Zoom’s Storage and Use of Protected Information Sample Clauses

This clause defines how Zoom handles, stores, and utilizes protected information, such as personal data or confidential business details, provided by users. It typically outlines the types of information Zoom may collect, the security measures in place to safeguard this data, and the purposes for which the information may be used, such as service delivery or compliance with legal obligations. By specifying these practices, the clause ensures transparency and helps users understand how their sensitive information is managed, thereby addressing privacy concerns and regulatory requirements.
Zoom’s Storage and Use of Protected Information a. Covered Entity may not transmit or store Protected Information in Zoom’s systems except as described in this paragraph. b. When Zoom provides services subject to a Business Associate Agreement, its services are limited to transmission of communications between persons using those services, and the provision of end-to-end encrypted storage of chat communications on Zoom servers. Covered Entity may elect to store encrypted chat communications sent over Zoom’s servers. In such cases, the encryption keys to such communications are retained only by the persons using Zoom’s services and Zoom does not have encryption keys for any such end-to-end encrypted communications. For clarity, with respect to accounts provisioned subject to a Business Associate Agreement, Zoom’s storage is limited to end-to-end encrypted chat communications. c. Consistent with the foregoing, Zoom’s rights and obligations with respect to Protected Information under this Agreement are limited to those rights and obligations applicable solely to Zoom’s transmission of Protected Information, as described in this paragraph. d. For the avoidance of doubt, Zoom is not responsible for the use, disclosure, or storage of any Protected Information stored locally on Covered Entity’s systems; any use, storage, or disclosure of any Protected Information after the Protected Information has been transmitted using Zoom services, except as described in this paragraph 2; or Protected Information that Covered Entity discloses to Zoom in a manner not covered by paragraph 2(b). e. All Protected Information subject to this Agreement is, shall be, and shall remain the sole property of Covered Entity. f. Business Associate shall act as a Qualified Service Organization within the meaning of 42 C.F.R. Part 2 only to the extent Business Associate receives, stores, processes, or otherwise deals with any records containing Part 2 Patient Identifying Information. Business Associate shall not act as a Qualified Service Organization or be subject to liabilities imposed on any Qualified Service Organization with respect to Business Associate’s treatment of other forms of data, including PHI that does not qualify as Part 2 Patient Identifying Information.
View SourceView Similar (3)
Zoom’s Storage and Use of Protected Information a. Covered Entity may not transmit or store Protected Information in Zoom’s systems except as described in this paragraph. b. When Zoom provides services subject to a Business Associate Agreement, its services are limited to transmission of communications between persons using those services, and the provision of encrypted storage of chat transcripts on Zoom servers.
View SourceView Similar (2)

Related to Zoom’s Storage and Use of Protected Information

  • Access to Protected Information If BA maintains a designated record set on behalf of CE, BA shall make Protected Information maintained by BA or its agents or subcontractors in Designated Record Sets available to CE for inspection and copying within five (5) days of a request by CE to enable CE to fulfill its obligations under state law [Health and Safety Code Section 123110] and the Privacy Rule, including, but not limited to, 45 C.F.R. Section 164.524 [45 C.F.R. Section 164.504(e)(2)(ii)(E)]. If BA maintains Protected Information in electronic format, BA shall provide such information in electronic format as necessary to enable CE to fulfill its obligations under the HITECH Act and HIPAA Regulations, including, but not limited to, 42 U.S.C. Section 17935(e) and 45 C.F.R. Section 164.524.

  • Use and Disclosure of Protected Health Information The Business Associate must not use or further disclose protected health information other than as permitted or required by the Contract or as required by law. The Business Associate must not use or further disclose protected health information in a manner that would violate the requirements of HIPAA Regulations.

  • Electronic and Information Resources Accessibility and Security Standards a. Applicability: The following Electronic and Information Resources (“EIR”) requirements apply to the Contract because the Grantee performs services that include EIR that the System Agency's employees are required or permitted to access or members of the public are required or permitted to access. This Section does not apply to incidental uses of EIR in the performance of the Agreement, unless the Parties agree that the EIR will become property of the State of Texas or will be used by HHSC’s clients or recipients after completion of the Agreement. Nothing in this section is intended to prescribe the use of particular designs or technologies or to prevent the use of alternative technologies, provided they result in substantially equivalent or greater access to and use of a Product.

  • Access to Information Systems Access, if any, to DXC’s Information Systems is granted solely to perform the Services under this Order, and is limited to those specific DXC Information Systems, time periods and personnel as are separately agreed to by DXC and Supplier from time to time. DXC may require Supplier’s employees, subcontractors or agents to sign individual agreements prior to access to DXC’s Information Systems. Use of DXC Information Systems during other time periods or by individuals not authorized by DXC is expressly prohibited. Access is subject to DXC business control and information protection policies, standards and guidelines as may be modified from time to time. Use of any other DXC Information Systems is expressly prohibited. This prohibition applies even when an DXC Information System that Supplier is authorized to access, serves as a gateway to other Information Systems outside Supplier’s scope of authorization. Supplier agrees to access Information Systems only from specific locations approved for access by DXC. For access outside of DXC premises, DXC will designate the specific network connections to be used to access Information Systems.

  • Confidentiality of Protected Data (a) Vendor acknowledges that the Protected Data it receives pursuant to the Master Agreement originates from the District and that this Protected Data belongs to and is owned by the District. (b) Vendor will maintain the confidentiality of the Protected Data it receives in accordance with federal and state law (including but not limited to Section 2-d) and the District’s policy on data security and privacy. The District will provide Vendor with a copy of its policy on data security and privacy upon request.