Common use of Use of Protected Information Clause in Contracts

Use of Protected Information. All Protected Information shall be used by the Recipient in accordance with the following requirements: All Protected Information shall be held in confidence and shall be processed, treated, disclosed and used by the Recipient and its Related Parties only for Project Purposes and in accordance with the Confidentiality Control Procedures established pursuant to Paragraph 2(c), below, including, without limitation, the Port Authority Handbook, receipt of which is acknowledged by Recipient and shall be acknowledged in writing by each Related Party by signing the Acknowledgment attached hereto as Exhibit A or Exhibit B, as applicable, and applicable legal requirements. Protected Information may be disclosed, only if and to the extent that such disclosure is an Authorized Disclosure. Recipient and each Related Party acknowledges and agrees that (i) any violation by the Recipient or any of its Related Parties of the terms, conditions or restrictions of this Agreement relating to Protected Information may result in penalties and other enforcement or corrective action as set forth in such statutes and regulations, including, without limitation, the issuance of orders requiring retrieval of Sensitive Security Information and Critical Infrastructure Information to remedy unauthorized disclosure and to cease future unauthorized disclosure and (ii) pursuant to the aforementioned Federal Regulations, including, without limitation, 49 C.F.R. §§ 15.17 and 1520.17, any such violation thereof or mishandling of information therein defined may constitute grounds for a civil penalty and other enforcement or corrective action by the United States Department of Transportation and the United States Department of Homeland Security, and appropriate personnel actions for Federal employees. Recipient and each Related Party covenants to the Port Authority that it has established, promulgated and implemented Confidentiality Control Procedures for identification, handling, receipt, care, and storage of Protected Information to control and safeguard against any violation of the requirements of this Agreement and against any unauthorized access, disclosure, modification, loss or misuse of Protected Information. Recipient and each Related Party shall undertake reasonable steps consistent with such Confidentiality Control Procedures to assure that disclosure of Protected Information is compartmentalized, such that all Protected Information shall be disclosed only to those persons and entities authorized to receive such Information as an Authorized Disclosure under this Agreement and applicable Confidentiality Control Procedures. The Confidentiality Control Procedures shall, at a minimum, adhere to, and shall not be inconsistent with, the procedures and practices established in the Port Authority Handbook. The Port Authority reserves the right to audit Recipient’s Confidentiality Control Procedures, and those of each Related Party, as applicable, to ensure that it is in compliance with the terms of this Agreement. The Port Authority may request in writing that the Recipient or any Related Parties apply different or more stringent controls on the handling, care, storage and disclosure of particular items of Protected Information as a precondition for its disclosure. The Port Authority may decline any request by the Recipient or any of its Related Parties to provide such item of Protected Information if the Recipient or any of the Related Parties do not agree in writing to apply such controls. Nothing in this Agreement shall require the Port Authority to tender or provide access to or possession of any Protected Information to the Recipient or its Related Parties, whether or not the requirements of this Agreement are otherwise satisfied. However, if such Protected Information is provided and accepted, the Recipient and its Related Parties shall abide by the terms, conditions and requirements of this Agreement. The Recipient and each Related Party agrees to be responsible for enforcing the provisions of this Agreement with respect to its Related Parties, in accordance with the Confidentiality Control Procedures. Except as required by law pursuant to written advice of competent legal counsel, or with the Port Authority’s prior written consent, neither the Recipient, nor any of the Related Parties shall disclose to any third party, person or entity: (i) any Protected Information under circumstances where the Recipient is not fully satisfied that the person or entity to whom such disclosure is about to be made shall act in accordance with the Confidentiality Control Procedures whether or not such person or entity has agreed in writing to be bound by the terms of this Agreement or any “Acknowledgement” of its terms or (ii) the fact that Protected Information has been made available to the Recipient or such Related Parties, or the content or import of such Protected Information. The Recipient is responsible for collecting and managing the Acknowledgments signed by Related Parties pursuant to this Agreement. Recipient shall, at the Port Authority’s request, provide the Port Authority a list of all Related Parties who have signed an Acknowledgment, and copies of such Acknowledgments. As to all Protected Information provided by or on behalf of the Port Authority, nothing in this Agreement shall constitute or be construed as a waiver of any public interest privilege or other protections established under applicable state or federal law.