Handling Sensitive Personal Information and Breach Notification A. As part of its contract with HHSC Contractor may receive or create sensitive personal information, as section 521.002 of the Business and Commerce Code defines that phrase. Contractor must use appropriate safeguards to protect this sensitive personal information. These safeguards must include maintaining the sensitive personal information in a form that is unusable, unreadable, or indecipherable to unauthorized persons. Contractor may consult the “Guidance to Render Unsecured Protected Health Information Unusable, Unreadable, or Indecipherable to Unauthorized Individuals” issued by the U.S. Department of Health and Human Services to determine ways to meet this standard.
Provisions for Covered Entity to Inform Business Associate of Privacy Practices and Restrictions (a) Covered Entity shall notify Business Associate of any limitation(s) in the notice of privacy practices of Covered Entity under 45 CFR 164.520, to the extent that such limitation may affect Business Associate’s use or disclosure of protected health information.
Personal Data, Confidentiality, Recording of Telephone Calls and Records 22.1. The Company may collect client information directly from the Client (in his completed Account Opening Application Form or otherwise) or from other persons including, for example, the credit reference agencies, fraud prevention agencies, banks, other financial institutions, third authentication service providers and the providers of public registers.
Permitted Uses and Disclosure by Business Associate (1) General Use and Disclosure Provisions Except as otherwise limited in this Section of the Contract, Business Associate may use or disclose PHI to perform functions, activities, or services for, or on behalf of, Covered Entity as specified in this Contract, provided that such use or disclosure would not violate the HIPAA Standards if done by Covered Entity or the minimum necessary policies and procedures of the Covered Entity.
Reporting of Abuse, Neglect, or Exploitation Consistent with provisions of 33 V.S.A. §4913(a) and §6903, any agent or employee of a Contractor who, in the performance of services connected with this agreement, has contact with clients or is a caregiver and who has reasonable cause to believe that a child or vulnerable adult has been abused or neglected as defined in Chapter 49 or abused, neglected, or exploited as defined in Chapter 69 of Title 33 V.S.A. shall make a report involving children to the Commissioner of the Department for Children and Families within 24 hours or a report involving vulnerable adults to the Division of Licensing and Protection at the Department of Disabilities, Aging, and Independent Living within 48 hours. This requirement applies except in those instances where particular roles and functions are exempt from reporting under state and federal law. Reports involving children shall contain the information required by 33 V.S.A. §4914. Reports involving vulnerable adults shall contain the information required by 33 V.S.A. §6904. The Contractor will ensure that its agents or employees receive training on the reporting of abuse or neglect to children and abuse, neglect or exploitation of vulnerable adults.
Patient Information Each Party agrees to abide by all laws, rules, regulations, and orders of all applicable supranational, national, federal, state, provincial, and local governmental entities concerning the confidentiality or protection of patient identifiable information and/or patients’ protected health information, as defined by any other applicable legislation in the course of their performance under this Agreement.
Confidentiality and Safeguarding of University Records; Press Releases; Public Information Under this Agreement, Contractor may (1) create, (2) receive from or on behalf of University, or (3) have access to, records or record systems (collectively, University Records). Among other things, University Records may contain social security numbers, credit card numbers, or data protected or made confidential or sensitive by Applicable Laws. [Option (Include if University Records are subject to FERPA.): Additional mandatory confidentiality and security compliance requirements with respect to University Records subject to the Family Educational Rights and Privacy Act, 20 United States Code (USC) §1232g (FERPA) are addressed in Section 12.41.] [Option (Include if University is a HIPAA Covered Entity and University Records are subject to HIPAA.): Additional mandatory confidentiality and security compliance requirements with respect to University Records subject to the Health Insurance Portability and Accountability Act and 45 Code of Federal Regulations (CFR) Part 160 and subparts A and E of Part 164 (collectively, HIPAA) are addressed in Section 12.26.] Contractor represents, warrants, and agrees that it will: (1) hold University Records in strict confidence and will not use or disclose University Records except as (a) permitted or required by this Agreement, (b) required by Applicable Laws, or (c) otherwise authorized by University in writing; (2) safeguard University Records according to reasonable administrative, physical and technical standards (such as standards established by the National Institute of Standards and Technology and the Center for Internet Security [Option (Include if Section 12.39 related to Payment Card Industry Data Security Standards is not include in this Agreement.):, as well as the Payment Card Industry Data Security Standards]) that are no less rigorous than the standards by which Contractor protects its own confidential information; (3) continually monitor its operations and take any action necessary to assure that University Records are safeguarded and the confidentiality of University Records is maintained in accordance with all Applicable Laws and the terms of this Agreement; and (4) comply with University Rules regarding access to and use of University’s computer systems, including UTS165 at xxxx://xxx.xxxxxxxx.xxx/board-of-regents/policy-library/policies/uts165-information-resources-use-and-security-policy. At the request of University, Contractor agrees to provide University with a written summary of the procedures Contractor uses to safeguard and maintain the confidentiality of University Records.
