Protected Information Authorization. A. Applications that handle Protected Information must have explicitly defined authorization controls that prevent users from exceeding their authorized privileges.
Protected Information Authorization Sample Clauses
Related to Protected Information Authorization
Protected Information 5.3.1 In this Section "
Security of Confidential Information Each party possessing Confidential Information of the other party will maintain all such Confidential Information under secure conditions, using reasonable security measures and in any event not less than the same security procedures used by such party for the protection of its own Confidential Information of a similar kind.
Protection of Confidential Information The Servicer shall keep confidential and shall not divulge to any party, without the Seller’s prior written consent, any nonpublic information pertaining to the Mortgage Loans or any borrower thereunder, except to the extent that it is appropriate for the Servicer to do so in working with legal counsel, auditors, taxing authorities or other governmental agencies or it is otherwise in accordance with Accepted Servicing Practices.
Access to Protected Information If BA maintains a designated record set on behalf of CE, BA shall make Protected Information maintained by BA or its agents or subcontractors in Designated Record Sets available to CE for inspection and copying within five (5) days of a request by CE to enable CE to fulfill its obligations under state law [Health and Safety Code Section 123110] and the Privacy Rule, including, but not limited to, 45 C.F.R. Section 164.524 [45 C.F.R. Section 164.504(e)(2)(ii)(E)]. If BA maintains Protected Information in electronic format, BA shall provide such information in electronic format as necessary to enable CE to fulfill its obligations under the HITECH Act and HIPAA Regulations, including, but not limited to, 42 U.S.C. Section 17935(e) and 45 C.F.R. Section 164.524.
Disposal of Confidential Information The disposal of all printed materials containing Citizens Confidential Information must be done in a manner that renders the information inaccessible to others (the use of a reputable third party shredding company is permissible).
HANDLING OF CONFIDENTIAL INFORMATION The Company agrees to undertake the following in relation to IHiS’ Confidential Information: to maintain the same in confidence and to use it only for the Purpose and for no other purpose; not to make any commercial use thereof; not to use the same for the benefit of itself or of any third party other than pursuant to a further agreement with IHiS; not to use the same for the purpose of guiding or conducting a search of any information, materials or sources, whether or not available to the public, for any purpose whatsoever, including without limitation, for the purpose of demonstrating that any information falls within one of the exceptions in Clause 1.1(b); not to copy, reproduce, reverse engineer or reduce to writing any part thereof except as may be reasonably necessary for the Purpose and that any copies, reproductions or reductions to writing so made shall be the property of IHiS; not to disclose the Confidential Information whether to its employees or to third parties except in confidence to such of its Representatives who have been informed of the confidential nature thereof and who need to know the same for the Purpose and that: such Representatives are contractually obliged (whether by their contracts of employment or service, or otherwise) not to disclose the same or to use the same otherwise than for the Purpose; and the Company shall enforce such obligations at its expense, and to such extent as may be required by IHiS, in the event of a breach thereof that relates to IHiS' Confidential Information; to ensure the compliance to this NDA (including sub-clauses (a) to (f) above) on the part of its Representatives to whom Confidential Information is disclosed; and to apply to the Confidential Information no lesser security measures and degree of care than those which the Company applies to its own confidential or proprietary information of similar nature, but in no event less than reasonable care, and which the Company warrants as being adequate protection of such information from unauthorised disclosure, copying or use. The Company, as the principal party, shall be responsible and held liable for any breach of this NDA by any of its Representatives. If the Company is uncertain as to whether any information is Confidential Information, the Company shall treat the information as if it was Confidential Information, unless otherwise agreed by IHiS in writing. The Company shall immediately notify IHiS of any unauthorised disclosure or use of the Confidential Information of which the Company becomes aware and will take all steps which IHiS may require in relation to such unauthorised disclosure or use, or to prevent further unauthorised disclosure or use. Notwithstanding the foregoing, the Company shall be entitled to make any disclosure of the Confidential Information as required by law, but shall give IHiS not less than TWO (2) business days' notice of such disclosure and shall consult with IHiS prior to such disclosure with a view to avoiding such disclosure, if legally possible.
Disposition of Confidential Information Upon termination of Agreement or request of City, Contractor shall within forty-eight (48) hours return all Confidential Information which includes all original media. Once Contractor has received written confirmation from City that Confidential Information has been successfully transferred to City, Contractor shall within ten (10) business days purge all Confidential Information from its servers, any hosted environment Contractor has used in performance of this Agreement, work stations that were used to process the data or for production of the data, and any other work files stored by Contractor in whatever medium. Contractor shall provide City with written certification that such purge occurred within five (5) business days of the purge.
Confidential Information Breach This shall mean, generally, an instance where an unauthorized person or entity accesses Confidential Information in any manner, including but not limited to the following occurrences: (1) any Confidential Information that is not encrypted or protected is misplaced, lost, stolen or in any way compromised; (2)one or more third parties have had access to or taken control or possession of any Confidential Information that is not encrypted or protected without prior written authorization from the State; (3) the unauthorized acquisition of encrypted or protected Confidential Information together with the confidential process or key that is capable of compromising the integrity of the Confidential Information; or (4) if there is a substantial risk of identity theft or fraud to the Client Agency, the Contractor, DAS or State.
Information Disclosure We will disclose information to third parties about your account or the transactions you make: (1) when it is necessary for completing transactions, or (2) in order to verify the existence and condition of your account for a third party, such as a credit bureau or merchant, or (3) in order to comply with government agency or court orders, or (4) if you give us your written permission.
Handling Sensitive Personal Information and Breach Notification A. As part of its contract with HHSC Contractor may receive or create sensitive personal information, as section 521.002 of the Business and Commerce Code defines that phrase. Contractor must use appropriate safeguards to protect this sensitive personal information. These safeguards must include maintaining the sensitive personal information in a form that is unusable, unreadable, or indecipherable to unauthorized persons. Contractor may consult the “Guidance to Render Unsecured Protected Health Information Unusable, Unreadable, or Indecipherable to Unauthorized Individuals” issued by the U.S. Department of Health and Human Services to determine ways to meet this standard.
