Sensitive data Where the transfer involves personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, or biometric data for the purpose of uniquely identifying a natural person, data concerning health or a person’s sex life or sexual orientation, or data relating to criminal convictions and offences (hereinafter ‘sensitive data’), the data importer shall apply the specific restrictions and/or additional safeguards described in Annex I.B.
Handling Sensitive Personal Information and Breach Notification A. As part of its contract with HHSC Contractor may receive or create sensitive personal information, as section 521.002 of the Business and Commerce Code defines that phrase. Contractor must use appropriate safeguards to protect this sensitive personal information. These safeguards must include maintaining the sensitive personal information in a form that is unusable, unreadable, or indecipherable to unauthorized persons. Contractor may consult the “Guidance to Render Unsecured Protected Health Information Unusable, Unreadable, or Indecipherable to Unauthorized Individuals” issued by the U.S. Department of Health and Human Services to determine ways to meet this standard.
B. Contractor must notify HHSC of any confirmed or suspected unauthorized acquisition, access, use or disclosure of sensitive personal information related to this Contract, including any breach of system security, as section 521.053 of the Business and Commerce Code defines that phrase. Contractor must submit a written report to HHSC as soon as possible but no later than 10 business days after discovering the unauthorized acquisition, access, use or disclosure. The written report must identify everyone whose sensitive personal information has been or is reasonably believed to have been compromised.
C. Contractor must either disclose the unauthorized acquisition, access, use or disclosure to everyone whose sensitive personal information has been or is reasonably believed to have been compromised or pay the expenses associated with HHSC doing the disclosure if:
1. Contractor experiences a breach of system security involving information owned by HHSC for which disclosure or notification is required under section 521.053 of the Business and Commerce Code; or
2. Contractor experiences a breach of unsecured protected health information, as 45 C.F.R. §164.402 defines that phrase, and HHSC becomes responsible for doing the notification required by 45 C.F.R. §164.404. HHSC may, at its discretion, waive Contractor's payment of expenses associated with HHSC doing the disclosure.
Confidential or Proprietary Information The term "Confidential --------------------------------------- or Proprietary Information" for purposes of this Agreement shall mean any secret, confidential, or proprietary information of SunTrust or a SunTrust Affiliate (not otherwise included in the definition of Trade Secret in (S) 1.23 of this Agreement) that has not become generally available to the public by the act of one who has the right to disclose such information without violating any right of SunTrust or a SunTrust Affiliate.
Protection of Proprietary Information The Seller has taken all reasonable steps to maintain the confidentiality of and otherwise protect and enforce their rights in all proprietary information pertaining to the Seller or any Seller Product. Without limiting the generality of the foregoing, no portion of the source code for any software ever owned or developed by the Seller has been disclosed or licensed to any escrow agent or other Person.
CONFIDENTIAL & PROPRIETARY INFORMATION The parties may provide technical information, documentation and expertise to each other that is either (1) marked as being confidential or, (2) if delivered in oral form is summarized in writing within 10 working days and identified as being confidential (“Confidential Information”). The receiving party shall for a period of five (5) years from the date of disclosure (i) hold the disclosing party’s Confidential Information in strict confidence, and (ii), except as previously authorized in writing by the disclosing party, not publish or disclose the disclosing party’s Confidential Information to anyone other than the receiving party’s employees on a need-to-know basis, and (iii) use the disclosing party’s Confidential Information solely for performance of this Contract. The foregoing requirement shall not apply to any portion of a party’s Confidential Information which (a) becomes publicly known through no wrongful act or omission on the part of the receiving party; (b) is already known to the receiving party at the time of the disclosure without similar nondisclosure obligations; (c) is rightfully received by the receiving party from a third party without similar nondisclosure obligations; (d) is approved for release by written authorization of the disclosing party; (e) is clearly demonstrated by the receiving party to have been independently developed by the receiving party without access to the disclosing party’s Confidential Information; or (f) is required to be disclosed by order of a court or governmental body or by applicable law, provided that the party intending to make such required disclosure shall promptly notify the other party of such intended disclosure in order to allow such party to seek a protective order or other remedy.
