Data Protection and Privacy:
Protected Health Information Party shall maintain the privacy and security of all individually identifiable health information acquired by or provided to it as a part of the performance of this Agreement. Party shall follow federal and state law relating to privacy and security of individually identifiable health information as applicable, including the Health Insurance Portability and Accountability Act (HIPAA) and its federal regulations.
Amendment of Protected Health Information 8.1 To the extent Covered Entity determines that any Protected Health Information is maintained by Business Associate or its agents or Subcontractors in a Designated Record Set, Business Associate shall, within ten (10) business days after receipt of a written request from Covered Entity, make any amendments to such Protected Health Information that are requested by Covered Entity, in order for Covered Entity to meet the requirements of 45 C.F.R. § 164.526.
8.2 If any Individual requests an amendment to Protected Health Information directly from Business Associate or its agents or Subcontractors, Business Associate shall notify Covered Entity in writing within five (5) days of the receipt of the request. Whether an amendment shall be granted or denied shall be determined by Covered Entity.
Confidentiality of Protected Data (a) Vendor acknowledges that the Protected Data it receives pursuant to the Master Agreement originates from the District and that this Protected Data belongs to and is owned by the District.
(b) Vendor will maintain the confidentiality of the Protected Data it receives in accordance with federal and state law (including but not limited to Section 2-d) and the District’s policy on data security and privacy. The District will provide Vendor with a copy of its policy on data security and privacy upon request.
ACCESS TO PROTECTED HEALTH INFORMATION 7.1 To the extent Covered Entity determines that Protected Health Information is maintained by Business Associate or its agents or Subcontractors in a Designated Record Set, Business Associate shall, within two (2) business days after receipt of a request from Covered Entity, make the Protected Health Information specified by Covered Entity available to the Individual(s) identified by Covered Entity as being entitled to access and shall provide such Individuals(s) or other person(s) designated by Covered Entity with a copy the specified Protected Health Information, in order for Covered Entity to meet the requirements of 45 C.F.R. § 164.524.
7.2 If any Individual requests access to Protected Health Information directly from Business Associate or its agents or Subcontractors, Business Associate shall notify Covered Entity in writing within two (2) days of the receipt of the request. Whether access shall be provided or denied shall be determined by Covered Entity.
7.3 To the extent that Business Associate maintains Protected Health Information that is subject to access as set forth above in one or more Designated Record Sets electronically and if the Individual requests an electronic copy of such information, Business Associate shall provide the Individual with access to the Protected Health Information in the electronic form and format requested by the Individual, if it is readily producible in such form and format; or, if not, in a readable electronic form and format as agreed to by Covered Entity and the Individual.
Use and Disclosure of Protected Health Information The Business Associate must not use or further disclose protected health information other than as permitted or required by the Contract or as required by law. The Business Associate must not use or further disclose protected health information in a manner that would violate the requirements of HIPAA Regulations.
Confidentiality of Contractor Information The Contractor acknowledges and agrees that this Contract and any and all Contractor information obtained by the State in connection with this Contract are subject to the State of Vermont Access to Public Records Act, 1 V.S.A. § 315 et seq. The State will not disclose information for which a reasonable claim of exemption can be made pursuant to 1 V.S.A. § 317(c), including, but not limited to, trade secrets, proprietary information or financial information, including any formulae, plan, pattern, process, tool, mechanism, compound, procedure, production data, or compilation of information which is not patented, which is known only to the Contractor, and which gives the Contractor an opportunity to obtain business advantage over competitors who do not know it or use it.
Protected Health Information “Protected Health Information” shall have the same meaning as the term “protected health information” in Section 160.103 and is limited to the information created or received by Contractor from or on behalf of County.
Protection of Personal Information Party agrees to comply with all applicable state and federal statutes to assure protection and security of personal information, or of any personally identifiable information (PII), including the Security Breach Notice Act, 9 V.S.A. § 2435, the Social Security Number Protection Act, 9 V.S.A. § 2440, the Document Safe Destruction Act, 9 V.S.A. § 2445 and 45 CFR 155.260. As used here, PII shall include any information, in any medium, including electronic, which can be used to distinguish or trace an individual’s identity, such as his/her name, social security number, biometric records, etc., either alone or when combined with any other personal or identifiable information that is linked or linkable to a specific person, such as date and place or birth, mother’s maiden name, etc.
Access, Information and Confidentiality (a) From the date of this Agreement, until the date when the Investor no longer beneficially owns at least fifty percent (50%) or more of all of the Purchased Shares (a “Qualifying Ownership Interest”), subject to applicable law or regulatory requirements, the Company will use reasonable efforts to afford the Investor and its representatives (including employees of the Investor, and counsel, accountants, investment advisors and other professionals retained by the Investor) such access during normal business hours to its and the Company Subsidiaries’ books, records, properties and personnel and to such other information as the Investor may reasonably request.
(b) Each party to this Agreement will hold, and will cause its respective subsidiaries and their directors, officers, employees, agents, consultants, and advisors to hold, in strict confidence, unless disclosure to a Governmental Entity (and, solely with respect to the Company, the Bankruptcy Court) is necessary or appropriate in connection with any necessary regulatory approval or unless compelled to disclose by judicial or administrative process or by other requirement of law or the applicable requirements of any Governmental Entity (and, solely with respect to the Company, the Bankruptcy Court), all nonpublic records, books, contracts, instruments, computer data and other data and information (collectively, “Information”) concerning the other party hereto furnished to it by such other party or its representatives pursuant to this Agreement (except to the extent that such Information can be shown to have been (1) previously known by such party on a nonconfidential basis, (2) in the public domain through no fault of such party, or (3) later lawfully acquired from other sources by the party to which it was furnished), and neither party hereto shall release or disclose such Information to any other person, except its auditors, attorneys, financial advisors, other consultants, and advisors and, to the extent permitted above, to bank regulatory authorities. Prior to any disclosure of Information permitted by the prior sentence, the party proposing to disclose such Information shall, to the extent legally permissible, provide notice to the other party so that the other party may, at its own expense, seek an protective order or other appropriate remedy and/or waive compliance with the provisions of this Section 3.2(b). If such protective order or other remedy is denied, the party proposing to disclose such Information shall (x) furnish only that portion of the Information that, based upon the advice of counsel, is necessary to be disclosed in connection with such necessary regulatory approval or is compelled to be disclosed by such judicial or administrative process or by such other requirement of law or such applicable requirements and (y) use its reasonable best efforts to obtain assurances that confidential treatment will be accorded to the Information.
CONFIDENTIALITY/SAFEGUARDING OF INFORMATION The CONTRACTOR shall not use or disclose any information concerning the AGENCY, or information that may be classified as confidential, for any purpose not directly connected with the administration of this contract, except with prior written consent of the AGENCY, or as may be required by law.
