Privacy and Confidentiality A. Contractors may use or disclose Medi-Cal PII only to perform functions, activities or services directly related to the administration of the Medi-Cal program in accordance with Welfare and Institutions Code section 14100.2 and 42 Code of Federal Regulations section 431.300 et.seq, or as required by law. Disclosures which are required by law, such as a court order, or which are made with the explicit written authorization of the Medi-Cal client, are allowable. Any other use or disclosure of Medi-Cal PII requires the express approval in writing of DHCS. Contractor shall not duplicate, disseminate or disclose Medi-Cal PII except as allowed in the Agreement.
Privacy and Data Protection 8.1 The Receiving Party undertakes to comply with South Africa’s general privacy protection in terms Section 14 of the Xxxx of Rights in connection with this Bid and shall procure that its personnel shall observe the provisions of such Act [as applicable] or any amendments and re-enactments thereof and any regulations made pursuant thereto.
Privacy and Data Security (a) The parties will keep confidential any information regarding the Trust, the Variable Accounts, and Contract Owners received in connection with providing services and meeting their respective obligations hereunder, except: (a) as necessary to provide the services or otherwise meet their respective obligations under this Agreement; (b) as necessary to comply with applicable law; and (c) information regarding the Trust or Variable Accounts which is otherwise publicly available. The parties will maintain internal safekeeping procedures to safeguard and protect the confidentiality of the data transmitted to another party or its designees or agents in accordance with Section 248.11 of Regulation S-P (17 CFR 248.1–248.30) (“Reg S-P”) and any other applicable federal or state privacy laws and regulations, including without limitation 201 CFR 17.00 et seq. and applicable security breach notification regulations (collectively “Privacy Laws”). Each party shall use such data solely to effect the services contemplated herein, and none of the parties will directly, or indirectly through an affiliate, disclose any non-public personal information protected under Privacy Laws (“Non-public Personal Information”) received from another party to any person that is not an affiliate, designee, service provider, or agent of the receiving party and provided that any such information disclosed to an affiliate, designee, service provider, or agent will be under the same or substantially similar contractual limitations on use and non-disclosure and will comply with all legal requirements. The Company will not use information, including Non-public Personal Information, directly or indirectly provided to it by Nationwide or its designees or agents pursuant to this Agreement for the purpose of marketing to Contract Owners or any other similar purpose, except as may be agreed by the parties hereto. Except for confidential information consisting of Non-public Personal Information, which will be governed in all respects in accordance with the immediately preceding sentence, confidential information does not include information which (i) was publicly known and/or was in the possession of the party receiving confidential information (“Receiving Party”) from other sources prior to the Receiving Party’s receipt of confidential information from the party disclosing confidential information (“Disclosing Party”), or (ii) is or becomes publicly available other than as a result of a disclosure by the Receiving Party or its representatives, or (iii) is or becomes available to the Receiving Party on a non-confidential basis from a source (other than the Disclosing Party) which, to the best of the Receiving Party’s knowledge, is not prohibited from disclosing such information to the Receiving Party by a legal, contractual, or fiduciary obligation to the Disclosing Party, or (iv) describes the fees payable to Nationwide under this Agreement.
Data Privacy and Security Bank will implement and maintain a written information security program, in compliance with all federal, state and local laws and regulations (including any similar international laws) applicable to Bank, that contains reasonable and appropriate security measures designed to safeguard the personal information of the Funds' shareholders, employees, trustees and/or officers that Bank or any Subcustodian receives, stores, maintains, processes, transmits or otherwise accesses in connection with the provision of services hereunder. In this regard, Bank will establish and maintain policies, procedures, and technical, physical, and administrative safeguards, designed to (i) ensure the security and confidentiality of all personal information and any other confidential information that Bank receives, stores, maintains, processes or otherwise accesses in connection with the provision of services hereunder, (ii) protect against any reasonably foreseeable threats or hazards to the security or integrity of personal information or other confidential information, (iii) protect against unauthorized access to or use of personal information or other confidential information, (iv) maintain reasonable procedures to detect and respond to any internal or external security breaches, and (v) ensure appropriate disposal of personal information or other confidential information. Bank will monitor and review its information security program and revise it, as necessary and in its sole discretion, to ensure it appropriately addresses any applicable legal and regulatory requirements. Bank shall periodically test and review its information security program. Bank shall respond to Customer's reasonable requests for information concerning Bank's information security program and, upon request, Bank will provide a copy of its applicable policies and procedures, or in Bank's discretion, summaries thereof, to Customer, to the extent Bank is able to do so without divulging information Bank reasonably believes to be proprietary or Bank confidential information. Upon reasonable request, Bank shall discuss with Customer the information security program of Bank. Bank also agrees, upon reasonable request, to complete any security questionnaire provided by Customer to the extent Bank is able to do so without divulging sensitive, proprietary, or Bank confidential information and return it in a commercially reasonable period of time (or provide an alternative response that reasonably addresses the points included in the questionnaire). Customer acknowledges that certain information provided by Bank, including internal policies and procedures, may be proprietary to Bank, and agrees to protect the confidentiality of all such materials it receives from Bank. Bank agrees to resolve promptly any applicable control deficiencies that come to its attention that do not meet the standards established by federal and state privacy and data security laws, rules, regulations, and/or generally accepted industry standards related to Bank's information security program. Bank shall: (i) promptly notify Customer of any confirmed unauthorized access to personal information or other confidential information of Customer ("Breach of Security"); (ii) promptly furnish to Customer appropriate details of such Breach of Security and assist Customer in assessing the Breach of Security to the extent it is not privileged information or part of an investigation; (iii) reasonably cooperate with Customer in any litigation and investigation of third parties reasonably deemed necessary by Customer to protect its proprietary and other rights; (iv) use reasonable precautions to prevent a recurrence of a Breach of Security; and (v) take all reasonable and appropriate action to mitigate any potential harm related to a Breach of Security, including any reasonable steps requested by Customer that are practicable for Bank to implement. Nothing in the immediately preceding sentence shall obligate Bank to provide Customer with information regarding any of Bank's other customers or clients that are affected by a Breach of Security, nor shall the immediately preceding sentence limit Bank's ability to take any actions that Bank believes are appropriate to remediate any Breach of Security unless such actions would prejudice or otherwise limit Customer's ability to bring its own claims or actions against third parties related to the Breach of Security. If Bank discovers or becomes aware of a suspected data or security breach that may involve an improper access, use, disclosure, or alteration of personal information or other confidential information of Customer, Bank shall, except to the extent prohibited by Applicable Law or directed otherwise by a governmental authority not to do so, promptly notify Customer that it is investigating a potential breach and keep Customer informed as reasonably practicable of material developments relating to the investigation until Bank either confirms that such a breach has occurred (in which case the first sentence of this paragraph will apply) or confirms that no data or security breach involving personal information or other confidential information of Customer has occurred. For these purposes, "personal information" shall mean (i) an individual's name (first initial and last name or first name and last name), address or telephone number plus (a) social security number, (b) driver's license number, (c) state identification card number, (d) debit or credit card number, (e) financial account 22 number, (f) passport number, or (g) personal identification number or password that would permit access to a person's account or (ii) any combination of the foregoing that would allow a person to log onto or access an individual's account. This provision will survive termination or expiration of the Agreement for so long as Bank or any Subcustodian continues to possess or have access to personal information related to Customer. Notwithstanding the foregoing "personal information" shall not include information that is lawfully obtained from publicly available information, or from federal, state or local government records lawfully made available to the general public.
Privacy and Security (a) The Service Provider shall not transmit or store any AHS data outside the borders of Canada, nor transmit any AHS data in Canada to any party not specifically contemplated in this Agreement, without AHS’s prior written consent to each such data transmittal, which consent may be arbitrarily and unreasonably withheld.
Privacy Act If performance involves design, development or operation of a system of records on individuals, this Agreement incorporates by reference FAR 52.224-1 Privacy Act Notification (Apr 1984) and FAR 52.224-2 Privacy Act (Apr 1984).
