Privacy Requirements. In providing the Administrative Services provided for under this Agreement, and in connection with maintaining, administering, handling and transferring the data of the policyholders and other recipients of benefits under the Reinsured Contracts, the Administrator shall, and shall cause its Affiliates and any permitted Subcontractors to, comply with all confidentiality and security obligations applicable to them in connection with the collection, use, disclosure, maintenance and transmission of personal, private, health or financial information about individual policyholders or benefit recipients, including the provisions of privacy policies under which such information was gathered, those laws currently in place and which may become effective during the term of this Agreement, including the Xxxxx-Xxxxx-Xxxxxx Act, the Health Insurance Portability and Accountability Act of 1996 and any other Applicable Laws. The Administrator shall entitle the Company and its agents and representatives, the Commissioner of Health and Human Services and such other Governmental Authorities, to the extent required by Applicable Law, to audit the Administrator’s compliance herewith. The Administrator shall also enable individual subjects of personally identifiable information, upon request from such individuals, to review and correct information maintained by the Administrator about them, and to restrict use of such information. The Administrator shall promptly report to the Company any violation of this provision of which the Administrator becomes aware. Unless required by Applicable Law, the Administrator shall not during the term of this Agreement, modify the privacy policies under which information utilized by the Administrator in administering the Reinsured Contracts is gathered, without the Company’s prior written consent, which consent shall not be unreasonably withheld. The parties agree to comply with the terms of the Business Associate Addendum attached hereto, if applicable, or such other written agreement as may be required by Applicable Law on the date hereof.
Privacy Requirements. To the extent Business Associate is to carry out one or more of Covered Entity's obligation(s) under Subpart E of 45 CFR Part 164, Business Associate shall comply with the requirements of Subpart E that apply to the Covered Entity in the performance of such obligation(s).
Privacy Requirements. 2.4.1 IDPs must demonstrate how their assurance regime and operational capability will support a privacy model and customer consent process, ensuring that the customer has an understanding of how the service will use the information provided by the customer respecting their consent to use the service. In particular the solution must have the ability to include a privacy notice acceptance process within a registration process. IDPs must demonstrate how principles outlined in paragraph 1.2 are reflected in their proposed service.
2.4.2 IDPs must ensure that no data relating to a customer’s relationship with HMG is held by the IDP (including any sub-contractors or partners). IDPs are required to demonstrate how they will comply with this requirement throughout the supply chain.
2.4.3 Successful IDPs must demonstrate in their response how their service will comply with the elimination of storage of any partial/full personal information in any part of their systems that could possibly link the customer with DWP and/or any OGD and does not leave any HMG service-related ‘footprint’ on the customer’s records held by the IDPs.
2.4.4 It is recognised that IDPs will need to retain activity-related information (not customer specific) for billing and payment purposes. IDPs will need to demonstrate how they can accurately record this information.
2.4.5 For evaluation purposes, Key Criteria 2 refers (see Annex B).
Privacy Requirements. The Dealer Manager shall:
(i) abide by and comply with (A) the privacy requirements of the GLB Act that are applicable to the Dealer Manager, (B) the privacy requirements of any other applicable federal or state law that are applicable to the Dealer Manager, and (C) its own internal privacy policies and procedures, each as may be amended from time to time; and
(ii) refrain from the use or disclosure of nonpublic personal information (as defined under the GLB Act) of all customers who have opted out of such disclosures except as necessary to service the customers or as otherwise necessary or required by applicable law.
Privacy Requirements. In keeping with TCIA’s grant-funded mandate from NIH, the Dataset is considered de-identified information as defined by the Health Insurance Portability and Accountability Act of 1996, as amended (“HIPAA”). However, some Datasets may be susceptible to three-dimensional reconstruction of the face, head, or body such that reidentification is theoretically possible. User will take the following steps in order to protect the privacy rights of all individuals whose images are included within the Dataset:
3.1. User will not use the Dataset, either alone or in concert with any other information, to make any effort to identify or contact individuals who are or may be the sources of the information in the Dataset without specific written approval from UAMS and appropriate Institutional Review Board (IRB) approval, if required pursuant to 45 C.F.R. Part 46. If User inadvertently receives identifiable information or otherwise identifies a subject, User will promptly notify UAMS and follow UAMS’s reasonable written instructions, which may include the return or destruction of identifiable information.
