Security and Confidentiality Technical and organisational security measures must be taken by the data controller that are appropriate to the risks, such as against accidental or unlawful destruction or accidental loss, alteration, unauthorised disclosure or access, presented by the processing. Any person acting under the authority of the data controller, including a processor, must not process the data except on instructions from the data controller.
Privacy and Confidentiality A. Contractors may use or disclose Medi-Cal PII only to perform functions, activities or services directly related to the administration of the Medi-Cal program in accordance with Welfare and Institutions Code section 14100.2 and 42 Code of Federal Regulations section 431.300 et.seq, or as required by law. Disclosures which are required by law, such as a court order, or which are made with the explicit written authorization of the Medi-Cal client, are allowable. Any other use or disclosure of Medi-Cal PII requires the express approval in writing of DHCS. Contractor shall not duplicate, disseminate or disclose Medi-Cal PII except as allowed in the Agreement.
Information and Confidentiality 20.1 Each party recognises that under this Agreement it may receive Confidential Information belonging to the other.