Limited Data Set/Data Use Provisions Sample Clauses

Limited Data Set/Data Use Provisions. (a) The User acknowledges that the Data is the property of HMS and its clients, not DHCRC, and is made available to the User through DHCRC subject to specific requirements, restrictions, and permissions. (b) Responsibilities of Limited Data Set Recipient/Custodian. The User, either as a recipient or custodian of, or person with access to a Limited Data Set, agrees to: (1) Use appropriate safeguards to prevent use or disclosure of the Limited Data Set other than as permitted by this DUA or required by law; (2) Report to DHCRC and HMS any use or disclosure of the Limited Data Set of which it becomes aware that is not permitted by this DUA or required by law (including the presence of prohibited identifiers in the Limited Data Set), in accordance with the Breach notification and reporting provisions contained in this DUA or as otherwise Required by Law; (3) Require any of its subcontractors or agents that receive or have access to the Limited Data Set (subject to appropriate consents, as set forth below) to agree to the same restrictions and conditions on the use and/or disclosure of the Limited Data Set that apply to the User under this DUA; and (4) Not use the information in the Limited Data Set, alone or in combination to identify or contact the individuals who are data subjects. (c) Intellectual property in the Data and any information relating to the Data will remain vested in HMS (and/or its clients). (d) The User is granted a non-exclusive, limited, royalty-free, worldwide licence to use the Data for the purposes of the Project only. (e) IP arising from the Project (‘Project IP’) will be owned by the User. The User may use the Project IP for Academic and Non-commercial Research Purposes only. Other Utilisation will be agreed between the Parties. (f) The User accepts all responsibility for ensuring that the Data provided to it under this Agreement suits the purpose for which it will be used. DHCRC and HMS accept no liability or responsibility for the Data not meeting the suitability requirements of the User. (g) The Data will be accessed and used only by the Researchers who have agreed to comply with this DUA. The use of screen scraping, screen imaging, or any other technology used to extract, download, copy, or move any data from the HMS Amazon Web Services portal that houses the Limited Data Set used in this Project is prohibited. The Researchers will not further distribute the Data to any other parties or transfer the Data to another institution or o...
View SourceView Similar (3)

Related to Limited Data Set/Data Use Provisions

  • Specific Provisions for Access Rights to Software For the avoidance of doubt, the general provisions for Access Rights provided for in this Section 9 are applicable also to Software. Parties’ Access Rights to Software do not include any right to receive source code or object code ported to a certain hardware platform or any right to receive respective Software documentation in any particular form or detail, but only as available from the Party granting the Access Rights.

  • SPECIFIC TERMS FOR THIRD PARTY COMPONENTS The specific terms relating to the use of certain third party components or products not developed by or for a DS Group Company and granted to Customer to be used in connection with or within a DS Offering are defined hereafter:

  • Data Security and Unauthorized Data Release The Requester and Approved Users, including the Requester’s IT Director, acknowledge NIH’s expectation that they have reviewed and agree to manage the requested controlled-access dataset(s) and any Data Derivatives of controlled-access datasets according to NIH’s expectations set forth in the current NIH Security Best Practices for Controlled-Access Data Subject to the GDS Policy and the Requester’s IT security requirements and policies. The Requester, including the Requester’s IT Director, agree that the Requester’s IT security requirements and policies are sufficient to protect the confidentiality and integrity of the NIH controlled-access data entrusted to the Requester. If approved by NIH to use cloud computing for the proposed research project, as outlined in the Research and Cloud Computing Use Statements of the Data Access Request, the Requester acknowledges that the IT Director has reviewed and understands the cloud computing guidelines in the NIH Security Best Practices for Controlled-Access Data Subject to the NIH GDS Policy. The Requester and PI agree to notify the appropriate DAC(s) of any unauthorized data sharing, breaches of data security, or inadvertent data releases that may compromise data confidentiality within 24 hours of when the incident is identified. As permitted by law, notifications should include any known information regarding the incident and a general description of the activities or process in place to define and remediate the situation fully. Within 3 business days of the DAC notification, the Requester agrees to submit to the DAC(s) a detailed written report including the date and nature of the event, actions taken or to be taken to remediate the issue(s), and plans or processes developed to prevent further problems, including specific information on timelines anticipated for action. The Requester agrees to provide documentation verifying that the remediation plans have been implemented. Repeated violations or unresponsiveness to NIH requests may result in further compliance measures affecting the Requester. NIH, or another entity designated by NIH may, as permitted by law, also investigate any data security incident or policy violation. Approved Users and their associates agree to support such investigations and provide information, within the limits of applicable local, state, tribal, and federal laws and regulations. In addition, Requester and Approved Users agree to work with the NIH to assure that plans and procedures that are developed to address identified problems are mutually acceptable and consistent with applicable law.

  • REMOTE ACCESS SERVICES ADDENDUM The Custodian and each Fund agree to be bound by the terms of the Remote Access Services Addendum hereto.

  • Review of legality and data minimisation (a) The data importer agrees to review the legality of the request for disclosure, in particular whether it remains within the powers granted to the requesting public authority, and to challenge the request if, after careful assessment, it concludes that there are reasonable grounds to consider that the request is unlawful under the laws of the country of destination, applicable obligations under international law and principles of international comity. The data importer shall, under the same conditions, pursue possibilities of appeal. When challenging a request, the data importer shall seek interim measures with a view to suspending the effects of the request until the competent judicial authority has decided on its merits. It shall not disclose the personal data requested until required to do so under the applicable procedural rules. These requirements are without prejudice to the obligations of the data importer under Clause 14(e). (b) The data importer agrees to document its legal assessment and any challenge to the request for disclosure and, to the extent permissible under the laws of the country of destination, make the documentation available to the data exporter. It shall also make it available to the competent supervisory authority on request.