No Unauthorized Use Provider shall not use Student Data or information in a Pupil Record for any purpose other than as explicitly specified in this DPA.
Notification of Xxxxxx and Unauthorized Release (a) Vendor will promptly notify the District of any breach or unauthorized release of Protected Data it has received from the District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or unauthorized release.
(b) Vendor will provide such notification to the District by contacting Xxxxxx Xxx, Data Protection Officer, directly by email at xxxxxx.xxx@xxxxx.xxx or by calling 000-000-0000.
(c) Vendor will cooperate with the District and provide as much information as possible directly to Xxxxxx Xxx, Data Protection Officer or his/her designee about the incident, including but not limited to: a description of the incident, the date of the incident, the date Vendor discovered or was informed of the incident, a description of the types of Protected Data involved, an estimate of the number of records affected, the schools within the District affected, what the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data, and contact information for Vendor representatives who can assist affected individuals that may have additional questions.
(d) Vendor acknowledges that upon initial notification from Vendor, the District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by the District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by the District, Vendor will promptly inform Xxxxxx Xxx, Data Protection Officer or his/her designee.
No Unauthorized Use or Disclosure Executive agrees that he will not, at any time during or after Executive’s employment by Company, make any unauthorized disclosure of, and will prevent the removal from Company premises of, Confidential Information or Work Product of Company (or its affiliates), or make any use thereof, except in the carrying out of Executive’s responsibilities during the course of Executive’s employment with Company. Executive shall use commercially reasonable efforts to cause all persons or entities to whom any Confidential Information shall be disclosed by him hereunder to observe the terms and conditions set forth herein as though each such person or entity was bound hereby. Executive shall have no obligation hereunder to keep confidential any Confidential Information if and to the extent disclosure thereof is specifically required by law; provided, however, that in the event disclosure is required by applicable law, Executive shall provide Company with prompt notice of such requirement prior to making any such disclosure, so that Company may seek an appropriate protective order. At the request of Company at any time, Executive agrees to deliver to Company all Confidential Information that he may possess or control. Executive agrees that all Confidential Information of Company (whether now or hereafter existing) conceived, discovered or made by him during the period of Executive’s employment by Company exclusively belongs to Company (and not to Executive), and Executive will promptly disclose such Confidential Information to Company and perform all actions reasonably requested by Company to establish and confirm such exclusive ownership. Affiliates of Company shall be third party beneficiaries of Executive’s obligations under this Article 6. As a result of Executive’s employment by Company, Executive may also from time to time have access to, or knowledge of, Confidential Information or Work Product of third parties, such as customers, suppliers, partners, joint venturers, and the like, of Company and its affiliates. Executive also agrees to preserve and protect the confidentiality of such third party Confidential Information and Work Product to the same extent, and on the same basis, as Company’s Confidential Information and Work Product.
Security; Reliance; Unauthorized Use The Fund will cause all persons utilizing the Software and System to treat all applicable user and authorization codes, passwords and authentication keys with extreme care, and it will establish internal control and safekeeping procedures to restrict the availability of the same to persons duly authorized to give Instructions. Custodian is hereby irrevocably authorized to act in accordance with and rely on Instructions received by it through the System. The Fund acknowledges that it is its sole responsibility to assure that only persons duly authorized use the System and that Custodian shall not be responsible nor liable for any unauthorized use thereof.
Contact in Event of Unauthorized Transfer If you believe your Card and/or access code has been lost or stolen or that someone has transferred or may transfer money from your account without your permission, either call us immediately at:
Data Security and Unauthorized Data Release The Requester and Approved Users, including the Requester’s IT Director, acknowledge NIH’s expectation that they have reviewed and agree to manage the requested controlled-access dataset(s) and any Data Derivatives of controlled-access datasets according to NIH’s expectations set forth in the current NIH Security Best Practices for Controlled-Access Data Subject to the GDS Policy and the Requester’s IT security requirements and policies. The Requester, including the Requester’s IT Director, agree that the Requester’s IT security requirements and policies are sufficient to protect the confidentiality and integrity of the NIH controlled-access data entrusted to the Requester. If approved by NIH to use cloud computing for the proposed research project, as outlined in the Research and Cloud Computing Use Statements of the Data Access Request, the Requester acknowledges that the IT Director has reviewed and understands the cloud computing guidelines in the NIH Security Best Practices for Controlled-Access Data Subject to the NIH GDS Policy. The Requester and PI agree to notify the appropriate DAC(s) of any unauthorized data sharing, breaches of data security, or inadvertent data releases that may compromise data confidentiality within 24 hours of when the incident is identified. As permitted by law, notifications should include any known information regarding the incident and a general description of the activities or process in place to define and remediate the situation fully. Within 3 business days of the DAC notification, the Requester agrees to submit to the DAC(s) a detailed written report including the date and nature of the event, actions taken or to be taken to remediate the issue(s), and plans or processes developed to prevent further problems, including specific information on timelines anticipated for action. The Requester agrees to provide documentation verifying that the remediation plans have been implemented. Repeated violations or unresponsiveness to NIH requests may result in further compliance measures affecting the Requester. NIH, or another entity designated by NIH may, as permitted by law, also investigate any data security incident or policy violation. Approved Users and their associates agree to support such investigations and provide information, within the limits of applicable local, state, tribal, and federal laws and regulations. In addition, Requester and Approved Users agree to work with the NIH to assure that plans and procedures that are developed to address identified problems are mutually acceptable and consistent with applicable law.
Unauthorized Access Using service to access, or to attempt to access without authority, the accounts of others, or to penetrate, or attempt to penetrate, security measures of Company’s or a third party’s computer software or hardware, electronic communications system, or telecommunications system, whether or not the intrusion results in disruption of service or the corruption or loss of data.
Liability for Unauthorized Use If any Card is lost or stolen or otherwise may be used without your permission (express or implied), you must immediately notify us orally or in writing at the following phone number or address: 0-000-000-0000 or at TIB, National Association, P.O Box 569120, Dallas, Texas 75356-9120. If unauthorized use of a Card occurs before you notify us of the loss, theft or unauthorized use, you may be liable up to a maximum amount of $50. If unauthorized use of a Credit Device occurs, you may be liable for all of the unauthorized use.
Notification of Government Investigation or Legal Proceeding Provider shall notify OIG, in writing, of any ongoing investigation or legal proceeding by a governmental entity or its agents involving an allegation that Provider has committed a crime or has engaged in fraudulent activities, within 30 days of Provider receiving notice of such investigation or legal proceeding. This notification shall include a description of the allegation(s), the identity of the investigating or prosecuting agency, and the status of such investigation or legal proceeding. Within 30 days after resolution of the matter, Provider shall notify OIG, in writing, of the resolution of the investigation or legal proceeding.
Liability for Failure to Stop Payment of Preauthorized Transfers If you order us to stop payment of a preauthorized transfer three (3) business days or more before the transfer is scheduled and we do not do so, we will be liable for your losses or damages.
