Handling Sensitive Personal Information and Breach Notification A. As part of its contract with HHSC Contractor may receive or create sensitive personal information, as section 521.002 of the Business and Commerce Code defines that phrase. Contractor must use appropriate safeguards to protect this sensitive personal information. These safeguards must include maintaining the sensitive personal information in a form that is unusable, unreadable, or indecipherable to unauthorized persons. Contractor may consult the “Guidance to Render Unsecured Protected Health Information Unusable, Unreadable, or Indecipherable to Unauthorized Individuals” issued by the U.S. Department of Health and Human Services to determine ways to meet this standard.
B. Contractor must notify HHSC of any confirmed or suspected unauthorized acquisition, access, use or disclosure of sensitive personal information related to this Contract, including any breach of system security, as section 521.053 of the Business and Commerce Code defines that phrase. Contractor must submit a written report to HHSC as soon as possible but no later than 10 business days after discovering the unauthorized acquisition, access, use or disclosure. The written report must identify everyone whose sensitive personal information has been or is reasonably believed to have been compromised.
C. Contractor must either disclose the unauthorized acquisition, access, use or disclosure to everyone whose sensitive personal information has been or is reasonably believed to have been compromised or pay the expenses associated with HHSC doing the disclosure if:
1. Contractor experiences a breach of system security involving information owned by HHSC for which disclosure or notification is required under section 521.053 of the Business and Commerce Code; or
2. Contractor experiences a breach of unsecured protected health information, as 45 C.F.R. §164.402 defines that phrase, and HHSC becomes responsible for doing the notification required by 45 C.F.R. §164.404. HHSC may, at its discretion, waive Contractor's payment of expenses associated with HHSC doing the disclosure.
Access to Confidential Information Each party acknowledges that the other party, its employees or agents, may be given access to Confidential Information relating to the other parties' business or the operation of this Agreement or any negotiations relating to this Agreement.
Exceptions to Confidential Information The obligations set forth in Section 13.1 (Confidential Information) shall not apply to the extent that Confidential Information includes information which is: (a) now or hereafter, through no unauthorized act or failure to act on the Receiving Party’s part, in the public domain; (b) was in the Receiving Party’s possession before receipt from the Disclosing Party and obtained from a source other than the Disclosing Party and other than through the prior relationship of the Disclosing Party and the Receiving Party before the Separation Date; (c) hereafter furnished to the Receiving Party by a third party as a matter of right and without restriction on disclosure; (d) furnished to others by the Disclosing Party without restriction on disclosure; or (e) independently developed by the Receiving Party without use of the Disclosing Party’s Confidential Information. Nothing in this Agreement shall prevent the Receiving Party from disclosing Confidential Information to the extent the Receiving Party is legally compelled to do so by any governmental, investigative or judicial agency pursuant to proceedings over which such agency has jurisdiction; provided, however, that prior to any such disclosure, the Receiving Party shall: (i) assert the confidential nature of the Confidential Information to the agency; (ii) immediately notify the Disclosing Party in writing of the agency’s order or request to disclose; and (iii) cooperate fully with the Disclosing Party in protecting against any such disclosure and/or obtaining a protective order narrowing the scope of the compelled disclosure and protecting its confidentiality.
Notice and Opportunity to Defend Promptly after the receipt by Buyer or the Company and/or the Seller of notice of any action, proceeding, claim or potential claim (any of which is hereinafter individually referred to as a “Circumstance”) which could give rise to a right to indemnification under this Agreement, such party (the “Indemnified Party”) shall give prompt written notice to the party or parties who may become obligated to provide indemnification hereunder (the “Indemnifying Party”). Such notice shall specify in reasonable detail the basis and amount, if ascertainable, of any claim that would be based upon the Circumstance. The failure to give such notice promptly shall relieve the Indemnifying Party of its indemnification obligations under this Agreement, unless the Indemnified Party establishes that the Indemnifying Party either had knowledge of the Circumstance or was not prejudiced by the failure to give notice of the Circumstance. The Indemnifying Party shall have the right, at its option, to compromise or defend the claim, at its own expense and by its own counsel, and otherwise control any such matter involving the asserted liability of the Indemnified Party, provided that any such compromise or control shall be subject to obtaining the prior written consent of the Indemnified Party which shall not be unreasonably withheld. An Indemnifying Party shall not be liable for any costs of settlement incurred without the written consent of the Indemnifying Party. If any Indemnifying Party undertakes to compromise or defend any asserted liability, it shall promptly notify the Indemnified Party of its intention to do so, and the Indemnified Party agrees to cooperate fully with the Indemnifying Party and its counsel in the compromise of or defense against any such asserted liability. All costs and expenses incurred in connection with such cooperation shall be borne by the Indemnifying Party, provided such costs and expenses have been previously approved by the Indemnifying Party. In any event, the Indemnified Party shall have the right at its own expense to participate in the defense of an asserted liability.
