Information Safeguards Business Associate will develop, document, implement, maintain and use appropriate administrative, technical and physical safeguards to preserve the integrity and confidentiality of and to prevent non-permitted use or disclosure of PHI created for or received from Recipient or its Subsidiaries. These safeguards must be appropriate to the size and complexity of Business Associate’s operations and the nature and scope of its activities. Business Associate agrees that these safeguards will meet any applicable requirements set forth by the U.S. Department of Health and Human Services, including (as of the effective date or as of the compliance date, whichever is applicable) any requirements set forth in the final HIPAA security regulations. Business Associate agrees to mitigate, to the extent practicable, any harmful effect that is known to Business Associate resulting from a use or disclosure of PHI by Business Associate in violation of the requirements of this Addendum.
Provisions for Covered Entity to Inform Business Associate of Privacy Practices and Restrictions (a) Covered Entity shall notify Business Associate of any limitation(s) in the notice of privacy practices of Covered Entity under 45 CFR 164.520, to the extent that such limitation may affect Business Associate’s use or disclosure of protected health information.
Confidentiality and Safeguarding of University Records; Press Releases; Public Information Under this Agreement, Contractor may (1) create, (2) receive from or on behalf of University, or (3) have access to, records or record systems (collectively, University Records). Among other things, University Records may contain social security numbers, credit card numbers, or data protected or made confidential or sensitive by Applicable Laws. [Option (Include if University Records are subject to FERPA.): Additional mandatory confidentiality and security compliance requirements with respect to University Records subject to the Family Educational Rights and Privacy Act, 20 United States Code (USC) §1232g (FERPA) are addressed in Section 12.41.] [Option (Include if University is a HIPAA Covered Entity and University Records are subject to HIPAA.): Additional mandatory confidentiality and security compliance requirements with respect to University Records subject to the Health Insurance Portability and Accountability Act and 45 Code of Federal Regulations (CFR) Part 160 and subparts A and E of Part 164 (collectively, HIPAA) are addressed in Section 12.26.] Contractor represents, warrants, and agrees that it will: (1) hold University Records in strict confidence and will not use or disclose University Records except as (a) permitted or required by this Agreement, (b) required by Applicable Laws, or (c) otherwise authorized by University in writing; (2) safeguard University Records according to reasonable administrative, physical and technical standards (such as standards established by the National Institute of Standards and Technology and the Center for Internet Security [Option (Include if Section 12.39 related to Payment Card Industry Data Security Standards is not include in this Agreement.):, as well as the Payment Card Industry Data Security Standards]) that are no less rigorous than the standards by which Contractor protects its own confidential information; (3) continually monitor its operations and take any action necessary to assure that University Records are safeguarded and the confidentiality of University Records is maintained in accordance with all Applicable Laws and the terms of this Agreement; and (4) comply with University Rules regarding access to and use of University’s computer systems, including UTS165 at xxxx://xxx.xxxxxxxx.xxx/board-of-regents/policy-library/policies/uts165-information-resources-use-and-security-policy. At the request of University, Contractor agrees to provide University with a written summary of the procedures Contractor uses to safeguard and maintain the confidentiality of University Records.
Confidentiality and Safeguarding Information 1. Each Party may have access to confidential information made available by the other. The provisions of the Florida Public Records Act, Chapter 119, F.S., and other applicable state and federal laws will govern disclosure of any confidential information received by the State of Florida.
COMPLIANCE WITH NEW YORK STATE INFORMATION SECURITY BREACH AND NOTIFICATION ACT Contractor shall comply with the provisions of the New York State Information Security Breach and Notification Act (General Business Law Section 899-aa; State Technology Law Section 208).
Human and Financial Resources to Implement Safeguards Requirements 6. The Borrower shall make available necessary budgetary and human resources to fully implement the EMP and the RP.
Electronic and Information Resources Accessibility and Security Standards a. Applicability: The following Electronic and Information Resources (“EIR”) requirements apply to the Contract because the Grantee performs services that include EIR that the System Agency's employees are required or permitted to access or members of the public are required or permitted to access. This Section does not apply to incidental uses of EIR in the performance of the Agreement, unless the Parties agree that the EIR will become property of the State of Texas or will be used by HHSC’s clients or recipients after completion of the Agreement. Nothing in this section is intended to prescribe the use of particular designs or technologies or to prevent the use of alternative technologies, provided they result in substantially equivalent or greater access to and use of a Product.
DATA PROTECTION AND FREEDOM OF INFORMATION 7.1. Each party will:-
CONFIDENTIALITY/SAFEGUARDING OF INFORMATION The CONTRACTOR shall not use or disclose any information concerning the AGENCY, or information that may be classified as confidential, for any purpose not directly connected with the administration of this contract, except with prior written consent of the AGENCY, or as may be required by law.
Information Technology Accessibility Standards Any information technology related products or services purchased, used or maintained through this Grant must be compatible with the principles and goals contained in the Electronic and Information Technology Accessibility Standards adopted by the Architectural and Transportation Barriers Compliance Board under Section 508 of the federal Rehabilitation Act of 1973 (29 U.S.C. §794d), as amended. The federal Electronic and Information Technology Accessibility Standards can be found at: xxxx://xxx.xxxxxx-xxxxx.xxx/508.htm.
