Common use of Personally Identifiable Data Not Otherwise Covered by Ferpa Clause in Contracts

Personally Identifiable Data Not Otherwise Covered by Ferpa. a) The data available to Contractor in the course of providing technical support to or on behalf of the University shall be considered Confidential Information, unless the University indicates otherwise in writing. Such Confidential Information may contain data associated with students, faculty, staff, customers, clients, members of the public, or other individuals affiliated with the [BOR/College/ University]. Information related to such individuals may be protected by federal and/or state laws and regulations, and/or established industry standards. In particular, the contents of such data or information stored and maintained by Contractor may be protected by the Health Insurance Portability and Accountability Act (“HIPAA”), ▇▇▇▇▇-▇▇▇▇▇ ▇▇▇▇▇▇ Act (“GLBA”), Electronic Communications Privacy Act (ECPA), federal Red Flags Rule regulations, Federal Trade Commission regulations, Internal Revenue Service regulations and/or other state or federal laws as amended from time to time, and/or by the Payment Card Industry Data Security Standards (PCIDSS), as amended or updated from time to time. b) Data or information to which Contractor may become privy in conducting its work for or on behalf of the University shall not be disclosed or shared with any third party by Contractor, except as permitted by the terms of this Agreement or to subcontractors whose services are necessary for Contractor to carry out its services and only then to subcontractors who have agreed to maintain the confidentiality of the data to the same extent required of Contractor under this Agreement. c) In the event any person(s) seek to access protected and confidential data or information, such access shall be through the University, and Contractor shall only retrieve such data or information as identified by the University or as otherwise required by federal and/or state law. Contractor shall not provide direct access to such data or information or respond to individual requests. d) Should Contractor receive a court order or lawfully issued subpoena seeking the release of such data or information, Contractor shall promptly inform the University of its receipt of such court order or lawfully issued subpoena prior to releasing the requested data or information.

Personally Identifiable Data Not Otherwise Covered by Ferpa. a) a. Confidential Data. The data available to Contractor in the course of while providing technical support to or on behalf of the University shall be considered Confidential Information, unless the University indicates otherwise in writing. Such Confidential Information may contain data associated with students, faculty, staff, customers, clients, members of the public, or other individuals affiliated with the [BOR/College/ University]. Information related to such individuals may be protected by federal and/or state laws and regulations, and/or established industry standards. In particular, the contents of such data or information stored and maintained by Contractor may be protected by the Health Insurance Portability and Accountability Act (“HIPAA”)by, ▇▇▇▇▇-▇▇▇▇▇ ▇▇▇▇▇▇ Act (“GLBA”), Electronic Communications Privacy Act (ECPA), federal Red Flags Rule regulations, Federal Trade Commission regulations, Internal Revenue Service regulations and/or other state or federal laws as amended from time to time, and/or by the Payment Card Industry Data Security Standards (PCIDSS), as amended or updated from time to time. b) b. Data or information to which Contractor may become privy in conducting its work for or on behalf of the University shall not be disclosed or shared with any third party by Contractor, except as permitted by the terms of this Agreement Contract or to subcontractors whose services are necessary for Contractor to carry out its services and only then to subcontractors who have agreed to maintain the confidentiality of the data to the same extent required of Contractor under this AgreementContract. c) c. In the event any person(s) seek to access protected and confidential data or information, such access shall be through the University, and Contractor shall only retrieve such data or information as identified by the University or as otherwise required by federal and/or state law. Contractor shall not provide direct access to such data or information or respond to individual requests. d) d. Should Contractor receive a court order or lawfully issued subpoena seeking the release of such data or information, Contractor shall promptly inform the University of its receipt of such court order or lawfully issued subpoena prior to releasing the requested data or information.