Affiliates and Third Parties If the Asset Representations Reviewer processes the PII of the Issuer’s Affiliates or a third party when performing a Review, and if such Affiliate or third party is identified to the Asset Representations Reviewer, such Affiliate or third party is an intended third-party beneficiary of this Section 4.10, and this Agreement is intended to benefit the Affiliate or third party. The Affiliate or third party may enforce the PII related terms of this Section 4.10 against the Asset Representations Reviewer as if each were a signatory to this Agreement.
Authorization to Release and Transfer Necessary Personal Information The Grantee hereby explicitly and unambiguously consents to the collection, use and transfer, in electronic or other form, of the Grantee’s personal data by and among, as applicable, the Company and its Subsidiaries for the exclusive purpose of implementing, administering and managing the Grantee’s participation in the Plan. The Grantee understands that the Company may hold certain personal information about the Grantee, including, but not limited to, the Grantee’s name, home address and telephone number, date of birth, social security number (or any other social or national identification number), salary, nationality, job title, number of Award Units and/or shares of Common Stock held and the details of all Award Units or any other entitlement to shares of Common Stock awarded, cancelled, vested, unvested or outstanding for the purpose of implementing, administering and managing the Grantee’s participation in the Plan (the “Data”). The Grantee understands that the Data may be transferred to the Company or to any third parties assisting in the implementation, administration and management of the Plan, that these recipients may be located in the Grantee’s country or elsewhere, and that any recipient’s country (e.g., the United States) may have different data privacy laws and protections than the Grantee’s country. The Grantee understands that he or she may request a list with the names and addresses of any potential recipients of the Data by contacting his or her local human resources representative or the Company’s stock plan administrator. The Grantee authorizes the recipients to receive, possess, use, retain and transfer the Data, in electronic or other form, for the sole purpose of implementing, administering and managing the Grantee’s participation in the Plan, including any requisite transfer of such Data to a broker or other third party assisting with the administration of Award Units under the Plan or with whom shares of Common Stock acquired pursuant to the vesting of the Award Units or cash from the sale of such shares may be deposited. Furthermore, the Grantee acknowledges and understands that the transfer of the Data to the Company or to any third parties is necessary for the Grantee’s participation in the Plan. The Grantee understands that the Grantee may, at any time, view the Data, request additional information about the storage and processing of the Data, require any necessary amendments to the Data or refuse or withdraw the consents herein by contacting the Grantee’s local human resources representative or the Company’s stock plan administrator in writing. The Grantee further acknowledges that withdrawal of consent may affect his or her ability to vest in or realize benefits from the Award Units, and the Grantee’s ability to participate in the Plan. For more information on the consequences of refusal to consent or withdrawal of consent, the Grantee understands that he or she may contact his or her local human resources representative or the Company’s stock plan administrator.
Proprietary Information of Third Parties No third party has claimed or has reason to claim that any person employed by or affiliated with the Company has (a) violated or may be violating to any material extent any of the terms or conditions of his employment, non-competition or non-disclosure agreement with such third party, (b) disclosed or may be disclosing or utilized or may be utilizing any trade secret or proprietary information or documentation of such third party, or (c) interfered or may be interfering in the employment relationship between such third party and any of its present or former employees, or has requested information from the Company that suggests that such a claim might be contemplated. To the best of the Company’s knowledge, no person employed by or affiliated with the Company has improperly utilized or proposes to improperly utilize any trade secret or any information or documentation proprietary to any former employer, and to the best of the Company’s knowledge, no person employed by or affiliated with the Company has violated any confidential relationship which such person may have had with any third party, in connection with the development, manufacture or sale of any product or proposed product or the development or sale of any service or proposed service of the Company, and the Company has no reason to believe there will be any such employment or violation. To the best of the Company’s knowledge, none of the execution or delivery of this Agreement and the other related agreements and documents executed in connection herewith, or the carrying on of the business of the Company as officers, employees or agents by any officer, director or key employee of the Company, or the conduct or proposed conduct of the business of the Company, will materially conflict with or result in a material breach of the terms, conditions or provisions of or constitute a material default under any contract, covenant or instrument under which any such person is obligated.
Use of Third Parties Except as may be expressly agreed to in writing by the State Entity, Contractor shall not subcontract, assign, delegate or otherwise permit anyone other than Contractor or Contractor's personnel to perform any of Contractor's obligations under this Contract or any of the work subsequently assigned under this Contract. No subcontract which Contractor enters into with respect to performance of obligations or work assigned under the Contract shall in any way relieve Contractor of any responsibility, obligation or liability under this Contract and for the acts and omissions of all subcontractors, agents, and employees. All restrictions, obligations and responsibilities of the Contractor under the Contract shall also apply to the subcontractors. Any contract with a subcontractor must also preserve the rights of the State Entity. The State Entity shall have the right to request the removal of a subcontractor from the Contract for good cause.
Handling Sensitive Personal Information and Breach Notification A. As part of its contract with HHSC Contractor may receive or create sensitive personal information, as section 521.002 of the Business and Commerce Code defines that phrase. Contractor must use appropriate safeguards to protect this sensitive personal information. These safeguards must include maintaining the sensitive personal information in a form that is unusable, unreadable, or indecipherable to unauthorized persons. Contractor may consult the “Guidance to Render Unsecured Protected Health Information Unusable, Unreadable, or Indecipherable to Unauthorized Individuals” issued by the U.S. Department of Health and Human Services to determine ways to meet this standard.
B. Contractor must notify HHSC of any confirmed or suspected unauthorized acquisition, access, use or disclosure of sensitive personal information related to this Contract, including any breach of system security, as section 521.053 of the Business and Commerce Code defines that phrase. Contractor must submit a written report to HHSC as soon as possible but no later than 10 business days after discovering the unauthorized acquisition, access, use or disclosure. The written report must identify everyone whose sensitive personal information has been or is reasonably believed to have been compromised.
C. Contractor must either disclose the unauthorized acquisition, access, use or disclosure to everyone whose sensitive personal information has been or is reasonably believed to have been compromised or pay the expenses associated with HHSC doing the disclosure if:
1. Contractor experiences a breach of system security involving information owned by HHSC for which disclosure or notification is required under section 521.053 of the Business and Commerce Code; or
2. Contractor experiences a breach of unsecured protected health information, as 45 C.F.R. §164.402 defines that phrase, and HHSC becomes responsible for doing the notification required by 45 C.F.R. §164.404. HHSC may, at its discretion, waive Contractor's payment of expenses associated with HHSC doing the disclosure.
INDEMNIFICATION BY THE COMPANY AND THE OPERATING PARTNERSHIP (a) The Company and the Operating Partnership, jointly and severally, shall indemnify and hold harmless the Advisor and its Affiliates, as well as their respective officers, directors, equity holders, members, partners, stockholders, other equity holders and employees (collectively, the “Indemnitees,” and each, an “Indemnitee”), from and against all losses, claims, damages, losses, joint or several, expenses (including reasonable attorneys’ fees and other legal fees and expenses), judgments, fines, settlements, and other amounts (collectively, “Losses,” and each, a “Loss”) arising in the performance of their duties hereunder, including reasonable attorneys’ fees, to the extent such Losses are not fully reimbursed by insurance, and to the extent that such indemnification would not be inconsistent with the laws of the State of New York, the Articles of Incorporation or the provisions of Section II.G of the NASAA REIT Guidelines. Notwithstanding the foregoing, the Company and the Operating Partnership shall not provide for indemnification of an Indemnitee for any Loss suffered by such Indemnitee, nor shall they provide that an Indemnitee be held harmless for any Loss suffered by the Company and the Operating Partnership, unless all the following conditions are met:
(i) the Indemnitee has determined, in good faith, that the course of conduct that caused the loss or liability was in the best interest of the Company and the Operating Partnership;
(ii) the Indemnitee was acting on behalf of, or performing services for, the Company or the Operating Partnership;
(iii) such Loss was not the result of negligence or willful misconduct by the Indemnitee; and
(iv) such indemnification or agreement to hold harmless is recoverable only out of the Company’s net assets and not from the Stockholders.
(b) Notwithstanding the foregoing, an Indemnitee shall not be indemnified by the Company and the Operating Partnership for any Losses arising from or out of an alleged violation of federal or state securities laws by such Indemnitee unless one or more of the following conditions are met:
(i) there has been a successful adjudication on the merits of each count involving alleged securities law violations as to the Indemnitee;
(ii) such claims have been dismissed with prejudice on the merits by a court of competent jurisdiction as to the Indemnitee; or
(iii) a court of competent jurisdiction approves a settlement of the claims against the Indemnitee and finds that indemnification of the settlement and the related costs should be made, and the court considering the request for indemnification has been advised of the position of the Securities and Exchange Commission and of the published position of any state securities regulatory authority in which securities of the Company or the Operating Partnership were offered or sold as to indemnification for violation of securities laws.
(c) In addition, the advancement of the Company’s or the Operating Partnership’s funds to an Indemnitee for legal expenses and other costs incurred as a result of any legal action for which indemnification is being sought is permissible only if all the following conditions are satisfied:
(i) the legal action relates to acts or omissions with respect to the performance of duties or services on behalf of the Company or the Operating Partnership;
(ii) the legal action is initiated by a third party who is not a Stockholder or the legal action is initiated by a Stockholder acting in such Stockholder’s capacity as such and a court of competent jurisdiction specifically approves such advancement; and
(iii) the Indemnitee undertakes to repay the advanced funds to the Company or the Operating Partnership, together with the applicable legal rate of interest thereon, in cases in which such Indemnitee is found not to be entitled to indemnification.
Sale to Third Party If the Company, after receiving the Sale Notice, fails to exercise its option as provided in Section 3.2, or if it declines to exercise the same, the Participant shall be entitled to transfer the Vested Shares to the third party on the terms contained in the Offer, and shall be entitled to have his Vested Shares transferred on the books of the Company, but only if the third party purchaser agrees to be bound by the terms of this Agreement applicable to Vested Shares. If the Participant fails to close the transfer of his Vested Shares within sixty (60) days after the option of the Company has expired or been waived, the restrictions contained in this Article III shall again apply and must be met prior to effecting any transfer of Vested Shares. Any transfer of Vested Shares by the Participant to any unaffiliated third party shall comply with all applicable securities laws, and the Company may refuse to transfer any Vested Shares unless it receives such assurance and opinions from legal counsel acceptable to the Company that any such transfer is in compliance with all applicable securities laws.
OBLIGATIONS AND ACTIVITIES OF CONTRACTOR AS BUSINESS ASSOCIATE 1. CONTRACTOR agrees not to use or further disclose PHI COUNTY discloses to CONTRACTOR other than as permitted or required by this Business Associate Contract or as required by law.
2. XXXXXXXXXX agrees to use appropriate safeguards, as provided for in this Business Associate Contract and the Agreement, to prevent use or disclosure of PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY other than as provided for by this Business Associate Contract.
3. XXXXXXXXXX agrees to comply with the HIPAA Security Rule at Subpart C of 45 CFR Part 164 with respect to electronic PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY.
4. CONTRACTOR agrees to mitigate, to the extent practicable, any harmful effect that is known to CONTRACTOR of a Use or Disclosure of PHI by CONTRACTOR in violation of the requirements of this Business Associate Contract.
5. XXXXXXXXXX agrees to report to COUNTY immediately any Use or Disclosure of PHI not provided for by this Business Associate Contract of which CONTRACTOR becomes aware. CONTRACTOR must report Breaches of Unsecured PHI in accordance with Paragraph E below and as required by 45 CFR § 164.410.
6. CONTRACTOR agrees to ensure that any Subcontractors that create, receive, maintain, or transmit PHI on behalf of CONTRACTOR agree to the same restrictions and conditions that apply through this Business Associate Contract to CONTRACTOR with respect to such information.
7. CONTRACTOR agrees to provide access, within fifteen (15) calendar days of receipt of a written request by COUNTY, to PHI in a Designated Record Set, to COUNTY or, as directed by COUNTY, to an Individual in order to meet the requirements under 45 CFR § 164.524. If CONTRACTOR maintains an Electronic Health Record with PHI, and an individual requests a copy of such information in an electronic format, CONTRACTOR shall provide such information in an electronic format.
8. CONTRACTOR agrees to make any amendment(s) to PHI in a Designated Record Set that COUNTY directs or agrees to pursuant to 45 CFR § 164.526 at the request of COUNTY or an Individual, within thirty (30) calendar days of receipt of said request by COUNTY. XXXXXXXXXX agrees to notify COUNTY in writing no later than ten (10) calendar days after said amendment is completed.
9. CONTRACTOR agrees to make internal practices, books, and records, including policies and procedures, relating to the use and disclosure of PHI received from, or created or received by CONTRACTOR on behalf of, COUNTY available to COUNTY and the Secretary in a time and manner as determined by COUNTY or as designated by the Secretary for purposes of the Secretary determining COUNTY’S compliance with the HIPAA Privacy Rule.
10. CONTRACTOR agrees to document any Disclosures of PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY, and to make information related to such Disclosures available as would be required for COUNTY to respond to a request by an Individual for an accounting of Disclosures of PHI in accordance with 45 CFR § 164.528.
11. CONTRACTOR agrees to provide COUNTY or an Individual, as directed by COUNTY, in a time and manner to be determined by COUNTY, that information collected in accordance with the Agreement, in order to permit COUNTY to respond to a request by an Individual for an accounting of Disclosures of PHI in accordance with 45 CFR § 164.528.
12. XXXXXXXXXX agrees that to the extent CONTRACTOR carries out COUNTY’s obligation under the HIPAA Privacy and/or Security rules CONTRACTOR will comply with the requirements of 45 CFR Part 164 that apply to COUNTY in the performance of such obligation.
13. If CONTRACTOR receives Social Security data from COUNTY provided to COUNTY by a state agency, upon request by COUNTY, CONTRACTOR shall provide COUNTY with a list of all employees, subcontractors and agents who have access to the Social Security data, including employees, agents, subcontractors and agents of its subcontractors.
14. CONTRACTOR will notify COUNTY if CONTRACTOR is named as a defendant in a criminal proceeding for a violation of HIPAA. COUNTY may terminate the Agreement, if CONTRACTOR is found guilty of a criminal violation in connection with HIPAA. COUNTY may terminate the Agreement, if a finding or stipulation that CONTRACTOR has violated any standard or requirement of the privacy or security provisions of HIPAA, or other security or privacy laws are made in any administrative or civil proceeding in which CONTRACTOR is a party or has been joined. COUNTY will consider the nature and seriousness of the violation in deciding whether or not to terminate the Agreement.
Confidential Information and Restricted Activities Employee has entered into the Company’s Employee Proprietary Information Agreement (“EPIA”) and acknowledges his or her obligations thereunder. The EPIA is specifically incorporated into this Agreement.
Approvals of Third Parties As soon as practicable after the execution of this Agreement, but in any event prior to the Closing Date, Purchaser will use its best efforts to secure all necessary approvals and consents of third parties to the consummation of the transactions contemplated by this Agreement.
