Provisions for Covered Entity to Inform Business Associate of Privacy Practices and Restrictions (a) Covered Entity shall notify Business Associate of any limitation(s) in the notice of privacy practices of Covered Entity under 45 CFR 164.520, to the extent that such limitation may affect Business Associate’s use or disclosure of protected health information.
Access to Personal Information by Subcontractors Supplier agrees to require any subcontractors or agents to which it discloses Personal Information under this Agreement or under any SOW to provide reasonable assurance, evidenced by written contract, that they will comply with the same or substantially similar confidentiality, privacy and security obligations with respect to such Personal Information as apply to Supplier under this Agreement or any SOW. Supplier shall confirm in writing to DXC that such contract is in place as a condition to DXC’s approval of use of a subcontractor in connection with any SOW. Upon request of DXC, Supplier will provide to DXC a copy of the subcontract or an extract of the relevant clauses. Supplier shall ensure that any failure on the part of any subcontractor or agent to comply with the Supplier obligations under this Agreement or any SOW shall be grounds to promptly terminate such subcontractor or agent. If during the term of this Agreement or any SOW, DXC determines, in its exclusive discretion, that any Supplier subcontractor or agent cannot comply with the Supplier obligations under this Agreement or with any SOW, then DXC may terminate this Agreement in whole or in part (with respect to any SOW for which such subcontractor or agent is providing services), if not cured by Supplier within the time prescribed in the notice of such deficiency.
Personal Data, Confidentiality, Recording of Telephone Calls and Records 22.1. The Company may collect client information directly from the Client (in his completed Account Opening Application Form or otherwise) or from other persons including, for example, the credit reference agencies, fraud prevention agencies, banks, other financial institutions, third authentication service providers and the providers of public registers.
Passwords and Employee Access Provider shall secure usernames, passwords, and any other means of gaining access to the Services or to Student Data, at a level suggested by Article 4.3 of NIST 800-63-3. Provider shall only provide access to Student Data to employees or contractors that are performing the Services. Employees with access to Student Data shall have signed confidentiality agreements regarding said Student Data. All employees with access to Student Records shall pass criminal background checks.
Confidentiality and Safeguarding of University Records; Press Releases; Public Information Under this Agreement, Contractor may (1) create, (2) receive from or on behalf of University, or (3) have access to, records or record systems (collectively, University Records). Among other things, University Records may contain social security numbers, credit card numbers, or data protected or made confidential or sensitive by Applicable Laws. [Option (Include if University Records are subject to FERPA.): Additional mandatory confidentiality and security compliance requirements with respect to University Records subject to the Family Educational Rights and Privacy Act, 20 United States Code (USC) §1232g (FERPA) are addressed in Section 12.41.] [Option (Include if University is a HIPAA Covered Entity and University Records are subject to HIPAA.): Additional mandatory confidentiality and security compliance requirements with respect to University Records subject to the Health Insurance Portability and Accountability Act and 45 Code of Federal Regulations (CFR) Part 160 and subparts A and E of Part 164 (collectively, HIPAA) are addressed in Section 12.26.] Contractor represents, warrants, and agrees that it will: (1) hold University Records in strict confidence and will not use or disclose University Records except as (a) permitted or required by this Agreement, (b) required by Applicable Laws, or (c) otherwise authorized by University in writing; (2) safeguard University Records according to reasonable administrative, physical and technical standards (such as standards established by the National Institute of Standards and Technology and the Center for Internet Security [Option (Include if Section 12.39 related to Payment Card Industry Data Security Standards is not include in this Agreement.):, as well as the Payment Card Industry Data Security Standards]) that are no less rigorous than the standards by which Contractor protects its own confidential information; (3) continually monitor its operations and take any action necessary to assure that University Records are safeguarded and the confidentiality of University Records is maintained in accordance with all Applicable Laws and the terms of this Agreement; and (4) comply with University Rules regarding access to and use of University’s computer systems, including UTS165 at xxxx://xxx.xxxxxxxx.xxx/board-of-regents/policy-library/policies/uts165-information-resources-use-and-security-policy. At the request of University, Contractor agrees to provide University with a written summary of the procedures Contractor uses to safeguard and maintain the confidentiality of University Records.
