Common use of Personal Data and Data Protection Clause in Contracts

Personal Data and Data Protection. 11.1 The expectation is that Personal data may be processed in relation to (i) the administration and performance of this Agreement (other than the Project) and the SBRI Healthcare Programme; and (ii) the performance of the Project. Unless agreed otherwise in writing between NHS England, the Hospital and the Company: 11.1.1 The Company will be the controller in respect of Personal data processed in the performance of the Project; 11.1.2 NHS England will be the controller in respect of Personal Data processed in the administration and performance of this Agreement (other than the Project) and the SBRI Healthcare programme; 11.1.3 The Agent acts as processor on behalf of NHS England: And each Party is responsible for complying with the relevant provisions of the Data Protection Legislation and for consulting and co-operating with the other Parties in order to ensure a transparent and consistent approach. 11.2 Personal Data shall be treated as confidential at all times and the Company shall comply with the provisions of the Data Protection Legislation. 11.3 The Hospital shall promptly supply copies of any guidance which may be required by the Company in the performance of the Project, including but not limited to the following documents: 11.3.1 the Medical Research Council's “Personal Information in Medical Research”, as amended from time to time; and 11.3.2 the “NHS Confidentiality Code of Practice”, guidelines on the use and protection of patient information, as amended from time to time. 11.4 The Company shall ensure compliance with any guidance documents provided to it pursuant to clause 11.2 above, and with any other guidance or regulations in relation to Personal Data as the Hospital or the Agent may advise from time to time. 11.5 The Company shall at all times be responsible for ensuring that all Personal Data (including Data in any electronic format) is stored securely. The Company shall take appropriate measures to ensure the security of all Personal Data and guard against unauthorised access, disclosure, loss or destruction of all Personal Data while in its custody. 11.6 Personal Data shall not be made available to anyone other than those employed directly on the Project by the Company, to the extent that they need access to such information for the performance of their duties. 11.7 The Company shall fully indemnify and hold harmless the Hospital and/or the Agent, their employees and agents against all liabilities, losses, costs, charges and expenses incurred as a result of any claims, demands, actions and proceedings made or brought against the Hospital and/or the Agent by any person in respect of any loss or distress to that person by the loss, unauthorised disclosure of Personal Data or medical records by the Company, or any sub-contractor, servant or agent of the Company or any person within the control of the Company. 11.8 The Company shall, at its own expense, conduct any litigation arising from any claims relating to its use of Personal Data brought by any person in respect of any loss or distress to that person by the loss, unauthorised disclosure of Personal Data or medical records by the Company. 11.9 No Personal Data shall be included in any publications made by the Company without the prior agreement in writing of the individual concerned. No mention shall be made of individual officers of the Hospital, nor shall information be included which might lead to their identification, without the prior agreement in writing of the Hospital. 11.10 The Company shall ensure that all Personal Data is pseudonymised as and when it is obtained and that the key to personal identities of all persons to whom the Personal Data relates is kept in a separate and secure place. The Company shall not supply the Agent or the Hospital with copies Personal Data obtained in connection with the Project other than in an anonymised form.

Appears in 4 contracts

Samples: Sbri Phase 1 Development Agreement, Sbri Phase 2 Development Agreement, Sbri Phase 2 Development Agreement

