Personally Identifiable Information (PII). If the Contractor or any of its Subcontractors will or may receive PII under this Agreement, Contractor shall provide for the security of such PII, in a manner and form acceptable to the County, including, without limitation, non-disclosure requirements, use of appropriate technology, security practices, computer access security, data access security, data storage encryption, data transmission encryption, security inspections and audits. Contractor shall be a “Third-Party Service Provider” as defined in C.R.S. § 24-73-101(1) (i) and shall maintain security procedures and practices consistent with C.R.S. § 00-00-000 and C.R.S. § 00-00-000. In the event Contractor incurs a data breach whereby it is reasonably believed that any of County’s PII either could have been, or was compromised, then Contractor shall immediately notify the County in writing and shall abide by C.R.S. § 00-00-000 et seq.
Personally Identifiable Information (PII). If CONTRACTOR or any of its Subcontractors will or may receive PII under this CONTRACT, CONTRACTOR shall provide for the security of such PII, in a manner and form acceptable to the COUNTY, including, without limitation, non- disclosure requirements, use of appropriate technology, security practices, computer access security, data access security, data storage encryption, data transmission encryption, security inspections and audits. CONTRACTOR shall be a “Third-Party Service Provider” as defined in C.R.S. § 24-73-101(1) (i) and shall maintain security procedures and practices consistent with C.R.S. §00-00-000 and C.R.S. §00-00-000. In the event CONTRACTOR incurs a data breach whereby it is reasonably believed that any of COUNTY’S PII either could have been, or was compromised, then CONTRACTOR shall immediately notify the COUNTY in writing and shall follow abide by C.R.S. § 00-00-000 et seq.
Personally Identifiable Information (PII). As previously referenced under SUBSECTION VII.D. RECORDKEEPING REQUIREMENTS and in accordance with 2 CFR 200.1 and 2 CFR 200.338, Personally Identifiable Information (PII) means information that can be used to distinguish or trace an individual’s identity, either alone or when combined with other personal or identifying information that is linked or linkable to a specific individual. The definition of PII is not anchored to any single category of information or technology. Rather, it requires a case-by-case assessment of the specific risk that an individual can be identified. Protected PII means an individual’s first name or first initial and last name in combination with any one or more of types of information, including, but not limited to, social security number, passport number, credit card numbers, clearances, bank numbers, biometrics, date and place of birth, mother’s maiden name, criminal, medical and financial records, and educational transcripts. This does not include PII that is required by law to be disclosed. PII must always be safeguarded, even in instances of public records requests. No Federal awarding agency may place restrictions on the non-Federal entity that limits public access to the records of the non-Federal entity pertinent to a Federal award, except for protected PII or when the Federal awarding agency can demonstrate that such records will be kept confidential and would have been exempted from disclosure pursuant to the Freedom of Information Act (5 U.S.C. 552) or controlled unclassified information pursuant to Executive Order 13556 if the records had belonged to the Federal awarding agency. The SUBRECIPIENT certifies that they understand the PII definitions as noted above, and in accordance with their internal controls under 2 CFR 200.303, the SUBRECIPIENT shall take reasonable measures to safeguard protected PII and other information HUD or the COUNTY designates as sensitive or the SUBRECIPIENT considers sensitive consistent with applicable Federal, state, and local laws regarding privacy and responsibility over confidentiality. Additionally, the COUNTY, pursuant to the Federal Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a “covered entity,” as the law defines that term. Any “personal health information” (PHI) as defined by the law that the COUNTY receives pursuant to this Agreement in connection with this project and its activities, as applicable, is subject to the disclosure and security requirements ...
Personally Identifiable Information (PII). A. “Personally Identifiable Information” (PII) means any information that identifies, relates to, describes, is reasonably capable of being associated with a particular individual or household, that is processed by Supplier pursuant to this Agreement, and that is deemed “personal data,” “personal information,” or the like under the Data Protection Laws.
B. Data Protection Laws” means all applicable international, federal, state, provincial, and local laws, rules, regulations, directives, requirements, codes and industry standards and guidelines, relating to the privacy, confidentiality, integrity, protection, or security of PII.
C. Any PII disclosed to Supplier or with which Supplier otherwise comes in contact while, as applicable, providing the Work will be deemed to be Confidential Information, regardless of whether it is labeled or designated as such. Supplier shall not: (i) use PII for any purpose other than as reasonably necessary to fulfill the terms of the Agreement; or (ii) make PII available to any employees, agents, subcontractors, or other party representatives except those with a need to know.
D. Supplier shall implement appropriate measures to ensure the security and confidentiality of all PII in its and its subcontractors’ possession, including protecting against any threats or hazards to the security or integrity of the PII that Supplier should reasonably be able to anticipate, and against unauthorized access to or use of the PII.
E. Notwithstanding any other provisions hereof, Supplier shall notify Purchaser within one (1) business day of becoming aware of any Breach of Security. “Breach of Security” shall mean unauthorized access to, acquisition of, or disclosure of, PII or any individual’s information which was held in the custody or control of Supplier or its subcontractors of any tier, agents or other representatives, or a reasonable belief by either party or its subcontractor of any tier, agent or representative that such unauthorized access, acquisition or disclosure has occurred. Supplier’s notice shall include the following: (i) date and time that Supplier discovered the Breach of Security and the date and time when the breach actually occurred, if discoverable; (ii) a detailed description of the Breach of Security; (iii) a list of the systems and data at risk, including a list of affected individuals; and (iv) a description of actions taken after the Breach of Security was discovered. Thereafter, Supplier shall provide Purchaser wi...
Personally Identifiable Information (PII). (The Privacy Act of 1974, E-Government Act of 2002 (P.L. 107-347), and AP Family – Authority and Purpose (Privacy Controls), NIST SP 800-53 rev. 4) Personally Identifiable Information (PII) is information used to distinguish or trace an individual’s identity, such as their name, Social Security Number, biometric records, alone or when combined with other personal or identifying information linked or linkable to a specific individual. An item such as date and place of birth, mother’s maiden name, or father’s surname is XXX, regardless of whether combined with other data.
Personally Identifiable Information (PII). Personally Identifiable Information (PII) is any data that could potentially be used to identify a particular person. For instance, this information could contain name and surname, house address, email address, birthday, phone number and geographic information. This is the type of information that must be taken into account to decide if the GDPR should be applied. Figure 29 depicts an example of PII.
Personally Identifiable Information (PII). If the Consultant or any of its Subconsultants will or may receive PII under this Agreement, Consultant shall provide for the security of such PII, in a manner and form acceptable to the County and PPRTA, including, without limitation, non-disclosure requirements, use of appropriate technology, security practices, computer access security, data access security, data storage encryption, data transmission encryption, security inspections and audits. Consultant shall be a “Third-Party Service Provider” as defined in C.R.S. § 24-73-101(1) (i) and shall maintain security procedures and practices consistent with C.R.S. § 00-00-000 and C.R.S. § 00-00-000. In the event Consultant incurs a data breach whereby it is reasonably believed that any of County’s or PRTA’s PII either could have been, or was compromised, then Consultant shall immediately notify the County and PPRTA in writing and shall abide by C.R.S. § 00-00-000 et seq.
Personally Identifiable Information (PII). Any information that identifies or describes an individual, including, but not limited to, his or her name, social security number, home address, home telephone number, education, financial matters, medical or employment history, and statements made by, or attributed to, the individual. It also includes any identifiable information collected from or about an individual for purposes of determining eligibility for enrollment in a Qualified Health Plan, determining eligibility for insurance affordability programs, determining eligibility for exemptions from the individual responsibility provisions, or any other use of such individual’s identifiable information in connection with the Exchange and the Exchange’s functions.
Personally Identifiable Information (PII). Grantee, if it collects PII, is required to have a publicly available privacy policy that describes what PII they collect, how they use it, whether they share it with third parties and how individuals may have their PII corrected where appropriate.
Personally Identifiable Information (PII). The following contract clause applies to all contracts and subawards regardless of dollar amount. Take reasonable measures to safeguard protected PII and other information DEA designates consistent with applicable Federal, state, and local laws regarding privacy and obligations of confidentiality.