Exceptions to Confidentiality The Receiving Party’s obligations set forth in this Agreement shall not extend to any Confidential Information of the Disclosing Party:
(a) that is or hereafter becomes part of the public domain (other than as a result of a disclosure by the Receiving Party or its Recipients in violation of this Agreement);
(b) that is received from a Third Party without restriction on disclosure and without, to the knowledge of the Receiving Party, breach of any agreement between such Third Party and the Disclosing Party;
(c) that the Receiving Party can demonstrate by competent evidence was already in its possession without any limitation on disclosure prior to its receipt from the Disclosing Party;
(d) that is generally made available to Third Parties by the Disclosing Party without restriction on disclosure; or
(e) that the Receiving Party can demonstrate by competent evidence was independently developed by the Receiving Party without use of or reference to the Confidential Information.
Access to Company Information (a) During the period from the date of this Agreement to the Effective Time, the Company shall permit representatives of the Parent to have reasonable access (at all reasonable times, and in a manner so as not to interfere with the normal business operations of the Company) to all premises, properties, financial and accounting records, contracts, other records and documents, and personnel, of or pertaining to the Company.
(b) The Parent and each of its Subsidiaries (i) shall treat and hold as confidential any Company Confidential Information (as defined below), (ii) shall not use any of the Company Confidential Information except in connection with this Agreement, and (iii) if this Agreement is terminated for any reason whatsoever, shall return to the Company all tangible embodiments (and all copies) thereof which are in its possession. For purposes of this Agreement, “Company Confidential Information” means any information of the Company that is furnished to the Parent or any of its Subsidiaries by the Company in connection with this Agreement; provided, however, that it shall not include any information (A) which, at the time of disclosure, is available publicly other than as a result of non-permitted disclosure by the Parent, any of its Subsidiaries or their respective directors, officers, or employees, (B) which, after disclosure, becomes available publicly through no fault of the Parent, any of its Subsidiaries or their respective directors, officers, or employees, (C) which the Parent or any of its Subsidiaries knew or to which the Parent or any of its Subsidiaries had access prior to disclosure, as demonstrated by competent evidence, provided that the source of such information is not known by the Parent or any of its Subsidiaries to be bound by a confidentiality obligation to the Company, or (D) which the Parent or any of its Subsidiaries rightfully obtains from a source other than the Company, provided that the source of such information is not known by the Parent or any of its Subsidiaries to be bound by a confidentiality obligation to the Company.
RELEASE OF GENERAL INFORMATION TO THE PUBLIC AND MEDIA NASA or Partner may, consistent with Federal law and this Agreement, release general information regarding its own participation in this Agreement as desired. Pursuant to Section 841(d) of the NASA Transition Authorization Act of 2017, Public Law 115-10 (the "NTAA"), NASA is obligated to publicly disclose copies of all agreements conducted pursuant to NASA's 51 U.S.C. §20113(e) authority in a searchable format on the NASA website within 60 days after the agreement is signed by the Parties. The Parties acknowledge that a copy of this Agreement will be disclosed, without redactions, in accordance with the NTAA.
