Additional Statutory and Regulatory Obligations. Vendor acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA and the terms of this Data Sharing and Confidentiality Agreement: (a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA). (b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor in fulfilling one or more of its obligations under the MLSA. (c) Not use education records for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality Agreement. (d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor using the information to carry out Vendor’s obligations under the MLSA, unless: (i) the parent or eligible student has provided prior written consent; or (ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order. (e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information in its custody; (f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ “Supplemental Information about the MLSA,” below. (g) Provide notification to Erie 1 BOCES (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein. (h) Promptly reimburse Erie 1 BOCES, another BOCES, or a Participating School District for the full cost of notification, in the event they are required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor or its subcontractors or assignees.
Appears in 94 contracts
Sources: Master License and Service Agreement, Master License and Services Agreement, Master License and Services Agreement
Additional Statutory and Regulatory Obligations. Vendor acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA Vendor AGREEMENT and the terms of this Data Sharing and Confidentiality Privacy Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor in fulfilling one or more of its obligations under the MLSAVendor AGREEMENT.
(c) Not use education records for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality Agreement.
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor using the information to carry out Vendor’s obligations under the MLSAVendor AGREEMENT, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information in its custody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ BOCES “Supplemental Information about the MLSAVendor AGREEMENT,” below.
(g) Provide notification to Erie 1 BOCES (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality Privacy Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCES, or a Participating School District for the full cost of notification, in the event they are required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor or its subcontractors or assignees.
Appears in 5 contracts
Sources: Data Privacy Agreement, Data Privacy Agreement, Data Privacy Agreement
Additional Statutory and Regulatory Obligations. Vendor acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA and the terms of this Data Sharing and Confidentiality Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor in fulfilling one or more of its obligations under the MLSA.
(c) Not use education records for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality Agreement.
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor using the information to carry out Vendor’s obligations under the MLSA, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information in its custody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ “Supplemental Information about the MLSA,” below.
(g) Provide notification to Erie 1 BOCES (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCESRIC, or a Participating School District for the full cost of notification, in the event they are required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor or its subcontractors or assignees.
Appears in 5 contracts
Sources: Data Sharing and Confidentiality Agreement, Data Sharing and Confidentiality Agreement, Data Sharing and Confidentiality Agreement
Additional Statutory and Regulatory Obligations. Vendor acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA and the terms of this Data Sharing and Confidentiality Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor in fulfilling one or more of its obligations under the MLSA.
(c) Not use education records for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality Agreement.
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor using the information to carry out Vendor’s obligations under the MLSA, unless:
(i) the applicable Participating Education Agency has directed and/or authorized Vendor to do so in writing; or
(ii) the parent or eligible student has provided prior written consent; or
(iiiii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information in its custody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ “Supplemental Information about the MLSA,” below.
(g) Provide notification to Erie 1 BOCES (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCES, or a Participating School District Educational Agency for the full cost of notification, in the event they are required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor or its subcontractors or assignees.
Appears in 3 contracts
Sources: Master License and Service Agreement, Data Sharing and Confidentiality Agreement, Data Sharing and Confidentiality Agreement
Additional Statutory and Regulatory Obligations. Vendor LINCOLN LIBRARY PRESS acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA AGREEMENT and the terms of this Data Sharing and Confidentiality Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor LINCOLN LIBRARY PRESS in fulfilling one or more of its obligations under the MLSAAGREEMENT.
(c) Not use education records for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality Agreement.
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor LINCOLN LIBRARY PRESS using the information to carry out VendorLINCOLN LIBRARY PRESS’s obligations under the MLSAAGREEMENT, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information in its custody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ BOCES “Supplemental Information about the MLSAAGREEMENT,” below.
(g) Provide notification to Erie 1 BOCES (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor LINCOLN LIBRARY PRESS or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCES, or a Participating School District for the full cost of notification, in the event they are required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor LINCOLN LIBRARY PRESS or its subcontractors or assignees.
Appears in 3 contracts
Sources: Master License and Service Agreement, Data Sharing and Confidentiality Agreement, Data Sharing and Confidentiality Agreement
Additional Statutory and Regulatory Obligations. Vendor ▇▇▇▇▇▇▇ acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA ▇▇▇▇▇▇▇ AGREEMENT and the terms of this Data Sharing and Confidentiality Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor ▇▇▇▇▇▇▇ in fulfilling one or more of its obligations under the MLSA▇▇▇▇▇▇▇ AGREEMENT.
(c) Not use education records for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality Agreement.
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor ▇▇▇▇▇▇▇ using the information to carry out Vendor’s ▇▇▇▇▇▇▇’▇ obligations under the MLSA▇▇▇▇▇▇▇ AGREEMENT, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information in its custody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ BOCES “Supplemental Information about the MLSA▇▇▇▇▇▇▇ AGREEMENT,” below.
(g) Provide notification to Erie 1 BOCES (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor ▇▇▇▇▇▇▇ or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCES, or a Participating School District for the full cost of notification, in the event they are required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor ▇▇▇▇▇▇▇ or its subcontractors or assignees.
Appears in 3 contracts
Sources: Data Privacy Agreement, Data Sharing and Confidentiality Agreement, Data Privacy Agreement
Additional Statutory and Regulatory Obligations. Vendor Swank Motion Pictures Inc. acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA Swank Motion Pictures Inc. AGREEMENT and the terms of this Data Sharing and Confidentiality Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor Swank Motion Pictures Inc. in fulfilling one or more of its obligations under the MLSASwank Motion Pictures Inc. AGREEMENT.
(c) Not use education records for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality Agreement.
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor Swank Motion Pictures Inc. using the information to carry out VendorSwank Motion Pictures Inc.’s obligations under the MLSASwank Motion Pictures Inc. AGREEMENT, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information in its custody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ BOCES “Supplemental Information about the MLSASwank Motion Pictures Inc. AGREEMENT,” below.
(g) Provide notification to Erie 1 BOCES (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor Swank Motion Pictures Inc. or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCES, or a Participating School District for the full cost of notification, in the event they are required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor Swank Motion Pictures Inc. or its subcontractors or assignees.
Appears in 2 contracts
Additional Statutory and Regulatory Obligations. Vendor COMPANY acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA AGREEMENT and the terms of this Data Sharing and Confidentiality Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor COMPANY in fulfilling one or more of its obligations under the MLSAAGREEMENT.
(c) Not use education records for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality Agreement.
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor COMPANY using the information to carry out VendorCOMPANY’s obligations under the MLSAAGREEMENT, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information in its custody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ ▇▇▇▇▇▇▇▇ CSD “Supplemental Information about the MLSAAGREEMENT,” below.
(g) Provide notification to Erie 1 BOCES (and Participating Educational Agencies, to the extent required by, ▇▇▇▇▇▇▇▇ CSD and in accordance with, Section 6 of this Data Sharing and Confidentiality Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor COMPANY or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCES, or a Participating School District ▇▇▇▇▇▇▇▇ CSD for the full cost of notification, in the event they are required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor COMPANY or its subcontractors or assignees.
Appears in 2 contracts
Sources: Data Sharing and Confidentiality Agreement, Data Sharing and Confidentiality Agreement
Additional Statutory and Regulatory Obligations. Vendor acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA Vendor AGREEMENT and the terms of this Data Sharing and Confidentiality Privacy Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor in fulfilling one or more of its obligations under the MLSAVendor AGREEMENT.
(c) Not use education records for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality Agreement.
