Provisions for Covered Entity to Inform Business Associate of Privacy Practices and Restrictions (a) Covered Entity shall notify Business Associate of any limitation(s) in the notice of privacy practices of Covered Entity under 45 CFR 164.520, to the extent that such limitation may affect Business Associate’s use or disclosure of protected health information.
MANAGEMENT INFORMATION AND FORMAT 2.1 The Supplier agrees to provide timely, full, accurate and complete MI Reports to the Authority which incorporates the data, in the correct format, required by the MI Reporting Template. The initial MI Reporting Template is set out in the Annex to this Framework Schedule 9.
Accessibility of Web-Based Information and Applications For State Agency Authorized User Acquisitions: Any web-based information and applications development, or programming delivered pursuant to the contract or procurement, will comply with New York State Enterprise IT Policy NYS-P08-005, Accessibility of Web-Based Information and Applications as follows: Any web-based information and applications development, or programming delivered pursuant to the contract or procurement, will comply with New York State Enterprise IT Policy NYS-P08- 005, Accessibility of Web-Based Information and Applications as such policy may be amended, modified or superseded, which requires that state agency web-based information and applications are accessible to persons with disabilities. Web-based information and applications must conform to New York State Enterprise IT Policy NYS-P08-005 as determined by quality assurance testing. Such quality assurance testing will be conducted by the State Agency Authorized User and the results of such testing must be satisfactory to the Authorized User before web-based information and applications will be considered a qualified deliverable under the contract or procurement.
NYS OFFICE OF INFORMATION TECHNOLOGY SERVICES NOTIFICATION All New York State Agencies must notify the Office of Information Technology Services of any and all plans to procure IT and IT -related products, materials and services meeting required thresholds defined in Technology Policy NYS–P08-001: xxxxx://xxx.xx.xxx/sites/default/files/documents/NYS-P08-001.pdf, as may be amended, modified or superseded. SALES REPORTING REQUIREMENTS Contractor shall furnish OGS with quarterly sales reports utilizing Appendix I - Report of Contract Sales. Purchases by Non- State Agencies, political subdivisions and others authorized by law shall be reported in the same report and indicated as required. All fields of information shall be accurate and complete. OGS reserves the right to unilaterally make revisions, changes and/or updates to Appendix I - Report of Contract Sales or to require sales to be reported in a different format without processing a formal amendment and/or modification. Further, additional related sales information and/or detailed Authorized User purchases may be required by OGS and must be supplied upon request. Reseller Sales Product sold through Reseller(s) must be reported by Contractor in the required Appendix I – Report of Contract Sales. Due Date The Appendix I - Report of Contract Sales will be quarterly (January - March, April - June, July - September and October - December). Reports will be due 1 month after the closing quarter. SERVICE REPORTS FOR MAINTENANCE/SUPPORT AND WARRANTY WORK Service Reports for Authorized User An Authorized User in an RFQ may require compliance with any or all of this section. If requested by the Authorized User, the Contractor shall furnish the Authorized User with service reports for all Maintenance/support and warranty work upon completion of the services. The service reports may include the following information in either electronic or hard copy form as designated by the Authorized User: Date and time Contractor was notified Date and time of Contractor’s arrival Make and model of the Product Description of malfunction reported by Authorized User Diagnosis of failure and/or work performed by Contractor Date and time failure was corrected by Contractor Type of service – Maintenance/support or warranty Charges, if any, for the service Service Reports for OGS
Why We Collect Information and For How Long We are collecting your data for several reasons: · To better understand your needs and provide you with the services you have requested; · To fulfill our legitimate interest in improving our services and products; · To send you promotional emails containing information we think you may like when we have your consent to do so; · To contact you to fill out surveys or participate in other types of market research, when we have your consent to do so; · To customize our website according to your online behavior and personal preferences. The data we collect from you will be stored for no longer than necessary. The length of time we retain said information will be determined based upon the following criteria: the length of time your personal information remains relevant; the length of time it is reasonable to keep records to demonstrate that we have fulfilled our duties and obligations; any limitation periods within which claims might be made; any retention periods prescribed by law or recommended by regulators, professional bodies or associations; the type of contract we have with you, the existence of your consent, and our legitimate interest in keeping such information as stated in this Policy.