AutoNDA by SimpleDocs

Personal Data and Data Protection. 11.1 The expectation is that Personal data may be processed in relation to (i) the administration and performance of this Agreement (other than the Project) and the SBRI Healthcare healthcare Programme; and (ii) the performance of the Projectproject. Unless agreed otherwise in writing between NHS England, the Hospital and the Company: 11.1.1 The Company will be the controller in respect of Personal data processed in the performance of the Project; 11.1.2 NHS England will be the controller in respect of Personal Data processed in the administration and performance of this Agreement ()other than the Projectproject) and the SBRI Healthcare programme; 11.1.3 The Agent acts as processor on behalf of NHS England: And each Party is responsible for complying with the relevant provisions of the Data Protection Legislation and for consulting and co-operating with the other Parties in order to ensure a transparent and consistent approach. 11.2 Personal Data shall be treated as confidential at all times and the Company shall comply with the provisions of the Data Protection Legislation. 11.3 The Hospital shall promptly supply copies of any guidance which may be required by the Company in the performance of the Project, including but not limited to the following documents: 11.3.1 the Medical Research Council's “Personal Information in Medical Research”, as amended from time to time; and 11.3.2 the “NHS Confidentiality Code of Practice”, guidelines on the use and protection of patient information, as amended from time to time. 11.4 The Company shall ensure compliance with any guidance documents provided to it pursuant to clause 11.2 above, and with any other guidance or regulations in relation to Personal Data as the Hospital or the Agent may advise from time to time. 11.5 The Company shall at all times be responsible for ensuring that all Personal Data (including Data in any electronic format) is stored securely. The Company shall take appropriate measures to ensure the security of all Personal Data and guard against unauthorised access, disclosure, loss or destruction of all Personal Data while in its custody. 11.6 Personal Data shall not be made available to anyone other than those employed directly on the Project by the Company, to the extent that they need access to such information for the performance of their duties. 11.7 The Company shall fully indemnify and hold harmless the Hospital and/or the Agent, their employees and agents against all liabilities, losses, costs, charges and expenses incurred as a result of any claims, demands, actions and proceedings made or brought against the Hospital and/or the Agent by any person in respect of any loss or distress to that person by the loss, unauthorised disclosure of Personal Data or medical records by the Company, or any sub-contractor, servant or agent of the Company or any person within the control of the Company. 11.8 The Company shall, at its own expense, conduct any litigation arising from any claims relating to its use of Personal Data brought by any person in respect of any loss or distress to that person by the loss, unauthorised disclosure of Personal Data or medical records by the Company. 11.9 No Personal Data shall be included in any publications made by the Company without the prior agreement in writing of the individual concerned. No mention shall be made of individual officers of the Hospital, nor shall information be included which might lead to their identification, without the prior agreement in writing of the Hospital. 11.10 The Company shall ensure that all Personal Data is pseudonymised as and when it is obtained and that the key to personal identities of all persons to whom the Personal Data relates is kept in a separate and secure place. The Company shall not supply the Agent or the Hospital with copies of Personal Data obtained in connection with the Project other than in an anonymised form.

Appears in 3 contracts

Samples: Sbri Healthcare Phase 1 Development Agreement, Sbri Healthcare Phase 1 Development Agreement, Sbri Healthcare Phase 1 Development Agreement

Personal Data and Data Protection. 11.1 The expectation is that Personal data may will be processed in relation to (i) the administration and performance of this Agreement (other than the Project) and the SBRI Healthcare healthcare Programme; and (ii) the performance of the Projectproject. Unless agreed otherwise in writing between NHS EnglandEngland and NHS Improvement, the Hospital and the Company: 11.1.1 The Company will be the controller in respect of Personal data processed in the performance of the Project; 11.1.2 NHS England and NHS Improvement will be the controller in respect of Personal Data processed in the administration and performance of this Agreement ()other than the Projectproject) and the SBRI Healthcare programme; 11.1.3 The Agent acts as processor on behalf of NHS EnglandEngland and NHS Improvement: And each Party is responsible for complying with the relevant provisions of the Data Protection Legislation and for consulting and co-operating with the other Parties in order to ensure a transparent and consistent approach. 11.2 Personal Data shall be treated as confidential at all times and the Company shall comply with the provisions of the Data Protection Legislation. 11.3 The Hospital shall promptly supply copies of any guidance which may be required by the Company in the performance of the Project, including but not limited to the following documents: 11.3.1 the Medical Research Council's “Personal Information in Medical Research”, as amended from time to time; and 11.3.2 the “NHS Confidentiality Code of Practice”, guidelines on the use and protection of patient information, as amended from time to time. 11.4 The Company shall ensure compliance with any guidance documents provided to it pursuant to clause 11.2 above, and with any other guidance or regulations in relation to Personal Data as the Hospital or the Agent may advise from time to time. 11.5 The Company shall at all times be responsible for ensuring that all Personal Data (including Data in any electronic format) is stored securely. The Company shall take appropriate measures to ensure the security of all Personal Data and guard against unauthorised access, disclosure, loss or destruction of all Personal Data while in its custody. 11.6 Personal Data shall not be made available to anyone other than those employed directly on the Project by the Company, to the extent that they need access to such information for the performance of their duties. 11.7 The Company shall fully indemnify and hold harmless the Hospital and/or the AgentAgents, their employees and agents against all liabilities, losses, costs, charges and expenses incurred as a result of any claims, demands, actions and proceedings made or brought against the Hospital and/or the Agent Agents by any person in respect of any loss or distress to that person by the loss, unauthorised disclosure of Personal Data or medical records by the Company, or any sub-contractor, servant or agent of the Company or any person within the control of the Company. 11.8 The Company shall, at its own expense, conduct any litigation arising from any claims relating to its use of Personal Data brought by any person in respect of any loss or distress to that person by the loss, unauthorised disclosure of Personal Data or medical records by the Company. 11.9 No Personal Data shall be included in any publications made by the Company without the prior agreement in writing of the individual concerned. No mention shall be made of individual officers of the Hospital, nor shall information be included which might lead to their identification, without the prior agreement in writing of the Hospital. 11.10 The Company shall ensure that all Personal Data is pseudonymised as and when it is obtained and that the key to personal identities of all persons to whom the Personal Data relates is kept in a separate and secure place. The Company shall not supply the Agent Agents or the Hospital with copies of Personal Data obtained in connection with the Project other than in an anonymised form.

Appears in 3 contracts

Samples: Development Agreement, Development Agreement, Development Agreement

Personal Data and Data Protection. 11.1 The expectation is that Personal data may be processed in relation to (i) the administration and performance of this Agreement (other than the Project) and the SBRI Healthcare healthcare Programme; and (ii) the performance of the Projectproject. Unless agreed otherwise in writing between NHS EnglandEngland and NHS Improvement, the Hospital and the Company: 11.1.1 The Company will be the controller in respect of Personal data processed in the performance of the Project; 11.1.2 NHS England and NHS Improvement will be the controller in respect of Personal Data processed in the administration and performance of this Agreement ()other than the Projectproject) and the SBRI Healthcare programme; 11.1.3 The Agent acts as processor on behalf of NHS EnglandEngland and NHS Improvement: And each Party is responsible for complying with the relevant provisions of the Data Protection Legislation and for consulting and co-operating with the other Parties in order to ensure a transparent and consistent approach. 11.2 Personal Data shall be treated as confidential at all times and the Company shall comply with the provisions of the Data Protection Legislation. 11.3 The Hospital shall promptly supply copies of any guidance which may be required by the Company in the performance of the Project, including but not limited to the following documents: 11.3.1 the Medical Research Council's “Personal Information in Medical Research”, as amended from time to time; and 11.3.2 the “NHS Confidentiality Code of Practice”, guidelines on the use and protection of patient information, as amended from time to time. 11.4 The Company shall ensure compliance with any guidance documents provided to it pursuant to clause 11.2 above, and with any other guidance or regulations in relation to Personal Data as the Hospital or the Agent may advise from time to time. 11.5 The Company shall at all times be responsible for ensuring that all Personal Data (including Data in any electronic format) is stored securely. The Company shall take appropriate measures to ensure the security of all Personal Data and guard against unauthorised access, disclosure, loss or destruction of all Personal Data while in its custody. 11.6 Personal Data shall not be made available to anyone other than those employed directly on the Project by the Company, to the extent that they need access to such information for the performance of their duties. 11.7 The Company shall fully indemnify and hold harmless the Hospital and/or the AgentAgents, their employees and agents against all liabilities, losses, costs, charges and expenses incurred as a result of any claims, demands, actions and proceedings made or brought against the Hospital and/or the Agent Agents by any person in respect of any loss or distress to that person by the loss, unauthorised disclosure of Personal Data or medical records by the Company, or any sub-contractor, servant or agent of the Company or any person within the control of the Company. 11.8 The Company shall, at its own expense, conduct any litigation arising from any claims relating to its use of Personal Data brought by any person in respect of any loss or distress to that person by the loss, unauthorised disclosure of Personal Data or medical records by the Company. 11.9 No Personal Data shall be included in any publications made by the Company without the prior agreement in writing of the individual concerned. No mention shall be made of individual officers of the Hospital, nor shall information be included which might lead to their identification, without the prior agreement in writing of the Hospital. 11.10 The Company shall ensure that all Personal Data is pseudonymised as and when it is obtained and that the key to personal identities of all persons to whom the Personal Data relates is kept in a separate and secure place. The Company shall not supply the Agent Agents or the Hospital with copies of Personal Data obtained in connection with the Project other than in an anonymised form.