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor using the information to carry out Vendor’s obligations under the MLSAVendor AGREEMENT, unless:
(i) the parent or eligible student has provided prior written consent; or;
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order; or
(iii) the disclosure is made to law enforcement where Vendor has a good faith belief that it is necessary to prevent or address illegal activity, or safety including, without limitation, death or imminent bodily harm.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information in its custody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ BOCES “Supplemental Information about the MLSAVendor AGREEMENT,” below.
(g) Provide notification to Erie 1 BOCES (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality Privacy Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCES, or a Participating School District for the full cost of notification, to the extent covered by Vendor’s cyber insurance policy, in the event they are required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor or its subcontractors or assigneesVendor.
Appears in 2 contracts
Sources: Data Privacy Agreement, Data Privacy Agreement
Additional Statutory and Regulatory Obligations. Vendor acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational AgenciesErie 1 BOCES, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA and the terms of this Data Sharing and Confidentiality DSC Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor in fulfilling one or more of its obligations under the MLSAContract.
(c) Not use education records Protected Data for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality DSC Agreement.
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor using the information to carry out Vendor’s obligations under the MLSAContract, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency Erie 1 BOCES no later than the time of disclosure, disclosure unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information Protected Data in its custody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ the “Supplemental Information about the MLSAa Contract between Vendor and Erie 1 BOCES,” below.
(g) Provide notification to Erie 1 BOCES (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCES, or a Participating School District BOCES for the full cost of notification, in the event they are it is required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor or its subcontractors or assignees.
Appears in 2 contracts
Sources: Data Sharing and Confidentiality Agreement, Data Sharing and Confidentiality Agreement
Additional Statutory and Regulatory Obligations. Vendor KIDS DISCOVER acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA AGREEMENT and the terms of this Data Sharing and Confidentiality Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor KIDS DISCOVER in fulfilling one or more of its obligations under the MLSAAGREEMENT.
(c) Not use education records for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality Agreement.
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor KIDS DISCOVER using the information to carry out VendorKIDS DISCOVER’s obligations under the MLSAAGREEMENT, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information in its custody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ BOCES “Supplemental Information about the MLSAAGREEMENT,” below.
(g) Provide notification to Erie 1 BOCES (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 B of this Data Sharing and Confidentiality Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor KIDS DISCOVER or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCES, or a Participating School District for the full cost of notification, in the event they are required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor KIDS DISCOVER or its subcontractors or assignees.
Appears in 2 contracts
Sources: Data Sharing and Confidentiality Agreement, Data Sharing and Confidentiality Agreement
Additional Statutory and Regulatory Obligations. Vendor acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA and the terms of this Data Sharing and Confidentiality Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor in fulfilling one or more of its obligations under the MLSA.
(c) Not use education records for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality Agreement.
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor using the information to carry out Vendor’s obligations under the MLSA, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information in its custody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ “Supplemental Information about the MLSA,” below.
(g) Provide notification to Erie 1 BOCES (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCES, or a Participating School District for the full cost of notification, in the event they are required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor or its subcontractors or assignees.
Appears in 2 contracts
Sources: Data Sharing and Confidentiality Agreement, Data Sharing and Confidentiality Agreement
Additional Statutory and Regulatory Obligations. Vendor acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA and the terms of this Data Sharing and Confidentiality Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor in fulfilling one or more of its obligations under the MLSA.
(c) Not use education records for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality Agreement. For the avoidance of doubt, Vendor may use Deidentified Data as outlined in the attached Privacy Notice and as allowable by FERPA.
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor using the information to carry out Vendor’s obligations under the MLSA, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information in its custody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ “Supplemental Information about the MLSA,” below.
(g) Provide notification to Erie 1 BOCES (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCES, or a Participating School District for the full cost of notification, in the event they are required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor or its subcontractors or assignees.
Appears in 2 contracts
Sources: Data Sharing and Confidentiality Agreement, Data Sharing and Confidentiality Agreement
Additional Statutory and Regulatory Obligations. Vendor acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA and the terms of this Data Sharing and Confidentiality DSC Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor in fulfilling one or more of its obligations under the MLSAresulting from Erie 1 BOCES’ purchase of its Product.
(c) Not use education records Protected Data for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality DSC Agreement.
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor using the information to carry out Vendor’s obligations to Erie 1 BOCES and/or to its Participating Agencies under the MLSAthis DSC Agreement, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, disclosure unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information Protected Data in its custody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ the “Supplemental Information about the MLSAa DSC Agreement between Vendor and Erie 1 BOCES,” below.
(g) Provide notification to Erie 1 BOCES (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality DSC Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCES, BOCES or a Participating School District for the full cost of notification, in the event they are required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor or its subcontractors or assignees.
Appears in 1 contract
Additional Statutory and Regulatory Obligations. Vendor acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA and the terms of this Data Sharing and Confidentiality Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Educa- tional Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor in fulfilling one or more of its obligations under the MLSA.
(c) Not use education records for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality Agreement.
(d) Not disclose any personally identifiable information to any other party, except for authorized author- ized representatives of Vendor using the information to carry out Vendor’s obligations under un- der the MLSA, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the securityse- curity, confidentiality, and integrity of personally identifiable student information in its custodycus- tody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ “Supplemental Information about the MLSA,” below.
(g) Provide notification to Erie 1 BOCES (and Participating Educational Agencies, to the extent ex- tent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCES, or a Participating School District for the full cost of notification, in the event they are required under Section 2-d to notify affected af- fected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor or its subcontractors or assignees.
Appears in 1 contract
Additional Statutory and Regulatory Obligations. Vendor acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA and the terms of this Data Sharing and Confidentiality Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor in fulfilling one or more of its obligations under the MLSA.
(c) Not use education records for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality Agreement.
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor using the information to carry out Vendor’s obligations under the MLSA, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information in its custody;; DocuSign Envelope ID: D775A58B-8273-40AA-B979-BD2F8E905109
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ “Supplemental Information about the MLSA,” below.
(g) Provide notification to Erie 1 BOCES (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCES, or a Participating School District for the full cost of notification, in the event they are required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor or its subcontractors or assignees.
Appears in 1 contract
Additional Statutory and Regulatory Obligations. Vendor MINDEX acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA AGREEMENT and the terms of this Data Sharing and Confidentiality Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor MINDEX in fulfilling one or more of its obligations under the MLSAAGREEMENT.
(c) Not use education records Protected Data for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality Agreement.
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor MINDEX using the information to carry out VendorMINDEX’s obligations under the MLSAAGREEMENT, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information Protected Data in its custody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ BOCES “Supplemental Information about the MLSAAGREEMENT,” below.
(g) Provide notification to Erie 1 BOCES (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor MINDEX or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCES, or a Participating School District for the full cost of notification, in the event they are required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor MINDEX or its subcontractors or assignees.
Appears in 1 contract
Sources: Master Services Agreement
Additional Statutory and Regulatory Obligations. Vendor acknowledges that it has the following additional obligations under Section 2-d with respect to any Protected Data received from Participating Educational Agenciesthe District, and that any failure to fulfill one or more of these statutory or regulatory obligations shall will be deemed a breach of the MLSA Master Agreement and the terms of this Data Sharing and Confidentiality Agreement:
(a) Limit To limit internal access to education records Protected Data to only those individuals employees or subcontractors that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that ; i.e., they need access in order to assist Vendor in fulfilling one or more of its obligations to the District under the MLSAMaster Agreement.