Supplemental Vendor Information Only) No response Optional. If Vendor desires that their logo be displayed on their public TIPS profile for TIPS and TIPS Member viewing, Vendor may upload that logo at this location. These supplemental documents shall not be considered part of the TIPS Contract. Rather, they are Vendor Supplemental Information for marketing and informational purposes only. Signature Form.pdf
Your Rights and Our Responsibilities After We Receive Your Written Notice We must acknowledge your letter within 30 days, unless we have corrected the error by then. Within 90 days, we must either correct the error or explain why we believe the statement was correct. After we receive your letter, we cannot try to collect any amount you question or report you as delinquent. We can continue to bill you for the amount you question, including FINANCE CHARGES, and we can apply any unpaid amount against your credit limit. You do not have to pay any questioned amount while we are investigating, but you are still obligated to pay the parts of your statement that are not in question. If we find that we made a mistake on your statement, you will not have to pay any FINANCE CHARGES related to any questioned amount. If we didn’t make a mistake, you may have to pay FINANCE CHARGES and you will have to make up any missed payments on the questioned amount. In either case, we will send you a statement of the amount you owe and the date that it is due. If you fail to pay the amount that we think you owe, we may report you as delinquent. However, if our explanation does not satisfy you and you write to us within 10 days telling us that you still refuse to pay, we must tell anyone we report you to that you have a question about your statement. And, we must tell you the name of anyone we reported you to. We must tell anyone we report you to that the matter has been settled between us when it finally is. If we don’t follow these rules, we can’t collect the first $50.00 of the questioned amount, even if your statement was correct.
IN CASE OF ERRORS OR QUESTIONS ABOUT YOUR ELECTRONIC TRANSFERS In the event that you believe there has been an error with respect to any original check or image thereof transmitted to the Credit Union for deposit or a breach of this Agreement and Disclosure, you will immediately contact the Credit Union regarding such error or breach as set forth below. • By calling the Credit Union at: 000-000-0000; • By emailing the Credit Union at: xxxxxxxxxx@xxxxxxxxxxx.xxx; or • By writing a letter and sending it to P.O. Box 60890, Los Angeles, CA 00000-0000. Contact us as soon as you can if you think your statement or receipt is wrong or if you need more information about a transfer listed on the statement or receipt. We must hear from you no later than 60 days after we sent the FIRST statement on which the problem or error appeared. • Tell us your name and Account number. • Describe the error or the transfer you are unsure about, and explain as clearly as you can why you believe it is an error or why you need more information. • Tell us the dollar amount of the suspected error. If you tell us orally, we may require that you send us your complaint or question in writing within ten (10) business days. We will tell you the results of our investigation within ten (10)* business days after we hear from you and will correct any error promptly. If we need more time, however, we may take up to 45** days to investigate your complaint or question. If we decide to do this, we will provisionally credit your Account within ten (10)* business days for the amount you think is in error, so that you will have the use of the money during the time it takes us to complete our investigation. If we ask you to put your complaint or question in writing and we do not receive it within ten (10) business days, we may not credit your Account. If we decide that there was no error, we will send you a written explanation within three (3) business days after we finish our investigation. You may ask for copies of the documents that we used in our investigation. * If you assert an error within 30 days after you make the first deposit to your Account, we will have 20 business days instead of ten (10) business days. ** If you give notice of an error within 30 days after you make the first deposit to your Account, or notice of an error involving a transaction initiated outside the United States, its possessions and territories, we will have 90 days instead of 45 days to investigate. In accordance with Visa Operating Rules and Regulations, you will receive a provisional credit for Visa Check Card losses for unauthorized use within five (5) business days after you have notified us of the loss. This does not apply to ATM transactions using a PIN(s).
