Information Privacy and Security Laws Clause Samples

Information Privacy and Security Laws. (a) The Company has entered into a written agreement as described in 45 C.F.R. § 164.504(e)(2) in each case in which the Company is acting as a business associate as defined in 45 C.F.R. § 160.103 or in which the Company is required by any such written agreement to enter into a subcontract agreement with a third party as described in 45 C.F.R. § 164.504(e)(2)(ii)(D). Neither the Company nor any of its Subsidiaries is under investigation by any Governmental Authority for a violation of any Information Privacy or Security Laws, including receiving any notices from the United States Department of Health and Human Services Office of Civil Rights or Department of Justice relating to any such violations; and neither the Company nor any of its Subsidiaries has acted in a manner that would trigger a notification or reporting requirement under any Contract or Applicable Laws related to the collection, use, disclosure or security of Personal Information. (b) Complete and accurate copies of any written complaints delivered to the Company or any of its Subsidiaries during the past 12 months alleging a violation of any Information Privacy or Security Laws have been made available to Parent. (c) Neither the Company nor any of its Subsidiaries has suffered any unauthorized acquisition, access, use or disclosure of any Personal Information that, individually or in the aggregate, materially compromises the security or privacy of such Personal Information.

Information Privacy and Security Laws. HIPAA and any other laws concerning the privacy and/or security of personal information, including but not limited to the ▇▇▇▇▇-▇▇▇▇▇-▇▇▇▇▇▇ Act, state data breach notification laws, state health information privacy laws, the Federal Trade Commission Act and state consumer protection laws.

Information Privacy and Security Laws. (a) The Premier Parties have, during the last three (3) years, with respect to the B&I GPO Business (i) complied in all material respects with all applicable Information Privacy and Security Laws, regulatory, industry, and self-regulatory guidelines and codes, published interpretations by Governmental Authorities of such Information Privacy and Security Laws, guidelines and codes, and all similar consumer protection or privacy laws relating to the receipt, collection, compilation, use, storage, processing, sharing, safeguarding, security, disposal, destruction, disclosure, or transfer of Personal Data, (ii) maintained and complied in all material respects with the their respective policies regarding privacy and data security, including (A) all privacy policies and similar disclosures published on each website of the Premier Parties or their Affiliates or otherwise communicated in writing to users of any such website and other third parties, (B) any notice to or consent from the provider or subject of Personal Data, (C) any contractual commitment made by the Premier Parties or their Affiliates with respect to such Personal Data, and (D) any privacy policy or other written disclosure or assurance otherwise made available by the Premier Parties or their Affiliates to the persons to whom the Personal Data relates; and (iii) maintained a privacy policy that incorporates all disclosures to data subjects required by the Information Privacy and Security Laws, and each such privacy policy has been provided to data subjects whose Personal Data is processed by Premier Parties or their Affiliates as controller; and none of the disclosures made or contained in any privacy policy has been inaccurate, misleading or deceptive or in violation of the Information Privacy and Security Laws (including containing any material omission). The Premier Parties are and at all times have been in compliance with the Payment Card Industry Data Security Standards. (b) The Premier Parties have, during the last three (3) years, with respect to the B&I GPO Business taken and maintained organizational, physical, administrative and technical measures reasonably required by Information Privacy and Security Laws consistent with standards prudent in the industries in they operate, any existing contractual commitment made by the Premier Parties that is applicable to Personal Data, any written policy adopted by the Premier Parties, including any privacy policy published or otherwise made publicly...

Information Privacy and Security Laws. (a) Each member of the Company Group and each of its Subsidiaries has, and since January 1, 2015 has been, in compliance in all material respects with the Privacy and Security Laws, including having business associate or confidentiality agreements in place with each member of the Company Group’s and each of its Subsidiaries’ “Business Associates” (as defined in HIPAA) that meet the requirements of 45 CFR §§ 164.504(e) and 164.314(a). Each member of the Company Group and each of its Subsidiaries has adopted, maintained and has complied and is in compliance in all material respects with, written policies and procedures, including physical, administrative, and technical safeguards to protect Personal Information from unauthorized use, disclosure or access (“Privacy Policies”). (b) To the extent required by the Privacy and Security Laws, when acting as a “Business Associate” (as defined in HIPAA) of any covered entity (as defined in HIPAA) or business associate, each member of the Company Group and each of its Subsidiaries (i) has in place business associate or confidentiality agreements with any such covered entity or business associate that comply with the requirements of 45 CFR §§ 164.504(e) and 164.314(a), and (ii) is in compliance in all material respects with such agreements (such Contracts or other arrangements referenced in this subsection (b) and subsection (a) collectively referred to as “Privacy Agreements”). (c) Each member of the Company Group and each of its Subsidiaries has the right pursuant to the Privacy Policies and the Privacy Agreements to use and disclose Personal Information for the purposes such information is and has been used and disclosed. Neither the execution, delivery or performance of this Agreement, nor the consummation of any of the transactions contemplated by this Agreement, including any direct or indirect transfer of Personal Information resulting from such transactions, will violate the Privacy Policies or any Privacy Agreements as such currently exist. (d) Since January 1, 2015, there have been no non-permitted uses or disclosures, security incidents or breaches involving any Personal Information owned, used, stored, received, or controlled by or on behalf of any member of the Company Group or any of its Subsidiaries, including any unauthorized access, use or disclosure of Personal Information for which notification to individuals or Governmental Authorities is required under any applicable Privacy and Security Laws or Pr...