Destruction of Personal Data. For any PHI received regarding an Eligible Beneficiary referred to Contractor by EOHHS who does not enroll in Contractor’s plan, the Contractor must destroy the PHI in accordance with standards set forth in National Institute of Science and Technology (NIST) Special Publication 800‑88, Guidelines for Media Sanitizations, and all applicable State and federal Privacy and security laws including HIPAA and its related implementing regulations, at 45 C.F.R. Parts 160, 162, and 164, as may be amended from time to time. The Contractor shall also adhere to standards described in OMB Circular No. A‑130, Appendix III‑‑Security of Federal Automated Information Systems and NIST Federal Information Processing Standard 200 entitled “Minimum Security Requirements for Federal Information and Information Systems” while in possession of all PHI. Research Data The Contractor must seek and obtain prior written authorization from CMS and EOHHS for the use of any data pertaining to this Contract for research or any other purposes not directly related to the Contractor’s performance under this Contract.
Destruction of Personal Data. Upon termination of this Data Processing Agreement, or upon fulfillment of all purposes agreed in the context of the Services whereby no further processing is required, and upon the Data Controller’s written request, the Data Processor shall, at the discretion of the Data Controller, either delete, destroy or return all Personal Data to the Data Controller and destroy or return any existing copies. The Data Processor shall notify all third parties supporting its own processing of the Personal Data of the termination of the Data Processing Agreement and shall ensure that all such third parties shall either destroy the Personal Data or return the Personal Data to the Data Controller, at the discretion of the Data Controller. Assistance to Data Controller The Data Processor shall assist the Data Controller by appropriate technical and organizational measures, insofar as this is possible, for the fulfilment of the Data Controller’s obligation to respond to requests for exercising the data subject’s rights under EU Data Protection Law. The Data Processor shall assist the Data Controller in ensuring compliance with the obligations pursuant to Section 4 (Security) and prior consultations with supervisory authorities required under Article 36 of the GDPR taking into account the nature of processing and the information available to the Data Processor. The Data Processor shall make available to the Data Controller all information necessary to demonstrate compliance with the Data Processor’s obligations and allow for and contribute to audits, including inspections, conducted by the Data Controller or another auditor mandated by the Data Controller as described in section 4.3.
Destruction of Personal Data. D10. Forthwith upon termination of this contract and pursuant to the Exit Management provisions in this Agreement (howsoever arising):
Destruction of Personal Data. For any PHI received regarding an Eligible Beneficiary referred to Contractor by the Department who does not enroll in Contractor’s plan, the Contractor must destroy the PHI in accordance with standards set forth in NIST Special Publication 800-88, Guidelines for Media Sanitizations, and all applicable state and federal Privacy and security laws including HIPAA and its related implementing regulations, at 45 C.F.R. Parts 160, 162, and 164, as may be amended from time to time. The Contractor shall also adhere to standards described in OMB Circular No. A-130, Appendix III-Security of Federal Automated Information Systems and NIST Federal Information Processing Standard 200 entitled “Minimum Security Requirements for Federal Information and Information Systems” while in possession of all PHI.
Destruction of Personal Data. Unless as otherwise instructed by the Customer or as required by applicable law, ARINC shall, after the end of the provision of Services, either (at the choice of Customer and as operationally feasible): (i) return a complete copy of all Personal Data to the Customer by secure file transfer and securely wipe all other copies of Personal Data Processed by ARINC or its Subprocessors; or (ii) securely wipe all copies of Personal Data Processed by ARINC or any of its Subprocessors.
Destruction of Personal Data. After the termination of this Data Processing Agreement, the Processor shall transfer all Personal Data to the Controller within a reasonable period of time and/or shall, upon the Controller’s request, destroy or delete all Personal Data, including all (copies of) electronically recorded Personal Data, and confirm in writing to the Controller that all Personal Data has been returned, destroyed or deleted. If the Processor is required by law to keep Processing certain Personal Data, it will fulfill the Controller’s request insofar as legally permitted. At the request and expense of the Controller, the Processor shall provide this written conformation with a certified statement from a certified public IT- auditor.
Destruction of Personal Data. All Personal Data shared under the Agreement shall be securely deleted in accordance with Data Protection Legislation. All paper copies shall be securely shredded (to DIN3 grade or if superseded to the equivalent secure shredding applicable to restricted data).
Destruction of Personal Data. In line with Clause 5 e) upon termination or expiry of this Agreement WIC shall delete all Related Personal Data and if requested by Customer provide a notification of such deletion to the Customer within 21 business days.
Destruction of Personal Data. Within fifteen (15) days of PERSONAL DATA no longer being needed for the purposes set out in this Agreement, or within fifteen (15) days of expiration or termination of this Agreement for any reason, at COMPANY’s discretion, CONTRACTOR will return or destroy all PERSONAL DATA in its possession or control as a result of this Agreement. Notwithstanding the foregoing, CONTRACTOR is permitted to keep one copy of any PERSONAL DATA necessary to comply with applicable law until such obligation ceases, at which time CONTRACTOR will immediately destroy such PERSONAL DATA; provided that CONTRACTOR’s obligation hereunder with respect to PERSONAL DATA will continue until all PERSONAL DATA has been destroyed.
Destruction of Personal Data. 3.6.1. The destruction of personal data is understood as actions, as a result of which it becomes impossible to restore the content of personal data on the Site and/or as a result of which the material carriers of personal data are destroyed.