Access to Financial Information Buyer’s representatives shall have access to, and Seller and its Affiliates shall cooperate with Buyer and furnish upon request, all financial and other information relating to the Hotel’s operations to the extent necessary to enable Buyer’s representatives to prepare audited financial statements in conformity with Regulation S-X of the Securities and Exchange Commission (the “SEC”) and other applicable rules and regulations of the SEC and to enable them to prepare a registration statement, report or disclosure statement for filing with the SEC on behalf of Buyer or its Affiliates, whether before or after Closing and regardless of whether such information is included in the Records to be transferred to Buyer hereunder. Seller shall also provide to Buyer’s representative a signed representation letter in form and substance reasonably acceptable to Seller sufficient to enable an independent public accountant to render an opinion on the financial statements related to the Hotel. Buyer will reimburse Seller for costs reasonably incurred by Seller to comply with the requirements of the preceding sentence to the extent that Seller is required to incur costs not in the ordinary course of business for third parties to provide such representation letters. The provisions of this Section shall survive Closing or termination of this Contract.
Access to Personal Information by Subcontractors Supplier agrees to require any subcontractors or agents to which it discloses Personal Information under this Agreement or under any SOW to provide reasonable assurance, evidenced by written contract, that they will comply with the same or substantially similar confidentiality, privacy and security obligations with respect to such Personal Information as apply to Supplier under this Agreement or any SOW. Supplier shall confirm in writing to DXC that such contract is in place as a condition to DXC’s approval of use of a subcontractor in connection with any SOW. Upon request of DXC, Supplier will provide to DXC a copy of the subcontract or an extract of the relevant clauses. Supplier shall ensure that any failure on the part of any subcontractor or agent to comply with the Supplier obligations under this Agreement or any SOW shall be grounds to promptly terminate such subcontractor or agent. If during the term of this Agreement or any SOW, DXC determines, in its exclusive discretion, that any Supplier subcontractor or agent cannot comply with the Supplier obligations under this Agreement or with any SOW, then DXC may terminate this Agreement in whole or in part (with respect to any SOW for which such subcontractor or agent is providing services), if not cured by Supplier within the time prescribed in the notice of such deficiency.
Authorization to Release and Transfer Necessary Personal Information The Grantee hereby explicitly and unambiguously consents to the collection, use and transfer, in electronic or other form, of the Grantee’s personal data by and among, as applicable, the Company and its Subsidiaries for the exclusive purpose of implementing, administering and managing the Grantee’s participation in the Plan. The Grantee understands that the Company may hold certain personal information about the Grantee, including, but not limited to, the Grantee’s name, home address and telephone number, date of birth, social security number (or any other social or national identification number), salary, nationality, job title, number of Award Units and/or shares of Common Stock held and the details of all Award Units or any other entitlement to shares of Common Stock awarded, cancelled, vested, unvested or outstanding for the purpose of implementing, administering and managing the Grantee’s participation in the Plan (the “Data”). The Grantee understands that the Data may be transferred to the Company or to any third parties assisting in the implementation, administration and management of the Plan, that these recipients may be located in the Grantee’s country or elsewhere, and that any recipient’s country (e.g., the United States) may have different data privacy laws and protections than the Grantee’s country. The Grantee understands that he or she may request a list with the names and addresses of any potential recipients of the Data by contacting his or her local human resources representative or the Company’s stock plan administrator. The Grantee authorizes the recipients to receive, possess, use, retain and transfer the Data, in electronic or other form, for the sole purpose of implementing, administering and managing the Grantee’s participation in the Plan, including any requisite transfer of such Data to a broker or other third party assisting with the administration of Award Units under the Plan or with whom shares of Common Stock acquired pursuant to the vesting of the Award Units or cash from the sale of such shares may be deposited. Furthermore, the Grantee acknowledges and understands that the transfer of the Data to the Company or to any third parties is necessary for the Grantee’s participation in the Plan. The Grantee understands that the Grantee may, at any time, view the Data, request additional information about the storage and processing of the Data, require any necessary amendments to the Data or refuse or withdraw the consents herein by contacting the Grantee’s local human resources representative or the Company’s stock plan administrator in writing. The Grantee further acknowledges that withdrawal of consent may affect his or her ability to vest in or realize benefits from the Award Units, and the Grantee’s ability to participate in the Plan. For more information on the consequences of refusal to consent or withdrawal of consent, the Grantee understands that he or she may contact his or her local human resources representative or the Company’s stock plan administrator.