3.2. User is strictly prohibited from generating or using images or comparable representations of the face, head, or body for facial recognition, reidentification, or other purposes that could allow the identities of research participants to be readily ascertained.
3.3. User is prohibited from using the Dataset to reconstruct representations of the face, head, or body unless approved in Exhibit A for scientifically valid purposes unrelated to reidentification.
3.4. User will not request, and UAMS will not release, the key codes to the Dataset to the User. Further, User will not request the key codes from any third parties that provided the Dataset to UAMS.
3.5. User will follow relevant institutional policies and applicable federal, state, and local laws and regulations (if any) concerning the completion of IRB or ethics review or approval that may be required for the Project.
3.6. User will not use or further disclose the Dataset or any derivative works or derivative data of the Dataset, in any case in whole or in part, other than as permitted by this License or as otherwise required by law. User shall report to UAMS promptly upon User’s discovery of any unauthorized use or disclosure of the Dataset not permitted by this License. User shall provide the following information: (1) the nature of the use or disclosure; (2) the information used or disclosed; (3) the identity ...
Privacy Requirements. (a) In the course of performing the Work pursuant to this Agreement, Consultant may come into contact with Personally Identifiable Information (“PII”). PII is information relating to an individual that reasonably identifies the individual and, if compromised, could cause harm to that individual or to the College, its employees, administrators, students or agents. Examples may include, but are not limited to: Social Security Numbers; credit card numbers or bank account information with passcode for access; student grades or disciplinary information; salary or employee performance information; donations; protected health information; or account passwords or encryption keys used to protect access to PII.
(b) Consultant shall maintain adequate administrative, technical and physical safeguards against unauthorized access, use, or disclosure of PII or any other Confidential Information as defined in paragraph 3 of this Agreement. This requirement includes but it is not limited to, the following components:
(i) PII or Confidential Information may only be stored on electronic computing devices that are current in their anti-virus software and security patches and that are protected by a firewall; on portable electronic computing devices, which may include, but not limited to laptop and notebook computers, that are current in their anti-virus software and security patches as well as protected by a firewall and storage encryption; on portable storage devices which may include, but not limited to mobile devices or USB drive, unless such data is protected with encryption.
(ii) All electronically access to PII or Confidential Information shall be via a unique user ID and a unique password that is not shared with others;
(iii) PII or Confidential Information transmitted electronically must be encrypted in transmission.
(iv) When PII or Confidential Information is no longer required under this Agreement, and is no longer required to be maintained by applicable law or the terms of this Agreement, Consultant shall securely destroy such information including any backups..
(c) Notice of incident involving PII or Confidential Information - Consultant shall immediately report to the Office of the President of HVCC and the HVCC representative to whom the Consultant directly reports any unauthorized access, use, loss, disclosure, modification or destruction of PII or Confidential Information within 24 hours of discovery. In such event Consultant shall (i) use best efforts to det...
Privacy Requirements. Seller has complied, and will continue to comply with, the Privacy Requirements with respect to the Purchased Residuals.
Privacy Requirements. Provider shall comply with HIPAA, HITECH and all applicable Laws, as amended, and the regulations thereunder.
Privacy Requirements. (a) Foreside shall not collect, retain, use, sell, or disclose personal information except as necessary to perform its responsibilities pursuant to the Agreement or as required by law. Foreside shall not disclose personal information to any third party for monetary or other valuable consideration or retain, use, or disclose personal information outside of the direct business relationship between Foreside and the Trust.
(b) Foreside has implemented, and shall maintain throughout the term of the Agreement, reasonable security procedures and practices appropriate to the nature of the personal information to protect the personal information.
Privacy Requirements. DEALER agrees to comply with the privacy terms and conditions, if any, set forth on the attached Exhibit, Addendum or Statement of Work.
