Identification and Disclosure of Privacy and Security Offices Business Associate and Subcontractors shall provide, within ten (10) days of the execution of this agreement, written notice to the Covered Entity’s contract/grant manager the names and contact information of both the HIPAA Privacy Officer and HIPAA Security Officer. This information must be updated any time either of these contacts changes.
Records Audit and Disclosure 5.01 Access to records, books, and documents
5.02 Response/compliance with audit or inspection findings
A. At Performing Agency's sole expense, Performing Agency must take action to ensure its or a Subcontractor’s compliance with a correction of any finding of noncompliance with any law, regulation, audit requirement, or generally accepted accounting principle relating to the Services and Deliverables or any other deficiency contained in any audit, review, or inspection conducted under the Contract. Whether Performing Agency's action corrects the noncompliance shall be solely the decision of the System Agency.
B. As part of the Services, Performing Agency must provide to HHSC upon request a copy of those portions of Performing Agency's and its Subcontractors' internal audit reports relating to the Services and Deliverables provided to the State under the Contract.
Preservation and Disclosure of Lists The Trustee shall preserve, in as current a form as is reasonably practicable, all information as to the names and addresses of the Holders contained in the most recent list furnished to it as provided in Section 5.01 or maintained by the Trustee in its capacity as Note Registrar, if so acting. The Trustee may destroy any list furnished to it as provided in Section 5.01 upon receipt of a new list so furnished.
Use and Disclosure All Confidential Information of a party will be held in confidence by the other party with at least the same degree of care as such party protects its own confidential or proprietary information of like kind and import, but not less than a reasonable degree of care. Neither party will disclose in any manner Confidential Information of the other party in any form to any person or entity without the other party’s prior consent. However, each party may disclose relevant aspects of the other party’s Confidential Information to its officers, affiliates, agents, subcontractors and employees to the extent reasonably necessary to perform its duties and obligations under this Agreement and such disclosure is not prohibited by applicable law. Without limiting the foregoing, each party will implement physical and other security measures and controls designed to protect (a) the security and confidentiality of Confidential Information; (b) against any threats or hazards to the security and integrity of Confidential Information; and (c) against any unauthorized access to or use of Confidential Information. To the extent that a party delegates any duties and responsibilities under this Agreement to an agent or other subcontractor, the party ensures that such agent and subcontractor are contractually bound to confidentiality terms consistent with the terms of this Section 11.
UPDATING AND DISCLOSING FINANCIAL INFORMATION You will provide facts
Use and Disclosure of PHI Business Associate is limited to the following permitted and required uses or disclosures of PHI:
a. Duty to Protect PHI. Business Associate shall protect PHI from, and shall use appropriate safeguards, and comply with Subpart C of 45 CFR Part 164 (Security Standards for the Protection of Electronic Protected Health Information) with respect to EPHI, to prevent the unauthorized Use or disclosure of PHI other than as provided for in this Contract or as required by law, for as long as the PHI is within its possession and control, even after the termination or expiration of this Contract.
Permitted Uses and Disclosures of PHI and the third party notifies the Business Associate of any instances of which it is aware in which the confidentiality of the information has been breached.
Public Statements and Disclosure The initial press release concerning this Agreement and the Merger will be a joint press release reasonably acceptable to the Company and Parent and will be issued promptly following the execution and delivery of this Agreement. Thereafter, unless the Company Special Committee has made a Company Recommendation Change, the Company and its Representatives, on the one hand, and Parent and Merger Sub and their respective Representatives, on the other hand, will consult with the other Parties before (a) participating in any media interviews; (b) engaging in any meetings or calls with analysts, institutional investors or other similar Persons; or (c) providing any statements that are public or are reasonably likely to become public, in each case to the extent relating to this Agreement or the Merger and neither party shall issue any press release or make any public announcement or statement without the consent of the other party, which shall not be unreasonably withheld, conditioned or delayed; provided, that to the extent such release or announcement is required by applicable Law or any listing agreement with or rule of any national securities exchange or association upon which the securities of the Company are listed, the party required to make the release, announcement or statement shall use reasonable best efforts to consult with the other Party about, and allow the other Party reasonable time (taking into account the circumstances) to comment on, such release, announcement or statement in advance of such issuance. Notwithstanding the foregoing, neither Parent nor the Company will be obligated to engage in such consultation with respect to communications that are (i) principally directed to its employees, drivers, suppliers, customers, partners or vendors so long as such communications are consistent with prior communications previously agreed to by Parent and the Company and do not add additional material information not included in such previous communication (in which case such communications may be made consistent with such plan); (ii) related to a Superior Proposal or Company Recommendation Change or, in each case, any action taken pursuant thereto; (iii) with respect to any dispute or Legal Proceeding solely among the Parties or their respective Affiliates related to this Agreement or the Transaction Documents; or (iv) substantively consistent with previous public disclosures made by the Parties in compliance with this Section 6.13 and which do not add additional material information not included in such previous disclosure. Parent will not be obligated to engage in such consultation with respect to communications that are principally directed to its existing or prospective equity holders and investors of Parent or its Affiliates, so long as such communications are consistent with prior communications previously agreed to by Parent and the Company and do not add additional material information not included in such previous communication.
COMPLIANCE WITH BREACH NOTIFICATION AND DATA SECURITY LAWS Contractor shall comply with the provisions of the New York State Information Security Breach and Notification Act (General Business Law § 899-aa and State Technology Law § 208) and commencing March 21, 2020 shall also comply with General Business Law § 899-bb.
Specific Use and Disclosure Provisions (A) Except as otherwise limited in this Section of the Contract, Business Associate may use PHI for the proper management and administration of Business Associate or to carry out the legal responsibilities of Business Associate.
(B) Except as otherwise limited in this Section of the Contract, Business Associate may disclose PHI for the proper management and administration of Business Associate, provided that disclosures are Required by Law, or Business Associate obtains reasonable assurances from the person to whom the information is disclosed that it will remain confidential and used or further disclosed only as Required by Law or for the purpose for which it was disclosed to the person, and the person notifies Business Associate of any instances of which it is aware in which the confidentiality of the information has been breached.
(C) Except as otherwise limited in this Section of the Contract, Business Associate may use PHI to provide data aggregation services to Covered Entity as permitted by 45 C.F.R. § 164.504(e)(2)(i)(B).