Appears in 2 contracts

Samples: Sbri Healthcare Phase 1 Development Agreement, Sbri Healthcare Phase 1 Development Agreement

Personal Data and Data Protection. 11.1 The expectation is that Personal data may be processed in relation to (i) the administration and performance of this Agreement (other than the Project) and the SBRI Healthcare Programme; and (ii) the performance of the Project. Unless agreed otherwise in writing between NHS EnglandEngland and NHS Improvement, the Hospital and the Company: 11.1.1 The Company will be the controller in respect of Personal data processed in the performance of the Project; 11.1.2 NHS England and NHS Improvement will be the controller in respect of Personal Data processed in the administration and performance of this Agreement (other than the Project) and the SBRI Healthcare programme; 11.1.3 The Agent acts as processor on behalf of NHS EnglandEngland and NHS Improvement: And each Party is responsible for complying with the relevant provisions of the Data Protection Legislation and for consulting and co-operating with the other Parties in order to ensure a transparent and consistent approach. 11.2 Personal Data shall be treated as confidential at all times and the Company shall comply with the provisions of the Data Protection Legislation. 11.3 The Hospital shall promptly supply copies of any guidance which may be required by the Company in the performance of the Project, including but not limited to the following documents: 11.3.1 the Medical Research Council's “Personal Information in Medical Research”, as amended from time to time; and 11.3.2 the “NHS Confidentiality Code of Practice”, guidelines on the use and protection of patient information, as amended from time to time. 11.4 The Company shall ensure compliance with any guidance documents provided to it pursuant to clause 11.2 above, and with any other guidance or regulations in relation to Personal Data as the Hospital or the Agent may advise from time to time. 11.5 The Company shall at all times be responsible for ensuring that all Personal Data (including Data in any electronic format) is stored securely. The Company shall take appropriate measures to ensure the security of all Personal Data and guard against unauthorised access, disclosure, loss or destruction of all Personal Data while in its custody. 11.6 Personal Data shall not be made available to anyone other than those employed directly on the Project by the Company, to the extent that they need access to such information for the performance of their duties. 11.7 The Company shall fully indemnify and hold harmless the Hospital and/or the Agent, their employees and agents against all liabilities, losses, costs, charges and expenses incurred as a result of any claims, demands, actions and proceedings made or brought against the Hospital and/or the Agent by any person in respect of any loss or distress to that person by the loss, unauthorised disclosure of Personal Data or medical records by the Company, or any sub-contractor, servant or agent of the Company or any person within the control of the Company. 11.8 The Company shall, at its own expense, conduct any litigation arising from any claims relating to its use of Personal Data brought by any person in respect of any loss or distress to that person by the loss, unauthorised disclosure of Personal Data or medical records by the Company. 11.9 No Personal Data shall be included in any publications made by the Company without the prior agreement in writing of the individual concerned. No mention shall be made of individual officers of the Hospital, nor shall information be included which might lead to their identification, without the prior agreement in writing of the Hospital. 11.10 The Company shall ensure that all Personal Data is pseudonymised as and when it is obtained and that the key to personal identities of all persons to whom the Personal Data relates is kept in a separate and secure place. The Company shall not supply the Agent or the Hospital with copies Personal Data obtained in connection with the Project other than in an anonymised form.

