Common use of SECURE PROTECTION AND HANDLING OF STATE DATA Clause in Contracts

SECURE PROTECTION AND HANDLING OF STATE DATA. 29.1. If Subrecipient is given State Data as part of this Contract, the protection of State Data shall be an integral part of the business activities of Subrecipient to ensure that there is no inappropriate or unauthorized use of State Data. To the extent that Subrecipient is given State Data, Subrecipient shall safeguard the confidentiality, integrity, and availability of the State Data. Subrecipient agrees to not copy, reproduce, sell, assign, license, market, transfer, or otherwise dispose of, give, or disclose such information to third parties or use such information for any purpose whatsoever other than the performance of the Contract. The improper use or disclosure of confidential information is strictly prohibited. 29.2. Any and all transmission or exchange of State Data shall take place via secure means. Subrecipient shall create, store, and maintain any State Data on secure or encrypted computing devices or any portable storage mediums. Subrecipient agrees to protect and maintain the security of State Data with security measures including, but are not limited to, maintaining secure environments that are patched and up to date with all appropriate security updates as designated, network firewall provisioning, and intrusion detection. Subrecipient agrees that any computing device or portable medium that has access to the Department’s network or stores any non-public State Data is equipped with strong and secure password protection. 29.3. Subrecipient shall: (a) limit disclosure of any State Data to Authorized Person who have a need to know such information in connection with the current or contemplated business relationship between the parties to which the Contract relates, and only for that purpose; (b) advise its Authorized Persons of the proprietary nature of the State Data and of the obligations set forth in the Contract and require such Authorized Persons to keep the State Data confidential; (c) keep all State Data strictly confidential by using a reasonable degree of care, but not less than the degree of care used by it in safeguarding its own confidential information; and (d) not disclose any State Data received by it to any third parties, except as permitted by the Contract or otherwise agreed to in writing by the Department. 29.4. Subrecipient will promptly notify the Department of any misuse or misappropriation of State Data that comes to Subrecipient’s attention. Subrecipient shall be responsible for any breach of this duty of confidentiality by any of their officers, agents, subcontractors at any tier, and any of their respective representatives, including any required remedies and/or notifications under applicable law (Utah Code Xxx. §§ 00-00-000 through 301). This duty of confidentiality shall be ongoing and survive the term of the Contract. Notwithstanding the foregoing, if there is a discrepancy between a signed business associate agreement and this provision, the business associate agreement language shall take precedence.

SECURE PROTECTION AND HANDLING OF STATE DATA. 29.136.1. If the Subrecipient is given access to or will be storing State Data as part of this Contractagreement, the protection of State Data shall must be an integral part of the business activities of the Subrecipient to ensure that there is no inappropriate or unauthorized use of State Data. To the extent that Subrecipient is given State Data, The Subrecipient shall safeguard the confidentiality, integrity, and availability of the State Data. The Subrecipient agrees to not copy, reproduce, sell, assign, license, market, transfer, or otherwise dispose of, give, or disclose such information to third parties or use such information for any purpose whatsoever other than the performance of the Contractthis agreement. The improper use or disclosure of confidential information is strictly prohibited. 29.236.2. Any and all transmission or exchange of State Data shall must take place via secure means. The Subrecipient shall create, store, and maintain any State Data on secure or encrypted computing devices or any portable storage mediums. The Subrecipient agrees to protect and maintain the security of State Data with security measures including, but are not limited to, maintaining secure environments that are patched and up to date with all appropriate security updates as designated, network firewall provisioning, and intrusion detectionappropriate 36.3. Subrecipient agrees that any computing device or portable medium that has access to the Department’s network or stores any non-public State Data is equipped with strong and secure password protection. 29.3. The Subrecipient shall: (ai) limit disclosure of any State Data to Authorized Person Persons who have a need to know such information in connection with the current or contemplated business relationship between the parties to which the Contract this agreement relates, and only for that purpose; (bii) advise its Authorized Persons of the proprietary nature of the State Data and of the obligations set forth in the Contract this agreement and require such Authorized Persons to keep the State Data confidential; (ciii) keep all State Data strictly confidential by using a reasonable degree of care, but not less than the degree of care used by it in safeguarding its own confidential information; and (div) not disclose any State Data received by it to any third parties, except as permitted by the Contract this agreement or otherwise agreed to in writing by the DepartmentDHHS. 29.436.4. The Subrecipient will shall promptly notify the Department DHHS of any misuse or misappropriation of State Data that comes to the Subrecipient’s attention. The Subrecipient shall be responsible for any breach of this duty of confidentiality by any of their its officers, agents, subcontractors at any tier, and any of their its respective representatives, including any required remedies and/or or notifications under applicable law (Utah Code Xxx. §§ 0013- 44-00-000 101 through 301). This duty of confidentiality shall be is ongoing and survive survives the term of the Contractthis agreement. Notwithstanding the foregoing, if there is a discrepancy between a signed business associate agreement and this provision, the business associate agreement language shall will take precedence.

