Sensitive data Where the transfer involves personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, or biometric data for the purpose of uniquely identifying a natural person, data concerning health or a person’s sex life or sexual orientation, or data relating to criminal convictions and offences (hereinafter ‘sensitive data’), the data importer shall apply the specific restrictions and/or additional safeguards described in Annex I.B.
Sensitive Information Information that requires special precautions to protect from unauthorized use, access, disclosure, modification, loss, or deletion. Sensitive Information may be either Public Information or Confidential Information. It is information that requires a higher than normal assurance of accuracy and completeness. Thus, the key factor for Sensitive Information is that of integrity. Typically, Sensitive Information includes records of agency financial transactions and regulatory actions.
Competitive Terms If the Customer is able to obtain from any Sub-Contractor or any other third party more favourable commercial terms with respect to the supply of any materials, equipment, software, goods or services used by the Supplier or the Supplier Personnel in the supply of the Goods and/or Services, then the Customer may: require the Supplier to replace its existing commercial terms with its Sub-Contractor with the more favourable commercial terms obtained by the Customer in respect of the relevant item; or subject to Clause 29.4 (Termination of Sub-Contracts), enter into a direct agreement with that Sub-Contractor or third party in respect of the relevant item. If the Customer exercises the option pursuant to Clause 29.5.1, then the Call Off Contract Charges shall be reduced by an amount that is agreed in accordance with the Variation Procedure. The Customer's right to enter into a direct agreement for the supply of the relevant items is subject to: the Customer making the relevant item available to the Supplier where this is necessary for the Supplier to provide the Goods and/or Services; and any reduction in the Call Off Contract Charges taking into account any unavoidable costs payable by the Supplier in respect of the substituted item, including in respect of any licence fees or early termination charges.
Competing Products The provisions of Section 21 are set forth on attached Exhibit H and are incorporated in this Section 21 by this reference.
Handling Sensitive Personal Information and Breach Notification A. As part of its contract with HHSC Contractor may receive or create sensitive personal information, as section 521.002 of the Business and Commerce Code defines that phrase. Contractor must use appropriate safeguards to protect this sensitive personal information. These safeguards must include maintaining the sensitive personal information in a form that is unusable, unreadable, or indecipherable to unauthorized persons. Contractor may consult the “Guidance to Render Unsecured Protected Health Information Unusable, Unreadable, or Indecipherable to Unauthorized Individuals” issued by the U.S. Department of Health and Human Services to determine ways to meet this standard.
B. Contractor must notify HHSC of any confirmed or suspected unauthorized acquisition, access, use or disclosure of sensitive personal information related to this Contract, including any breach of system security, as section 521.053 of the Business and Commerce Code defines that phrase. Contractor must submit a written report to HHSC as soon as possible but no later than 10 business days after discovering the unauthorized acquisition, access, use or disclosure. The written report must identify everyone whose sensitive personal information has been or is reasonably believed to have been compromised.
C. Contractor must either disclose the unauthorized acquisition, access, use or disclosure to everyone whose sensitive personal information has been or is reasonably believed to have been compromised or pay the expenses associated with HHSC doing the disclosure if:
1. Contractor experiences a breach of system security involving information owned by HHSC for which disclosure or notification is required under section 521.053 of the Business and Commerce Code; or
2. Contractor experiences a breach of unsecured protected health information, as 45 C.F.R. §164.402 defines that phrase, and HHSC becomes responsible for doing the notification required by 45 C.F.R. §164.404. HHSC may, at its discretion, waive Contractor's payment of expenses associated with HHSC doing the disclosure.
