Agreement Digital Testing System (Annex 4 to the RFP Digital Testing System) Annex 1 - Data Processing Agreement

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Agreement Digital Testing System (Annex 4 to the RFP Digital Testing System) Annex 1 - Data Processing Agreement"

Transcription

1 Agreement Digital Testing System (Annex 4 to the RFP Digital Testing System) Annex 1 - Data Processing Agreement ANNEX 1 DATA PROCESSING AGREEMENT RELATING TO THE AGREEMENT DIGITAL TESTING SYSTEM BETWEEN TECHNISCHE UNIVERSITEIT EINDHOVEN AND <CONTRACTOR> THE UNDERSIGNED: (1) TECHNISCHE UNIVERSITEIT EINDHOVEN, a legal entity governed by public law, hereinafter also referred to as: the Client, with its registered office in Eindhoven and its principal place of business at Groene Loper 5, 5612 AE Eindhoven, duly represented for these purposes by [..], and (2) <CONTRACTOR>, hereinafter referred to as the: "the Contractor", established in [.], duly represented for these purposes by [ ], hereinafter also jointly referred to as the: Parties" and individually referred to as a: Party" TAKE THE FOLLOWING INTO ACCOUNT: (A) (B) (C) The Client has concluded an Agreement with the Contractor dated [..], with reference [.], with regard to the supply of a Digital Testing System and services related to an Digital Testing System, hereinafter referred to as the "Agreement"; As part of the implementation and performance of the Agreement, the Contractor may process Personal Data in favour of and on behalf of the Client, whereby the Contractor will act as the data processor and the Client will act as the data controller; In accordance with the provisions of Article 30 of the Agreement, the provisions of Article 14 of the Dutch Data Protection Act and the provisions of the Dutch DPA Guidelines, the Parties intend to set out their agreements on the processing of Personal Data by the Contractor on behalf of the Client in this Data Processing Agreement, AND DECLARE THEY ARE IN AGREEMENT WITH THE AFOREMENTIONED AND THE FOLLOWING: 1 Definitions 1.1 Annex: an annex to this Data Processing Agreement. 1.2 Applicable Law: law(s) or any other (local) regulations, guidelines or policies, instructions or recommendations of any Governmental Authority applicable to the processing of the Personal Data, including any amendments, replacements, updates or other later versions thereof; 1.3 Data Breach: any incident resulting in (potential) accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to the Personal Data which have been sent, stored or otherwise processed, and regardless whether the incident occurred on the Data Processing System or elsewhere; 1.4 Data Processing Agreement: this Data Processing Agreement, including its recitals and schedules thereto, and any alteration, substitution, update or later versions thereof ; Initials Contractor Initials Client Annex 1, Data Processing Agreement, page 1/13

2 1.5 Data Processing System: any system that is used or has been used or is relevant for processing the Personal Data by the Contractor or its subcontractors, including supporting documentation; 1.6 Data Subject: the person to whom the Personal Data relates; 1.7 Governmental Authority: a Dutch or foreign competent authority; 2 Subject of this Data Processing Agreement 2.1 Insofar as the Contractor processes Personal Data in the context of the implementation of its activities under the Agreement, the Client must be regarded as a controller for the purposes of the DPA and the Contractor as a processor in favour of the Client. 2.2 The Contractor guarantees that it will process the Personal Data in a proper and careful manner, in accordance with the Applicable Law. 2.3 The Contractor will only process the Personal Data on behalf of and as instructed by the Client. The Contractor has no independent control over the Personal Data processed by it. The Contractor may not process the Personal Data for its own purposes, for the purposes of third parties or for other purposes, subject to deviating mandatory legal obligations vested in it. 2.4 This Data Processing Agreement forms part of the Agreement. This Data Processing Agreement sets aside any other arrangements of an earlier date relating to the processing of Personal Data between the Client acting as data controller, and the Contractor acting as a data processor in respect of the Personal Data, if applicable. This includes any data processing agreement of an earlier date. 3 Processing of the Personal Data 3.1 To implement the Agreement, the Contractor shall process Personal Data of the Data Subject as specified in Annex A to this Data Processing Agreement. 3.2 The Contractor shall only disclose the Personal Data to those employees who are required to inspect the Personal Data for the implementation of the Agreement and to keep it otherwise confidential, subject to deviating obligations under Applicable Law. 3.3 Annex A specifies which (groups) of employees of the Contractor should have access to which Personal Data and what actions these (groups of) employees may perform with the Personal Data. The Contractor is expressly prohibited from (i) providing other (groups of) employees with access to the Personal Data other than specified in Annex A, and (ii) performing acts with the Personal Data other than those specified in Annex A. 3.4 The Contractor shall impose the obligations set out in this Data Processing Agreement and the Agreement, including the security and confidentiality obligations, on the employees engaged by it. The Contractor shall ensure that these employees adhere to these obligations. Subcontracting Initials Contractor Initials Client Annex 1, Data Processing Agreement, page 2/13