Treatment of Proprietary and Confidential Information A. Both parties agree that it may be necessary to provide each other during the term of this Agreement with certain confidential information, including trade secret information, including but not limited to, technical and business plans, technical information, proposals, specifications, drawings, procedures, customer account data and like information (hereinafter collectively referred to as “Information”). Both parties agree that all Information shall either be in writing or other tangible format and clearly marked with a confidential, private or proprietary legend, or, when the Information is communicated orally, it shall also be communicated that the Information is confidential, private or proprietary. The Information will be returned to the owner within a reasonable time. Both parties agree that the Information shall not be copied or reproduced in any form. Both parties agree to receive such Information and not disclose such Information. Both parties agree to protect the Information received from distribution, disclosure or dissemination to anyone except employees of the parties with a need to know such Information and which employees agree to be bound by the terms of this Section. Both parties will use the same standard of care to protect Information received as they would use to protect their own confidential and proprietary Information.
B. Notwithstanding the foregoing, both parties agree that there will be no obligation to protect any portion of the Information that is either: 1) made publicly available by the owner of the Information or lawfully disclosed by a nonparty to this Agreement; 2) lawfully obtained from any source other than the owner of the Information; or 3) previously known to the receiving party without an obligation to keep it confidential.
Confidential Information (a) The Executive recognizes that the services to be performed by the Executive hereunder are special, unique, and extraordinary and that, by reason of such employment with the Company, the Executive may acquire Confidential Information concerning the operation of the Company, the use or disclosure of which would cause the Company substantial loss and damages which could not be readily calculated and for which no remedy at law would be adequate. Accordingly, the Executive agrees that the Executive will not (directly or indirectly) at any time, whether during or after the Executive’s employment hereunder, (i) knowingly use for an improper personal benefit any Confidential Information that the Executive may learn or has learned by reason of the Executive’s employment with the Company or (ii) disclose any such Confidential Information to any Person except (A) in the performance of the Executive’s obligations to the Company hereunder, (B) as required by applicable law, (C) in connection with the enforcement of the Executive’s rights under this Agreement, (D) in connection with any disagreement, dispute or litigation (pending or threatened) between the Executive and the Company or (E) with the prior written consent of the Board of Directors. As used herein, “Confidential Information” includes information with respect to the operation and performance of the Company, its investments, portfolio companies, products, services, facilities, product methods, research and development, trade secrets and other intellectual property, systems, patents and patent applications, procedures, manuals, confidential reports, product price lists, customer lists, financial information, business plans, prospects or opportunities (including, as applicable, all of the foregoing information regarding the Company’s past, current and prospective portfolio companies); provided, however, that such term, shall not include any information that (x) is or becomes generally known or available other than as a result of a disclosure by the Executive or (y) is or becomes known or available to the Executive on a nonconfidential basis from a source (other than the Company) that, to the Executive’s knowledge, is not prohibited from disclosing such information to the Executive by a legal, contractual, fiduciary or other obligation to the Company.
(b) The Executive confirms that all Confidential Information is the exclusive property of the Company. All business records, papers and documents kept or made by the Executive while employed by the Company relating to the business of the Company shall be and remain the property of the Company at all times. Upon the request of the Company at any time, the Executive shall promptly deliver to the Company, and shall retain no copies of, any written materials, records and documents made by the Executive or coming into the Executive’s possession while employed by the Company concerning the business or affairs of the Company other than personal materials, records and documents (including notes and correspondence) of the Executive not containing proprietary information relating to such business or affairs. Notwithstanding the foregoing, the Executive shall be permitted to retain copies of, or have access to, all such materials, records and documents relating to any disagreement, dispute or litigation (pending or threatened) between the Executive and the Company.
Third Party Proprietary Data The Disclosing Party's Third Party Proprietary Data, if any, will be identified in a separate technical document.
Unauthorised Use of Confidential Information The Supplier/Service Provider shall not authorise any party to act on or use in any way any Confidential Information belonging to Transnet whether or not such party is aware of such Confidential Information, and shall promptly notify Transnet of the information if it becomes aware of any party so acting, and shall provide Transnet the information with such assistance as Transnet reasonably requires, at Transnet’s cost and expense, to prevent such third party from so acting.
Technical Safeguards 1. USAC and DSS will process the data matched and any data created by the match under the immediate supervision and control of authorized personnel to protect the confidentiality of the data, so unauthorized persons cannot retrieve any data by computer, remote terminal, or other means.
2. USAC and DSS will strictly limit authorization to these electronic data areas necessary for the authorized user to perform their official duties. All data in transit will be encrypted using algorithms that meet the requirements of the Federal Information Processing Standard (FIPS) Publication 140-2 or 140-3 (when applicable).
3. Authorized system users will be identified by User ID and password, and individually tracked to safeguard against the unauthorized access and use of the system. System logs of all user actions will be saved, tracked and monitored periodically.
4. USAC will transmit data to DSS via encrypted secure file delivery system. For each request, a response will be sent back to USAC to indicate success or failure of transmission.
