Common use of OBLIGATIONS OF TPR Clause in Contracts

OBLIGATIONS OF TPR. TPR shall ensure the confidentiality of Student Data through the following methods: 1. TPR’s data custodian(s) shall provide proof of completion of commercially-reasonable training in the handling and maintenance of Student Data if requested by District. 2. TPR shall strictly comply with all state and federal laws that apply to the use and release of the Student Data. TPR uses, collects and discloses personal information of children under the age of 13 in accordance with its Privacy Policy, located at xxxxx://xxx.xxxxx.xxx/policies/privacy.aspx, as may be further restricted by this DSA. District xxxxxx acknowledges receipt of the foregoing disclosure, and consents on behalf of parents of eligible Students to such use, collection and disclosure by executing this DSA. 3. TPR shall comply with the re-disclosure limitations set forth in FERPA, including 34 C.F.R. § Part 99.33. 4. TPR shall restrict access to the data, and will not disclose the data to any individual, agency, entity or third party except as necessary to provide services under the Contract. TPR shall make all employees, contractors or agents who have access to the data aware of, and agree to abide by, the terms set forth in this DSA. 5. TPR shall not release or otherwise reveal, directly or indirectly, the Student Data to any individual, agency, entity, or third party, unless such disclosure is required by law or court order. a. In the event TPR is required by law to disclose or otherwise release Student Data, TPR shall, prior to disclosure, notify the District. 6. TPR shall not distribute, reprint, alter, sell, assign, edit, modify or create derivative works or any ancillary materials from or with the Student Data without the express written consent of the District, and if necessary, based upon FERPA and its regulations, Students and/or their parents. 7. TPR shall not use Student Data shared under this DSA for any purpose other than the goals outlined in this DSA. Nothing in the DSA shall be construed to authorize TPR to have access to additional Student Data that is not included in the scope of the DSA (or addenda). TPR understands that the DSA does not convey ownership of the Student Data to TPR. 8. TPR shall take commercially-reasonable security precautions and protections to ensure that persons not authorized to view the Student Data do not gain access to the Student Data. Commercially-reasonable security precautions and protections include, but are not limited to: a. Creating, distributing, and implementing data governance policies and procedures which protect Student Data through appropriate administrative, technical, and physical security safeguards, and outline staff responsibilities for maintaining data security; b. Encrypting all Student Data carried on mobile computers/devices; c. Encrypting all Student Data stored in TPR’s databases or other storage and access media; d. Encrypting Student Data before it is transmitted electronically; e. Requiring that users be uniquely identified and authenticated before accessing Student Data;

OBLIGATIONS OF TPR. TPR shall ensure the confidentiality of Student Data through the following methods: 1. TPR’s data custodian(s) shall provide proof of completion of commercially-reasonable training in the handling and maintenance of Student Data if requested by District. 2. TPR shall strictly comply with all state and federal laws that apply to the use and release of the Student Data. TPR uses, collects and discloses personal information of children under the age of 13 in accordance with its Privacy Policy, located at xxxxx://xxx.xxxxx.xxx/policies/privacy.aspx, as may be further restricted by this DSA. District Page 1 of 4 Document Ref: PBCSN-4M4NG-DYFYD-XKENE Page 1 of 4 xxxxxx acknowledges receipt of the foregoing disclosure, and consents on behalf of parents of eligible Students to such use, collection and disclosure by executing this DSA. 3. TPR shall comply with the re-disclosure limitations set forth in FERPA, including 34 C.F.R. § Part 99.33. 4. TPR shall restrict access to the data, and will not disclose the data to any individual, agency, entity or third party except as necessary to provide services under the Contract. TPR shall make all employees, contractors or agents who have access to the data aware of, and agree to abide by, the terms set forth in this DSA. 5. TPR shall not release or otherwise reveal, directly or indirectly, the Student Data to any individual, agency, entity, or third party, unless such disclosure is required by law or court order. a. In the event TPR is required by law to disclose or otherwise release Student Data, TPR shall, prior to disclosure, notify the District. 6. TPR shall not distribute, reprint, alter, sell, assign, edit, modify or create derivative works or any ancillary materials from or with the Student Data without the express written consent of the District, and if necessary, based upon FERPA and its regulations, Students and/or their parents. 7. TPR shall not use Student Data shared under this DSA for any purpose other than the goals outlined in this DSA. Nothing in the DSA shall be construed to authorize TPR to have access to additional Student Data that is not included in the scope of the DSA (or addenda). TPR understands that the DSA does not convey ownership of the Student Data to TPR. 8. TPR shall take commercially-reasonable security precautions and protections to ensure that persons not authorized to view the Student Data do not gain access to the Student Data. Commercially-reasonable security precautions and protections include, but are not limited to: a. Creating, distributing, and implementing data governance policies and procedures which protect Student Data through appropriate administrative, technical, and physical security safeguards, and outline staff responsibilities for maintaining data security; b. Encrypting all Student Data carried on mobile computers/devices; c. Encrypting all Student Data stored in TPR’s databases or other storage and access media; d. Encrypting Student Data before it is transmitted electronically; e. Requiring that users be uniquely identified and authenticated before accessing Student Data;