(cb) Not To not use education records Protected Data for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality AgreementAgreement and the Master Agreement to which this Exhibit is attached with the understanding that the Vendor also retains aggregate, deidentified, anonymized information for improvement, research, and development purposes.
(dc) Not To not disclose any personally identifiable information Protected Data to any other party, except for authorized representatives of Vendor using the information to carry out Vendor’s obligations under to the MLSADistrict and in compliance with state and federal law, regulations and the terms of the Master Agreement, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency the District no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order.
(ed) Maintain To maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information Protected Data in its custody;.
(e) To use encryption technology to protect Protected Data in its custody while in motion or at rest, using a technology or methodology specified by the Secretary of the U.S. Department of Health and Human Services in guidance issued under Section 13402(H)(2) of Public Law 111-5.
(f) Use encryption technology To adopt technologies, safeguards and practices that complies align with Section 2-d, as more fully set forth in Erie 1 BOCES’ “Supplemental Information about the MLSA,” belowNIST Cybersecurity Framework.
(g) Provide notification To comply with the District’s policy on data security and privacy, Section 2-d and Part 121.
(h) To not sell Protected Data nor use or disclose it for any marketing or commercial purpose or facilitate its use or disclosure by any other party for any marketing or commercial purpose or permit another party to Erie 1 BOCES do so.
(and Participating Educational Agenciesi) To notify the District, to the extent required by, and in accordance with, with the provisions of Section 6 5 of this Data Sharing and Confidentiality Agreement) , of any confirmed breach of security resulting in an unauthorized release of Protected Data by Vendor or its assignees or subcontractors in violation of applicable state or federal law law, the District’s Bill of Rights for Data Security and Privacy, the District’s policies on data security and privacy, or other binding obligations relating to data privacy and security contained hereinin the Master Agreement and this Exhibit.
(hj) Promptly To cooperate with the District and law enforcement to protect the integrity of investigations into the breach or unauthorized release of Protected Data.
(k) To pay for or promptly reimburse Erie 1 BOCES, another BOCES, or a Participating School the District for the full cost of notification, in the event they are the District is required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor or its subcontractors or assignees. The Washington-Saratoga-▇▇▇▇▇▇-▇▇▇▇▇▇▇▇-Essex BOCES is committed to protecting the privacy and security of student data and teacher and principal data. In accordance with New York Education Law Section 2-d and its implementing regulations, the District informs the school community of the following: Parents (including legal guardians or persons in parental relationships) and Eligible Students (students 18 years and older) can expect the following:
1. A student’s personally identifiable information (PII) cannot be sold or released for any commercial purpose. PII, as defined by Education Law § 2-d and FERPA, includes direct identifiers such as a student’s name or identification number, parent’s name, or address; and indirect identifiers such as a student’s date of birth, which when linked to or combined with other information can be used to distinguish or trace a student’s identity. Please see FERPA’s regulations at 34 CFR 99.3 for a more complete definition.
2. The right to inspect and review the complete contents of the student’s education record stored or maintained by an educational agency. This right may not apply to parents of an Eligible Student.
3. State and federal laws such as Education Law § 2-d; the Commissioner of Education’s Regulations at 8 NYCRR Part 121, the Family Educational Rights and Privacy Act ("FERPA") at 12 U.S.C. 1232g (34 CFR Part 99); Children's Online Privacy Protection Act ("COPPA") at 15 U.S.C. 6501-6502 (16 CFR Part 312); Protection of Pupil Rights Amendment ("PPRA") at 20 U.S.C. 1232h (34 CFR Part 98); the Individuals with Disabilities Education Act (“IDEA”) at 20 U.S.C. 1400 et seq. (34 CFR Part 300); protect the confidentiality of a student’s identifiable information.
4. Safeguards associated with industry standards and best practices including but not limited to encryption, firewalls and password protection must be in place when student PII is stored or transferred.
5. A complete list of all student data elements collected by NYSED is available for public review at ▇▇▇.▇▇▇▇▇.▇▇▇/▇▇▇▇-▇▇▇▇▇▇▇-▇▇▇▇▇▇▇▇, and by writing to the Chief Privacy Officer, New York State Education Department, ▇▇ ▇▇▇▇▇▇▇▇▇▇ ▇▇▇▇▇▇, ▇▇▇▇▇▇, ▇▇▇ ▇▇▇▇ ▇▇▇▇▇.
6. The right to have complaints about possible breaches and unauthorized disclosures of student data addressed. ○ Contact WSWHE BOCES Data Protection Officer: ▇▇▇▇▇▇ ▇▇▇▇▇▇▇▇▇-▇▇▇▇▇▇, Director for Data Privacy & Professional Learning, by email: ▇▇▇▇▇▇▇▇▇▇-▇▇▇▇▇▇@▇▇▇▇▇▇▇▇▇▇.▇▇▇, or by phone: ▇▇▇-▇▇▇-▇▇▇▇. Complaints should be submitted in writing using the form that is available on the BOCES website and in the BOCES offices. ○ Complaints may also be submitted to NYSED online at ▇▇▇.▇▇▇▇▇.▇▇▇/▇▇▇▇-▇▇▇▇▇▇▇-▇▇▇▇▇▇▇▇, by mail to: Chief Privacy Officer, New York State Education Department, ▇▇ ▇▇▇▇▇▇▇▇▇▇ ▇▇▇▇▇▇, ▇▇▇▇▇▇, ▇▇▇ ▇▇▇▇ ▇▇▇▇▇, by email to ▇▇▇▇▇▇▇@▇▇▇▇▇.▇▇▇, or by telephone at ▇▇▇-▇▇▇-▇▇▇▇.
Appears in 1 contract
Additional Statutory and Regulatory Obligations. Vendor acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA and the terms of this Data Sharing and Confidentiality Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor in fulfilling one or more of its obligations under the MLSA.
(c) Not use education records for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality Agreement.
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor using the information to carry out Vendor’s obligations under the MLSA, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to the Participating Educational Agency no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information in its custody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ “Supplemental Information about the MLSA,” below.
(g) Provide notification to Erie 1 BOCES (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCES, or a Participating School District for the full cost of notification, in the event they are required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor or its subcontractors or assignees.
Appears in 1 contract
Additional Statutory and Regulatory Obligations. Vendor acknowledges that it has the following additional obligations under Section 2-d with respect to any Protected Data received from Participating Educational Agenciesthe District, and that any failure to fulfill one or more of these statutory or regulatory obligations shall will be deemed a breach of the MLSA Master Agreement and the terms of this Data Sharing and Confidentiality Agreement:
(a) Limit To limit internal access to education records Protected Data to only those individuals employees or subcontractors that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that ; i.e., they need access in order to assist Vendor in fulfilling one or more of its obligations to the District under the MLSAMaster Agreement.
(cb) Not To not use education records Protected Data for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality AgreementAgreement and the Master Agreement to which this Exhibit is attached with the understanding that the Vendor also retains aggregate, deidentified, anonymized information for improvement, research, and development purposes.
(dc) Not To not disclose any personally identifiable information Protected Data to any other party, except for authorized representatives of Vendor using the information to carry out Vendor’s obligations under to the MLSADistrict and in compliance with state and federal law, regulations and the terms of the Master Agreement, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency the District no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order.
(ed) Maintain To maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information Protected Data in its custody;.
(e) To use encryption technology to protect Protected Data in its custody while in motion or at rest, using a technology or methodology specified by the Secretary of the U.S. Department of Health and Human Services in guidance issued under Section 13402(H)(2) of Public Law 111-5.
