Privacy Security and Retention of Records
Privacy Security and Retention of Records Sample Clauses
Related to Privacy Security and Retention of Records
Access and Retention of Records County agrees to provide the State Arresting Agencies, the Legislative Auditor, or their authorized agents with access to any records necessary to determine contract compliance. County agrees to create and retain records supporting the services rendered for a period of eight years after either the completion date of the Agreement or the conclusion of any claim, litigation, or exception relating to the Agreement taken by the State of Montana or third party.
Inspection and Retention of Records In addition to any other requirement under this Agreement or at law, Party must fulfill all state and federal legal requirements, and will comply with all requests appropriate to enable the Agency of Human Services, the U.S. Department of Health and Human Services (along with its Inspector General and the Centers for Medicare and Medicaid Services), the Comptroller General, the Government Accounting Office, or any of their designees: (i) to evaluate through inspection or other means the quality, appropriateness, and timeliness of services performed under this Agreement; and (ii) to inspect and audit any records, financial data, contracts, computer or other electronic systems of Party relating to the performance of services under Vermont’s Medicaid program and Vermont’s Global Commitment to Health Waiver. Party will retain for ten years all documents required to be retained pursuant to 42 CFR 438.3(u).
Retention of Records The Contractor and its subcontractors shall maintain all records pertinent to this Agreement, and all other financial, statistical, property, participant records, and supporting documentation for a period of no less than seven (7) years from the later of the date of acceptance of the final payment or until all audit findings have been resolved. If any litigation, claim, negotiation, audit or other action involving the records has been started before the expiration of the retention period, the records shall be retained until completion of the action and resolution of all issues which arise from it, or until the end of the seven (7) years, whichever is later, and until any outstanding litigation, audit, or claim has been fully resolved.
Preservation of Records The Assuming Bank agrees that it will preserve and maintain for the joint benefit of the Receiver, the Corporation and the Assuming Bank, all Records of which it has custody for such period as either the Receiver or the Corporation in its discretion may require, until directed otherwise, in writing, by the Receiver or Corporation. The Assuming Bank shall have the primary responsibility to respond to subpoenas, discovery requests, and other similar official inquiries with respect to the Records of which it has custody.
Confidentiality and Surrender of Records Executive shall not, during the Term or at any time thereafter (irrespective of the circumstances under which Executive’s employment by the Company terminates), except to the extent required by law, directly or indirectly publish, make known or in any fashion disclose any confidential records to, or permit any inspection or copying of confidential records by, any person or entity other than in the course of such person’s or entity’s employment or retention by the Company, nor shall Executive retain, and will deliver promptly to the Company, any of the same following termination of Executive’s employment hereunder for any reason or upon request by the Company. For purposes hereof, “confidential records” means those portions of correspondence, memoranda, files, manuals, books, lists, financial, operating or marketing records, magnetic tape, or electronic or other media or equipment of any kind in Executive’s possession or under Executive’s control or accessible to Executive which contain any proprietary information. All confidential records shall be and remain the sole property of the Company during the Term and thereafter.
Retention of Records; Access 7.01 For so long as the contents thereof may become material in the administration of any matter under applicable Tax Law, but in any event until the later of (i) the expiration of any applicable statutes of limitation and (ii) seven years after the Closing Date, the Parties shall (a) retain records, documents, accounting data and other information (including computer data and the systems necessary to access such data) necessary for the preparation and filing of all Tax Returns in respect of Taxes of any member of the CCE Group or the Splitco Group or for any Tax Contests relating to such Tax Returns, and (b) give to the other Parties reasonable access to such records, documents, accounting data and other information (including computer data) and to its personnel (insuring their cooperation), systems and premises, for the purpose of the review or audit of such Tax Returns to the extent relevant to an obligation or liability of a Party under this Agreement or for purposes of the preparation or filing of any such Tax Return, the conduct of any Tax Contest or any other matter reasonably and in good faith related to the Tax affairs of the requesting Party. At any time after the Closing Date that TCCC or Splitco proposes to destroy such material or information, it shall first notify the other Party in writing and such other Party shall be entitled to receive such materials or information proposed to be destroyed.
