Common use of Protection of Purchasers Confidential Information Clause in Contracts

Protection of Purchasers Confidential Information. Contractor acknowledges that some of the material and information that may come into its possession or knowledge in connection with this Contract or its performance may consist of information that is exempt from disclosure to the public or other unauthorized persons under either chapter 42.17 RCW or other state or federal statutes (“Confidential Information”). Confidential Information includes, but is not limited to, names, addresses, Social Security numbers, e-mail addresses, telephone numbers, financial profiles, credit card information, driver’s license numbers, medical data, law enforcement records, agency source code or object code, agency security data, or information identifiable to an individual that relates to any of these types of information. Contractor agrees to hold Confidential Information in strictest confidence and not to make use of Confidential Information for any purpose other than the performance of this Contract, to release it only to authorized employees or Subcontractors requiring such information for the purposes of carrying out this Contract, and not to release, divulge, publish, transfer, sell, disclose, or otherwise make the information known to any other party without Purchaser’s express written consent or as provided by law. Contractor agrees to release such information or material only to employees or Subcontractors who have signed a nondisclosure agreement, the terms of which have been previously approved by Purchaser. Contractor agrees to implement physical, electronic, and managerial safeguards to prevent unauthorized access to Confidential Information. Immediately upon expiration or termination of this Contract, Contractor shall, at Purchaser’s option: (i) certify to Purchaser that Contractor has destroyed all Confidential Information; or (ii) return all Confidential Information to Purchaser; or (iii) take whatever other steps Purchaser requires of Contractor to protect Purchaser’s Confidential Information. Contractor shall maintain a log documenting the following: the Confidential Information received in the performance of this Contract; the purpose(s) for which the Confidential Information was received; who received, maintained and used the Confidential Information; and the final disposition of the Confidential Information. Contractor’s records shall be subject to inspection, review or audit in accordance with Review of Contractor’s Records. Purchaser reserves the right to monitor, audit, or investigate the use of Confidential Information collected, used, or acquired by Contractor through this Contract. The monitoring, auditing, or investigating may include, but is not limited to, salting databases. Violation of this section by Contractor or its Subcontractors may result in termination of this Contract and demand for return of all Confidential Information, monetary damages, or penalties.

Protection of Purchasers Confidential Information. Contractor 21.1 Vendor acknowledges that some of the material and information that may come into its possession or knowledge in connection with this Contract or its performance may consist of information that is exempt from disclosure to the public or other unauthorized persons under either chapter 42.17 RCW or other state or federal statutes (“Confidential Information”). Confidential Information includes, but is not limited to, names, addresses, Social Security numbers, e-mail addresses, telephone numbers, financial profiles, credit card information, driver’s license numbers, medical data, law enforcement records, agency source code or object code, agency security data, financial identifiers, education, business, receipt of governmental services, or information identifiable to an individual that relates to any of these types of information. Contractor Vendor agrees to hold Confidential Information in strictest confidence and not to make use of Confidential Information for any purpose other than the performance of this Contract, to release it only to authorized employees or Subcontractors requiring such information for the purposes of carrying out this Contract, and not to release, divulge, publish, transfer, sell, disclose, or otherwise make the information known to any other party without Purchaser’s express written consent or as provided by law. Contractor Vendor agrees to release such information or material only to employees or Subcontractors who have signed a nondisclosure agreement, the terms of which have been previously approved by Purchaser. Contractor Vendor agrees to implement physical, electronic, and managerial safeguards to prevent unauthorized access to Confidential Information. . 21.2 Immediately upon expiration or termination of this Contract, Contractor Vendor shall, at PurchaserCIS’s option: (i) certify to Purchaser CIS that Contractor Vendor has destroyed all Confidential Information; or (ii) return all Confidential Information to Purchaser; or (iii) take whatever other steps Purchaser CIS requires of Contractor Vendor to protect Purchaser’s Confidential Information. Contractor shall maintain a log documenting . 21.3 [Executive Order 00-03 requires agencies to establish reasonable procedures to review, monitor, audit, or investigate the following: the Confidential Information received use of personal information (included in the performance definition of Confidential Information) by vendors and subcontractors and provide for these procedures in contracts. The following subsection is one method. If not reasonable for this Contract; the purpose(s) , insert an alternative method for which the Confidential Information was received; who received, maintained and used the Confidential Information; and the final disposition of the Confidential Information. Contractor’s records shall be subject to inspection, review or audit in accordance with Review of Contractor’s Records. Purchaser compliance. 21.4 CIS reserves the right to monitor, audit, or investigate the use of Confidential Information collected, used, or acquired by Contractor Vendor through this Contract. The monitoring, auditing, or investigating may include, but is not limited to, salting databases. Salting is the act of placing a record containing unique but false information in a database that may be used later to identify inappropriate disclosure of data contained in the database. 21.5 Violation of this section by Contractor Vendor or its Subcontractors may result in termination of this Contract and demand for return of all Confidential Information, monetary damages, or penalties.

Protection of Purchasers Confidential Information. (See Section 50 below for Purchaser’s obligations to protect Contractor’s Proprietary Information.) 19.1. Contractor acknowledges that some of the material and information that may come into its possession or knowledge in connection with or in performance of this Contract or its performance a Work Order may consist of information that is exempt from disclosure to the public or other unauthorized persons under either chapter 42.17 RCW or other state or federal statutes (“Confidential Information”). Confidential Information includes, but is not limited to, names, addresses, Social Security numbers, e-mail addresses, telephone numbers, financial profiles, credit card information, driver’s license numbers, medical data, law enforcement records, agency source code or object code, agency security data, or information identifiable to an individual that relates to any of these types of information. Contractor agrees to hold Confidential Information in strictest confidence and not to make use of Confidential Information for any purpose other than the performance of this ContractContract or any Work Order, to release it only to authorized employees or Subcontractors requiring such information for the purposes of carrying out this ContractContract or any Work Order, and not to release, divulge, publish, transfer, sell, disclose, or otherwise make the information known to any other party without Purchaser’s express written consent or as provided by law. Contractor agrees to release such information or material only to employees or Subcontractors who have signed a nondisclosure agreement, the terms of which have been previously approved by Purchaser. Contractor agrees to implement physical, electronic, and managerial safeguards safeguards, including but not limited to those prescribed by the Purchaser, to prevent unauthorized access to Confidential Information. Contractors that may come into contact with medical data or Protected Health Information will be required to complete a Business Associate agreement, as required by federal or state laws, including HIPAA, prior to the commencement of any work. 19.2. Immediately upon expiration or termination of this ContractContract or any Work Order, Contractor shall, as applicable, at DES’s or Purchaser’s option: (i) certify to DES or Purchaser that Contractor has destroyed all Confidential Information; or (ii) return all Confidential Information to DES or Purchaser; or (iii) take whatever other steps DES or Purchaser requires of Contractor to protect DES’s or Purchaser’s Confidential Information. 19.3. Contractor shall maintain a log documenting the following: the Confidential Information received in the performance of this Contract; the purpose(s) for which the Confidential Information was received; who received, maintained DES and used the Confidential Information; and the final disposition of the Confidential Information. Contractor’s records shall be subject to inspection, review or audit in accordance with Review of Contractor’s Records. Purchaser reserves Purchasers reserve the right to monitor, audit, or investigate the use of Confidential Information collected, used, or acquired by Contractor through this ContractContract or any Work Order. The monitoring, auditing, or investigating may include, but is not limited to, salting databases. 19.4. In the event of the unauthorized acquisition of computerized data that compromises the security, confidentiality, or integrity of personal information maintained by the Purchaser (“Data Breach”), Vendor agrees to comply with all applicable state and federal statutory provisions, including but not limited to RCW 19.255.010 and RCW 42.56.590. If a data compromise and/or identity theft occurs and is found to be the result of Vendor’s acts or omissions, Vendor shall assume complete responsibility for notification of affected parties, and be liable for all associated costs incurred by DES or Purchaser in responding to or recovering from the Data Breach. 19.5. Violation of this section by Contractor or its Subcontractors may result in termination of this Contract and any Work Order and demand for return of all Confidential Information, and/or payment of monetary damages, or penalties.