Security and Privacy Obligations Sample Clauses

Security and Privacy Obligations a. The Organization agrees to reasonably assist Hoag in enforcing appropriate security and privacy controls governing the Systems and the information contained therein to which Users are granted Access as described herein. b. Organization will direct Users to complete the required Data Access & Acceptable Use Agreement for Non-Hoag Workforce Members summarizing their responsibilities and be familiar with applicable Hoag policies. Access will not be granted until each User completes the required forms. The parties recognize and agree that Hoag policies shall only apply to the extent Users are accessing Systems. x. Xxxx will provide an initial password and login for each unique User. Access to Systems will be granted according to Hoag policies and procedures, and shall comply with applicable federal and state laws, including but not limited to HIPAA or ARRA/HITECH. Each User shall be responsible for his/her login and password and shall not share his/her login and password with anyone else. User may log onto Systems in order to access a patient’s record for treatment, payment, or health care operations. Organization agrees to ensure that workstations and mobile devices (“devices”) with access to any shared data or Systems are not accessible to unauthorized persons. Organization represents that it has policies in place covering the use of devices with respect to Access to PHI. Organization will direct Users not to use any device not managed or approved by Organization to access Systems. Organization will maintain firewall protection on all Internet connections for computers or devices located at Organization’s locations. d. The Organization will ensure the use of updated versions of commercially reasonable anti-virus protection on all computers or devices that are used to access Systems. Organization agrees to keep its computers and devices updated with commercially reasonable operating system patches and to use and maintain firewall protection. Organization agrees that when and while remotely connecting to Systems, it is subject to Hoag rules and policies governing privacy and security as provided by Hoag. x. Xxxx reserves the right to monitor, log, review, and/or audit all data access and use of Systems. Hoag, in its sole determination, may take action against any unauthorized use or access to Systems, including but, not limited to termination of Organization or User Access, or immediate termination of this Agreement. f. Organization agrees to notify the abo...
Sample 1Sample 2See All (5)
AutoNDA by SimpleDocs
Security and Privacy Obligations a. The Organization agrees to reasonably assist Swedish in enforcing appropriate security and privacy controls governing the Systems and the information contained therein to which Users are granted Access as described herein. b. If any User makes any change to patient medical information in the System, including documenting services or medical care, the User shall do so in compliance with the applicable bylaws, rules, regulations, policies, and procedures of the Swedish Medical/Professional Staff to which the User is a member. c. Organization will direct Users to complete the required HIM Managed Epic Access Request form. User Access will not be granted until the User completes the required form. d. Swedish will provide access information for each unique User. Access to Systems will be granted according to Swedish policies and procedures, and shall comply with applicable federal and state laws, including but not limited to HIPAA or ARRA/HITECH. Each User shall be responsible for his/her login and password and shall not share his/her login and password with anyone else. User may log onto Systems in order to access a patient’s record for treatment, payment, or health care operations. Organization agrees to ensure that workstations and mobile devices (“devices”) with