Confidentiality and Safeguarding of University Records; Press Releases; Public Information Under this Agreement, Contractor may (1) create, (2) receive from or on behalf of University, or (3) have access to, records or record systems (collectively, University Records). Among other things, University Records may contain social security numbers, credit card numbers, or data protected or made confidential or sensitive by Applicable Laws. [Option (Include if University Records are subject to FERPA.): Additional mandatory confidentiality and security compliance requirements with respect to University Records subject to the Family Educational Rights and Privacy Act, 20 United States Code (USC) §1232g (FERPA) are addressed in Section 12.41.] [Option (Include if University is a HIPAA Covered Entity and University Records are subject to HIPAA.): Additional mandatory confidentiality and security compliance requirements with respect to University Records subject to the Health Insurance Portability and Accountability Act and 45 Code of Federal Regulations (CFR) Part 160 and subparts A and E of Part 164 (collectively, HIPAA) are addressed in Section 12.26.] Contractor represents, warrants, and agrees that it will: (1) hold University Records in strict confidence and will not use or disclose University Records except as (a) permitted or required by this Agreement, (b) required by Applicable Laws, or (c) otherwise authorized by University in writing; (2) safeguard University Records according to reasonable administrative, physical and technical standards (such as standards established by the National Institute of Standards and Technology and the Center for Internet Security [Option (Include if Section 12.39 related to Payment Card Industry Data Security Standards is not include in this Agreement.):, as well as the Payment Card Industry Data Security Standards]) that are no less rigorous than the standards by which Contractor protects its own confidential information; (3) continually monitor its operations and take any action necessary to assure that University Records are safeguarded and the confidentiality of University Records is maintained in accordance with all Applicable Laws and the terms of this Agreement; and (4) comply with University Rules regarding access to and use of University’s computer systems, including UTS165 at xxxx://xxx.xxxxxxxx.xxx/board-of-regents/policy-library/policies/uts165-information-resources-use-and-security-policy. At the request of University, Contractor agrees to provide University with a written summary of the procedures Contractor uses to safeguard and maintain the confidentiality of University Records.
Data Protection and Privacy: Protected Health Information Party shall maintain the privacy and security of all individually identifiable health information acquired by or provided to it as a part of the performance of this Agreement. Party shall follow federal and state law relating to privacy and security of individually identifiable health information as applicable, including the Health Insurance Portability and Accountability Act (HIPAA) and its federal regulations.
Electronic and Information Resources Accessibility and Security Standards a. Applicability: The following Electronic and Information Resources (“EIR”) requirements apply to the Contract because the Grantee performs services that include EIR that the System Agency's employees are required or permitted to access or members of the public are required or permitted to access. This Section does not apply to incidental uses of EIR in the performance of the Agreement, unless the Parties agree that the EIR will become property of the State of Texas or will be used by HHSC’s clients or recipients after completion of the Agreement. Nothing in this section is intended to prescribe the use of particular designs or technologies or to prevent the use of alternative technologies, provided they result in substantially equivalent or greater access to and use of a Product.
Amendment of Protected Health Information 8.1 To the extent Covered Entity determines that any Protected Health Information is maintained by Business Associate or its agents or Subcontractors in a Designated Record Set, Business Associate shall, within ten (10) business days after receipt of a written request from Covered Entity, make any amendments to such Protected Health Information that are requested by Covered Entity, in order for Covered Entity to meet the requirements of 45 C.F.R. § 164.526.
Permitted Uses and Disclosures of Protected Health Information Business Associate:
