Reporting of Disclosures The MCP agrees to promptly report to ODM any inappropriate use or disclosure of PHI not in accordance with this Agreement or applicable law, including a breach of unsecured PHI as required at 45 CFR 164.410 and any security incident the MCP has knowledge of or reasonably should have knowledge of under the circumstances.
Reporting of Unauthorized Disclosure The Contractor shall immediately report to the State any unauthorized disclosure of confidential information.
Confidentiality and Safeguarding of University Records; Press Releases; Public Information Under this Agreement, Contractor may (1) create, (2) receive from or on behalf of University, or (3) have access to, records or record systems (collectively, University Records). Among other things, University Records may contain social security numbers, credit card numbers, or data protected or made confidential or sensitive by Applicable Laws. [Option (Include if University Records are subject to FERPA.): Additional mandatory confidentiality and security compliance requirements with respect to University Records subject to the Family Educational Rights and Privacy Act, 20 United States Code (USC) §1232g (FERPA) are addressed in Section 12.41.] [Option (Include if University is a HIPAA Covered Entity and University Records are subject to HIPAA.): Additional mandatory confidentiality and security compliance requirements with respect to University Records subject to the Health Insurance Portability and Accountability Act and 45 Code of Federal Regulations (CFR) Part 160 and subparts A and E of Part 164 (collectively, HIPAA) are addressed in Section 12.26.] Contractor represents, warrants, and agrees that it will: (1) hold University Records in strict confidence and will not use or disclose University Records except as (a) permitted or required by this Agreement, (b) required by Applicable Laws, or (c) otherwise authorized by University in writing; (2) safeguard University Records according to reasonable administrative, physical and technical standards (such as standards established by the National Institute of Standards and Technology and the Center for Internet Security [Option (Include if Section 12.39 related to Payment Card Industry Data Security Standards is not include in this Agreement.):, as well as the Payment Card Industry Data Security Standards]) that are no less rigorous than the standards by which Contractor protects its own confidential information; (3) continually monitor its operations and take any action necessary to assure that University Records are safeguarded and the confidentiality of University Records is maintained in accordance with all Applicable Laws and the terms of this Agreement; and (4) comply with University Rules regarding access to and use of University’s computer systems, including UTS165 at xxxx://xxx.xxxxxxxx.xxx/board-of-regents/policy-library/policies/uts165-information-resources-use-and-security-policy. At the request of University, Contractor agrees to provide University with a written summary of the procedures Contractor uses to safeguard and maintain the confidentiality of University Records.
Accounting of Disclosures Business Associate shall document disclosures of PHI and all information related to such disclosures as would be required for Covered Entity to respond to a request by an Individual for an accounting of disclosures of PHI in accordance with 45 CFR § 164.528. Business Associate shall provide such information to Covered Entity or as directed by Covered Entity to an Individual, to permit Covered Entity to respond to an accounting request. Business Associate shall provide such information in the time and manner reasonably designated by Covered Entity. Within three (3) business days, Business Associate shall forward to Covered Entity for handling any accounting request that Business Associate directly receives from an Individual.
Data Disclosure Under Minnesota Statute § 270C.65, Subdivision 3 and other applicable law, the Contractor consents to disclosure of its social security number, federal employer tax identification number, and/or Minnesota tax identification number, already provided to the State, to federal and state agencies and state personnel involved in the payment of state obligations. These identification numbers may be used in the enforcement of federal and state laws which could result in action requiring the Contractor to file state tax returns, pay delinquent state tax liabilities, if any, or pay other state liabilities.
CONFIDENTIALITY/SAFEGUARDING OF INFORMATION The CONTRACTOR shall not use or disclose any information concerning the AGENCY, or information that may be classified as confidential, for any purpose not directly connected with the administration of this contract, except with prior written consent of the AGENCY, or as may be required by law.
Other Confidential Consumer Information Party agrees to comply with the requirements of AHS Rule No. 08-048 concerning access to and uses of personal information relating to any beneficiary or recipient of goods, services or other forms of support. Party further agrees to comply with any applicable Vermont State Statute and other regulations respecting the right to individual privacy. Party shall ensure that all of its employees, subcontractors and other service providers performing services under this agreement understand and preserve the sensitive, confidential and non-public nature of information to which they may have access.
Meaning of Confidential Information For the purposes of this Contract, the term “Confidential Information” means all information and documentation of a party that: (a) has been marked “confidential” or with words of similar meaning, at the time of disclosure by such party; (b) if disclosed orally or not marked “confidential” or with words of similar meaning, was subsequently summarized in writing by the disclosing party and marked “confidential” or with words of similar meaning; and, (c) should reasonably be recognized as confidential information of the disclosing party. The term “Confidential Information” does not include any information or documentation that was: (a) subject to disclosure under the Michigan Freedom of Information Act (FOIA); (b) already in the possession of the receiving party without an obligation of confidentiality; (c) developed independently by the receiving party, as demonstrated by the receiving party, without violating the disclosing party’s proprietary rights; (d) obtained from a source other than the disclosing party without an obligation of confidentiality; or, (e) publicly available when received, or thereafter became publicly available (other than through any unauthorized disclosure by, through, or on behalf of, the receiving party). For purposes of this Contract, in all cases and for all matters, State Data is deemed to be Confidential Information.
HANDLING OF CONFIDENTIAL INFORMATION The Company agrees to undertake the following in relation to IHiS’ Confidential Information: to maintain the same in confidence and to use it only for the Purpose and for no other purpose; not to make any commercial use thereof; not to use the same for the benefit of itself or of any third party other than pursuant to a further agreement with IHiS; not to use the same for the purpose of guiding or conducting a search of any information, materials or sources, whether or not available to the public, for any purpose whatsoever, including without limitation, for the purpose of demonstrating that any information falls within one of the exceptions in Clause 1.1(b); not to copy, reproduce, reverse engineer or reduce to writing any part thereof except as may be reasonably necessary for the Purpose and that any copies, reproductions or reductions to writing so made shall be the property of IHiS; not to disclose the Confidential Information whether to its employees or to third parties except in confidence to such of its Representatives who have been informed of the confidential nature thereof and who need to know the same for the Purpose and that: such Representatives are contractually obliged (whether by their contracts of employment or service, or otherwise) not to disclose the same or to use the same otherwise than for the Purpose; and the Company shall enforce such obligations at its expense, and to such extent as may be required by IHiS, in the event of a breach thereof that relates to IHiS' Confidential Information; to ensure the compliance to this NDA (including sub-clauses (a) to (f) above) on the part of its Representatives to whom Confidential Information is disclosed; and to apply to the Confidential Information no lesser security measures and degree of care than those which the Company applies to its own confidential or proprietary information of similar nature, but in no event less than reasonable care, and which the Company warrants as being adequate protection of such information from unauthorised disclosure, copying or use. The Company, as the principal party, shall be responsible and held liable for any breach of this NDA by any of its Representatives. If the Company is uncertain as to whether any information is Confidential Information, the Company shall treat the information as if it was Confidential Information, unless otherwise agreed by IHiS in writing. The Company shall immediately notify IHiS of any unauthorised disclosure or use of the Confidential Information of which the Company becomes aware and will take all steps which IHiS may require in relation to such unauthorised disclosure or use, or to prevent further unauthorised disclosure or use. Notwithstanding the foregoing, the Company shall be entitled to make any disclosure of the Confidential Information as required by law, but shall give IHiS not less than TWO (2) business days' notice of such disclosure and shall consult with IHiS prior to such disclosure with a view to avoiding such disclosure, if legally possible.
Access to Protected Information If BA maintains a designated record set on behalf of CE, BA shall make Protected Information maintained by BA or its agents or subcontractors in Designated Record Sets available to CE for inspection and copying within five (5) days of a request by CE to enable CE to fulfill its obligations under state law [Health and Safety Code Section 123110] and the Privacy Rule, including, but not limited to, 45 C.F.R. Section 164.524 [45 C.F.R. Section 164.504(e)(2)(ii)(E)]. If BA maintains Protected Information in electronic format, BA shall provide such information in electronic format as necessary to enable CE to fulfill its obligations under the HITECH Act and HIPAA Regulations, including, but not limited to, 42 U.S.C. Section 17935(e) and 45 C.F.R. Section 164.524.
