Provisions for Covered Entity to Inform Business Associate of Privacy Practices and Restrictions (a) Covered Entity shall notify Business Associate of any limitation(s) in the notice of privacy practices of Covered Entity under 45 CFR 164.520, to the extent that such limitation may affect Business Associate’s use or disclosure of protected health information.
Passwords and Employee Access Provider shall secure usernames, passwords, and any other means of gaining access to the Services or to Student Data, at a level suggested by Article 4.3 of NIST 800-63-3. Provider shall only provide access to Student Data to employees or contractors that are performing the Services. Employees with access to Student Data shall have signed confidentiality agreements regarding said Student Data. All employees with access to Student Records shall pass criminal background checks.
Confidentiality and Safeguarding of University Records; Press Releases; Public Information Under this Agreement, Contractor may (1) create, (2) receive from or on behalf of University, or (3) have access to, records or record systems (collectively, University Records). Among other things, University Records may contain social security numbers, credit card numbers, or data protected or made confidential or sensitive by Applicable Laws. [Option (Include if University Records are subject to FERPA.): Additional mandatory confidentiality and security compliance requirements with respect to University Records subject to the Family Educational Rights and Privacy Act, 20 United States Code (USC) §1232g (FERPA) are addressed in Section 12.41.] [Option (Include if University is a HIPAA Covered Entity and University Records are subject to HIPAA.): Additional mandatory confidentiality and security compliance requirements with respect to University Records subject to the Health Insurance Portability and Accountability Act and 45 Code of Federal Regulations (CFR) Part 160 and subparts A and E of Part 164 (collectively, HIPAA) are addressed in Section 12.26.] Contractor represents, warrants, and agrees that it will: (1) hold University Records in strict confidence and will not use or disclose University Records except as (a) permitted or required by this Agreement, (b) required by Applicable Laws, or (c) otherwise authorized by University in writing; (2) safeguard University Records according to reasonable administrative, physical and technical standards (such as standards established by the National Institute of Standards and Technology and the Center for Internet Security [Option (Include if Section 12.39 related to Payment Card Industry Data Security Standards is not include in this Agreement.):, as well as the Payment Card Industry Data Security Standards]) that are no less rigorous than the standards by which Contractor protects its own confidential information; (3) continually monitor its operations and take any action necessary to assure that University Records are safeguarded and the confidentiality of University Records is maintained in accordance with all Applicable Laws and the terms of this Agreement; and (4) comply with University Rules regarding access to and use of University’s computer systems, including UTS165 at xxxx://xxx.xxxxxxxx.xxx/board-of-regents/policy-library/policies/uts165-information-resources-use-and-security-policy. At the request of University, Contractor agrees to provide University with a written summary of the procedures Contractor uses to safeguard and maintain the confidentiality of University Records.
Records Retention and Access The Contractor shall maintain accurate, current, and complete records of the financial activity of this Contract which sufficiently and properly document and calculate all charges billed to the Agency throughout the term of this Contract and for a period of at least five (5) years following the date of final payment or completion of any required audit (whichever is later). If any litigation, claim, negotiation, audit or other action involving the records has been started before the expiration of the five (5) year period, the records must be retained until completion of the action and resolution of all issues which arise from it, or until the end of the regular five (5) year period, whichever is later. The Contractor shall permit the Agency, the Auditor of the State or any other authorized representative of the State and where federal funds are involved, the Comptroller General of the United States or any other authorized representative of the United States government, to access and examine, audit, excerpt and transcribe any directly pertinent books, documents, papers, electronic or optically stored and created records or other records of the Contractor relating to orders, invoices or payments or any other documentation or materials pertaining to this Contract, wherever such records may be located. The Contractor shall not impose a charge for audit or examination of the Contractor’s books and records. Based on the audit findings, the Agency reserves the right to address the Contractor’s board or other managing entity regarding performance and expenditures. When state or federal law or the terms of this Contract require compliance with OMB Circular A-87, A-110, or other similar provision addressing proper use of government funds, the Contractor shall comply with these additional records retention and access requirements:
Reporting Total Compensation of Recipient Executives 1. Applicability and what to report. You must report total compensation for each of your five most highly compensated executives for the preceding completed fiscal year, if—
Record Retention Audit and Confidentiality Section 7.1(A) is deleted in its entirety and replaced with the following
RECORDS USAGE, DUPLICATION AND REDISCLOSURE RESTRICTIONS USAC and the Department agree to these restrictions on use, duplication, and disclosure of information furnished by the other Party:
Records Retention Audits CENTOCOR, its Affiliates and Sublicensees shall keep for three (3) years from the date of each payment of royalties complete and accurate records of sales by CENTOCOR and its Affiliates and Sublicensees of each Licensed Product in sufficient detail to allow the accruing royalties to be determined accurately. MORPHOSYS shall have the right for a period of three (3) years after receiving any report or statement with respect to royalties due and payable to appoint an independent certified public accountant reasonably acceptable to CENTOCOR to inspect the relevant records of CENTOCOR and its Affiliates and Sublicensees to verify such report or statement. CENTOCOR and its Affiliates and Sublicensees shall each make its records available for inspection by such independent certified public accountant during regular business hours at such place or places where such records are customarily kept, upon reasonable notice from MORPHOSYS, solely to verify the accuracy of the reports and payments. Such inspection right shall not be exercised more than once in any calendar year nor more than once with respect to sales of any Licensed Product in any given payment period. MORPHOSYS agrees to hold in strict confidence all information concerning royalty payments and reports, and all information learned in the course of any audit or inspection, except to the extent necessary for MORPHOSYS to reveal such information in order to enforce its rights under this Agreement or if disclosure is required by law, regulation or judicial order. The results of each inspection, if any, shall be binding on both Parties. MORPHOSYS shall pay for such inspections, except that in the event there is any upward adjustment in aggregate royalties payable for any year shown by such inspection of more than […***…] of the amount paid, CENTOCOR shall pay for such inspection. 42 of 124 ***Confidential Treatment Requested CONFIDENTIAL
Access and Retention of Records Contractor agrees to provide the department, Legislative Auditor, or their authorized agents, access to any records necessary to determine contract compliance. (Section 18-1-118, MCA). Contractor agrees to create and retain records supporting the services rendered or supplies delivered for a period of eight years after either the completion date of the contract or the conclusion of any claim, litigation, or exception relating to the contract taken by the State of Montana or third party.
Personal Data, Confidentiality, Recording of Telephone Calls and Records 22.1. The Company may collect client information directly from the Client (in his completed Account Opening Application Form or otherwise) or from other persons including, for example, the credit reference agencies, fraud prevention agencies, banks, other financial institutions, third authentication service providers and the providers of public registers.