(f) Use encryption technology To adopt technologies, safeguards and practices that complies align with Section 2-d, as more fully set forth in Erie 1 BOCES’ “Supplemental Information about the MLSA,” belowNIST Cybersecurity Framework.
(g) Provide notification To comply with the District’s policy on data security and privacy, Section 2- d and Part 121.
(h) To not sell Protected Data nor use or disclose it for any marketing or commercial purpose or facilitate its use or disclosure by any other party for any marketing or commercial purpose or permit another party to Erie 1 BOCES do so.
(and Participating Educational Agenciesi) To notify the District, to the extent required by, and in accordance with, with the provisions of Section 6 5 of this Data Sharing and Confidentiality Agreement) , of any confirmed breach of security resulting in an unauthorized release of Protected Data by Vendor or its assignees or subcontractors in violation of applicable state or federal law law, the District’s Bill of Rights for Data Security and Privacy, the District’s policies on data security and privacy, or other binding obligations relating to data privacy and security contained hereinin the Master Agreement and this Exhibit.
(hj) Promptly To cooperate with the District and law enforcement to protect the integrity of investigations into the breach or unauthorized release of Protected Data.
(k) To pay for or promptly reimburse Erie 1 BOCES, another BOCES, or a Participating School the District for the full reasonable cost of legally required notification, in the event they are the District is required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data if such breach or unauthorized release is directly attributed to any breach by Vendor or its subcontractors or assigneesassignees of this Agreement. The Arlington Central School District is committed to protecting the privacy and security of student data, as well as teacher and principal data. In accordance with New York Education Law Section 2-d and its implementing regulations, the District informs the school community of the following:
1) A student's personally identifiable information cannot be sold or released for any commercial purposes.
2) Parents have the right to inspect and review the complete contents of their child's education record.
3) State and federal laws protect the confidentiality of personally identifiable information, and safeguards associated with industry standards and best practices, including but not limited to encryption, firewalls, and password protection, must be in place when data is stored or transferred.
4) A complete list of all student data elements collected by New York State is available electronically: Student Data Inventory. A request for the Student Data Inventory can also be made in writing to the Office of Information and Reporting Services, New York State Education Department, Room 865 EBA, ▇▇ ▇▇▇▇▇▇▇▇▇▇ ▇▇▇▇▇▇, ▇▇▇▇▇▇, ▇▇▇ ▇▇▇▇ ▇▇▇▇▇.
5) Parents have the right to have complaints about possible breaches of student data addressed. Complaints should be directed in writing as follows: ▇▇. ▇▇▇▇▇▇▇ ▇▇▇▇▇▇▇▇▇▇ Data Privacy Officer Arlington Central School District ▇▇▇ ▇▇▇▇ ▇▇▇▇ Road LaGrangeville,NY 12540 or via email at ▇▇▇▇▇▇▇▇▇▇▇@▇▇▇▇▇▇.▇▇▇ or to Privacy Complaint, Chief Privacy Officer New York State Education Department ▇▇ ▇▇▇▇▇▇▇▇▇▇ ▇▇▇▇▇▇, ▇▇▇▇▇▇, ▇▇▇ ▇▇▇▇ ▇▇▇▇▇ Complaints may also be submitted using the Report an Improper Disclosure Form.
6) To be notified in accordance with applicable laws and regulations if a breach or unauthorized release of their student’s PII occurs.
7) Educational agency workers that handle PII will receive training on applicable state and federal laws, the educational agency’s policies, and safeguards associated with industry standards and best practices that protect PII.
8) Educational agency contracts with vendors that receive PII will address statutory and regulatory data privacy and security requirements.
Appears in 1 contract
Additional Statutory and Regulatory Obligations. Vendor PROQUEST acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA AGREEMENT and the terms of this Data Sharing and Confidentiality Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor PROQUEST in fulfilling one or more of its obligations under the MLSAAGREEMENT.
(c) Not use education records for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality Agreement.
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor PROQUEST using the information to carry out VendorPROQUEST’s obligations under the MLSAAGREEMENT, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information in its custody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ BOCES “Supplemental Information about the MLSAAGREEMENT,” below.
(g) Provide notification to Erie 1 BOCES (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor PROQUEST or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCES, or a Participating School District for the full cost of notification, in the event they are required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor material breach of agreement by PROQUEST or its subcontractors or assignees.
Appears in 1 contract
Additional Statutory and Regulatory Obligations. Vendor BRAINPOP LLC acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA AGREEMENT and the terms of this Data Sharing and Confidentiality Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor BRAINPOP LLC in fulfilling one or more of its obligations under the MLSAAGREEMENT.
(c) Not use education records for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality Agreement.
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives or subcontractors of Vendor BRAINPOP LLC using the information to carry out VendorBRAINPOP LLC’s obligations under the MLSAAGREEMENT, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information in its custody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ BOCES “Supplemental Information about the MLSAAGREEMENT,” below.
(g) Provide notification to Erie 1 BOCES (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor BRAINPOP LLC or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCES, or a Participating School District for the full cost of notification, in the event they are required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor BRAINPOP LLC or its subcontractors or assignees.
Appears in 1 contract
Additional Statutory and Regulatory Obligations. Vendor acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA Contract and the terms of this Data Sharing and Confidentiality DSC Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor in fulfilling one or more of its obligations under the MLSAContract.
(c) Not use education records Protected Data for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality DSC Agreement.
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor using the information to carry out Vendor’s obligations under the MLSAContract, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, disclosure unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information Protected Data in its custody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ the “Supplemental Information about the MLSAa Contract between Vendor and Erie 1 BOCES,” below.
(g) Provide notification to Erie 1 BOCES (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality DSC Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCES, BOCES or a Participating School District for the full cost of notification, in the event they are required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor or its subcontractors or assignees.
Appears in 1 contract
Additional Statutory and Regulatory Obligations. Vendor acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any material failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA and the terms of this Data Sharing and Confidentiality Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor in fulfilling one or more of its obligations under the MLSA.
(c) Not use education records for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality Agreement. Vendor may use de-identified information (which refers to personally identifiable information that has been removed or obscured from student records in a way that minimizes the risk of disclosure of the identity of the individual and information about them) for evaluation, research and development of educational products and services. For the purposes of this the use described herein 5(c), Vendor will not be able to reidentify the data.
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor using the information to carry out Vendor’s obligations under the MLSA, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information in its custody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ “Supplemental Information about the MLSA,” below.
(g) Provide notification to Erie 1 BOCES (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor or its assignees or subcontractors in violation of state or federal law or other material obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCES, or a Participating School District for the full cost of notification, in the event they are required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor or its subcontractors or assignees.
Appears in 1 contract
Additional Statutory and Regulatory Obligations. Vendor acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA and the terms of this Data Sharing and Confidentiality Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor in fulfilling one or more of its obligations under the MLSA.
(c) Not use education records for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality Agreement.
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor using the information to carry out Vendor’s obligations under the MLSA, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information in its custody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ BOCES “Supplemental Information about the MLSA,” below.
(g) Provide notification to Erie 1 BOCES (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCES, or a Participating School District for the full cost of notification, in the event they are required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor or its subcontractors or assignees.
Appears in 1 contract
Additional Statutory and Regulatory Obligations. Vendor acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA Vendor AGREEMENT and the terms of this Data Sharing and Confidentiality Privacy Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d 2d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor in fulfilling one or more of its obligations under the MLSAVendor AGREEMENT.
(c) Not use education records for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality Agreement.
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor using the information to carry out Vendor’s obligations under the MLSAVendor AGREEMENT, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information in its custody;
(f) Use encryption technology that complies with Section 2-d2d, as more fully set forth in Erie 1 BOCES’ BOCES “Supplemental Information about the MLSAVendor AGREEMENT,” below.
(g) Provide notification to Erie 1 BOCES (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality Privacy Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCES, or a Participating School District for the full cost of notification, in the event they are required under Section 2-d 2d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor or its subcontractors or assignees.
Appears in 1 contract
Sources: Data Privacy Agreement
Additional Statutory and Regulatory Obligations. DocuSign Envelope ID: 8AEE851D-50B6-4627-A53A-04C13063DCE9 Vendor acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA and the terms of this Data Sharing and Confidentiality Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor in fulfilling one or more of its obligations under the MLSA.
(c) Not use education records for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality Agreement.
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor using the information to carry out Vendor’s obligations under the MLSA, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information in its custody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ “Supplemental Information about the MLSA,” below.
(g) Provide notification to Erie 1 BOCES (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCES, or a Participating School District for the full cost of notification, in the event they are required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor or its subcontractors or assignees.
Appears in 1 contract
Additional Statutory and Regulatory Obligations. Vendor LEARNING A-Z acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA AGREEMENT and the terms of this Data Sharing and Confidentiality Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor LEARNING A-Z in fulfilling one or more of its obligations under the MLSAAGREEMENT.
(c) Not use education records for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality Agreement.
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor LEARNING A-Z using the information to carry out VendorLEARNING A-Z’s obligations under the MLSAAGREEMENT, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information in its custody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ BOCES “Supplemental Information about the MLSAAGREEMENT,” below.
(g) Provide notification to Erie 1 BOCES (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 A of this Data Sharing and Confidentiality Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor LEARNING A-Z or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCES, or a Participating School District for the full cost of notification, in the event they are required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor LEARNING A-Z or its subcontractors or assignees.
Appears in 1 contract
Additional Statutory and Regulatory Obligations. Vendor acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA and the terms of this Data Sharing and Confidentiality Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor in fulfilling one or more of its obligations under the MLSA.
(c) Not use education records for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality Agreement.
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor using the information to carry out Vendor’s 's obligations under the MLSA, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information in its custody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ “' "Supplemental Information about the MLSA,” " below.
(g) Provide notification to Erie 1 BOCES (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained contained. herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCES, or a Participating School District for the full cost of notification, in the event they are required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor or its subcontractors or assignees.
Appears in 1 contract
Additional Statutory and Regulatory Obligations. Vendor DESMOS acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA DESMOS AGREEMENT and the terms of this Data Sharing and Confidentiality Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor DESMOS in fulfilling one or more of its obligations under the MLSADESMOS AGREEMENT.
(c) Not use education records for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality Agreement.
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor DESMOS using the information to carry out Vendor’s DESMOS’ obligations under the MLSADESMOS AGREEMENT, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information in its custody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ BOCES “Supplemental Information about the MLSADesmos AGREEMENT,” below.
(g) Provide notification to Erie 1 BOCES The Green Island Union Free School District (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor DESMOS or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCES, or a Participating Green Island Union Free School District for the full cost of notification, in the event they are required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor DESMOS or its subcontractors or assignees.
Appears in 1 contract
Additional Statutory and Regulatory Obligations. Vendor acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA Agreement and the terms of this Data Sharing and Confidentiality AgreementAmendment:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor in fulfilling one or more of its obligations under the MLSAAgreement.
(c) Not use education records for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality AgreementAmendment.
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor using the information to carry out Vendor’s obligations under the MLSAAgreement, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information in its custody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ “Supplemental Information about the MLSA,” below.
(g) Provide notification to Erie 1 BOCES (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality AgreementAmendment) of any breach of security resulting in an unauthorized release of Protected Data by Vendor or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCES, or a Participating School District for the full cost of notification, in the event they are required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor or its subcontractors or assignees.
Appears in 1 contract
Additional Statutory and Regulatory Obligations. Vendor acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA and the terms of this Data Sharing and Confidentiality Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor in fulfilling one or more of its obligations under the MLSA.
(c) Not use education records for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality Agreement.
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor using the information to carry out Vendor’s obligations under the MLSA, unless:
(i) the parent or eligible student has provided prior written consent; oror DocuSign Envelope ID: 1EB45D86-3E6A-478D-84B2-7462BE67C97F
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information in its custody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ “Supplemental Information about the MLSA,” below.
(g) Provide notification to Erie 1 BOCES (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCESRIC, or a Participating School District for the full reasonable cost of notification, in the event they are required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor or its subcontractors or assignees.
Appears in 1 contract
Additional Statutory and Regulatory Obligations. Vendor acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be considered a breach including a breach of the MLSA and the terms of this Data Sharing and Confidentiality Agreement:
(a) Limit internal access to education records Protected Data to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor in fulfilling one or more of its obligations under the MLSAthese bid documents.
(c) Not use education records Protected Data for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality Agreement.
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor using the information to carry out Vendor’s obligations under the MLSAobligations, unless:
(i) i. the parent or eligible student has provided prior written consent; or
(ii) . the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information in its custody;
(f) Use encryption technology that complies with to protect data while in motion or in its custody from unauthorized disclosure using a technology or methodology specified by the secretary of the U S. Department of HHS in guidance issued under P.L. 111-5, Section 2-d, as more fully set forth in Erie 1 BOCES’ “Supplemental Information about the MLSA,” below.13402(H)(2);
(g) Provide notification to Erie 1 Onondaga-Cortland-Madison (OCM) BOCES (and Participating Educational Agencies), to the extent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor or its assignees or subcontractors in violation of state or federal law law, or other of contractual obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCES, or a Participating School District for the full cost of notificationsecurity, in the event they are required under Section 2-d to notify affected parentsmost expedient way possible and without unreasonable delay, students, teachers or principals of but not more than seven (7) calendar days after
h) Where a breach or unauthorized release of Protected Data attributed is attributable to Vendor, Vendor will pay or its subcontractors reimburse OCM BOCES and/or any Participating Educational Agencies for the full cost of any notifications OCM BOCES and/or such other Participating Educational Agencies is/are required to make by applicable law, rule, or assigneesregulation; and
i. Vendor will cooperate with OCM BOCES, any Participating Educational Agency, and law enforcement to protect the integrity of investigations into the breach or unauthorized release of Protected Data.
Appears in 1 contract
Additional Statutory and Regulatory Obligations. Vendor acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA Contract and the terms of this Data Sharing and Confidentiality DSC Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor in fulfilling one or more of its obligations under the MLSAContract.
(c) Not use education records Protected Data for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality DSC Agreement.
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor using the information to carry out Vendor’s obligations under the MLSAContract, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, disclosure unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information Protected Data in its custody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ the “Supplemental Information about the MLSAa Contract between Vendor and CLIENT,” below.
(g) Provide notification to Erie 1 BOCES CLIENT (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality DSC Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCES, CLIENT or a Participating School District for the full cost of notification, in the event they are required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor or its subcontractors or assignees.
Appears in 1 contract
Additional Statutory and Regulatory Obligations. Vendor acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA RFP and the terms of this Data Sharing and Confidentiality Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor in fulfilling one or more of its obligations under the MLSARFP.
(c) Not use education records for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality Agreement.
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor using the information to carry out Vendor’s obligations under the MLSARFP, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information in its custody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ “Supplemental Information about the MLSARFP,” below.
(g) Provide notification to Erie 1 BOCES (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCES, or a Participating School District for the full cost of notification, in the event they are required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor or its subcontractors or assignees.
Appears in 1 contract
Sources: Master License and Service Agreement
Additional Statutory and Regulatory Obligations. Vendor acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA and the terms of this Data Sharing and Confidentiality Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor in fulfilling one or more of its obligations under the MLSA.
(c) Not use education records for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality Agreement.
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor using the information to carry out Vendor’s 's obligations under the MLSA, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information in its custody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ “' "Supplemental Information about the MLSA,” " below.
(g) Provide notification to Erie 1 BOCES (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCES, or a Participating School District for the full cost of notification, in the event they are required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor or its subcontractors or assignees.
Appears in 1 contract
Additional Statutory and Regulatory Obligations. Vendor ALLDATA acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA AGREEMENT and the terms of this Data Sharing and Confidentiality Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor ALLDATA in fulfilling one or more of its obligations under the MLSAAGREEMENT.
(c) Not use education records for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality Agreement.
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor ALLDATA using the information to carry out VendorALLDATA’s obligations under the MLSAAGREEMENT, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information in its custody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ BOCES “Supplemental Information about the MLSAAGREEMENT,” below.
(g) Provide notification to Erie 1 BOCES (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor ALLDATA or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCES, or a Participating School District for the full cost of notification, in the event they are required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor ALLDATA or its subcontractors or assignees.
Appears in 1 contract
Additional Statutory and Regulatory Obligations. Vendor acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA Vendor AGREEMENT and the terms of this Data Sharing and Confidentiality Privacy Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor in fulfilling one or more of its obligations under the MLSAVendor AGREEMENT.
(c) Not use education records for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality Agreement.
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor using the information to carry out Vendor’s obligations under the MLSAVendor AGREEMENT, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information in its custody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ BOCES “Supplemental Information about the MLSAVendor AGREEMENT,” below.
(g) Provide notification to Erie 1 BOCES (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality Privacy Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCES, or a Participating School District for the full cost of notification, in the event they are required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor or its subcontractors or assignees. In no event, however, shall the aggregate, cumulative liability of the Vendor for any and all Claims exceed two times (2x) the total dollar amount paid or to be paid by BOCES to the Vendor under the contract pursuant to which the Claims arose during the initial term of the contract.
Appears in 1 contract
Sources: Data Privacy Agreement
Additional Statutory and Regulatory Obligations. Vendor acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA and the terms of this Data Sharing and Confidentiality Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor in fulfilling one or more of its obligations under the MLSA.
(c) Not use education records for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality Agreement.
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor using the information to carry out Vendor’s obligations under the MLSA, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information in its custody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ “Supplemental Information about the MLSA,” below.
(g) Provide notification to Erie 1 BOCES (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCES, or a Participating School District for the full cost of notification, in the event they are required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor or its subcontractors or assignees. Link to our App Privacy Policy: ▇▇▇▇▇://▇▇▇.▇▇▇▇▇▇▇▇▇▇▇▇▇▇.▇▇▇/apps-policy
Appears in 1 contract
Additional Statutory and Regulatory Obligations. Vendor acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational AgenciesErie 1 BOCES, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA and the terms of this Data Sharing and Confidentiality DSC Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor in fulfilling one or more of its obligations under the MLSAContract.
(c) Not use education records Protected Data for any purposes other than those explicitly authorized in the Contract and this Data Sharing and Confidentiality DSC Agreement.
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor (including authorized sub-contractors) using the information to carry out Vendor’s obligations under the MLSAContract, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency Erie 1 BOCES no later than the time of disclosure, disclosure unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information Protected Data in its custody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ the “Supplemental Information about the MLSAa Contract between Vendor and Erie 1 BOCES,” below.
(g) Provide notification to Erie 1 BOCES (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCES, or a Participating School District BOCES for the full cost of notification, in the event they are it is required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor or its subcontractors or assignees.
Appears in 1 contract
Additional Statutory and Regulatory Obligations. Vendor acknowledges that it has the following additional obligations under Section 2-d with respect to any Protected Data received from Participating Educational AgenciesPNW BOCES and/or its affiliates, and that any failure to fulfill one or more of these statutory or regulatory obligations shall will be deemed a breach of the MLSA Master Agreement and the terms of this Data Sharing and Confidentiality Agreement:
(a) Limit To limit internal access to education records Protected Data to only those individuals employees or subcontractors that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that ; i.e., they need access in order to assist Vendor in fulfilling one or more of its obligations to PNW BOCES and/or its affiliates under the MLSAMaster Agreement.
(cb) Not To not use education records Protected Data for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality AgreementAgreement and the Master Agreement to which this Exhibit is attached.
(dc) Not To not disclose any personally identifiable information Protected Data to any other party, except for authorized representatives of Vendor using the information to carry out Vendor’s obligations under to PNW BOCES and/or its affiliates, and in compliance with state and federal law, regulations and the MLSAterms of the Master Agreement, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency PNW BOCES no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order.
(ed) Maintain To maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information Protected Data in its custody;.
(e) To use encryption technology to protect Protected Data in its custody while in motion or at rest, using a technology or methodology specified by the Secretary of the U.S. Department of Health and Human Services in guidance issued under Section 13402(H)(2) of Public Law 111-5.
(f) Use encryption technology To adopt technologies, safeguards and practices that complies align with Section 2-d, as more fully set forth in Erie 1 BOCES’ “Supplemental Information about the MLSA,” belowNIST Cybersecurity Framework.
(g) Provide notification To comply with PNW BOCES’s policy on data security and privacy, Section 2-d and Part 121.
(h) To not sell Protected Data nor use or disclose it for any marketing or commercial purpose or facilitate its use or disclosure by any other party for any marketing or commercial purpose or permit another party to Erie 1 BOCES do so.
(and Participating Educational Agenciesi) To notify PNW BOCES, to the extent required by, and in accordance with, with the provisions of Section 6 5 of this Data Sharing and Confidentiality Agreement) , of any breach of security resulting in an unauthorized release of Protected Data by Vendor or its assignees or subcontractors in violation of applicable state or federal law law, PNW BOCES’s Bill of Rights for Data Privacy and Security, PNW BOCES’s policies on data security and privacy, or other binding obligations relating to data privacy and security contained hereinin the Master Agreement and this Exhibit.
(hj) Promptly To cooperate with PNW BOCES and law enforcement to protect the integrity of investigations into the breach or unauthorized release of Protected Data.
(k) To pay for or promptly reimburse Erie 1 BOCES, another BOCES, or a Participating School District PNW BOCES and/or its affiliates for the full cost of notification, in the event they are PNW BOCES and/or its affiliates is required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor or its subcontractors or assignees.
Appears in 1 contract
Additional Statutory and Regulatory Obligations. Vendor Learning Ally Inc. acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA and the terms of this Data Sharing and Confidentiality Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor Learning Ally Inc. in fulfilling one or more of its obligations under the MLSA.
(c) Not use education records for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality Agreement.
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor Learning Ally Inc. using the information to carry out VendorLearning Ally Inc.’s obligations under the MLSA, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information in its custody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ “Supplemental Information about the MLSA,” below.
(g) Provide notification to Erie 1 BOCES (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor Learning Ally Inc. or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCES, or a Participating School District for the full cost of notification, in the event they are required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor Learning Ally Inc. or its subcontractors or assignees.
Appears in 1 contract
Additional Statutory and Regulatory Obligations. Vendor acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA and the terms of this Data Sharing and Confidentiality Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor in fulfilling one or more of its obligations under the MLSA.
(c) Not use education records for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality Agreement.
(d) Not disclose any personally identifiable information to any other party, except for authorized autho- rized representatives of Vendor using the information to carry out Vendor’s obligations under the MLSA, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information in its custody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ “Supplemental Information about the MLSA,” below.
(g) Provide notification to Erie 1 BOCES (and Participating Educational Agencies, to the extent ex- tent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality Confiden- tiality Agreement) of any breach of security resulting in an unauthorized release of Protected Pro- tected Data by Vendor or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCES, or a Participating School District for the full cost of notification, in the event they are required under Section 2-d to notify affected af- fected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor or its subcontractors or assignees.
Appears in 1 contract
Additional Statutory and Regulatory Obligations. Vendor EDUCATION CONSULTING RESEARCH ANALYTICS GROUP acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA EDUCATION CONSULTING RESEARCH ANALYTICS GROUP AGREEMENT and the terms of this Data Sharing and Confidentiality Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor EDUCATION CONSULTING RESEARCH ANALYTICS GROUP in fulfilling one or more of its obligations under the MLSAEDUCATION CONSULTING RESEARCH ANALYTICS GROUP AGREEMENT.
(c) Not use education records for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality Agreement.
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor EDUCATION CONSULTING RESEARCH ANALYTICS GROUP using the information to carry out Vendor’s EDUCATION CONSULTING RESEARCH ANALYTICS GROUP’ obligations under the MLSAEDUCATION CONSULTING RESEARCH ANALYTICS GROUP AGREEMENT, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information in its custody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ BOCES “Supplemental Information about the MLSAEDUCATION CONSULTING RESEARCH ANALYTICS GROUP AGREEMENT,” below.
(g) Provide notification to Erie 1 BOCES (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor EDUCATION CONSULTING RESEARCH ANALYTICS GROUP or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCES, or a Participating School District for the full cost of notification, in the event they are required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor EDUCATION CONSULTING RESEARCH ANALYTICS GROUP or its subcontractors or assignees.
Appears in 1 contract
Additional Statutory and Regulatory Obligations. Vendor acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA and the terms of this Data Sharing and Confidentiality Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor in fulfilling one or more of its obligations under the MLSA.
(c) Not use education records for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality Agreement.. DocuSign Envelope ID: 04285847-45CA-48CD-B30A-8AD7CD0909B0
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor using the information to carry out Vendor’s obligations under the MLSA, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information in its custody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ “Supplemental Information about the MLSA,” below.
(g) Provide notification to Erie 1 BOCES (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCES, or a Participating School District for the full cost of notification, in the event they are required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor or its subcontractors or assignees.
Appears in 1 contract
Additional Statutory and Regulatory Obligations. Vendor acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA and the terms of this Data Sharing and Confidentiality Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor in fulfilling one or more of its obligations under the MLSA.
(c) Not use education records for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality Agreement.
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor using the information to carry out Vendor’s obligations under the MLSA, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order.. DocuSign Envelope ID: CE92A43D-9253-440E-9F2E-63D3C5309765
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information in its custody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ “Supplemental Information about the MLSA,” below.
(g) Provide notification to Erie 1 BOCES (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) To the extent necessary In accordance with applicable law, Promptly reimburse Erie 1 BOCES, another BOCES, or a Participating School District for the full cost of notification, in the event they are required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor or its subcontractors or assignees.
Appears in 1 contract
Additional Statutory and Regulatory Obligations. Vendor acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA and the terms of this Data Sharing and Confidentiality Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor in fulfilling one or more of its obligations under the MLSA.
(c) Not use education records for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality Agreement.
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor using the information to carry out Vendor’s obligations under the MLSA, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information in its custody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 XXXX BOCES’ “Supplemental Information about the MLSA,” below.
(g) Provide notification to Erie 1 XXXX BOCES (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 XXXX BOCES, another BOCES, or a Participating School District for the full cost of notification, in the event they are required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor or its subcontractors or assignees.
Appears in 1 contract
Additional Statutory and Regulatory Obligations. Vendor acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA and the terms of this Data Sharing and Confidentiality Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor in fulfilling one or more of its obligations under the MLSA.
(c) Not use education records for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality Agreement.
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor using the information to carry out Vendor’s obligations under the MLSA, unless:
(i) the parent or eligible student has provided prior written consent; oror DocuSign Envelope ID: E1A65C28-CCD7-4409-A10A-EADA91528E55
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information in its custody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ “Supplemental Information about the MLSA,” below.
(g) Provide notification to Erie 1 BOCES (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCES, or a Participating School District for the full cost of notification, in the event they are required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor or its subcontractors or assignees.
Appears in 1 contract
Additional Statutory and Regulatory Obligations. Vendor acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA Contract and the terms of this Data Sharing and Confidentiality DSC Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor in fulfilling one or more of its obligations under the MLSAContract.
(c) Not use education records Protected Data for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality DSC Agreement.
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor using the information to carry out Vendor’s obligations under the MLSAContract, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, disclosure unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information Protected Data in its custody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ the “Supplemental Information about the MLSAa Contract between Vendor and BOCES,” below.
(g) Provide notification to Erie 1 BOCES (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality DSC Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCES, BOCES or a Participating School District for the full cost of notification, in the event they are required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor or its subcontractors or assignees.
Appears in 1 contract
Additional Statutory and Regulatory Obligations. Vendor acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA and the terms of this Data Sharing and Confidentiality Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor in fulfilling one or more of its obligations under the MLSA.
(c) Not use education records for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality Agreement. For the avoidance of doubt, Vendor may use Deidentified Data as outlined in the attached Privacy Notice and as allowable by FERPA.
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor using the information to carry out Vendor’s obligations under the MLSA, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information in its custody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ “Supplemental Information about the MLSA,” below.
(g) Provide notification to Erie 1 BOCES (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCESRIC, or a Participating School District for the full cost of notification, in the event they are required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor or its subcontractors or assignees.
Appears in 1 contract
Additional Statutory and Regulatory Obligations. Vendor acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA and the terms of this Data Sharing and Confidentiality Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor in fulfilling one or more of its obligations under the MLSA.
(c) Not use education records for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality Agreement or the Master License and Service Agreement (referred to as the “Agreement”).
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor using the information to carry out Vendor’s obligations under the MLSA, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information in its custody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ “Supplemental Information about the MLSA,” below.
(g) Provide notification to Erie 1 BOCES (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCES, or a Participating School District for the full cost of notification, in the event they are required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor or its subcontractors or assignees.
Appears in 1 contract
Additional Statutory and Regulatory Obligations. Vendor CENGAGE LEARNING/▇▇▇▇ acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA AGREEMENT and the terms of this Data Sharing and Confidentiality Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor CENGAGE LEARNING/▇▇▇▇ in fulfilling one or more of its obligations under the MLSAAGREEMENT.
(c) Not use education records for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality Agreement.
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor CENGAGE LEARNING/▇▇▇▇ using the information to carry out VendorCENGAGE LEARNING/GALE’s obligations under the MLSAAGREEMENT, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information in its custody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ BOCES “Supplemental Information about the MLSAAGREEMENT,” below.
