Handling Sensitive Personal Information and Breach Notification A. As part of its contract with HHSC Contractor may receive or create sensitive personal information, as section 521.002 of the Business and Commerce Code defines that phrase. Contractor must use appropriate safeguards to protect this sensitive personal information. These safeguards must include maintaining the sensitive personal information in a form that is unusable, unreadable, or indecipherable to unauthorized persons. Contractor may consult the “Guidance to Render Unsecured Protected Health Information Unusable, Unreadable, or Indecipherable to Unauthorized Individuals” issued by the U.S. Department of Health and Human Services to determine ways to meet this standard.
B. Contractor must notify HHSC of any confirmed or suspected unauthorized acquisition, access, use or disclosure of sensitive personal information related to this Contract, including any breach of system security, as section 521.053 of the Business and Commerce Code defines that phrase. Contractor must submit a written report to HHSC as soon as possible but no later than 10 business days after discovering the unauthorized acquisition, access, use or disclosure. The written report must identify everyone whose sensitive personal information has been or is reasonably believed to have been compromised.
C. Contractor must either disclose the unauthorized acquisition, access, use or disclosure to everyone whose sensitive personal information has been or is reasonably believed to have been compromised or pay the expenses associated with HHSC doing the disclosure if:
1. Contractor experiences a breach of system security involving information owned by HHSC for which disclosure or notification is required under section 521.053 of the Business and Commerce Code; or
2. Contractor experiences a breach of unsecured protected health information, as 45 C.F.R. §164.402 defines that phrase, and HHSC becomes responsible for doing the notification required by 45 C.F.R. §164.404. HHSC may, at its discretion, waive Contractor's payment of expenses associated with HHSC doing the disclosure.
Public Posting of Approved Users’ Research Use Statement The PI agrees that information about themselves and the approved research use will be posted publicly on the dbGaP website. The information includes the PI’s name and Requester, project name, Research Use Statement, and a Non-Technical Summary of the Research Use Statement. In addition, and if applicable, this information may include the Cloud Computing Use Statement and name of the CSP or PCS. Citations of publications resulting from the use of controlled-access datasets obtained through this DAR may also be posted on the dbGaP website.
Company Creation and Use of Confidential Information The Executive understands and acknowledges that the Company has invested, and continues to invest, substantial time, money and specialized knowledge into developing its resources, creating a customer base, generating customer and potential customer lists, training its employees, and improving its product offerings in the field of financial services. The Executive understands and acknowledges that as a result of these efforts, the Company has created, and continues to use and create Confidential Information. This Confidential Information provides the Company with a competitive advantage over others in the marketplace.
Unauthorised Use of Confidential Information The Supplier/Service Provider shall not authorise any party to act on or use in any way any Confidential Information belonging to Transnet whether or not such party is aware of such Confidential Information, and shall promptly notify Transnet of the information if it becomes aware of any party so acting, and shall provide Transnet the information with such assistance as Transnet reasonably requires, at Transnet’s cost and expense, to prevent such third party from so acting.
Permitted Uses and Disclosures of Phi by Business Associate Except as otherwise indicated in this Agreement, Business Associate may use or disclose PHI, inclusive of de-identified data derived from such PHI, only to perform functions, activities or services specified in this Agreement on behalf of DHCS, provided that such use or disclosure would not violate HIPAA or other applicable laws if done by DHCS.
Certification Regarding Prohibition of Boycotting Israel (Tex Gov. Code 2271)
Maintenance of Confidential Information The Contractor acknowledges that in the course of its appointment hereunder the Contractor will, either directly or indirectly, have access to and be entrusted with information (whether oral, written or by inspection) relating to the Company or its respective affiliates, associates or customers (the “Confidential Information”). For the purposes of this Agreement, “Confidential Information” includes, without limitation, any and all Developments (as defined herein), trade secrets, inventions, innovations, techniques, processes, formulas, drawings, designs, products, systems, creations, improvements, documentation, data, specifications, technical reports, customer lists, supplier lists, distributor lists, distribution channels and methods, retailer lists, reseller lists, employee information, financial information, sales or marketing plans, competitive analysis reports and any other thing or information whatsoever, whether copyrightable or uncopyrightable or patentable or unpatentable. The Contractor acknowledges that the Confidential Information constitutes a proprietary right, which the Company is entitled to protect. Accordingly the Contractor covenants and agrees that during the Term and thereafter until such time as all the Confidential Information becomes publicly known and made generally available through no action or inaction of the Contractor, the Contractor will keep in strict confidence the Confidential Information and shall not, without prior written consent of the Company in each instance, disclose, use or otherwise disseminate the Confidential Information, directly or indirectly, to any third party.
Permitted Uses and Disclosures by Business Associate Except as otherwise limited by this Agreement, Business Associate may make any uses and disclosures of Protected Health Information necessary to perform its services to Covered Entity and otherwise meet its obligations under this Agreement, if such use or disclosure would not violate the Privacy Rule if done by Covered Entity. All other uses or disclosures by Business Associate not authorized by this Agreement or by specific instruction of Covered Entity are prohibited.
Protection of Personal Information Party agrees to comply with all applicable state and federal statutes to assure protection and security of personal information, or of any personally identifiable information (PII), including the Security Breach Notice Act, 9 V.S.A. § 2435, the Social Security Number Protection Act, 9 V.S.A. § 2440, the Document Safe Destruction Act, 9 V.S.A. § 2445 and 45 CFR 155.260. As used here, PII shall include any information, in any medium, including electronic, which can be used to distinguish or trace an individual’s identity, such as his/her name, social security number, biometric records, etc., either alone or when combined with any other personal or identifiable information that is linked or linkable to a specific person, such as date and place or birth, mother’s maiden name, etc.
Restricted Use of Confidential Information (a) Each Receiving Party acknowledges the confidential and proprietary nature of the Confidential Information of the Disclosing Party and agrees that such Confidential Information (i) shall be kept confidential by the Receiving Party; (ii) shall not be used for any reason or purpose other than to evaluate and consummate the Contemplated Transactions; and (iii) without limiting the foregoing, shall not be disclosed by the Receiving Party to any Person, except in each case as otherwise expressly permitted by the terms of this Agreement or with the prior written consent of an authorized representative of Seller with respect to Confidential Information of Seller(each, a "Seller Contact") or an authorized representative of Buyer with respect to Confidential Information of Buyer (each, a "Buyer Contact"). Each of Buyer and Seller shall disclose the Confidential Information of the other party only to its Representatives who require such material for the purpose of evaluating the transactions contemplated herein and are informed by Buyer or Seller, as the case may be, of the obligations of this Article 12 with respect to such information. Each of Buyer and Seller shall (iv) enforce the terms of this Article 12 as to its respective representatives; (v) take such action to the extent necessary to cause its representatives to comply with the terms and conditions of this Article 12; and (vi) be responsible and liable for any breach of the provisions of this Article 12 by it or its representatives.
(b) Unless and until this Agreement is terminated, Seller shall maintain as confidential any Confidential Information (including for this purpose any information of Seller of the type referred to in Sections 12.l(a)(i), (ii) and (iii), whether or not disclosed to Buyer) of the Seller or Shareholders relating to any of the Assets or the Assumed Liabilities.
(c) From and after the Closing, the provisions of Section 12.2(a) above shall not apply to or restrict in any manner Buyer's use of any Confidential Information of the Seller relating to any of the Assets or the Assumed Liabilities.