Location of Records The offices where the initial Servicer keeps all of its records relating to the servicing of the Pool Receivables are located at Xxx XXX Xxxxxx, Xxxxxxx, XX 00000.
Retention of Records and Audit A. The Contractor shall maintain all financial data, supporting documents, and all other records relating to performance and billing under this Agreement for a period in accordance with state and federal law, a minimum retention period being no less than four (4) years after final payment under this Agreement. B. The Contractor shall permit the authorized representative of the Judicial Council or its designee or both at any reasonable time to inspect or audit all data relating to performance and billing to the Judicial Council under this Agreement. Without limiting the foregoing, this Agreement is subject to examinations and audit by the State Auditor for a period of three years after final payment.
Access to Information and Records During the period commencing thirty (30) days prior to the Closing Date, the Seller shall give Buyer, its counsel, accountants and other representatives (i) access during normal business hours to all of the properties, books, records, contracts and documents of the Seller for the purpose of such inspection, investigation and testing as Buyer deems appropriate (and the Seller shall furnish or cause to be furnished to Buyer and its representatives all information with respect to the business and affairs of the Seller as Buyer may request); (ii) access to employees, agents and representatives for the purposes of such meetings and communications as Buyer reasonably desires; and (iii) access to vendors, customers, manufacturers of its machinery and equipment, and others having business dealings with the Seller. Through the Closing Date, the Buyer and its Affiliates shall not disclose any Proprietary Information obtained pursuant to this paragraph to any third parties and until the Closing Date will not use any such Proprietary Information in the Buyer's business or any affiliated business without the prior written consent of the Seller and then only to the extent specified in that consent. Consent may be granted or withheld at the sole discretion of the Seller. The Buyer shall not contact any suppliers, customers, employees, affiliates or associates to circumvent the purposes of this provision. The Buyer shall take all steps reasonably necessary or appropriate to maintain the strict confidentiality of the Proprietary Information through the Closing Date.
Confidentiality and Data Security (a) The Custodian agrees to keep confidential, and to cause its employees and agents to keep confidential, all records of the Funds and information relating to the Funds, including without limitation information as to their respective shareholders and their respective portfolio holdings, unless the release of such records or information is made (i) in connection with the services provided under this Agreement, (ii) at the written direction of the applicable Fund or otherwise consented to, in writing, by the respective Funds, (iii) in response to a request of a governmental, regulatory or self-regulatory authority or agency or pursuant to a subpoena, court order or other legal process, in each case with respect to which the Custodian has determined, on the advice of counsel, that it is required to comply, or (iv) where the Custodian has determined, on the advice of counsel, that the failure to release such information would expose the Custodian to civil or criminal contempt proceedings; provided in the case of clause (iii) or (iv) the Custodian provides the applicable Fund written notice of such requirement to release such records or information, to the extent such notice is permitted. The foregoing shall not be applicable to any information that is publicly available when provided and shall cease to be applicable to any information that thereafter becomes publicly available, other than through a breach of this Section 10(a), or that is independently derived by any party hereto without the use of any information derived in connection with the services provided under this Agreement. Notwithstanding the foregoing but subject to Section 10(d), (1) the Custodian may use information regarding the Funds in connection with certain functions performed on a centralized basis by the Custodian, its affiliates or its or their service providers (including audit, accounting, risk, legal, compliance, sales, administration, product communication, relationship management, compilation and analysis of customer-related data and storage) and disclose such information to its affiliates and to its or their service providers who are subject to the confidentiality obligations hereunder with respect to such information, but only for the purpose of servicing the Funds in connection with the relationship contemplated by this Agreement or providing additional services to the Funds, and (2) the Custodian may aggregate Fund or Portfolio data with similar data of other customers of the Custodian (“Aggregated Data”) and may use Aggregated Data so long as such Aggregated Data represents such a sufficiently large sample that no Fund or Portfolio data can be identified either directly or by inference or implication. (b) Each Fund agrees to keep confidential all information obtained hereunder relating to the Custodian’s business (it being understood, however, that the existence and the terms of this Agreement are required to be publicly disclosed by the