Setting and Data Sample Clauses
Setting and Data
Information and Data Upon request of the Union, the Employer agrees to furnish the Union with the following information: budgets for the Board of Regents; budgets for each College; public information used in the preparation of budgets as provided by law such as salaries; minutes of meetings of the Board; policies of the Board of Regents which apply to faculty members. Voluminous information shall be made available for inspection or will be provided at reproduction cost.
COMPLIANCE WITH BREACH NOTIFICATION AND DATA SECURITY LAWS Contractor shall comply with the provisions of the New York State Information Security Breach and Notification Act (General Business Law § 899-aa and State Technology Law § 208) and commencing March 21, 2020 shall also comply with General Business Law § 899-bb.
Access to Information Systems Access, if any, to DXC’s Information Systems is granted solely to perform the Services under this Order, and is limited to those specific DXC Information Systems, time periods and personnel as are separately agreed to by DXC and Supplier from time to time. DXC may require Supplier’s employees, subcontractors or agents to sign individual agreements prior to access to DXC’s Information Systems. Use of DXC Information Systems during other time periods or by individuals not authorized by DXC is expressly prohibited. Access is subject to DXC business control and information protection policies, standards and guidelines as may be modified from time to time. Use of any other DXC Information Systems is expressly prohibited. This prohibition applies even when an DXC Information System that Supplier is authorized to access, serves as a gateway to other Information Systems outside Supplier’s scope of authorization. Supplier agrees to access Information Systems only from specific locations approved for access by DXC. For access outside of DXC premises, DXC will designate the specific network connections to be used to access Information Systems.
Handling Sensitive Personal Information and Breach Notification A. As part of its contract with HHSC Contractor may receive or create sensitive personal information, as section 521.002 of the Business and Commerce Code defines that phrase. Contractor must use appropriate safeguards to protect this sensitive personal information. These safeguards must include maintaining the sensitive personal information in a form that is unusable, unreadable, or indecipherable to unauthorized persons. Contractor may consult the “Guidance to Render Unsecured Protected Health Information Unusable, Unreadable, or Indecipherable to Unauthorized Individuals” issued by the U.S. Department of Health and Human Services to determine ways to meet this standard. B. Contractor must notify HHSC of any confirmed or suspected unauthorized acquisition, access, use or disclosure of sensitive personal information related to this Contract, including any breach of system security, as section 521.053 of the Business and Commerce Code defines that phrase. Contractor must submit a written report to HHSC as soon as possible but no later than 10 business days after discovering the unauthorized acquisition, access, use or disclosure. The written report must identify everyone whose sensitive personal information has been or is reasonably believed to have been compromised. C. Contractor must either disclose the unauthorized acquisition, access, use or disclosure to everyone whose sensitive personal information has been or is reasonably believed to have been compromised or pay the expenses associated with HHSC doing the disclosure if: 1. Contractor experiences a breach of system security involving information owned by HHSC for which disclosure or notification is required under section 521.053 of the Business and Commerce Code; or 2. Contractor experiences a breach of unsecured protected health information, as 45 C.F.R. §164.402 defines that phrase, and HHSC becomes responsible for doing the notification required by 45 C.F.R. §164.404. HHSC may, at its discretion, waive Contractor's payment of expenses associated with HHSC doing the disclosure.