Personally Identifiable Information (PII). If the Contractor or any of its Subcontractors will or may receive PII under this Agreement, Contractor shall provide for the security of such PII, in a manner and form acceptable to the County, including, without limitation, non-disclosure requirements, use of appropriate technology, security practices, computer access security, data access security, data storage encryption, data transmission encryption, security inspections and audits. Contractor shall be a “Third-Party Service Provider” as defined in C.R.S. § 24-73-101(1) (i) and shall maintain security procedures and practices consistent with C.R.S. § 00-00-000 and C.R.S. § 00-00-000. In the event Contractor incurs a data breach whereby it is reasonably believed that any of County’s PII either could have been, or was compromised, then Contractor shall immediately notify the County in writing and shall abide by C.R.S. § 00-00-000 et seq.
Personally Identifiable Information (PII). If CONTRACTOR or any of its Subcontractors will or may receive PII under this CONTRACT, CONTRACTOR shall provide for the security of such PII, in a manner and form acceptable to the COUNTY, including, without limitation, non- disclosure requirements, use of appropriate technology, security practices, computer access security, data access security, data storage encryption, data transmission encryption, security inspections and audits. CONTRACTOR shall be a “Third-Party Service Provider” as defined in C.R.S. § 24-73-101(1) (i) and shall maintain security procedures and practices consistent with C.R.S. §00-00-000 and C.R.S. §00-00-000. In the event CONTRACTOR incurs a data breach whereby it is reasonably believed that any of COUNTY’S PII either could have been, or was compromised, then CONTRACTOR shall immediately notify the COUNTY in writing and shall follow abide by C.R.S. § 00-00-000 et seq.
Personally Identifiable Information (PII). As previously referenced under SUBSECTION VII.D. RECORDKEEPING REQUIREMENTS and in accordance with 2 CFR 200.1 and 2 CFR 200.338, Personally Identifiable Information (PII) means information that can be used to distinguish or trace an individual’s identity, either alone or when combined with other personal or identifying information that is linked or linkable to a specific individual. The definition of PII is not anchored to any single category of information or technology. Rather, it requires a case-by-case assessment of the specific risk that an individual can be identified. Protected PII means an individual’s first name or first initial and last name in combination with any one or more of types of information, including, but not limited to, social security number, passport number, credit card numbers, clearances, bank numbers, biometrics, date and place of birth, mother’s maiden name, criminal, medical and financial records, and educational transcripts. This does not include PII that is required by law to be disclosed. PII must always be safeguarded, even in instances of public records requests. No Federal awarding agency may place restrictions on the non-Federal entity that limits public access to the records of the non-Federal entity pertinent to a Federal award, except for protected PII or when the Federal awarding agency can demonstrate that such records will be kept confidential and would have been exempted from disclosure pursuant to the Freedom of Information Act (5 U.S.C. 552) or controlled unclassified information pursuant to Executive Order 13556 if the records had belonged to the Federal awarding agency. The SUBRECIPIENT certifies that they understand the PII definitions as noted above, and in accordance with their internal controls under 2 CFR 200.303, the SUBRECIPIENT shall take reasonable measures to safeguard protected PII and other information HUD or the COUNTY designates as sensitive or the SUBRECIPIENT considers sensitive consistent with applicable Federal, state, and local laws regarding privacy and responsibility over confidentiality. Additionally, the COUNTY, pursuant to the Federal Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a “covered entity,” as the law defines that term. Any “personal health information” (PHI) as defined by the law that the COUNTY receives pursuant to this Agreement in connection with this project and its activities, as applicable, is subject to the disclosure and security requirements ...
Personally Identifiable Information (PII). A. “Personally Identifiable Information” (PII) means any information that identifies, relates to, describes, is reasonably capable of being associated with a particular individual or household, that is processed by Supplier pursuant to this Agreement, and that is deemed “personal data,” “personal information,” or the like under the Data Protection Laws.