SECURE PROTECTION AND HANDLING OF STATE DATA. 29.136.1. If the Subrecipient is given access to or will be storing State Data as part of this Contractagreement, the protection of State Data shall must be an integral part of the business activities of the Subrecipient to ensure that there is no inappropriate or unauthorized use of State Data. To the extent that Subrecipient is given State Data, The Subrecipient shall safeguard the confidentiality, integrity, and availability of the State Data. The Subrecipient agrees to not copy, reproduce, sell, assign, license, market, transfer, or otherwise dispose of, give, or disclose such information to third parties or use such information for any purpose whatsoever other than the performance of the Contractthis agreement. The improper use or disclosure of confidential information is strictly prohibited. 29.236.2. Any and all transmission or exchange of State Data shall must take place via secure means. The Subrecipient shall create, store, and maintain any State Data on secure or encrypted computing devices or any portable storage mediums. The Subrecipient agrees to protect and maintain the security of State Data with security measures including, but are not limited to, maintaining secure environments that are patched and up to date with all appropriate security updates as designatedupdates, network firewall provisioning, and intrusion detection. The Subrecipient agrees that any computing device or portable medium that has access to the Department’s network or stores any non-public State Data is equipped with strong and secure password protection.agrees 29.336.3. The Subrecipient shall: (ai) limit disclosure of any State Data to Authorized Person Persons who have a need to know such information in connection with the current or contemplated business relationship between the parties to which the Contract this agreement relates, and only for that purpose; (bii) advise its Authorized Persons of the proprietary nature of the State Data and of the obligations set forth in the Contract this agreement and require such Authorized Persons to keep the State Data confidential; (ciii) keep all State Data strictly confidential by using a reasonable degree of care, but not less than the degree of care used by it in safeguarding its own confidential information; and (div) not disclose any State Data received by it to any third parties, except as permitted by the Contract this agreement or otherwise agreed to in writing by the DepartmentDHHS. 29.436.4. The Subrecipient will shall promptly notify the Department DHHS of any misuse or misappropriation of State Data that comes to the Subrecipient’s attention. The Subrecipient shall be responsible for any breach of this duty of confidentiality by any of their its officers, agents, subcontractors at any tier, and any of their its respective representatives, including any required remedies and/or or notifications under applicable law (Utah Code Xxx. §§ 0013- 44-00-000 101 through 301). This duty of confidentiality shall be is ongoing and survive survives the term of the Contractthis agreement. Notwithstanding the foregoing, if there is a discrepancy between a signed business associate agreement and this provision, the business associate agreement language shall will take precedence.

SECURE PROTECTION AND HANDLING OF STATE DATA. 29.136.1. If the Subrecipient is given access to or will be storing State Data as part of this Contractagreement, the protection of State Data shall must be an integral part of the business activities of the Subrecipient to ensure that there is no inappropriate or unauthorized use of State Data. To the extent that Subrecipient is given State Data, The Subrecipient shall safeguard the confidentiality, integrity, and availability of the State Data. The Subrecipient agrees to not copy, reproduce, sell, assign, license, market, transfer, or otherwise dispose of, give, or disclose such information to third parties or use such information for any purpose whatsoever other than the performance of the Contractthis agreement. The improper use or disclosure of confidential information is strictly prohibited. 29.236.2. Any and all transmission or exchange of State Data shall must take place via secure means. The Subrecipient shall create, store, and maintain any State Data on secure or encrypted computing devices or any portable storage mediums. The Subrecipient agrees to protect and maintain the security of State Data with security measures including, but are not limited to, maintaining secure environments that are patched and up to date with all appropriate security updates as designatedupdates, network firewall provisioning, and intrusion detection. The Subrecipient agrees that any computing device or portable medium that has access to the DepartmentDHHS’s network or stores any non-public State Data is equipped with strong and secure password protection. 29.336.3. The Subrecipient shall: (ai) limit disclosure of any State Data to Authorized Person Persons who have a need to know such information in connection with the current or contemplated business relationship between the parties to which the Contract this agreement relates, and only for that purpose; (bii) advise its Authorized Persons of the proprietary nature of the State Data and of the obligations set forth in the Contract this agreement and require such Authorized Persons to keep the State Data confidential; (ciii) keep all State Data strictly confidential by using a reasonable degree of care, but not less than the degree of care used by it in safeguarding its own confidential information; and (div) not disclose any State Data received by it to any third parties, except as permitted by the Contract this agreement or otherwise agreed to in writing by the DepartmentDHHS. 29.436.4. The Subrecipient will shall promptly notify the Department DHHS of any misuse or misappropriation of State Data that comes to the Subrecipient’s attention. The Subrecipient shall be responsible for any breach of this duty of confidentiality by any of their its officers, agents, employees, subcontractors at any tier, and any of their its respective representatives, including any required remedies and/or or notifications under applicable law (Utah Code Xxx. §§ 0013- 44-00-000 101 through 301). This duty of confidentiality shall be is ongoing and survive survives the term of the Contractthis agreement. Notwithstanding the foregoing, if there is a discrepancy between a signed business associate agreement and this provision, the business associate agreement language shall will take precedence.

SECURE PROTECTION AND HANDLING OF STATE DATA. 29.1. If Subrecipient is given State Data as part of this Contract, the protection of State Data shall be an integral part of the business activities of Subrecipient to ensure that there is no inappropriate or unauthorized use of State Data. To the extent that Subrecipient is given State Data, Subrecipient shall safeguard the confidentiality, integrity, and availability of the State Data. Subrecipient agrees to not to copy, reproduce, sell, assign, license, market, transfer, or otherwise dispose of, give, or disclose such information to third parties or use such information for any purpose whatsoever other than the performance of the Contract. The improper use or disclosure of confidential information is strictly prohibited. 29.2. Any and all transmission or exchange of State Data shall take place via secure means. Subrecipient shall create, store, and maintain any State Data on secure or encrypted computing devices or any portable storage mediums. Subrecipient agrees to protect and maintain the security of State Data with security measures including, but are not limited to, maintaining secure environments that are patched and up to date with all appropriate security updates as designated, network firewall provisioning, and intrusion detection. Subrecipient agrees that any computing device or portable medium that has access to the Department’s network or stores any non-public State Data is equipped with strong and secure password protection. 29.3. Subrecipient shall: (a) limit disclosure of any State Data to Authorized Person who have a need to know such information in connection with the current or contemplated business relationship between the parties to which the Contract relates, and only for that purpose; (b) advise its Authorized Persons of the proprietary nature of the State Data and of the obligations set forth in the Contract and require such Authorized Persons to keep the State Data confidential; (c) keep all State Data strictly confidential by using a reasonable degree of care, but not less than the degree of care used by it in safeguarding its own confidential information; and (d) not disclose any State Data received by it to any third parties, except as permitted by the Contract or otherwise agreed to in writing by the Department.confidential 29.4. Subrecipient will promptly notify the Department of any misuse or misappropriation of State Data that comes to Subrecipient’s attention. Subrecipient shall be responsible for any breach of this duty of confidentiality by any of their officers, agents, subcontractors at any tier, and any of their respective representatives, including any required remedies and/or notifications under applicable law (Utah Code Xxx. §§ 00-00-000 through 301). This duty of confidentiality shall be ongoing and survive the term of the Contract. Notwithstanding the foregoing, if there is a discrepancy between a signed business associate agreement and this provision, the business associate agreement language shall take precedence.

SECURE PROTECTION AND HANDLING OF STATE DATA. 29.136.1. If the Subrecipient is given access to or will be storing State Data as part of this Contractagreement, the protection of State Data shall must be an integral part of the business activities of the Subrecipient to ensure that there is no inappropriate or unauthorized use of State Data. To the extent that Subrecipient is given State Data, The Subrecipient shall safeguard the confidentiality, integrity, and availability of the State Data. The Subrecipient agrees to not copy, reproduce, sell, assign, license, market, transfer, or otherwise dispose of, give, or disclose such information to third parties or use such information for any purpose whatsoever other than the performance of the Contractthis agreement. The improper use or disclosure of confidential information is strictly prohibited. 29.236.2. Any and all transmission or exchange of State Data shall must take place via secure means. The Subrecipient shall create, store, and maintain any State Data on secure or encrypted computing devices or any portable storage mediums. The Subrecipient agrees to protect and maintain the security of State Data with security measures including, but are not limited to, maintaining secure environments that are patched and up to date with all appropriate security updates as designatedupdates, network firewall provisioning, and intrusion detection. The Subrecipient agrees that any computing device or portable medium that has access to the DepartmentDHHS’s network or stores any non-public State Data is equipped with strong and secure password protection. 29.336.3. The Subrecipient shall: (ai) limit disclosure of any State Data to Authorized Person Persons who have a need to know such information in connection with the current or contemplated business relationship between the parties to which the Contract this agreement relates, and only for that purpose; (bii) advise its Authorized Persons of the proprietary nature of the State Data and of the obligations set forth in the Contract this agreement and require such Authorized Persons to keep the State Data confidential; (ciii) keep all State Data strictly confidential by using a reasonable degree of care, but not less than the degree of care used by it in safeguarding its own confidential information; and (div) not disclose any State Data received by it to any third parties, except as permitted by the Contract this agreement or otherwise agreed to in writing by the DepartmentDHHS. 29.436.4. The Subrecipient will shall promptly notify the Department DHHS of any misuse or misappropriation of State Data that comes to the Subrecipient’s attention. The Subrecipient shall be responsible for any breach of this duty of confidentiality by any of their its officers, agents, subcontractors at any tier, and any of their its respective representatives, including any required remedies and/or or notifications under applicable law (Utah Code Xxx. §§ 00-00-000 through 301). This duty of confidentiality shall be ongoing and survive the term of the Contract. Notwithstanding the foregoing, if there is a discrepancy between a signed business associate agreement and this provision, the business associate agreement language shall take precedence.

SECURE PROTECTION AND HANDLING OF STATE DATA. 29.1. If Subrecipient is given State Data as part of this Contract, the protection of State Data shall be an integral part of the business activities of Subrecipient to ensure that there is no inappropriate or unauthorized use of State Data. To the extent that Subrecipient is given State Data, Subrecipient shall safeguard the confidentiality, integrity, and availability of the State Data. Subrecipient agrees to not to copy, reproduce, sell, assign, license, market, transfer, or otherwise dispose of, give, or disclose such information to third parties or use such information for any purpose whatsoever other than the performance of the Contract. The improper use or disclosure of confidential information is strictly prohibited. 29.2. Any and all transmission or exchange of State Data shall take place via secure means. Subrecipient shall create, store, and maintain any State Data on secure or encrypted computing devices or any portable storage mediums. Subrecipient agrees to protect and maintain the security of State Data with security measures including, but are not limited to, maintaining secure environments that are patched and up to date with all appropriate security updates as designated, network firewall provisioning, and intrusion detection. Subrecipient agrees that any computing device or portable medium that has access to the Department’s network or stores any non-public State Data is equipped with strong and secure password protection. 29.3. Subrecipient shall: (a) limit disclosure of any State Data to Authorized Person who have a need to know such information in connection with the current or contemplated business relationship between the parties to which the Contract relates, and only for that purpose; (b) advise its Authorized Persons of the proprietary nature of the State Data and of the obligations set forth in the Contract and require such Authorized Persons to keep the State Data confidential; (c) keep all State Data strictly confidential by using a reasonable degree of care, but not less than the degree of care used by it in safeguarding its own confidential information; and (d) not disclose any State Data received by it to any third parties, except as permitted by the Contract or otherwise agreed to in writing by the Department.the 29.4. Subrecipient will promptly notify the Department of any misuse or misappropriation of State Data that comes to Subrecipient’s attention. Subrecipient shall be responsible for any breach of this duty of confidentiality by any of their officers, agents, subcontractors at any tier, and any of their respective representatives, including any required remedies and/or notifications under applicable law (Utah Code Xxx. §§ 00-00-000 through 301). This duty of confidentiality shall be ongoing and survive the term of the Contract. Notwithstanding the foregoing, if there is a discrepancy between a signed business associate agreement and this provision, the business associate agreement language shall take precedence.