Privacy and Security Compliance. The Company has complied, and is presently in compliance with their privacy policies and other legal and contractual obligations regarding the collection, use, transfer, storage, protection, disposal and disclosure by the Company of personally identifiable information and/or any other information collected from or provided by third parties, and the Company is currently taking or has taken commercially reasonable actions to prepare to comply with the California Consumer Privacy Act of 2018 by January 1, 2020 (collectively, the “Data Privacy and Security Requirements”). Neither the Company nor any Subsidiary: (i) has received written notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Data Privacy and Security Requirements, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice and, to the Company’s knowledge, no such notices are threatened; (ii) is currently conducting or paying for, in whole or in part, any material investigation, remediation, or other corrective action pursuant to any Data Privacy and Security Requirement; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability under any Data Privacy and Security Requirement. The Company has taken commercially reasonable steps to protect the information technology systems and data used in connection with the operation of each of the Company. The Company has used commercially reasonable efforts to establish, and has established, commercially reasonable disaster recovery and security plans, procedures and facilities for each of their businesses, including, without limitation, for the information technology systems and data held or used by or on behalf of or for the Company. The Company has not experienced or been notified of a security breach or other compromise of, or relating to, any such information technology system or data requiring notice to any third party under applicable state or federal law.
Privacy and Security Compliance. The parties agree to maintain the privacy and security of any individually identifiable information received from or created for the other party in accordance with all relevant state and federal laws and regulations. This provision shall survive termination of this Agreement.
Privacy and Security Compliance. With respect to each engagement, Contractor agrees to:
9.1. To participate in privacy and security compliance training when offered by Company.
9.2. To adhere to all privacy and security rules as communicated to Contractor by Company or any of Company’s clients, customers, or accounts, or prospective clients, customers or accounts, that were contacted, solicited or served by the Contractor while engaged by Company.
Privacy and Security Compliance. (a) None of the Acquired Companies is in violation in any material respect with the applicable requirements of the regulations governing the privacy of individually identifiable health information and the regulations governing the security of such information maintained in electronic form promulgated pursuant to HIPAA (a “HIPAA Requirement”). To Seller’s Knowledge, no HIPAA Requirement will impose any restrictions upon the Acquired Companies’ ability to use, possess, disclose, or transfer any personal data in the manner the Acquired Companies have used, possessed, disclosed, or transferred any such personal data. None of the Acquired Companies is in violation in any material respect with any HIPAA “business associate” type covenants in any Contract or amendment thereto. During the past six (6) years, none of the Acquired Companies has received any written or, to Seller’s Knowledge, oral complaint nor, to Seller’s Knowledge, has any complaint (written or otherwise) been made to any third party, from any patient or guardian thereof regarding the improper disclosure of such patient’s protected health information by any Acquired Company, any Affiliate thereof, or any of their Related Persons.
(b) Seller has delivered to Buyer accurate and complete copies of all written policies and procedures currently maintained by each Acquired Company that relate to HIPAA Requirements or other privacy and personal data protection, including any such policies that relate to personal data from or about any Related Persons, customers, suppliers, service providers, or any other Persons.
Privacy and Security Compliance. (a) The Company is not in violation in any material respect of the applicable requirements of the regulations governing the privacy of individually identifiable health information and the regulations governing the security of such information maintained in electronic form promulgated pursuant to HIXXX, 00 XXX Xart 164, Subparts C and E (a “HIPAA Requirement”). The Company is not in material violation of any “business associate agreement” required by 45 CFR § 164.504(e)(2) to which the Company is a party. The Company has not received any written complaint, nor to the Knowledge of the Company, has any complaint (written or otherwise) been made to any third party, from any patient or guardian thereof regarding the improper disclosure of such patient’s protected health information by the Company, any Affiliate thereof, or any of their representatives.
(b) The Company and its Subsidiaries use reasonable best efforts to protect the privacy of sensitive data, including non-public information (“Data”) that the Company or any of its Subsidiaries collects, uses, maintains or transmits and to prevent unauthorized access to, and use or disclosure of, such Data by any unauthorized Person. Since December 31, 2012, neither the Company nor any of its Subsidiaries, or, to the Knowledge of the Company, any third Person acting on behalf of the Company or any of its Subsidiaries, has had a material breach of security of any Data that the Company or any of its Subsidiaries (or a third Person acting on behalf of the Company or any of its Subsidiaries) collects, uses, maintains or transmits.
(c) To the Knowledge of the Company, neither the execution, delivery or performance of this Agreement nor the consummation of any of the transactions contemplated hereby will result in any violation, in any material respect, of (i) any of the Company’s or any of its Subsidiaries’ privacy policies or terms of use or (ii) any agreement of the Company or any of its Subsidiaries with respect to the collection, use, disclosure, disposal, maintenance, and transmission of data and non-public information.
Privacy and Security Compliance. (i) The computers, devices, equipment, networks, systems, servers, websites, mobile applications, hardware, firmware, middleware, data communication lines, routers, switches, and other information technology infrastructure, as well as all software operating thereon or in connection therewith, including, in each case pursuant to outsourced or cloud computing arrangements (collectively, the “IT Assets”) used by the Sellers in the operation of the Business (the “Business IT Assets”) (A) are adequate for, and operate and perform in all material respects in accordance with their documentation and functional specifications and otherwise as required in connection with, the operation of the Business, (B) are free from material bugs, errors or other defects, (C) have not materially malfunctioned, crashed, failed, experienced continued substandard performance or other adverse events within the past three (3) years, and (D) do not contain any Malicious Code. In connection with the Business, the Sellers have implemented anti-malware, anti-virus, backup, security, business continuity, and disaster recovery measures and technology consistent with industry best practices and has tested those measures and technology at least annually.
(ii) In connection with the Business, the Sellers are and have been since January 1, 2019 in material compliance with the applicable requirements of all (A) Privacy Laws, (B) internal and external policies governing the privacy and security of the Business, (C) to the extent applicable, the Payment Card Industry Data Security Standard (PCI DSS), and (D) obligations under any Contract to which a Seller is a party (including under any HIPAA “business associate” agreement), in each case applicable to the privacy and security of Personal Information or the Processing or other use thereof by or on behalf of the Seller (“Information Requirements”). The Sellers have not since January 1, 2019 received any written notice with respect to any allegation that the Business is or was not in material compliance with any Information Requirement. To the Sellers’ Knowledge, all vendors, processors, subcontractors and other Persons acting for or on behalf of any Seller in connection with the Processing of Personal Information for the Business or that otherwise have been authorized to have access to the Business IT Assets or the Personal Information in the possession or control of the Business are subject to contractual obligations to comply, and since January ...
Privacy and Security Compliance. As part of their clinical experiences, Students will potentially have access to Protected Health Information (as defined in 45 C.F.R. Section 164.501), which is subject to the requirements of the Health Insurance Portability and Accountability Act of 1996, as codified at 42 U.S.C. 1320d (“HIPAA”) and any current and future regulations promulgated thereunder, including, without limitation, the federal privacy regulations contained in 45 C.F.R. Parts 160 and 164 (“Federal Privacy Regulations”), the federal security standards contained in 45 C.F.R. Part 142 (“Federal Security Regulations”) and the federal standards for electronic transactions contained in 45 C.F.R. Parts 160 and 162, all collectively referred to herein as “HIPAA Requirements”. School shall direct and require its Students to not use or disclose any Protected Health Information and to comply with the applicable state and federal laws as well as the policies and procedures of Participating Institution regarding the use and disclosure of Protected Health Information. Solely for the purpose of defining Students’ role in relation to the use and disclosure of Participating Institution’s protected health information, School’s Students shall be deemed members of Participating Institution’s workforce, as that term is defined by 45 C.F.R 160.103, when engaged in activities pursuant to this Agreement. Accordingly, Students shall attend Participating Institution’s HIPAA training prior to having access to any Protected Health Information. Students are not, however, and shall not, for any purpose, be considered employees of Participating Institution or School. The parties hereby acknowledge that this Agreement is not intended to create a “Business Associate” relationship as that term is defined in 45 CFR § 160.103. School shall also direct and require its students to comply with any and all applicable state laws related to privacy and security of Protected Health Information or Personal Data/Personal Information during their rotations at Participating Institution.
Privacy and Security Compliance. Business Associate will comply with all obligations of the Covered Entity when performing duties for the Covered Entity related to compliance with the HIPAA, HITECH or any regulations promulgated thereunder.
Privacy and Security Compliance. Each of the Fulgent Parties has complied, and is presently in compliance in all material respects with its privacy policies and other legal and contractual obligations regarding the collection, use, transfer, storage, protection, disposal and disclosure by each of the Fulgent Parties of personally identifiable information and/or any other information collected from or provided by third parties. Each Fulgent Party has taken commercially reasonable steps to protect the information technology systems and data used in connection with the operation of each Fulgent Party. Each Fulgent Party has used commercially reasonable efforts to establish, and has established, commercially reasonable disaster recovery and security plans, procedures and facilities for each of their businesses, including, without limitation, for the information technology systems and data held or used by or on behalf of or for the Fulgent Parties. None of the Fulgent Parties has experienced a security breach or other compromise of, or relating to, any such information technology system or data requiring notice to any third party under applicable state or federal law.
Privacy and Security Compliance. Except as set forth in Section 5.16 of the Disclosure Schedule, no Company Entity is in violation of the applicable requirements of the regulations governing the privacy of individually identifiable health information and the regulations governing the security of such information maintained in electronic form promulgated pursuant to the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) the implementing regulations adopted pursuant thereto at 45 CFR Parts 160, 162 and 164 and any such other any other applicable federal privacy law or rule, including the American Recovery and Reinvestment Act of 2009, Public Law 111-5 (“HITECH”) and any applicable state privacy laws. No Company Entity is in violation of any HIPAA “business associate” type covenants in any Contract or amendment thereto. No Company Entity has received any complaint (written or otherwise), nor, to the Knowledge of Sellers, has any complaint (written or otherwise) been made to any third party, from any patient or guardian thereof regarding the improper disclosure of such patient’s protected health information by any Company Entity or any of their respective Representatives. Except as set forth in Section 5.16 of the Disclosure Schedule, no Company Entity has had any data breach involving any patient protected health information.