3 3.5 The following conditions will be attached in any event to the acquisition of written consent from the Client for the engagement of third parties by the Contractor for the implementation of its obligations under this Data Processing Agreement, in accordance with Article 33 of the Agreement: the third party must be directly involved in the delivery of the Digital Testing System and/or Digital Testing System services under the Agreement; and The Contractor must submit a written sub-data processing agreement concluded with the third party and impose on this third party the same obligations as are vested in the Contractor under this Data Processing Agreement. In addition, the Contractor shall prohibit the third party in any subdata processing agreement from engaging (sub) sub-data processors. 3.6 In case of subcontracting the Contractor will remain fully responsible and liable for fulfilment of its obligations under the Agreement and this Data Processing Agreement. 3.7 Annex C lists the third parties that the Contractor wishes to engage in the delivery of the Digital Testing System and/or Digital Testing System services under the Agreement. The Client hereby gives its consent with regard to engaging the legal entities stated in Annex C as sub-data processors under the conditions of this Data Processing Agreement, more in particular article Reliability Requirements and Security Measures 4.1 The Contractor shall at least comply with the reliability requirements as set forth in Annex A and implement the technical and organizational security measures as described in that Annex A as well, in order to meet with the reliability requirements set by the Client. 4.2 The technical and organizational security measures to be implemented by the Contractor must ensure an adequate level of protection, taking into account the state of the art, the costs concerned with implementation and execution of security measures, the risks concerned with processing Personal Data and the nature of the Personal Data including possible risks concerned with Data Breaches. 4.3 When implementing any security measures the Contractor shall maintain compliancy with any Applicable Law, and the Contractor will include adequate preventive measures should enable the Contractor to identify any Data Breach immediately and to report the Client on such incident in a timely manner, such as intrusion detection, future proof encryption, the possibility to restore the availability of the Personal Data in a timely manner, including a process for regular testing, assessment and evaluation of the technical and organizational security measures in order to guarantee the security of the processing of the Personal Data. 5 Security Reports 5.1 Without prejudice to any audit rights which the Client may have, the Contractor shall, at its own costs, evaluate the Data Processing activities, the Data Processing System and the security measures on a regular basis, being at least once every year, and on that basis provide the Client with a yearly written security report. The Contractor shall provide the written security report to the Client at least within two weeks after finalizing the evaluation. Initials Contractor Initials Client Annex 1, Data Processing Agreement, page 3/13

4 The evaluation will be executed by an independent third party (expert) according to adequate and by the Client accepted audit standards. 5.2 The security report shall relate to all data processing activities of the Personal Data and at least include the status of the Data Processing System, the security measures, the registered downtime of any technical security measures, the established (non) compliance with organizational measures, any Data Breaches that occurred, perceived threats to the security and the Personal Data and the required and/or recommended improvements. 5.3 The Contractor shall take all (immediate) measures in order to adequately recover the observed threats, weaknesses and other identified problems and also implement the necessary and/or recommended improvements in the security report. 6 Reporting of Data Breaches 6.1 Notwithstanding its other obligations under the Agreement and this Data Processing Agreement, the Contractor shall maintain adequate procedures designed to detect and respond to all Data Breaches, including procedures for preventive and corrective actions, and also to avoid recurrence of any Data Breaches that occurred. These procedures have been established by the Contractor in such a manner that both the Client and the Contractor will be able to live up with their notification duties in relation to Data Breaches under the Applicable Law. When and how should the Contractor notify a Data Breach? 6.2 As soon as the Contractor detects a Data Breach or reasonably suspects that a Data Breach has occurred, the Contractor shall without undue delay, in any case within 24 hours upon detection or suspicion of a Data Breach notify the Client by a direct phone call to the (backup) contact person of the Client referred to in Annex B. The Contractor shall furthermore immediately, in any case also within 24 hours upon the detection or suspicion of a Data Breach, report and/or confirm the Data Breach and provide the details of the Data Breach by to the Client using the (backup) addresses as indicated in Annex B as well. Should the Contractor not reach the Client immediately, then the Contractor will use all reasonable efforts to find a way of communication to contact the Client directly. 6.3 The Contractor will see to it that the contact person and/or the backups on behalf of the Contractor mentioned in Annex B remain(s) fully at the disposal of the Client for the handling of and reporting on the Security Breach, until other (back up) contact persons have been agreed upon between Parties in writing. Initials Contractor Initials Client Annex 1, Data Processing Agreement, page 4/13

5 Feedback and measures upon discovery/reporting of Data Breach 6.4 Upon discovery of a Data Breach, the Contractor shall provide reasonable feedback to the Client and provide support to the Client and the (possibly) affected Data Subjects. The feedback and support should include at least: a) a description of the nature and the scope of the Data Breach, an estimation of the amount of Data Subjects (possibly) affected and an indication of the types of the Personal Data concerned and whether or not such Personal Data was encrypted, or otherwise secured or made unintelligible or inaccessible; b) a description of the preventive and corrective measures taken and to be taken, planned and recommended to minimize possible harm, including an emergency plan, and the expected resolution and work-around time; c) information on which third parties, such as Governmental Authorities and the (social) media, are or could be aware of the Data Breach, d) the contact details of the authorized representative(s) of the Contractor with whom the Client may obtain immediate and regular updates on the status of the Data Breach; and e) any other information that could help to minimize possible harm or damage of the organization of the Client and the privacy of the affected Data Subject(s). 6.5 The Contractor will provide the Client also with reasonable other assistance and share with the Client also other necessary or by the Client requested information, so that the Client will be able to notify the Data Subject(s) that were (was) (possibly) affected and/or the Governmental Authorities, that are competent to supervise the processing of the Personal Data, of the Data Breach in a timely manner. The Contractor will enable the Client to prove compliance with the Applicable Law in relation to its notification duties of Data Breaches. 6.6 Parties may agree upon that the Contractor, instead of the Client, will inform the Data Subject(s) that are (possibly) affected and/or the competent Governmental Authority on the Data Breach. The Contractor will not notify the Data Subject(s) and / or Governmental Authority without the written permission of the Client. Other assistance 6.7 The Contractor shall upon the first request of the Client: assist in the identification of the Data Subjects that (possibly) are affected and the Personal Data that has or may have been compromised; allocate call center facilities and training to manage possible inquiries from Data Subjects; Initials Contractor Initials Client Annex 1, Data Processing Agreement, page 5/13

6 6.7.3 provide Data Subjects that are (possibly) affected by the (consequences of) Data Breach with all other assistance, as reasonably requested by the Client and/or required by the Applicable Law; undertake an audit to determine and execute any appropriate corrective measures to avoid a recurrence or occurrence of a similar situation without prejudice to any audit rights of the Client; notify the Client in writing of all the corrective measures taken; and provide the Client with all reasonable documentation on the Data Breach, including any documentation regarding the corrective measures taken and any information provided to the Data Subjects, so that the Client will be able to live up with its statutory obligation to maintain and update an internal Data Breach log. 7 Transfer of the Personal Data 7.1 Except with the written consent of the Client, the Contractor shall not transfer Personal Data, which will be processed by or on behalf of the Contractor or a third party engaged by it in connection with the execution of the Agreement, to or make it accessible to countries outside the European Economic Area (EEA) which do not ensure an adequate level of protection in accordance with applicable privacy legislation. When obtaining permission, the Contractor shall inform the Client of the countries or the third parties, respectively that this relates to. The Client may attach further conditions to the providing of permission. The Contractor shall provide, at the first request, insight into the location(s) where processing takes place. 7.2 The Client hereby provides for the permission to transfer personal data to [country] where Contractor is located, and to the [number of sub processors] sub processor(s) indicated in Annex C, which are located in [country]. Such transfer shall be governed by a data transfer agreement based on the EU Standard Contractual Clauses for data controllers data processors when Personal Data is transferred to processors established in third countries which do not ensure an adequate level of data protection. This data transfer agreement forms part of the Agreement (Annex 2 to the Agreement). 8 Requests of Data Subjects 8.1 The Contractor shall provide its full cooperation to allow the Client to fulfil its legal obligations if a Data Subject exercises its rights under the Applicable Law concerning the processing of Personal Data, such as the right of access or the right of correction. 8.2 At such time as the Contractor receives a request from a Data Subject, as referred to in the preceding paragraph, the Contractor shall immediately inform the Client accordingly. The Client will inform the Contractor whether the Contractor, on behalf of the Client, can respond to the request and, if so, in what way. 8.3 Without prejudice to its obligations as set forth in the Agreement, the Contractor shall immediately correct or otherwise amend the Personal Data, in accordance with the instructions of the Client. Initials Contractor Initials Client Annex 1, Data Processing Agreement, page 6/13

7 9 Requests of Governmental Authorities 9.1 If the Contractor receives a request from a Governmental Authority relating to (inspection of) the Personal Data, the Contractor shall, prior to providing (inspection of) Personal Data, immediately inform the Client thereof in writing, and provide the Client with copies of all the correspondence it has received in this respect. The Contractor shall solely respond to such request in case of a legal obligation under the Applicable Law. The Client may provide the Contractor with reasonable instructions in this respect which the Contractor should follow, unless this would stand in the way of fulfilling the aforementioned legal obligation. 9.2 To guarantee the protection of the Personal Data, the Contractor shall then ensure that does not provide more Personal Data to the Government Agency than that which is strictly necessary in order to comply with the request of the Government Agency. If the possibility exists to legally challenge the request for the provision of Personal Data or any prohibition on informing third parties about the request, the Contractor shall fully exploit this opportunity. 9.3 If the Contractor, based on a request to it to provide Personal Data, is not permitted to inform the Client and/or third parties about the received request and any subsequent disclosure to a Government Agency, then the Contractor shall continue to represent the reasonable interests of the Client. The Contractor shall in any case: 10 Cost assess the legality of the extent to which (i) the Contractor is legally obliged to comply with the request or order; and (ii) the Contractor is actually prohibited from meeting its obligations to the Client under Article 9.1; only cooperate with the request or order if it is legally required to do so and, where possible, (legally) oppose the request or order or the prohibition to inform the Client about this or to follow its instructions; no more or other Personal Data may be provided than is strictly necessary to comply with the request or order; in the case of transfer to a country outside the EEA: the options for complying with Articles 76 and 77 of the Dutch Data Protection Act must be explored; The Client shall immediately be informed in writing as soon as this is permitted The costs relating to the execution of this Data Processing Agreement are included in the prices and fees as agreed in the Agreement. 11 Indemnification 11.1 The Contractor shall indemnify the Client for all claims of third parties, including Data Subjects, that may be brought vis-à-vis the Client due to a breach of the Applicable Law that can be attributed to the Contractor or to employees engaged by it. 12 Duration and termination 12.1 This Data Processing Agreement shall enter into force at such time as the Contractor first processes the Personal Data on behalf of the Client under the Agreement. Initials Contractor Initials Client Annex 1, Data Processing Agreement, page 7/13

8 12.2 This Data Processing Agreement shall apply as long as the Agreement is in force. Upon termination of the Agreement, this Data Processing Agreement shall end by operation of law without any further (legal) action being required. However, this Data Processing Agreement shall remain in force with respect to those obligations that by their nature continue beyond this end date of the Agreement Interim termination of this Data Processing Agreement by the Contractor is not possible Notwithstanding the provisions of Article 26 of the Agreement, the Contractor shall, subject to statutory regulations vested in the Contractor, ensure in the event this Data Processing Agreement ends or at such earlier date as the Client indicates that the processing of (part of) the Personal Data is no longer relevant for the implementation of the activities under the Agreement, that: the Personal Data shall be returned immediately on a data carrier considered suitable by the Client or provided by the Client or provided to a replacement appointed by the Client to the Contractor; or, at the discretion of the Client, the Personal Data shall be Securely Deleted immediately if the Client so requests. Securely Deleted means that industry standard methods will be taken for the purpose of ensuring that no unauthorized person or entity shall be able to reasonably locate or extract the Personal Data after the deletion date The Contractor shall ensure that it shall immediately cease and not resume all processing of Personal Data after the return, disclosure or deletion. The Contractor shall provide the Client with written confirmation and guarantee this, and permit the Client to verify that the relevant Personal Data is no longer processed by the Contractor If the Client chooses to continue processing the Personal Data at the time of (premature) termination of the Agreement and it is not reasonably possible for the Contractor to provide the Personal Data at that time to the Client or to a replacement contractor in a manner that the processing of the Personal Data can be continued without interruption, the Contractor shall, at the request of the Client, continue the processing of the Personal Data under identical conditions as a contingency plan, as described in this Data Processing Agreement, until such time as the Client or a replacement contractor is reasonably capable of taking over the processing of the Personal Data and the Personal Data can be provided in an appropriate manner. Continuation of the processing of Personal Data will not take place any longer than reasonably required, whereby a period of three months after termination of the Agreement can be considered reasonable. 13 Modifications and Renegotiation 13.1 The Parties shall implement modifications to the processed Personal Data, the processing operations of the Contractor on behalf of the Client and/or the applicable reliability requirements in Annex A to this Data Processing Agreement. The relevant modifications shall become applicable upon signature of the amended Annex A by both parties If a modification in circumstances gives good cause to do so, the Client is entitled to renegotiate this Data Processing Agreement. If the Parties to the renegotiations reach agreement, the Client is entitled to terminate the Agreement without being liable for any resulting damage. Initials Contractor Initials Client Annex 1, Data Processing Agreement, page 8/13

9 13.3 The Contractor shall immediately inform the Client of the (necessary) modifications in the implementation of this Data Processing Agreement, so that the Client can monitor compliance with the agreements with the Contractor that are set out in this Data Processing Agreement. 14 Miscellaneous 14.1 This Data Processing Agreement is subject to Dutch law in accordance with Article < > of the Agreement All disputes arising from this Data Processing Agreement shall be resolved in accordance with Article < > of the Agreement. DRAWN UP IN DUPLICATE AND SIGNED Technische Universiteit Eindhoven <Contractor> Initials Contractor Initials Client Annex 1, Data Processing Agreement, page 9/13

10 Annex A - Specification of the processing by the Parties: Categories of Data Subjects (Categories of) Personal Data processed by the Contractor Where applicable differentiated based on sensitivity (Groups of) employees of the Contractor or other persons engaged by the Contractor who have or may have access to the Personal Data Data processing activities that these persons may perform with the Personal Data To be completed by the Client To be completed by the Client To be completed by the Contractor To be completed by the Contractor Reliability requirements and security measures Subject to the following reliability requirements, the Contractor shall ensure that there is an appropriate level of security in accordance with the provisions of the Agreement. Personal Data students availability integrity confidentiality low medium high x x x Personal Data of personnel of the Client availability integrity confidentiality low medium high x x x Initials Contractor Initials Client Annex 1, Data Processing Agreement, page 10/13

11 Security measures The above reliability requirements, whereby the Contractor shall ensure that there is an appropriate level of security in accordance with the provisions of the Agreement, have been elaborated by the Contractor including by the implementation of the following security measures: <To be completed by Contractor> DRAWN UP IN DUPLICATE AND SIGNED Technische Universiteit Eindhoven <Contractor> Initials Contractor Initials Client Annex 1, Data Processing Agreement, page 11/13

12 Annex B - Contacts and back ups Technische Universiteit Eindhoven primary contact Name and job title telephone numbers other information including addresses To be completed by Client back up contact 1 back up contact 2 <name contractor> Name and job title telephone numbers other information including addresses primary contact To be completed by Contractor back up contact 1 back up contact 2 Technische Universiteit Eindhoven <Contractor> Initials Contractor Initials Client Annex 1, Data Processing Agreement, page 12/13

13 Annex C - Third parties engaged by the Contractor: Third parties engaged by the Contractor acting as sub-data processors Specification of the processing by third parties engaged by the Contractor: Name and address of the sub-data processor Data processing activities that these entities may perform with the Personal Data To be completed by the Contractor To be completed by the Contractor Technische Universiteit Eindhoven <Contractor> Initials Contractor Initials Client Annex 1, Data Processing Agreement, page 13/13

Office 365 Data Processing Agreement with Model Clauses

Office 365 Data Processing Agreement with Model Clauses Enrollment for Education Solutions Office 365 Data Processing Agreement (with EU Standard Contractual Clauses) Amendment ID Enrollment for Education Solutions number Microsoft to complete 7392924 GOLDS03081

More information

Data Processing Agreement for Oracle Cloud Services

Data Processing Agreement for Oracle Cloud Services Data Processing Agreement for Oracle Cloud Services Version November 3, 2015 1. Scope and order of precedence This agreement (the Data Processing Agreement ) applies to Oracle s Processing of Personal

More information

Data Processing Agreement for Oracle Cloud Services

Data Processing Agreement for Oracle Cloud Services Data Processing Agreement for Oracle Cloud Services Version December 1, 2013 1. Scope and order of precedence This is an agreement concerning the Processing of Personal Data as part of Oracle s Cloud Services

More information

Astaro Services AG Rheinweg 7, CH-8200 Schaffhausen. Supplementary data protection agreement. to the license agreement for license ID: between

Astaro Services AG Rheinweg 7, CH-8200 Schaffhausen. Supplementary data protection agreement. to the license agreement for license ID: between Astaro Services AG Rheinweg 7, CH-8200 Schaffhausen Supplementary data protection agreement to the license agreement for license ID: between...... represented by... Hereinafter referred to as the "Client"

More information

Processor Binding Corporate Rules (BCRs), for intra-group transfers of personal data to non EEA countries

Processor Binding Corporate Rules (BCRs), for intra-group transfers of personal data to non EEA countries Processor Binding Corporate Rules (BCRs), for intra-group transfers of personal data to non EEA countries Sopra HR Software as a Data Processor Sopra HR Software, 2014 / Ref. : 20141120-101114-m 1/32 1.

More information

HIPAA BUSINESS ASSOCIATE AGREEMENT

HIPAA BUSINESS ASSOCIATE AGREEMENT HIPAA BUSINESS ASSOCIATE AGREEMENT This HIPAA Business Associate Agreement ("BA AGREEMENT") supplements and is made a part of any and all agreements entered into by and between The Regents of the University

More information

This Amendment consists of two parts. This is part 1 of 2 and must be accompanied by and signed with part 2 of 2 (Annex 1) to be valid.

This Amendment consists of two parts. This is part 1 of 2 and must be accompanied by and signed with part 2 of 2 (Annex 1) to be valid. Microsoft Online Subscription Agreement Amendment adding Office 365 Data Processing Agreement (with EU Standard Contractual Clauses) Amendment ID Proposal ID MOSA number Microsoft to complete This Amendment

More information

Clause 1. Definitions and Interpretation

Clause 1. Definitions and Interpretation [Standard data protection [agreement/clauses] for the transfer of Personal Data from the University of Edinburgh (as Data Controller) to a Data Processor within the European Economic Area ] In this Agreement:-

More information

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement ( Agreement ) by and between (hereinafter known as Covered Entity ) and Office Ally, LLC. (hereinafter known as Business Associate ), and

More information

Code of Conduct. Corporate Data Protection. We make ICT strategies work

Code of Conduct. Corporate Data Protection. We make ICT strategies work Corporate Data Protection Code of Conduct for the Protection of the Individual s Right to Privacy in the Handling of Personal Data within the Deutsche Telekom Group 2010 / 04 We make ICT strategies work