Privacy Policy The Provider must publicly disclose material information about its collection, use, and disclosure of Student Data, including, but not limited to, publishing a terms of service agreement, privacy policy, or similar document.
Confidentiality and Privacy The Training Provider must not, without the prior written approval of the Department, disclose (or permit the disclosure of) information regarding this VET Funding Contract (including details of the Funds being provided by the Department in respect of any individual) or any Confidential Information of the Department or the State, except: to the extent required under this VET Funding Contract; to the extent required by Law; to its solicitors, barristers and/or other professional advisors in order to obtain advice in relation to its rights under this VET Funding Contract, the Training Services or the Funds and provided such advisors are under a duty of confidentiality; to the extent necessary for the registration or recording of documents where required; and/or to the extent required in connection with legal proceedings, and then only to the extent strictly necessary for that purpose. The Training Provider acknowledges and agrees that: the Department may disclose or otherwise make available (whether to the public generally or to any particular person or group of persons) any and all information relating to the Training Provider and this VET Funding Contract (including Confidential Information of the Training Provider), including: course and qualification details; government subsidised fee information; details of the Funds paid; the contents of any surveys in which the Training Provider participates pursuant to Clause 4.5(j)(ii) or any employer surveys; any information that the Training Provider is required to publish on its website or otherwise make publicly available under this VET Funding Contract; details of any non-compliance by the Training Provider with this VET Funding Contract; any action taken by the Department under this VET Funding Contract; and findings and outcomes of any audits or reviews undertaken pursuant to this VET Funding Contract, as it considers reasonably appropriate to facilitate the proper operation of the Skills First Program, including as contemplated by Clause 12.3 of Schedule 1; the Department may disclose information referred to in paragraph (a), and any information regarding any suspected non-compliance by the Training Provider with this VET Funding Contract, for the purpose of satisfying its obligations under: the Freedom of Information Act 1982 (Vic); the Ombudsman Act 1973 (Vic); or the Audit Act 1994 (Vic); or the requirements of Parliamentary accountability or a Minister's obligations to fulfil their duties of office; and the Department may disclose information referred to in paragraph (a) or paragraph (b) to the counterparty to any Other VET Funding Arrangement, any regulator who has responsibility for issuing or monitoring compliance with the applicable registration referred to in Clause 4.1(a), or other government entity in any jurisdiction that has an interest in the regulation and funding of the VET sector. The Training Provider must take all steps and make all efforts to assist the Department in complying with any of the obligations referred to in Clause 13.2(b). The Training Provider acknowledges that it will be bound by the Information Privacy Principles and any applicable Code of Practice with respect to any act done or practice engaged in by the Training Provider under or in connection with this VET Funding Contract in the same way and to the same extent as the Department would have been bound had it been directly done or engaged in by the Department. The Training Provider must include a standard privacy notice in all enrolment forms, in accordance with the Victorian VET Student Statistical Collection Guidelines, which advises Eligible Individuals how their data may be supplied to and used by the Department and Commonwealth VET Student Loan agencies. The Training Provider must, in collecting any Personal Information for the purposes of this VET Funding Contract, ensure that it has obtained all necessary consents for: the Training Provider to collect, use, hold and disclose that Personal Information, including by disclosing it to the Department as contemplated by this VET Funding Contract (including by way of the submission of reports under Clause 12 of Schedule 1, for the purposes of complying with Record disclosure obligations under Clause 10 and in the course of any audit, review or investigation under Clause 11); and the Department to collect, use, hold and disclose that Personal Information for the purposes of this VET Funding Contract and its operation and management of the Skills First Program, in accordance with all applicable Laws, including the PDP Act, the Health Records Act and (if applicable to the Training Provider) the Privacy Act 1988 (Cth). The Training Provider must cooperate with, and provide any assistance requested by, the Department in relation to: resolving any complaint made to the Department alleging a breach of the PDP Act or the Health Records Act in relation to any Personal Information collected, used, held or disclosed by the Department that was provided to it by the Training Provider in connection with this VET Funding Contract; and providing access to or amendment of any record of Personal Information collected, used, held or disclosed in connection with this VET Funding Contract following a request from an individual made to the Department.
