Privacy and Information Security Provisions. With respect to information that is “non-public personal information” (as defined in the GLB Regulations) that is disclosed or provided by the Trust (or on the Trust’s behalf) to the Servicer in connection with this Agreement, or any Basic Document to which the Servicer is a party, the Servicer agrees, subject to the terms hereof and the limitations of liability set forth herein, that in performing its obligations under this Agreement, the Servicer shall comply with all reuse, redisclosure, or other customer information handling, processing, security, and protection requirements that are specifically required of a non-affiliated third-party processor or servicer (or subcontractor) under the GLB Regulations and other applicable federal consumer privacy laws, rules, and regulations. Without limiting the foregoing, the Servicer agrees that:
(i) the Servicer is prohibited from disclosing or using any “non-public personal information” (as defined in the GLB Regulations) disclosed or provided by the Trust or on the Trust’s behalf to the Servicer, except solely to carry out the purposes for which it was disclosed, including use under an exception contained in 12 CFR sections 40.14 or 40.15 or 16 CFR sections 313.14 or 313.15, as applicable, of the GLB Regulations in the ordinary course of business to carry out those purposes; and
(ii) the Servicer has implemented and will maintain an information security program designed to meet the objectives of the Interagency Guidelines Establishing Standards for Safeguarding Customer Information, Final Rule (12 CFR Part 30, Appendix B) and the Federal Trade Commission’s Standards for Safeguarding Customer Information (16 CFR Part 314).
Privacy and Information Security Provisions. This Exhibit E is intended to protect the privacy and security of specified Department information that Contractor may access, receive, or transmit under this Agreement. The Department information covered under this Exhibit E consists of: (1) Protected Health Information as defined under the Health Insurance Portability and Accountability Act of 1996, Public Law 104-191 (“HIPAA”)(PHI): and (2) Personal Information (PI) as defined under the California Information Practices Act (CIPA), at California Civil Code Section 1798.3. Personal Information may include data provided to the Department by the Social Security Administration. Exhibit E consists of the following parts:
Privacy and Information Security Provisions. This Exhibit B is intended to protect the privacy and security of specified DHCS information that Business Associate may access, receive, or transmit under the JPA Agreement. The DHCS information covered under this Exhibit B consists of: (1) PHI and (2) PI. PI may include data provided to DHCS by the Social Security Administration. Exhibit B consists of the following parts:
Privacy and Information Security Provisions. With respect to information that is "non-public personal information" (as defined in the GLB Regulations) that is disclosed or provided by the Issuer (or on the Issuer's behalf) to the Subservicer in connection with this Agreement, or any Basic Document to which the Subservicer is a party, the Subservicer agrees, that in performing its obligations under this Agreement, the Subservicer shall comply with all reuse, redisclosure, or other customer information handling, processing, security, and protection requirements that are specifically required of a non-affiliated third-party processor or servicer (or subcontractor) under the GLB Regulations and other applicable federal or state consumer privacy laws, rules, and regulations. Without limiting the foregoing, the Subservicer agrees that: A. the Subservicer is prohibited from disclosing or using any "non-public personal information" (as defined in the GLB Regulations) disclosed or provided by the Issuer or on the Issuer's behalf to the Subservicer, except solely to carry out the purposes for which it was disclosed, including use under an exception contained in 12 CFR sections 40.14 or 40.15 or 16 CFR sections 313.14 or 313.15, as applicable, of the GLB Regulations in the ordinary course of business to carry out those purposes; and 20 B. the Subservicer has implemented and will maintain an information security program designed to meet the objectives of the Interagency Guidelines Establishing Standards for Safeguarding Customer Information, Final Rule (12 CFR Part 364, Appendix B) and the Federal Trade Commission's Standards for Safeguarding Customer Information (16 CFR Part 314). Section 4.19
Privacy and Information Security Provisions. With respect to information that is “non-public personal information” (as defined in the GLB Regulations) that is disclosed or provided to the Master Servicer if other than WEF or a WEF Affiliate (or any sub-servicer) in connection with this Agreement, or any Basic Document to which the Master Servicer is a party, the Master Servicer (if other than WEF or a WEF Affiliate) agrees, subject to the terms hereof and the limitations of liability set forth herein, that in performing its obligations under this Agreement, the Master Servicer shall (or shall cause the applicable sub-servicer to) comply with all reuse, redisclosure, or other customer information handling, processing, security, notification and protection requirements under the GLB Regulations and other applicable federal and state consumer privacy laws, rules, and regulations. Without limiting the foregoing, the Master Servicer agrees that:
(i) the Master Servicer is prohibited (and shall prevent the sub-servicers) from disclosing or using any “non-public personal information” (as defined in the GLB Regulations) disclosed or provided to the Master Servicer (or the sub-servicers), except solely to carry out the purposes for which it was disclosed, including use under an exception contained in 12 CFR sections 40.14 or 40.15 or 16 CFR sections 313.14 or 313.15, as applicable, of the GLB Regulations in the ordinary course of business to carry out those purposes; and
(ii) the Master Servicer has implemented and will maintain (and shall cause the sub-servicers to implement and maintain) an information security program designed to meet the objectives of the Interagency Guidelines Establishing Standards for Safeguarding Customer Information, Final Rule (12 CFR Part 30, Appendix B) and the Federal Trade Commission’s Standards for Safeguarding Customer Information (16 CFR Part 314).
Privacy and Information Security Provisions. With respect to information that is non-public personal information (as defined in the GLB Requirements defined below) that is disclosed or provided by the Issuer or the Servicer or any of their affiliates to the Asset Representations Reviewer in connection with this Agreement, or any Basic Document to which the Asset Representations Reviewer is a party (the “Customer Information”), the Asset Representations Reviewer shall comply, and shall cause its representatives to comply, with the security requirements agreed to from time to time by the Asset Representations Reviewer and the Servicer (the “Security Requirements”). The Asset Representations Reviewer shall promptly provide documents or information regarding the Asset Representations Reviewer’s information security practices upon the reasonable request of the Issuer or the Servicer. With respect to Customer Information, the Asset Representations Reviewer hereby agrees that it shall comply, and shall cause its representatives to comply, with all reuse, redisclosure and other customer information handling, processing, security, and protection requirements that are specifically required of a non-affiliated third-party processor or servicer (or subcontractor) under the Interim Final Rule (12 CFR Part 1016), implementing Title V of the Xxxxx-Xxxxx-Xxxxxx Act, Public Law 106-102 (the “GLB Requirements”) and other applicable federal and state consumer privacy laws, rules and regulations. The Asset Representations Reviewer acknowledges and agrees that any such Customer Information shall be used solely for the purpose of performing the Asset Representations Reviewer’s obligations under this Agreement. Without limiting the foregoing, the Asset Representations Reviewer agrees that:
(1) the Asset Representations Reviewer is prohibited from disclosing or using any Customer Information disclosed or provided by the Issuer or the Servicer or any of their affiliates, except solely to carry out the purposes for which it was disclosed, including use under an exception contained in 12 CFR sections 40.14 or 40.15 or 16 CFR sections 313.14 or 313.15, as applicable, of the GLB Regulations in the ordinary course of business to carry out those purposes; and
(2) the Asset Representations Reviewer has implemented and will maintain a written information security program that complies with applicable state laws and regulations pertaining to the protection of personal information and that is designed to meet the objectives of the Int...
Privacy and Information Security Provisions. With respect to information that is “non-public personal information” (as defined in the GLB Regulations) that is disclosed or provided to the Master Servicer in connection with this Agreement or any other Transaction Document to which the Master Servicer is a party, the Master Servicer agrees, subject to the terms hereof and the limitations of liability set forth herein, that in performing its obligations under this Agreement, the Master Servicer shall comply with all reuse, redisclosure or other customer information handling, processing, security, notification and protection requirements under the GLB Regulations and other applicable consumer privacy laws, rules and regulations. Without limiting the foregoing, the Master Servicer agrees that:
(a) the Master Servicer is prohibited from disclosing or using any “non-public personal information” (as defined in the GLB Regulations) disclosed or provided to the Master Servicer, except solely to carry out the purposes for which it was disclosed, including use under an exception contained in 12 CFR sections 40.14 or 40.15 or 16 CFR sections 313.14 or 313.15, as applicable, of the GLB Regulations in the ordinary course of business to carry out those purposes; and
(b) the Master Servicer has implemented and will maintain an information security program designed to meet the objectives of the Interagency Guidelines Establishing Standards for Safeguarding Customer Information, Final Rule (12 CFR Part 30, Appendix B) and the Federal Trade Commission’s Standards for Safeguarding Customer Information (16 CFR Part 314).
Privacy and Information Security Provisions. Kern County CCS program and DHCS acknowledge that this MOU constitutes a business associate relationship under the Health Insurance Portability and Accountability Act (HIPAA)39 and its implementing privacy and security regulations at 45 Code of Federal Regulations (CFR), parts 16040 and 164,41 whereby Kern County is the business associate of DHCS. The parties agree to be bound by the terms of the attached in XI. Attachments section B. Business Associate Addendum, incorporated into this MOU.
A. Management Information Systems
B. Business Associate Addendum Attachment A Management Information Systems
