Storage of Data The Company agrees to store and process the School District Data in a manner that is no less protective than those methods used to secure the Company’s own data. The Company agrees that School District Data will be stored on equipment or systems located within the United States.
Rights of Data Subjects 5.1 You control access to Your Services environment that holds Personal Information about Your end users, and Your end users should direct any requests related to their rights under Applicable Data Protection Law to You.
5.2 To the extent such access is not available to You, Oracle will provide assistance with requests from individuals to access, delete or erase, restrict, rectify, receive and transmit, block access to or object to processing related to Personal Information held in Your Services environment on Oracle systems, insofar as reasonably and technically possible.
5.3 If Oracle directly receives any requests or inquiries from Your end users that have identified You as the Controller, it will promptly pass on such requests to You without responding to the end user.
Loss of Data In the event of loss of any State data or records where such loss is due to the intentional act, omission, or negligence of the Contractor or any of its subcontractors or agents, the Contractor shall be responsible for recreating such lost data in the manner and on the schedule set by the Contract Manager. The Contractor shall ensure that all data is backed up and is recoverable by the Contractor.
Accuracy of Data The Contractor shall ensure that the data received from Providers is accurate and complete by:
Use of Data (a) In connection with the provision of the services and the discharge of its other obligations under this Agreement, State Street (which term for purposes of this Section XXIX includes each of its parent company, branches and affiliates (''Affiliates")) may collect and store information regarding a Trust and share such information with its Affiliates, agents and service providers in order and to the extent reasonably necessary (i) to carry out the provision of services contemplated under this Agreement and other agreements between the Trusts and State Street or any of its Affiliates and (ii) to carry out management of its businesses, including, but not limited to, financial and operational management and reporting, risk management, legal and regulatory compliance and client service management.
Source of Data A description of (1) the process used to identify claims in the Population, and (2) the specific documentation relied upon by the IRO when performing the Quarterly Claims Review (e.g., medical records, physician orders, certificates of medical necessity, requisition forms, local medical review policies (including title and policy number), CMS program memoranda (including title and issuance number), Medicare contractor manual or bulletins (including issue and date), other policies, regulations, or directives).
Protection of Data The Contractor agrees to store Data on one or more of the following media and protect the Data as described:
a. Hard disk drives. For Data stored on local workstation hard disks, access to the Data will be restricted to Authorized User(s) by requiring logon to the local workstation using a Unique User ID and Hardened Password or other authentication mechanisms which provide equal or greater security, such as biometrics or smart cards.
b. Network server disks. For Data stored on hard disks mounted on network servers and made available through shared folders, access to the Data will be restricted to Authorized Users through the use of access control lists which will grant access only after the Authorized User has authenticated to the network using a Unique User ID and Hardened Password or other authentication mechanisms which provide equal or greater security, such as biometrics or smart cards. Data on disks mounted to such servers must be located in an area which is accessible only to authorized personnel, with access controlled through use of a key, card key, combination lock, or comparable mechanism. For DSHS Confidential Information stored on these disks, deleting unneeded Data is sufficient as long as the disks remain in a Secure Area and otherwise meet the requirements listed in the above paragraph. Destruction of the Data, as outlined below in Section 8 Data Disposition, may be deferred until the disks are retired, replaced, or otherwise taken out of the Secure Area.
c. Optical discs (CDs or DVDs) in local workstation optical disc drives. Data provided by DSHS on optical discs which will be used in local workstation optical disc drives and which will not be transported out of a Secure Area. When not in use for the contracted purpose, such discs must be Stored in a Secure Area. Workstations which access DSHS Data on optical discs must be located in an area which is accessible only to authorized personnel, with access controlled through use of a key, card key, combination lock, or comparable mechanism.
d. Optical discs (CDs or DVDs) in drives or jukeboxes attached to servers. Data provided by DSHS on optical discs which will be attached to network servers and which will not be transported out of a Secure Area. Access to Data on these discs will be restricted to Authorized Users through the use of access control lists which will grant access only after the Authorized User has authenticated to the network using a Unique User ID and Hardened Password or other authentication mechanisms which provide equal or greater security, such as biometrics or smart cards. Data on discs attached to such servers must be located in an area which is accessible only to authorized personnel, with access controlled through use of a key, card key, combination lock, or comparable mechanism.
Ownership of Data All Data transmitted to the Operator pursuant to the Service Agreement is and will continue to be the property of and under the control of the LEA. The Operator further acknowledges and agrees that all copies of such Data transmitted to the Operator, including any modifications or additions or any portion thereof from any source, are subject to the provisions of this DPA in the same manner as the original Data. The Parties agree that as between them, all rights, including all intellectual property rights in and to Data contemplated per the Service Agreement shall remain the exclusive property of the LEA.
Disposition of Data Upon written request from the LEA, Provider shall dispose of or provide a mechanism for the LEA to transfer Student Data obtained under the Service Agreement, within sixty (60) days of the date of said request and according to a schedule and procedure as the Parties may reasonably agree. Upon termination of this DPA, if no written request from the LEA is received, Provider shall dispose of all Student Data after providing the LEA with reasonable prior notice. The duty to dispose of Student Data shall not extend to Student Data that had been De-Identified or placed in a separate student account pursuant to section II 3. The LEA may employ a “Directive for Disposition of Data” form, a copy of which is attached hereto as Exhibit “D”. If the LEA and Provider employ Exhibit “D,” no further written request or notice is required on the part of either party prior to the disposition of Student Data described in Exhibit “D.
Background Data The Disclosing Party's Background Data, if any, will be identified in a separate technical document.