(g) Provide notification to Erie 1 BOCES (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor CENGAGE LEARNING/▇▇▇▇ or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCES, or a Participating School District for the full cost of notification, in the event they are required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor CENGAGE LEARNING/▇▇▇▇ or its subcontractors or assignees.
Appears in 1 contract
Additional Statutory and Regulatory Obligations. Vendor ARCADEMICS acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA ARCADEMICS AGREEMENT and the terms of this Data Sharing and Confidentiality Privacy Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor ARCADEMICS in fulfilling one or more of its obligations under the MLSAARCADEMICS AGREEMENT.
(c) Not use education records for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality Agreement.
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor ARCADEMICS using the information to carry out Vendor’s ARCADEMICS’ obligations under the MLSAARCADEMICS AGREEMENT, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information in its custody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ BOCES “Supplemental Information about the MLSAARCADEMICS AGREEMENT,” below.
(g) Provide notification to Erie 1 BOCES (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality Privacy Agreement) of any breach of security resulting in an unauthorized release ARCADEMICS of Protected Data by Vendor ARCADEMICS or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCES, or a Participating School District for the full cost of notification, in the event they are required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release ARCADEMICS of Protected Data attributed to Vendor ARCADEMICS or its subcontractors or assignees.
Appears in 1 contract
Sources: Data Privacy Agreement
Additional Statutory and Regulatory Obligations. Vendor acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA and the terms of this Data Sharing and Confidentiality Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor in fulfilling one or more of its obligations under the MLSA.
(c) Not use education records for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality Agreement.
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor using the information to carry out Vendor’s obligations under the MLSA, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information in its custody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ “Supplemental Information about the MLSA,” below.
(g) Provide notification to Erie 1 BOCES (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCES, or a Participating School District for the full cost of notification, in the event they are required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor or its subcontractors or assignees, proportionately and to the extent that the breach was caused by Vendor.
Appears in 1 contract
Additional Statutory and Regulatory Obligations. Vendor acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA and the terms of this Data Sharing and Confidentiality Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor in fulfilling one or more of its obligations under the MLSA.
(c) Not use education records for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality Agreement.
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor using the information to carry out Vendor’s obligations under the MLSA, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information in its custody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ “Supplemental Information about the MLSA,” below.
(g) Provide notification to Erie 1 BOCES (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCES, or a Participating School District for the full reasonable cost of notification, in the event they are required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor or its subcontractors or assignees.
Appears in 1 contract
Additional Statutory and Regulatory Obligations. Vendor acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA and the terms of this Data Sharing and Confidentiality Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor in fulfilling one or more of its obligations under the MLSA.
(c) Not use education records for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality AgreementAgreement with the understanding that the Vendor also retains aggregate, deidentified, anonymized information for improvement, research, and development purposes.
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor using the information to carry out Vendor’s obligations under the MLSA, unless:
(i) the parent or eligible student has provided prior written consentconsent as provided by Erie 1 BOCES; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information in its custody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ “Supplemental Information about the MLSA,” below.
(g) Provide notification to Erie 1 BOCES (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality Agreement) of any confirmed breach of security resulting in an unauthorized release of Protected Data by Vendor or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCES, or a Participating School District for the full reasonable cost of legally required notification, in the event they are required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor or its subcontractors or assignees.
Appears in 1 contract
Additional Statutory and Regulatory Obligations. Vendor acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA and the terms of this Data Sharing and Confidentiality Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor in fulfilling one or more of its obligations under the MLSA.
(c) Not use education records for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality Agreement. For the avoidance of doubt, De-identified Data may be used by Vendor for product development, product functionality and research purposes, as allowed under FERPA.
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor using the information to carry out Vendor’s obligations under the MLSA, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information in its custody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ “Supplemental Information about the MLSA,” below.
(g) Provide notification to Erie 1 BOCES (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCES, or a Participating School District for the full cost of notification, in the event they are required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor or its subcontractors or assignees.
Appears in 1 contract
Additional Statutory and Regulatory Obligations. Vendor LIGHTSPEED SYSTEMS acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agencies, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA LIGHTSPEED SYSTEMS AGREEMENT and the terms of this Data Sharing and Confidentiality Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor LIGHTSPEED SYSTEMS in fulfilling one or more of its obligations under the MLSALIGHTSPEED SYSTEMS AGREEMENT.
(c) Not use education records for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality Agreement.
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor LIGHTSPEED SYSTEMS using the information to carry out Vendor’s LIGHTSPEED SYSTEMS’ obligations under the MLSALIGHTSPEED SYSTEMS AGREEMENT, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information in its custody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ BOCES “Supplemental Information about the MLSALIGHTSPEED SYSTEMS AGREEMENT,” below.
(g) Provide notification to Erie 1 BOCES (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor LIGHTSPEED SYSTEMS or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCES, another BOCES, or a Participating School District for the full cost of notification, in the event they are required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor LIGHTSPEED SYSTEMS or its subcontractors or assignees, but only in proportion to and to the extent such liabilities are caused by the negligence, recklessness, willful misconduct or internal acts, omissions of LIGHTSPEED SYSTEMS its officers, employees, or agents.
Appears in 1 contract
Additional Statutory and Regulatory Obligations. Vendor acknowledges that it has the following additional obligations with respect to any Protected Data received from Participating Educational Agenciesthe district, and that any failure to fulfill one or more of these statutory or regulatory obligations shall be a breach of the MLSA Vendor AGREEMENT and the terms of this Data Sharing and Confidentiality Privacy Agreement:
(a) Limit internal access to education records to those individuals that are determined to have legitimate educational interests within the meaning of Section 2-d and the Family Educational Rights and Privacy Act (FERPA).
(b) Limit internal access to Protected Data to only those employees or subcontractors that need access in order to assist Vendor in fulfilling one or more of its obligations under the MLSAVendor AGREEMENT.
(c) Not use education records for any purposes other than those explicitly authorized in this Data Sharing and Confidentiality Agreement.
(d) Not disclose any personally identifiable information to any other party, except for authorized representatives of Vendor using the information to carry out Vendor’s obligations under the MLSAVendor AGREEMENT, unless:
(i) the parent or eligible student has provided prior written consent; or
(ii) the disclosure is required by statute or court order and notice of the disclosure is provided to Participating Educational Agency the district no later than the time of disclosure, unless such notice is expressly prohibited by the statute or court order.
(e) Maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personally identifiable student information in its custody;
(f) Use encryption technology that complies with Section 2-d, as more fully set forth in Erie 1 BOCES’ THE DISTRICT “Supplemental Information about the MLSAVendor AGREEMENT,” below.
(g) Provide notification to Erie 1 BOCES THE DISTRICT (and Participating Educational Agencies, to the extent required by, and in accordance with, Section 6 of this Data Sharing and Confidentiality Privacy Agreement) of any breach of security resulting in an unauthorized release of Protected Data by Vendor or its assignees or subcontractors in violation of state or federal law or other obligations relating to data privacy and security contained herein.
(h) Promptly reimburse Erie 1 BOCESTHE DISTRICT, another BOCES, or a Participating School District for the full cost of notification, in the event they are required under Section 2-d to notify affected parents, students, teachers or principals of a breach or unauthorized release of Protected Data attributed to Vendor or its subcontractors or assignees.
Appears in 1 contract
Sources: Data Privacy Agreement