Funds), unless the release of such records or information is (i) necessary to facilitate the receipt of services provided under this Agreement, (ii) in response to a request of a governmental, regulatory or self-regulatory authority or agency or pursuant to a subpoena, court order or other legal process, in each case with respect to which the Fund has determined, on the advice of counsel, that it is required to comply, or (iii) where the Fund has determined, on the advice of counsel, that the failure to release such information would expose the Fund to civil or criminal contempt proceedings; provided in the case of clause (ii) or (iii) the Fund provides the Custodian written notice of such requirement to release such records or information, to the extent such notice is permitted. The foregoing shall not be applicable to any information that is publicly available when provided and shall cease to be applicable to any information that thereafter becomes publicly available, other than through a breach of this Agreement, or that is independently derived by any party hereto without the use of any information derived in connection with the services provided under this Agreement. (c) Notwithstanding any provision herein to the contrary, each party hereto agrees that any Nonpublic Personal Information, as defined under Section 248.3(t) of Regulation S-P (“Regulation S-P”), promulgated under the Xxxxx-Xxxxx-Xxxxxx Act (the “GLB Act”), disclosed or otherwise made accessible by a party hereunder is for the specific purpose of permitting the other party to perform its duties as set forth in this Agreement. Each party agrees that, with respect to such information, it will comply with Regulation S-P and the GLB Act and that it will not disclose any Nonpublic Personal Information received in connection with this Agreement to any other party, except to the extent necessary to carry out the services set forth in this Agreement or as otherwise permitted by Regulation S-P or the GLB Act. (d) Without limiting the generality of Section 10(a) hereof, the Custodian acknowledges and agrees that the Funds are prohibited by law from making selective public disclosure of information regarding portfolio holdings, that disclosure of any and all such information to the Custodian hereunder is made strictly under the conditions of confidentiality set forth in Section 10(a) hereof and solely for the purposes of the performance of custodial services hereunder, that any unauthorized disclosure or misuse of such information (including by the Custodian or any of its employees or agents, or any trading on the basis of such information by anyone in receipt of such information) may constitute a criminal offense of trading on or tipping of material inside information regarding publicly traded securities, that access to any and all such information regarding portfolio holdings of the Funds shall be restricted to those persons needing such information in the course of the performance of duties hereunder, and that the Custodian shall apprise all such persons having access of the obligation hereunder and under applicable law to prevent unauthorized disclosure of such confidential information. (e) The parties acknowledge and agree that any breach of Section 10(a) hereof would cause not only financial damage, but irreparable harm to the other party, for which money damages will not provide an adequate remedy. Accordingly, in the event of a breach of Section 10(a) hereof, the non-breaching party shall (in addition to all other rights and remedies it may have pursuant to this Agreement, including without limitation Section 8(g) hereof, and at law and in equity) be entitled to an injunction, without the necessity of posting any bond or surety, to restrain disclosure or misuse, in whole or in part, of any information in violation of Section 10(a) hereof. (f) The Custodian will implement and maintain a written information security program (the “Security Program”) that contains appropriate security measures designed to safeguard confidential records and information of the Funds consistent with applicable statutes, laws, rules and regulations, and definitive and binding guidance or interpretations by applicable authorities of any of the foregoing from time to time, including without limitation the personal information of the Funds’ shareholders, employees, trustees, directors and/or officers that the Custodian receives, stores, maintains, processes or otherwise accesses in connection with the provision of services hereunder. For these purposes, “personal information” shall mean (i) an individual’s name (first initial and last name or first name and last name), plus (a) social security number, (b) driver’s license number, (c) state identification card number, (d) debit or credit card number, (e) financial account number or (f) personal identification number or password that would permit access to a person’s account or (ii) any combination of the foregoing that would allow a person to log onto or access an individual’s account with the Custodian. Notwithstanding the foregoing “personal information” shall not include information that is lawfully obtained from publicly available information, or from federal, state or local government records lawfully made available to the general public. (g) The Security Program shall have administrative, technical and physical safeguards, appropriate to the type of information concerned, designed: (i) to maintain the security and confidentiality of records and information of the Funds; (ii) to protect against anticipated threats or hazards to the security or integrity of such records and information; and (iii) to protect against unauthorized access to or use of such records and information. The Custodian shall develop, implement and maintain, at its sole expense, a system or methodology to audit for compliance with the requirements of the preceding sentence that is consistent with the SOC controls framework. Such safeguards will include, but shall not be limited to, virus protection, password protection and encryption of data in transmission at a minimum standard of AES 256. The Custodian will provide the Fund, at least annually, with the most recent SOC reports of its systems and methodologies prepared by an independent third party, and will provide executive summaries of its most recent penetration and ethical hack testing of its internet-facing environment relevant to the systems used to provide services under this Agreement (in the form generally provided by the Custodian to other similarly situated customers of services similar to the services provided under this Agreement), as conducted by a qualified, independent third party selected by the Custodian. The Custodian shall maintain books and records sufficient to demonstrate its compliance with the terms of this Section 10(g). (h) Upon reasonable notice to the Custodian, the Custodian will arrange for its relevant subject matter experts to meet with the relevant subject matter experts of the Funds once annually and at such other times as the Funds may reasonably request to review the Custodian’s security controls and any deficiencies identified in the SSAE-18 audit reports, and for the Custodian to review with the Funds the penetration testing results and provide such additional information concerning the penetration tests as the Custodian determines to be prudent. At such meeting, the Funds may view the Custodian’s security-related policies and procedures; however, no documentation may be copied, shared, transmitted or removed from the Custodian’s premises, except as mutually agreed. In the event that the Funds identify any control deficiencies, the Custodian will discuss such findings with the Funds and will use reasonable efforts to develop a mutually agreeable remediation plan. All nonpublic documentation and information disclosed to the Funds in accordance with this Section 10(h) shall be deemed proprietary and confidential information of the Custodian. The Funds shall not disclose such documentation or information to any third party (except to the extent permitted, necessary or required pursuant to Section 10(b)) or use it for any purpose other than evaluating the Custodian’s security controls, except that the Funds may disclose the Custodian’s SSAE-18 summary to the Funds’ external auditors provided that such external auditors are required to maintain the confidentiality of the summary and any related information. (i) In the event of any actual or reasonably suspected, based on Custodian’s experience, breach of security of its systems resulting in the actual, probable or reasonably suspected unauthorized access to or acquisition, use, loss, destruction, compromise or disclosure of any of the confidential records or information of a Fund (each, a “Security Breach”), upon learning of the Security Breach, the Custodian shall notify such Fund as promptly as reasonably possible of the relevant facts related to such Security Breach then known to the Custodian, and of additional relevant facts promptly after they become known to the Custodian, in the manner provided in Section 12 hereof and also by sending notice to xxxxxxxxxxxxx@xxxxxxxxx.xxx and/or such other electronic mail address or addresses as a Fund may specify by written notice to the Custodian. The Custodian shall at its sole cost: (i) promptly investigate such Security Breach; (ii) resolve or mitigate the vulnerability that facilitated the Security Breach to the extent possible; (iii) restore any lost or damaged data using generally accepted data restoration techniques; and (iv) conduct a root cause analysis to provide the Fund with a summary of the findings and actions taken to prevent recurrence of such Security Breach. If a Security Breach occurs with respect to personal information in the possession or under the control of the Custodian or any of its affiliates, subsidiaries, agents or employees the Custodian shall be responsible for each Fund’s reasonable costs associated with responding to such Security Breach, including, but not limited to, the costs of notifying affected individuals and taking any remedial action required by applicable statutes, laws, rules and regulations and any such other remedial action that the Custodian reasonably deems necessary (with due regard for industry standards, if any). (j) If the Custodian uses any subsidiary or affiliate or, pursuant to Section 2.6(a), agent to perform the duties assigned to the Custodian by this Agreement, such subsidiary, affiliate or agent shall have appropriate controls in place to meet the objectives of this Section 10, and the Custodian shall exercise oversight over each such subsidiary, affiliate or agent to ensure ongoing compliance with the objectives of this Section 10. The Custodian will require each Foreign Sub-Custodian that it engages to provide services under this Agreement to establish and maintain reasonably designed safeguards and controls against the unauthorized access to and use of Fund data and information.