Personally Identifiable Information (PII). (The Privacy Act of 1974, E-Government Act of 2002 (P.L. 107-347), and AP Family – Authority and Purpose (Privacy Controls), NIST SP 800-53 rev. 4) Personally Identifiable Information (PII) is information used to distinguish or trace an individual’s identity, such as their name, Social Security Number, biometric records, alone or when combined with other personal or identifying information linked or linkable to a specific individual. An item such as date and place of birth, mother’s maiden name, or father’s surname is PII, regardless of whether combined with other data. SSA defines a PII loss as a circumstance when an EIEP employee, contractor, or agent has reason to believe that information on hard copy or in electronic format, which contains PII provided by SSA, left the EIEP’s custody or the EIEP disclosed it to an unauthorized individual or entity. PII loss is a reportable incident. SSA requires that contracts for periodic disposal/destruction of case files or other print media contain a non-disclosure agreement signed by all personnel who will encounter products that contain SSA-provided information. If a PII loss involving SSA-provided information occurs or is suspected, the EIEP must be able to quantify the extent of the loss and compile a complete list of the individuals potentially affected by the incident (refer to Incident Reporting). The EIEP should have procedural documents to describe methods and controls for safeguarding SSA-provided PII while in use, at rest, during transmission, or after archiving. The document should explain how the EIEP manages and handles SSA-provided information on print media and explain how the methods and controls conform to NIST requirements. SSA requires that printed items that contain SSA-provided PII always remain in the custody of authorized EIEP employees, contractors, or agents. SSA also requires that the agency destroy the items when no longer required for the EIEP’s business process. If retained in paper files for evidentiary purposes, the EIEP should safeguard such PII in a manner that prevents unauthorized personnel from accessing such materials. All agencies that receive SSA-provided information must maintain an inventory of all documents that outline statewide or agency policy and procedures regarding the same.
Personally Identifiable Information (PII). Personally Identifiable Information (PII) is any data that could potentially be used to identify a particular person. For instance, this information could contain name and surname, house address, email address, birthday, phone number and geographic information. This is the type of information that must be taken into account to decide if the GDPR should be applied. Figure 29 depicts an example of PII.
Personally Identifiable Information (PII). If the Consultant or any of its Subconsultants will or may receive PII under this Agreement, Consultant shall provide for the security of such PII, in a manner and form acceptable to the County and PPRTA, including, without limitation, non-disclosure requirements, use of appropriate technology, security practices, computer access security, data access security, data storage encryption, data transmission encryption, security inspections and audits. Consultant shall be a “Third-Party Service Provider” as defined in C.R.S. § 24-73-101(1) (i) and shall maintain security procedures and practices consistent with C.R.S. § 00-00-000 and C.R.S. § 00-00-000. In the event Consultant incurs a data breach whereby it is reasonably believed that any of County’s or PRTA’s PII either could have been, or was compromised, then Consultant shall immediately notify the County and PPRTA in writing and shall abide by C.R.S. § 00-00-000 et seq.
Personally Identifiable Information (PII). Any information that identifies or describes an individual, including, but not limited to, his or her name, social security number, home address, home telephone number, education, financial matters, medical or employment history, and statements made by, or attributed to, the individual. It also includes any identifiable information collected from or about an individual for purposes of determining eligibility for enrollment in a Qualified Health Plan, determining eligibility for insurance affordability programs, determining eligibility for exemptions from the individual responsibility provisions, or any other use of such individual’s identifiable information in connection with the Exchange and the Exchange’s functions.
Personally Identifiable Information (PII). Grantee, if it collects PII, is required to have a publicly available privacy policy that describes what PII they collect, how they use it, whether they share it with third parties and how individuals may have their PII corrected where appropriate.
Personally Identifiable Information (PII). The following contract clause applies to all contracts and subawards regardless of dollar amount. Take reasonable measures to safeguard protected PII and other information DEA designates consistent with applicable Federal, state, and local laws regarding privacy and obligations of confidentiality.
