Xxxx Protection 22.1With respect to the Parties' rights and obligations under this Framework Agreement, the Parties agree that the Authority is the Data Controller and that the Supplier is the Data Processor.
Hearing Protection Hearing protection devices that reduce noise exposure below 90 dba shall be worn in all posted high noise areas, when performing work that generates noise above 90 dba, or when required by CCI Management.
Data Protection Act 7.1.1 The Supplier shall (and shall procure that its entire Staff) comply with any notification requirements under the DPA and both Parties will duly observe all their obligations under the DPA which arise in connection with the Contract.
Eye Protection Approved eye protection shall be supplied to individual prescription to all employees who normally wear glasses and are required to wear eye protection for an appreciable amount of time in the performance of their duties.
System Protection To prevent compromise of systems which contain DSHS Data or through which that Data passes:
Identity Protection Law Grantee must have and maintain a formal written information security program that provides safeguards to protect Confidential Information from loss, theft, and disclosure to unauthorized persons, as required by the Oregon Consumer Information Protection Act, ORS 646A.600-646A.628. If Grantee or its agents discover or are notified of a potential or actual “Breach of Security”, as defined by ORS 646A.602(1)(a), or a failure to comply with the requirements of ORS 646A.600 – 628, (collectively, “Breach”) with respect to Confidential Information, Grantee must promptly but in any event within one calendar day (i) notify the Agency Grant Manager of such Breach and (ii) if the applicable Confidential Information was in the possession of Grantee or its agents at the time of such Breach, Grantee must (a) investigate and remedy the technical causes and technical effects of the Breach and (b) provide Agency with a written root cause analysis of the Breach and the specific steps Grantee will take to prevent the recurrence of the Breach or to ensure the potential Breach will not recur. For the avoidance of doubt, if Agency determines notice required of any such Breach to any individual(s) or entity(ies), Agency will have sole control over the timing, content, and method of such notice, subject to Grantee’s obligations under applicable law.
