Common use of PROVIDER REQUIREMENTS Clause in Contracts

PROVIDER REQUIREMENTS. Provider agrees: a. It will comply with all obligations set forth in the Agreement and the DPA, including this Addendum; b. It will provide the same or better level of privacy protections for RSA Data, and will not use or disclose any RSA Data in violation of the Agreement, the DPA, or any applicable US Privacy Laws; c. It will maintain all permissions, authorizations, and consents required by the Agreement, the DPA, and any applicable US Privacy Laws; d. It will promptly and without undue delay, notify RSA if it becomes aware of any violation of this Addendum or determines it can no longer fulfill its obligations under this Addendum or any applicable US Privacy Law, and in any event within five (5) business days of become aware or making such a determination; e. If it engages a Subprocessor to perform any of its processing obligations under the Agreement, then Provider shall conduct a security and privacy compliance assessment of the Subprocessor to ensure the Subprocessor will meet the Personal Data protection and security requirements under the Agreement, the DPA, and applicable US Privacy Laws, inform RSA of the name of the Subprocessor, the location of the Subprocessor’s processing activities, and the nature of the processing and categories of Personal Data to be processed by the Subprocessor. f. It shall maintain a privacy program and related policies that address how Personal Data is collected, used, shared, and otherwise processed, and ensure each person acting for or on behalf of Provider that is processing Personal Data is subject to a duty of confidentiality.

PROVIDER REQUIREMENTS. Provider agrees: a. It will comply with all obligations set forth in the Agreement and the DPA, including this Addendum; b. It will provide the same or better level of privacy protections for RSA NetWitness Data, and will not use or disclose any RSA NetWitness Data in violation of the Agreement, the DPA, or any applicable US Privacy Laws; c. It will maintain all permissions, authorizations, and consents required by the Agreement, the DPA, and any applicable US Privacy Laws; d. It will promptly and without undue delay, notify RSA NetWitness if it becomes aware of any violation of this Addendum or determines it can no longer fulfill its obligations under this Addendum or any applicable US Privacy Law, and in any event within five (5) business days of become aware or making such a determination; e. If it engages a Subprocessor to perform any of its processing obligations under the Agreement, then Provider shall conduct a security and privacy compliance assessment of the Subprocessor to ensure the Subprocessor will meet the Personal Data protection and security requirements under the Agreement, the DPA, and applicable US Privacy Laws, inform RSA NetWitness of the name of the Subprocessor, the location of the Subprocessor’s processing activities, and the nature of the processing and categories of Personal Data to be processed by the Subprocessor. f. It shall maintain a privacy program and related policies that address how Personal Data is collected, used, shared, and otherwise processed, and ensure each person acting for or on behalf of Provider that is processing Personal Data is subject to a duty of confidentiality.