.410 (b) has elapsed, including: 36 1) A brief description of what happened, including the date of the Breach and the date 37 of the discovery of the Breach, if known; 1 2) A description of the types of Unsecured PHI that were involved in the Breach (such 2 as whether full name, social security number, date of birth, home address, account number, diagnosis, 3 disability code, or other types of information were involved); 4 3) Any steps Individuals should take to protect themselves from potential harm 5 resulting from the Breach; 6 4) A brief description of what CONTRACTOR is doing to investigate the Breach, to 7 mitigate harm to Individuals, and to protect against any future Breaches; and 8 5) Contact procedures for Individuals to ask questions or learn additional information, 9 which shall include a toll-free telephone number, an e-mail address, Web site, or postal address. 10 4. COUNTY may require CONTRACTOR to provide notice to the Individual as required in 11 45 CFR § 164.404, if it is reasonable to do so under the circumstances, at the sole discretion of the 12 COUNTY. 13 5. In the event that CONTRACTOR is responsible for a Breach of Unsecured PHI in violation 14 of the HIPAA Privacy Rule, CONTRACTOR shall have the burden of demonstrating that 15 CONTRACTOR made all notifications to COUNTY consistent with this Subparagraph F and as 16 required by the Breach notification regulations, or, in the alternative, that the acquisition, access, use, or 17 disclosure of PHI did not constitute a Breach. 18 6. CONTRACTOR shall maintain documentation of all required notifications of a Breach or 19 its risk assessment under 45 CFR § 164.402 to demonstrate that a Breach did not occur. 20 7. CONTRACTOR shall provide to COUNTY all specific and pertinent information about the 21 Breach, including the information listed in Section E.3.b.(1)-(5) above, if not yet provided, to permit 22 COUNTY to meet its notification obligations under Subpart D of 45 CFR Part 164 as soon as 23 practicable, but in no event later than fifteen (15) calendar days after CONTRACTOR’s initial report of 24 the Breach to COUNTY pursuant to Subparagraph F.2. above. 25 8. CONTRACTOR shall continue to provide all additional pertinent information about the
Termination of Obligations to Effect Closing; Effects (a) The obligations of the Company, on the one hand, and the Investors, on the other hand, to effect the Closing shall terminate as follows: (i) Upon the mutual written consent of the Company and the Investors; (ii) By the Company if any of the conditions set forth in Section 6.2 shall have become incapable of fulfillment, and shall not have been waived by the Company; (iii) By an Investor (with respect to itself only) if any of the conditions set forth in Section 6.1 shall have become incapable of fulfillment, and shall not have been waived by the Investor; or (iv) By either the Company or any Investor (with respect to itself only) if the Closing has not occurred on or prior to the earliest to occur of (i) the effective date of the Merger, (ii) the termination of the Merger Agreement or (iii) December 31, 2004; provided, however, that, except in the case of clause (i) above, the party seeking to terminate its obligation to effect the Closing shall not then be in breach of any of its representations, warranties, covenants or agreements contained in this Agreement or the other Transaction Documents if such breach has resulted in the circumstances giving rise to such party’s seeking to terminate its obligation to effect the Closing. (b) In the event of termination by the Company or any Investor of its obligations to effect the Closing pursuant to this Section 6.3, written notice thereof shall forthwith be given to the other Investors and the other Investors shall have the right to terminate their obligations to effect the Closing upon written notice to the Company and the other Investors. Nothing in this Section 6.3 shall be deemed to release any party from any liability for any breach by such party of the terms and provisions of this Agreement or the other Transaction Documents or to impair the right of any party to compel specific performance by any other party of its obligations under this Agreement or the other Transaction Documents.
Certification of Funds; Budget and Fiscal Provisions; Termination in the Event of Non-Appropriation This Agreement is subject to the budget and fiscal provisions of the City’s Charter. Charges will accrue only after prior written authorization certified by the Controller, and the amount of City’s obligation hereunder shall not at any time exceed the amount certified for the purpose and period stated in such advance authorization. This Agreement will terminate without penalty, liability or expense of any kind to City at the end of any fiscal year if funds are not appropriated for the next succeeding fiscal year. If funds are appropriated for a portion of the fiscal year, this Agreement will terminate, without penalty, liability or expense of any kind at the end of the term for which funds are appropriated. City has no obligation to make appropriations for this Agreement in lieu of appropriations for new or other agreements. City budget decisions are subject to the discretion of the Mayor and the Board of Supervisors. Contractor’s assumption of risk of possible non-appropriation is part of the consideration for this Agreement. THIS SECTION CONTROLS AGAINST ANY AND ALL OTHER PROVISIONS OF THIS AGREEMENT.
Certification Regarding Business with Certain Countries and Organizations Pursuant to Subchapter F, Chapter 2252, Texas Government Code, PROVIDER certifies it is not engaged in business with Iran, Sudan, or a foreign terrorist organization. PROVIDER acknowledges this Purchase Order may be terminated if this certification is or becomes inaccurate.
Handling Sensitive Personal Information and Breach Notification A. As part of its contract with HHSC Contractor may receive or create sensitive personal information, as section 521.002 of the Business and Commerce Code defines that phrase. Contractor must use appropriate safeguards to protect this sensitive personal information. These safeguards must include maintaining the sensitive personal information in a form that is unusable, unreadable, or indecipherable to unauthorized persons. Contractor may consult the “Guidance to Render Unsecured Protected Health Information Unusable, Unreadable, or Indecipherable to Unauthorized Individuals” issued by the U.S. Department of Health and Human Services to determine ways to meet this standard. B. Contractor must notify HHSC of any confirmed or suspected unauthorized acquisition, access, use or disclosure of sensitive personal information related to this Contract, including any breach of system security, as section 521.053 of the Business and Commerce Code defines that phrase. Contractor must submit a written report to HHSC as soon as possible but no later than 10 business days after discovering the unauthorized acquisition, access, use or disclosure. The written report must identify everyone whose sensitive personal information has been or is reasonably believed to have been compromised. C. Contractor must either disclose the unauthorized acquisition, access, use or disclosure to everyone whose sensitive personal information has been or is reasonably believed to have been compromised or pay the expenses associated with HHSC doing the disclosure if: 1. Contractor experiences a breach of system security involving information owned by HHSC for which disclosure or notification is required under section 521.053 of the Business and Commerce Code; or 2. Contractor experiences a breach of unsecured protected health information, as 45 C.F.R. §164.402 defines that phrase, and HHSC becomes responsible for doing the notification required by 45 C.F.R. §164.404. HHSC may, at its discretion, waive Contractor's payment of expenses associated with HHSC doing the disclosure.
Acknowledgment of Perfection of Security Interest Each Loan Party hereby acknowledges that, as of the date hereof, the security interests and liens granted to the Administrative Agent and the Lenders under the Credit Agreement and the other Loan Documents are in full force and effect, are properly perfected and are enforceable in accordance with the terms of the Credit Agreement and the other Loan Documents.
Standard of Care; Reliance on Records and Instructions; Indemnification BISYS shall use its best efforts to ensure the accuracy of all services performed under this Agreement, but shall not be liable to the Trust for any action taken or omitted by BISYS in the absence of bad faith, willful misfeasance, negligence or from reckless disregard by it of its obligations and duties. The Trust agrees to indemnify and hold harmless BISYS, its employees, agents, directors, officers and nominees from and against any and all claims, demands, actions and suits, whether groundless or otherwise, and from and against any and all judgments, liabilities, losses, damages, costs, charges, counsel fees and other expenses of every nature and character arising out of or in any way relating to BISYS' actions taken or nonactions with respect to the performance of services under this Agreement or based, if applicable, upon reasonable reliance on information, records, instructions or requests given or made to BISYS by the Trust, the investment adviser and on any records provided by any fund accountant or custodian thereof; provided that this indemnification shall not apply to actions or omissions of BISYS in cases of its own bad faith, willful misfeasance, negligence or from reckless disregard by it of its obligations and duties; and further provided that prior to confessing any claim against it which may be the subject of this indemnification, BISYS shall give the Trust written notice of and reasonable opportunity to defend against said claim in its own name or in the name of BISYS.