Appears in 2 contracts

Samples: Sbri Phase 2 Development Agreement, Sbri Phase 2 Development Agreement

Personal Data and Data Protection. 11.1 The expectation is that Personal data may will be processed in relation to (i) the administration and performance of this Agreement (other than the Project) and the SBRI Healthcare healthcare Programme; and (ii) the performance of the Projectproject. Unless agreed otherwise in writing between NHS England, the Hospital and the Company: 11.1.1 The Company will be the controller in respect of Personal data processed in the performance of the Project; 11.1.2 NHS England will be the controller in respect of Personal Data processed in the administration and performance of this Agreement (other than the Projectproject) and the SBRI Healthcare programme; 11.1.3 The Agent acts as processor on behalf of NHS England: And each Party is responsible for complying with the relevant provisions of the Data Protection Legislation and for consulting and co-operating with the other Parties in order to ensure a transparent and consistent approach. 11.2 Personal Data shall be treated as confidential at all times and the Company shall comply with the provisions of the Data Protection Legislation. 11.3 The Hospital shall promptly supply copies of any guidance which may be required by the Company in the performance of the Project, including but not limited to the following documents: 11.3.1 the Medical Research Council's “Personal Information in Medical Research”, as amended from time to time; and 11.3.2 the “NHS Confidentiality Code of Practice”, guidelines on the use and protection of patient information, as amended from time to time. 11.4 The Company shall ensure compliance with any guidance documents provided to it pursuant to clause 11.2 above, and with any other guidance or regulations in relation to Personal Data as the Hospital or the Agent may advise from time to time. 11.5 The Company shall at all times be responsible for ensuring that all Personal Data (including Data in any electronic format) is stored securely. The Company shall take appropriate measures to ensure the security of all Personal Data and guard against unauthorised access, disclosure, loss or destruction of all Personal Data while in its custody. 11.6 Personal Data shall not be made available to anyone other than those employed directly on the Project by the Company, to the extent that they need access to such information for the performance of their duties. 11.7 The Company shall fully indemnify and hold harmless the Hospital and/or the Agent, their employees and agents against all liabilities, losses, costs, charges and expenses incurred as a result of any claims, demands, actions and proceedings made or brought against the Hospital and/or the Agent by any person in respect of any loss or distress to that person by the loss, unauthorised disclosure of Personal Data or medical records by the Company, or any sub-contractor, servant or agent of the Company or any person within the control of the Company. 11.8 The Company shall, at its own expense, conduct any litigation arising from any claims relating to its use of Personal Data brought by any person in respect of any loss or distress to that person by the loss, unauthorised disclosure of Personal Data or medical records by the Company. 11.9 No Personal Data shall be included in any publications made by the Company without the prior agreement in writing of the individual concerned. No mention shall be made of individual officers of the Hospital, nor shall information be included which might lead to their identification, without the prior agreement in writing of the Hospital. 11.10 The Company shall ensure that all Personal Data is pseudonymised as and when it is obtained and that the key to personal identities of all persons to whom the Personal Data relates is kept in a separate and secure place. The Company shall not supply the Agent or the Hospital with copies of Personal Data obtained in connection with the Project other than in an anonymised form.

Appears in 2 contracts

Samples: Sbri Healthcare Development Agreement, Sbri Healthcare Development Agreement

Personal Data and Data Protection. 11.1 The expectation is that Personal data may will be processed in relation to (i) the administration and performance of this Agreement (other than the Project) and the SBRI Healthcare healthcare Programme; and (ii) the performance of the Projectproject. Unless agreed otherwise in writing between NHS EnglandEngland and NHS Improvement, the Hospital and the Company: 11.1.1 The Company will be the controller in respect of Personal data processed in the performance of the Project; 11.1.2 NHS England and NHS Improvement will be the controller in respect of Personal Data processed in the administration and performance of this Agreement (other than the Projectproject) and the SBRI Healthcare programme; 11.1.3 The Agent acts as processor on behalf of NHS EnglandEngland and NHS Improvement: And each Party is responsible for complying with the relevant provisions of the Data Protection Legislation and for consulting and co-operating with the other Parties in order to ensure a transparent and consistent approach. 11.2 Personal Data shall be treated as confidential at all times and the Company shall comply with the provisions of the Data Protection Legislation. 11.3 The Hospital shall promptly supply copies of any guidance which may be required by the Company in the performance of the Project, including but not limited to the following documents: 11.3.1 the Medical Research Council's “Personal Information in Medical Research”, as amended from time to time; and 11.3.2 the “NHS Confidentiality Code of Practice”, guidelines on the use and protection of patient information, as amended from time to time. 11.4 The Company shall ensure compliance with any guidance documents provided to it pursuant to clause 11.2 above, and with any other guidance or regulations in relation to Personal Data as the Hospital or the Agent may advise from time to time. 11.5 The Company shall at all times be responsible for ensuring that all Personal Data (including Data in any electronic format) is stored securely. The Company shall take appropriate measures to ensure the security of all Personal Data and guard against unauthorised access, disclosure, loss or destruction of all Personal Data while in its custody. 11.6 Personal Data shall not be made available to anyone other than those employed directly on the Project by the Company, to the extent that they need access to such information for the performance of their duties. 11.7 The Company shall fully indemnify and hold harmless the Hospital and/or the AgentAgents, their employees and agents against all liabilities, losses, costs, charges and expenses incurred as a result of any claims, demands, actions and proceedings made or brought against the Hospital and/or the Agent Agents by any person in respect of any loss or distress to that person by the loss, unauthorised disclosure of Personal Data or medical records by the Company, or any sub-contractor, servant or agent of the Company or any person within the control of the Company. 11.8 The Company shall, at its own expense, conduct any litigation arising from any claims relating to its use of Personal Data brought by any person in respect of any loss or distress to that person by the loss, unauthorised disclosure of Personal Data or medical records by the Company. 11.9 No Personal Data shall be included in any publications made by the Company without the prior agreement in writing of the individual concerned. No mention shall be made of individual officers of the Hospital, nor shall information be included which might lead to their identification, without the prior agreement in writing of the Hospital. 11.10 The Company shall ensure that all Personal Data is pseudonymised as and when it is obtained and that the key to personal identities of all persons to whom the Personal Data relates is kept in a separate and secure place. The Company shall not supply the Agent Agents or the Hospital with copies of Personal Data obtained in connection with the Project other than in an anonymised form.

Appears in 2 contracts

Samples: Development Agreement, Development Agreement

AutoNDA by SimpleDocs

Personal Data and Data Protection. 11.1 The expectation is that Personal data may be processed in relation to (i) the administration and performance of this Agreement (other than the Project) and the SBRI Healthcare Programme; and (ii) the performance of the Project. Unless agreed otherwise in writing between NHS England, the Hospital and the Company: 11.1.1 The Company will be the controller in respect of Personal data processed in the performance of the Project;Tinethme perpformlaancteeof the-PrDojecot; Not Use 11.1.2 NHS England will be the controller in respect of Personal Data processed in the administration and performance of this Agreement (other than the Project) and the SBRI Healthcare programme; 11.1.3 The Agent acts as processor on behalf of NHS England: And each Party is responsible for complying with the relevant provisions of the Data Protection Legislation and for consulting and co-operating with the other Parties in order to ensure a transparent and consistent approach. 11.2 Personal Data shall be treated as confidential at all times and the Company shall comply with the provisions of the Data Protection Legislation. 11.3 The Hospital shall promptly supply copies of any guidance which may be required by the Company in the performance of the Project, including but not limited to the following documents: 11.3.1 the Medical Research Council's “Personal Information in Medical Research”, as amended from time to time; and 11.3.2 the “NHS Confidentiality Code of Practice”, guidelines on the use and protection of patient information, as amended from time to time. 11.4 The Company shall ensure compliance with any guidance documents provided to it pursuant to clause 11.2 above, and with any other guidance or regulations in relation to Personal Data as the Hospital or the Agent may advise from time to time. 11.5 The Company shall at all times be responsible for ensuring that all Personal Data (including Data in any electronic format) is stored securely. The Company shall take appropriate measures to ensure the security of all Personal Data and guard against unauthorised access, disclosure, loss or destruction of all Personal Data while in its custody. 11.6 Personal Data shall not be made available to anyone other than those employed directly on the Project by the Company, to the extent that they need access to such information for the performance of their duties. 11.7 The Company shall fully indemnify and hold harmless the Hospital ComTpaney smhall pfullylaindetmenify-andDholod harNmlesos thte HUospsitael and/or the Agent, their employees and agents against all liabilities, losses, costs, charges and expenses incurred as a result of any claims, demands, actions and proceedings made or brought against the Hospital and/or the Agent by any person in respect of any loss or distress to that person by the loss, unauthorised disclosure of Personal Data or medical records by the Company, or any sub-contractor, servant or agent of the Company or any person within the control of the Company. 11.8 The Company shall, at its own expense, conduct any litigation arising from any claims relating to its use of Personal Data brought by any person in respect of any loss or distress to that person by the loss, unauthorised disclosure of Personal Data or medical records by the Company. 11.9 No Personal Data shall be included in any publications made by the Company without the prior agreement in writing of the individual concerned. No mention shall be made of individual officers of the Hospital, nor shall information be included which might lead to their identification, without the prior agreement in writing of the Hospital. 11.10 The Company shall ensure that all Personal Data is pseudonymised as and when it is obtained and that the key to personal identities of all persons to whom the Personal Data relates is kept in a separate and secure place. The Company shall not supply the Agent or the Hospital with copies Personal Data obtained in connection with the Project other than in an anonymised form.

Appears in 1 contract

Samples: Sbri Phase 2 Development Agreement

Personal Data and Data Protection. 11.1 The expectation is that Personal data may will be processed in relation to (i) the administration and performance of this Agreement (other than the Project) and the SBRI Healthcare healthcare Programme; and (ii) the performance of the Projectproject. Unless agreed otherwise in writing between NHS England, the Hospital and the Company: 11.1.1 The Company will be the controller in respect of Personal data processed in the performance of the Project; 11.1.2 NHS England will be the controller in respect of Personal Data processed in the administration and performance of this Agreement (other than the Projectproject) and the SBRI Healthcare programme; 11.1.3 The Agent acts as processor on behalf of NHS England: And each Party is responsible for complying with the relevant provisions of the Data Protection Legislation and for consulting and co-operating with the other Parties in order to ensure a transparent and consistent approach. 11.2 Personal Data shall be treated as confidential at all times and the Company shall comply with the provisions of the Data Protection Legislation. 11.3 The Hospital shall promptly supply copies of any guidance which may be required by the Company in the performance of the Project, including but not limited to the following documents: 11.3.1 the Medical Research Council's “Personal ³Personal Information in Medical Research”5HVHD, as amended UasFaKme´nded from time to time; and 11.3.2 the “NHS Confidentiality Code of Practice”, guidelines on the use and WKH ³1+6 &RQILGHQWLDOLW\ &RGH RI 3UDFW protection of patient information, as amended from time to time. 11.4 The Company shall ensure compliance with any guidance documents provided to it pursuant to clause 11.2 above, and with any other guidance or regulations in relation to Personal Data as the Hospital or the Agent may advise from time to time. 11.5 The Company shall at all times be responsible for ensuring that all Personal Data (including Data in any electronic format) is stored securely. The Company shall take appropriate measures to ensure the security of all Personal Data and guard against unauthorised access, disclosure, loss or destruction of all Personal Data while in its custody. 11.6 Personal Data shall not be made available to anyone other than those employed directly on the Project by the Company, to the extent that they need access to such information for the performance of their duties. 11.7 The Company shall fully indemnify and hold harmless the Hospital and/or the Agent, their employees and agents against all liabilities, losses, costs, charges and expenses incurred as a result of any claims, demands, actions and proceedings made or brought against the Hospital and/or the Agent by any person in respect of any loss or distress to that person by the loss, unauthorised disclosure of Personal Data or medical records by the Company, or any sub-contractor, servant or agent of the Company or any person within the control of the Company. 11.8 The Company shall, at its own expense, conduct any litigation arising from any claims relating to its use of Personal Data brought by any person in respect of any loss or distress to that person by the loss, unauthorised disclosure of Personal Data or medical records by the Company. 11.9 No Personal Data shall be included in any publications made by the Company without the prior agreement in writing of the individual concerned. No mention shall be made of individual officers of the Hospital, nor shall information be included which might lead to their identification, without the prior agreement in writing of the Hospital. 11.10 The Company shall ensure that all Personal Data is pseudonymised as and when it is obtained and that the key to personal identities of all persons to whom the Personal Data relates is kept in a separate and secure place. The Company shall not supply the Agent or the Hospital with copies of Personal Data obtained in connection with the Project other than in an anonymised form.

Appears in 1 contract

Samples: Sbri Healthcare Phase 3 Development Agreement

Personal Data and Data Protection. 11.1 The expectation is that Personal data may will be processed in relation to (i) the administration and performance of this Agreement (other than the Project) and the SBRI Healthcare healthcare Programme; and (ii) the performance of the Projectproject. Unless agreed otherwise in writing between NHS England, the Hospital and the Company: 11.1.1 The Company will be the controller in respect of Personal data processed in the performance of the Project; 11.1.2 NHS England will be the controller in respect of Personal Data processed in the administration and performance of this Agreement (other than the Projectproject) and the SBRI Healthcare programme; 11.1.3 The Agent acts as processor on behalf of NHS England: And each Party is responsible for complying with the relevant provisions of the Data Protection Legislation and for consulting and co-operating with the other Parties in order to ensure a transparent and consistent approach. 11.2 Personal Data shall be treated as confidential at all times and the Company shall comply with the provisions of the Data Protection Legislation. 11.3 The Hospital shall promptly supply copies of any guidance which may be required by the Company in the performance of the Project, including but not limited to the following documents: 11.3.1 the Medical Research Council's “Personal Information in Medical Research”, as amended from time to time; and 11.3.2 the “NHS Confidentiality Code of Practice”, guidelines on the use and protection of patient information, as amended from time to time. 11.4 The Company shall ensure compliance with any guidance documents provided to it pursuant to clause 11.2 above, and with any other guidance or regulations in relation to Personal Data as the Hospital or the Agent may advise from time to time. 11.5 The Company shall at all times be responsible for ensuring that all Personal Data (including Data in any electronic format) is stored securely. The Company shall take appropriate measures to ensure the security of all Personal Data and guard against unauthorised access, disclosure, loss or destruction of all Personal Data while in its custody. 11.6 Personal Data shall not be made available to anyone other than those employed directly on the Project by the Company, to the extent that they need access to such information for the performance of their duties. 11.7 The Company shall fully indemnify and hold harmless the Hospital and/or the Agent, their employees and agents against all liabilities, losses, costs, charges and expenses incurred as a result of any claims, demands, actions and proceedings made or brought against the Hospital and/or the Agent by any person in respect of any loss or distress to that person by the loss, unauthorised disclosure of Personal Data or medical records by the Company, or any sub-contractor, servant or agent of the Company or any person within the control of the Company. 11.8 The Company shall, at its own expense, conduct any litigation arising from any claims relating to its use of Personal Data brought by any person in respect of any loss or distress to that person by the loss, unauthorised disclosure of Personal Data or medical records by the Company. 11.9 No Personal Data shall be included in any publications made by the Company without the prior agreement in writing of the individual concerned. No mention shall be made of individual officers of the Hospital, nor shall information be included which might lead to their identification, without the prior agreement in writing of the Hospital. 11.10 The Company shall ensure that all Personal Data is pseudonymised as and when it is obtained and that the key to personal identities of all persons to whom the Personal Data relates is kept in a separate and secure place. The Company shall not supply the Agent or the Hospital with copies of Personal Data obtained in connection with the Project other than in an anonymised form.

Appears in 1 contract

Samples: Sbri Healthcare Phase 3 Development Agreement

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!