Access to Information Systems Access, if any, to DXC’s Information Systems is granted solely to perform the Services under this Order, and is limited to those specific DXC Information Systems, time periods and personnel as are separately agreed to by DXC and Supplier from time to time. DXC may require Supplier’s employees, subcontractors or agents to sign individual agreements prior to access to DXC’s Information Systems. Use of DXC Information Systems during other time periods or by individuals not authorized by DXC is expressly prohibited. Access is subject to DXC business control and information protection policies, standards and guidelines as may be modified from time to time. Use of any other DXC Information Systems is expressly prohibited. This prohibition applies even when an DXC Information System that Supplier is authorized to access, serves as a gateway to other Information Systems outside Supplier’s scope of authorization. Supplier agrees to access Information Systems only from specific locations approved for access by DXC. For access outside of DXC premises, DXC will designate the specific network connections to be used to access Information Systems.
NYS OFFICE OF INFORMATION TECHNOLOGY SERVICES NOTIFICATION All New York State Agencies must notify the Office of Information Technology Services of any and all plans to procure IT and IT -related products, materials and services meeting required thresholds defined in Technology Policy NYS–P08-001: xxxxx://xxx.xx.xxx/sites/default/files/documents/NYS-P08-001.pdf, as may be amended, modified or superseded. SALES REPORTING REQUIREMENTS Contractor shall furnish OGS with quarterly sales reports utilizing Appendix I - Report of Contract Sales. Purchases by Non- State Agencies, political subdivisions and others authorized by law shall be reported in the same report and indicated as required. All fields of information shall be accurate and complete. OGS reserves the right to unilaterally make revisions, changes and/or updates to Appendix I - Report of Contract Sales or to require sales to be reported in a different format without processing a formal amendment and/or modification. Further, additional related sales information and/or detailed Authorized User purchases may be required by OGS and must be supplied upon request. Reseller Sales Product sold through Reseller(s) must be reported by Contractor in the required Appendix I – Report of Contract Sales. Due Date The Appendix I - Report of Contract Sales will be quarterly (January - March, April - June, July - September and October - December). Reports will be due 1 month after the closing quarter. SERVICE REPORTS FOR MAINTENANCE/SUPPORT AND WARRANTY WORK Service Reports for Authorized User An Authorized User in an RFQ may require compliance with any or all of this section. If requested by the Authorized User, the Contractor shall furnish the Authorized User with service reports for all Maintenance/support and warranty work upon completion of the services. The service reports may include the following information in either electronic or hard copy form as designated by the Authorized User: Date and time Contractor was notified Date and time of Contractor’s arrival Make and model of the Product Description of malfunction reported by Authorized User Diagnosis of failure and/or work performed by Contractor Date and time failure was corrected by Contractor Type of service – Maintenance/support or warranty Charges, if any, for the service Service Reports for OGS
INFORMATION OF LOCKHEED XXXXXX (a) Information provided by LOCKHEED XXXXXX to SELLER remains the property of LOCKHEED XXXXXX. XXXXXX agrees to comply with the terms of any proprietary information agreement with LOCKHEED XXXXXX and to comply with all proprietary information markings and restrictive legends applied by LOCKHEED XXXXXX to anything provided hereunder to SELLER. XXXXXX agrees not to use any LOCKHEED XXXXXX provided information for any purpose except to perform this Contract and agrees not to disclose such information to third parties without the prior written consent of LOCKHEED XXXXXX. SELLER shall maintain data protection processes and systems sufficient to adequately protect LOCKHEED XXXXXX provided information and comply with any law or regulation applicable to such information.
FOREIGN ACCESS TO TECHNOLOGY This Article shall remain in effect during the term of the Agreement and for (INSERT NUMBER OF YEARS) ( ) years thereafter.
Processing of Customer Personal Data 3.1 UKG will:
