COMPLIANCE WITH BREACH NOTIFICATION AND DATA SECURITY LAWS Contractor shall comply with the provisions of the New York State Information Security Breach and Notification Act (General Business Law § 899-aa and State Technology Law § 208) and commencing March 21, 2020 shall also comply with General Business Law § 899-bb.
Certification of Compliance with the Energy Policy and Conservation Act When appropriate and to the extent consistent with the law, Vendor certifies that it will comply with the Energy Policy and Conservation Act (42 U.S.C. 6321 et seq; 49 C.F.R. Part 18) and any mandatory standards and policies relating to energy efficiency which are contained in applicable state energy conservation plans issued in compliance with the Act. Does Vendor agree? Yes
Electronic and Information Resources Accessibility and Security Standards a. Applicability: The following Electronic and Information Resources (“EIR”) requirements apply to the Contract because the Grantee performs services that include EIR that the System Agency's employees are required or permitted to access or members of the public are required or permitted to access. This Section does not apply to incidental uses of EIR in the performance of the Agreement, unless the Parties agree that the EIR will become property of the State of Texas or will be used by HHSC’s clients or recipients after completion of the Agreement. Nothing in this section is intended to prescribe the use of particular designs or technologies or to prevent the use of alternative technologies, provided they result in substantially equivalent or greater access to and use of a Product.
PERSONAL INFORMATION PRIVACY AND SECURITY CONTRACT 11 Any reference to statutory, regulatory, or contractual language herein shall be to such language as in 12 effect or as amended.
13 A. DEFINITIONS
ACCESS TO SECURITY LOGS AND REPORTS Upon request, the Contractor shall provide access to security logs and reports to the State or Authorized User in a format as specified in the Authorized User Agreement.
Compliance with Applicable Laws; Distribution of Prospectus and Reports; Confirmations In connection with its respective activities hereunder, each party agrees to abide by the Conduct Rules of FINRA and all other rules of self-regulatory organizations of which the relevant party is a member, as well as all laws, rules and regulations, including federal and state securities laws, that are applicable to the relevant party (and its associated persons) from time to time in connection with its activities hereunder (“Applicable Laws”). You are authorized to distribute to your customers the current Prospectus, as well as any supplemental sales material received from the Fund or the Distributor (acting on behalf of the Fund) (on the terms and for the period specified by us or stated in such material). You are not authorized to distribute, furnish or display any other sales or promotional material relating to a Fund without our prior written approval, but you may identify the Funds in a listing of mutual funds available through you to your customers. Unless otherwise mutually agreed in writing, you shall deliver or cause to be delivered to each customer who purchases shares of any Funds from or through you, copies of all annual and interim reports, proxy solicitation materials, and any other information and materials relating to such Funds and prepared by or on behalf of the Funds or us. If required by Rule 10b-10 under the Securities Exchange Act or other Applicable Laws, you shall send or cause to be sent confirmations or other reports to your customers containing such information as may be required by Applicable Laws.
Data Privacy and Security Laws The Company is, and at all prior times was, in material compliance with all applicable state and federal data privacy and security laws and regulations in the United States, including, without limitation, the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) as amended by the Health Information Technology for Economic and Clinical Health Act, and all applicable provincial and federal data privacy and security laws and regulations in Canada, including without limitation the Personal Information Protection and Electronic Documents Act (S.C. 2000, c. 5) (“PIPEDA”); and the Company has taken commercially reasonable actions to prepare to comply with, and have been and currently are in compliance with, the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679) (collectively, the “Privacy Laws”). To ensure compliance with the Privacy Laws, the Company has in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). “Personal Data” means (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) Protected Health Information as defined by HIPAA; (iv) “personal information”, “personal health information”. and “business contact information” as defined by PIPEDA; (v) “personal data” as defined by GDPR; and (vi) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. The Company has at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, been inaccurate or in violation of any applicable laws and regulatory rules or requirements in any material respect. The Company further certifies: (i) it has not received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law.
Notice of Privacy Practices Business Associate shall abide by the limitations of Covered Entity’s Notice of which it has knowledge. Any use or disclosure permitted by this Agreement may be amended by changes to Covered Entity’s Notice; provided, however, that the amended Notice shall not affect permitted uses and disclosures on which Business Associate relied prior to receiving notice of such amended Notice.
Compliance with Texas Privacy Laws and Regulations In performing their respective obligations under the Agreement, the LEA and the Provider shall comply with all Texas laws and regulations pertaining to LEA data privacy and confidentiality, including but not limited to the Texas Education Code Chapter 32, and Texas Government Code Chapter 560.