access to any shared data or Systems are not accessible to unauthorized persons. Organization represents that it has policies in place covering the use of devices with respect to Access to PHI. Organization will direct Users not to use any device not managed or approved by Organization to access Systems. Organization will maintain firewall protection on all Internet connections for computers or devices located at Organization’s locations. e. The Organization will ensure the use of updated versions of commercially reasonable anti-virus protection on all computers or devices that are used to access Systems. Organization agrees to keep its computers and devices updated with commercially reasonable operating system patches and to use and maintain firewall protection. Organization agrees that when and while remotely connecting to Systems, it is subject to Swedish rules and policies governing privacy and security as provided by Swedish. f. Swedish reserves the right to monitor, log, review, and/or audit all data access and use of Systems. Swedish, in its sole determination, may take action against any unauthorized use or access to Systems, including but, not limited to termination of Organization or Us...
Sample 1
Security and Privacy Obligations. Master Subscription Agreement - Domestic 3 Last revised on: 10/16/18
Sample 1
Security and Privacy Obligations a. Rock represents, warrants and covenants that it has, and agrees to maintain, an information security program containing appropriate measures to protect all the data that it receives and/or stores in connection with this Agreement and performing the Services, including, without limitation, Customer information, Personal Information and any data provided by Vroom hereunder, against accidental or unlawful destruction, alteration, unauthorized disclosure or access consistent with applicable laws and in conformity with data processing industry standards and all applicable laws, rules and regulations. In addition, Rock shall implement and maintain physical, logical, administrative, managerial and technical safeguards, controls and measures in accordance with industry standards, relative to the sensitivity of the data involved. b. Without limiting the foregoing, the Parties acknowledge and agree that Rock is a service provider for the purposes of the CCPA. Rock certifies that it understands the rules, restrictions, requirements and definitions of the CCPA and agrees to refrain from taking any action that would cause any transfers of Personal Information to or from Rock to qualify as a sale of Personal Information under the CCPA. Rock acknowledges and confirms that it does not receive any Personal Information from Vroom as consideration for any services or other items provided to Vroom. Rock shall not sell any such Personal Information. Rock shall not retain, use or disclose any Personal Information provided by Vroom or otherwise received by Rock pursuant to the Services, except as necessary for the specific purpose of performing the Services for Vroom pursuant to this Agreement or otherwise as set forth in this Agreement or as permitted by the CCPA. Rock shall assist Vroom with any requests received from individuals under the CCPA or other similar data protection laws and shall, pursuant to Section 10 hereof, defend, indemnify and hold Vroom harmless from any claims relating to Rock’s breach of the foregoing or applicable data protection laws. The terms “sale,” and “sell” are as defined in Section 1798.140 of the CCPA. c. Rock represents, warrants and covenants that it has implemented a mature information security management program that incorporates the key elements and protections of a mature industry IS framework such as ISO 27000, COBIT, BITS, NIST, etc. Without limiting the foregoing, Rock represents, warrants and covenants that it is responsible for meet...
Sample 1
Security and Privacy Obligations 
Sample 1Sample 2Sample 3See All (16)

Related to Security and Privacy Obligations

  • Security and Privacy Security and privacy policies for the Genesys Cloud Service addressing use of Customer Data, which are incorporated by reference and may be updated from time to time in accordance with Section 10.12 of the Agreement, are located at xxxxx://xxxx.xxxxxxxxxxx.xxx/articles/purecloud-security-compliance/.

  • Data Security and Privacy (a) Each Group Member is, and at all times, has been, in compliance in all material respects with (i) all applicable Data Protection Laws, including, to the extent applicable, but not limited to the GDPR and those relating to cross-border transfers; (ii) all applicable contractual obligations of each Loan Party and its Subsidiaries concerning data privacy and security relating to Personal Data in the possession or control of any Group Member or maintained by third parties on behalf of such Group Member and having access to such information under contracts (or portions thereof) to which a Group Member is a party; and (iii) all applicable data transfer agreements and data processing agreements, including the EU standard contractual clauses, to which a Group Member is a party (collectively, “Privacy Agreements”): (b) Each Group Member is, and has been, in compliance in all material respects with all applicable prior and current written internal and public-facing privacy policies and notices of the Group Members regarding the collection, retention, use, processing, disclosure and distribution of Personal Data by the Group Members or their respective agents (collectively, the “Privacy Policies”), and the Privacy Policies have been maintained to be consistent in all material respects with the actual practices of each Group Member. The Privacy Policies contemplate the Group Members’ current uses of the Personal Data, and to the extent required under applicable Data Protection Laws, each Group Member has sought and obtained the appropriate consent from the applicable data subject for such uses. The Privacy Policies have made all material disclosures to users, customers, employees, or other individuals required by Data Protection Laws. (c) Each Group Member has implemented and maintains a commercially reasonable security program (“Security Program”) that (i) complies in all material respects with all applicable Data Protection Laws, applicable Privacy Policies, and applicable Privacy Agreements, and (ii) includes commercially reasonable administrative, technical, organization, and physical security procedures and measures designed to preserve the security and integrity of all Personal Data and any other sensitive or confidential information or data related to each Group Member (collectively, “Company Sensitive Information”) in such Group Member’s possession or control and to protect such Company Sensitive Information against unauthorized or unlawful processing, access, acquisition, use, theft, interruption, modification, disclosure, loss, destruction or damage. (d) Except as disclosed on Schedule 4.23(d), there has been (i) no actual, suspected or alleged (in writing) incidents of unauthorized access, use, intrusion, disclosure or breach of the security of any information technology systems owned or controlled by a Group Member or any of their contractors and used by such contractors on behalf of a Group Member, and (ii) no actual, suspected or alleged (in writing) incidents of unauthorized acquisition, destruction, damage, disclosure, loss, corruption, alteration, or use of any Company Sensitive Information, in each case that could reasonably be expected to cause a Material Adverse Effect. (e) Each Group Member has a valid and legal right (whether contractually, by applicable law or otherwise) to access or use all Personal Data that is accessed and used by or on behalf of a Group Member in connection with the sale, use and/or operation of their products, services and businesses. (f) Except as would not reasonably be expected to have a Material Adverse Effect, there is no pending or to the knowledge of any Loan Party, threatened in writing, complaints, claims, demands, inquiries, proceedings, or other notices, including any notices of any investigation or other legal proceedings, regarding a Group Member, initiated by (i) any Governmental Authority, including the United States Federal Trade Commission, a state attorney general, data protection authority or similar state official, or a supervisory authority; (ii) any counterparty to, or subject of, a Privacy Agreement; or (iii) any self-regulatory authority or entity, alleging that any activity of a Group Member: (1) is in violation of any applicable Data Protection Laws, (2) is in violation of any Privacy Agreements, (3) is in violation of any Privacy Policies or (4) is otherwise in violation of any person’s privacy, personal or confidentiality rights.

  • Data Security and Privacy Plan As more fully described herein, throughout the term of the Subscription Agreement, Vendor will have a Data Security and Privacy Plan in place to protect the confidentiality, privacy and security of the Protected Data it receives from the District. Vendor’s Plan for protecting the District’s Protected Data includes, but is not limited to, its agreement to comply with the terms of the District’s Bill of Rights for Data Security and Privacy, a copy of which is set forth below and has been signed by the Vendor. Additional components of Vendor’s Data Security and Privacy Plan for protection of the District’s Protected Data throughout the term of the Subscription Agreement are as follows: (a) Vendor will implement all state, federal, and local data security and privacy requirements including those contained within the Subscription Agreement and this Data Sharing and Confidentiality Agreement, consistent with the District’s data security and privacy policy. (b) Vendor will have specific administrative, operational and technical safeguards and practices in place to protect Protected Data that it receives from the District under the Subscription Agreement. (c) Vendor will comply with all obligations contained within the section set forth in this Exhibit below entitled “Supplemental Information about a Subscription Agreement between [Xxxxx-Fultonville Central School District] and [Vendor Name].” Vendor’s obligations described within this section include, but are not limited to: (i) its obligation to require subcontractors or other authorized persons or entities to whom it may disclose Protected Data (if any) to execute written agreements acknowledging that the data protection obligations imposed on Vendor by state and federal law and the Subscription Agreement shall apply to the subcontractor, and (ii) its obligation to follow certain procedures for the return, transition, deletion and/or destruction of Protected Data upon termination, expiration or assignment (to the extent authorized) of the Subscription Agreement. (d) Vendor has provided or will provide training on the federal and state laws governing confidentiality of Protected Data for any of its officers or employees (or officers or employees of any of its subcontractors or assignees) who will have access to Protected Data, prior to their receiving access. (e) Vendor will manage data security and privacy incidents that implicate Protected Data and will develop and implement plans to identify breaches and unauthorized disclosures. Vendor will provide prompt notification to the District of any breaches or unauthorized disclosures of Protected Data in accordance with the provisions of Section 5 of this Data Sharing and Confidentiality Agreement.

  • Other Security and Guaranties The Agent, may, without notice or demand and without affecting the Borrower's obligations hereunder, from time to time: (a) take from any Person and hold collateral (other than the Collateral) for the payment of all or any part of the Obligations and exchange, enforce or release such collateral or any part thereof; and (b) accept and hold any endorsement or guaranty of payment of all or any part of the Obligations and release or substitute any such endorser or guarantor, or any Person who has given any Lien in any other collateral as security for the payment of all or any part of the Obligations, or any other Person in any way obligated to pay all or any part of the Obligations.

  • PERSONAL INFORMATION PRIVACY AND SECURITY CONTRACT 11 Any reference to statutory, regulatory, or contractual language herein shall be to such language as in 12 effect or as amended. 13 A. DEFINITIONS

  • DESCRIPTION OF COLLATERAL AND GUARANTIES Repayment of the Indebtedness is secured by the Collateral as described in the Loan Agreement. Hereinafter, the above-described security documents and guaranties, together with all other documents securing repayment of the Indebtedness shall be referred to as the "Security Documents". Hereinafter, the Security Documents, together with all other documents evidencing or securing the Indebtedness shall be referred to as the "Existing Loan Documents".

  • Security and Charge 15.1 In consideration of the Supplier agreeing to supply the Goods, the Client charges all of its rights, title and interest (whether joint or several) in any land, realty or other assets capable of being charged, owned by the Client either now or in the future, to secure the performance by the Client of its obligations under these terms and conditions (including, but not limited to, the payment of any money). 15.2 The Client indemnifies the Supplier from and against all the Supplier’s costs and disbursements including legal costs on a solicitor and own client basis incurred in exercising the Supplier’s rights under this clause. 15.3 The Client irrevocably appoints the Supplier and each director of the Supplier as the Client’s true and lawful attorney/s to perform all necessary acts to give effect to the provisions of this clause 15 including, but not limited to, signing any document on the Client’s behalf.

  • Network Security and Privacy Liability Insurance During the term of this Contract, Supplier will maintain coverage for network security and privacy liability. The coverage may be endorsed on another form of liability coverage or written on a standalone policy. The insurance must cover claims which may arise from failure of Supplier’s security resulting in, but not limited to, computer attacks, unauthorized access, disclosure of not public data – including but not limited to, confidential or private information, transmission of a computer virus, or denial of service. Minimum limits: $2,000,000 per occurrence $2,000,000 annual aggregate Failure of Supplier to maintain the required insurance will constitute a material breach entitling Sourcewell to immediately terminate this Contract for default.

  • Grant of Security and Secured Obligations SECTION 2.1. Pledge; Grant of Security Interest 7 SECTION 2.2. Secured Obligations 8 SECTION 2.3. Security Interest 8

  • Data Privacy and Security Laws The Company is, and at all prior times was, in material compliance with all applicable state and federal data privacy and security laws and regulations in the United States, including, without limitation, the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) as amended by the Health Information Technology for Economic and Clinical Health Act, and all applicable provincial and federal data privacy and security laws and regulations in Canada, including without limitation the Personal Information Protection and Electronic Documents Act (S.C. 2000, c. 5) (“PIPEDA”); and the Company has taken commercially reasonable actions to prepare to comply with, and have been and currently are in compliance with, the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679) (collectively, the “Privacy Laws”). To ensure compliance with the Privacy Laws, the Company has in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). “Personal Data” means (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) Protected Health Information as defined by HIPAA; (iv) “personal information”, “personal health information”. and “business contact information” as defined by PIPEDA; (v) “personal data” as defined by GDPR; and (vi) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. The Company has at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, been inaccurate or in violation of any applicable laws and regulatory rules or requirements in any material respect. The Company further certifies: (i) it has not received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law.

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!