More information

Addendum Windows Azure Data Processing Agreement Amendment ID M129

<Choose> Addendum Windows Azure Data Processing Agreement Amendment ID M129 Addendum Amendment ID Proposal ID Enrollment number Microsoft to complete This addendum ( Windows Azure Addendum ) is entered into between the parties identified on the signature form for the

More information

FirstCarolinaCare Insurance Company Business Associate Agreement

FirstCarolinaCare Insurance Company Business Associate Agreement FirstCarolinaCare Insurance Company Business Associate Agreement THIS BUSINESS ASSOCIATE AGREEMENT ("Agreement"), is made and entered into as of, 20 (the "Effective Date") between FirstCarolinaCare Insurance

More information

Standard conditions of purchase

Standard conditions of purchase Standard conditions of purchase 1 OFFER AND ACCEPTANCE 2 PROPERTY, RISK & DELIVERY 3 PRICES & RATES The Supplier shall provide all Goods and Services in accordance with the terms and conditions set out

More information

Microsoft Online Services - Data Processing Agreement

Microsoft Online Services - Data Processing Agreement Microsoft Online Subscription Agreement/Open Program License Amendment Microsoft Online Services Data Processing Agreement (with EU Standard Contractual Clauses) Amendment ID This Amendment consists of

More information

The potential legal consequences of a personal data breach

The potential legal consequences of a personal data breach The potential legal consequences of a personal data breach Tue Goldschmieding, Partner 16 April 2015 The potential legal consequences of a personal data breach 15 April 2015 Contents 1. Definitions 2.

More information

Corporate Policy. Data Protection for Data of Customers & Partners.

Corporate Policy. Data Protection for Data of Customers & Partners. Corporate Policy. Data Protection for Data of Customers & Partners. 02 Preamble Ladies and gentlemen, Dear employees, The electronic processing of virtually all sales procedures, globalization and growing

More information

HSHS BUSINESS ASSOCIATE AGREEMENT BACKGROUND AND RECITALS

HSHS BUSINESS ASSOCIATE AGREEMENT BACKGROUND AND RECITALS HSHS BUSINESS ASSOCIATE AGREEMENT This HIPAA Business Associate Agreement, ( Agreement ) is entered into on the date(s) set forth below by and between Hospital Sisters Health System on its own behalf and

More information

DRV Accountants & Adviseurs General terms and conditions Corporate Finance Versie 01-03-12 1

DRV Accountants & Adviseurs General terms and conditions Corporate Finance Versie 01-03-12 1 Filed with the Rotterdam Chamber of Commerce in Rotterdam on 26 March 2009 under number 24117094. Internet: www.drvcf.nl Offices in: Rotterdam Hoofdweg 52 P.O. Box 8560-3009 AN Rotterdam, Netherlands Telephone:

More information

UNIVERSITY OF MAINE SYSTEM STANDARDS FOR SAFEGUARDING INFORMATION ATTACHMENT C

UNIVERSITY OF MAINE SYSTEM STANDARDS FOR SAFEGUARDING INFORMATION ATTACHMENT C UNIVERSITY OF MAINE SYSTEM STANDARDS FOR SAFEGUARDING INFORMATION ATTACHMENT C This Attachment addresses the Contractor s responsibility for safeguarding Compliant Data and Business Sensitive Information

More information

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT BUSINESS ASSOCIATE AGREEMENT The parties to this ( Agreement ) are, a _New York_ corporation ( Business Associate ) and ( Client ) you, as a user of our on-line health record system (the "System"). BY

More information

07/2013. Specific Terms and Conditions Mobile Device Management

07/2013. Specific Terms and Conditions Mobile Device Management 07/2013 Specific Terms and Conditions Mobile Device Management GENERAL PROVISIONS 1. Offer and Agreement 1.1 The present contractual terms and conditions (hereinafter referred to as Terms and Conditions

More information

EXHIBIT C BUSINESS ASSOCIATE AGREEMENT

EXHIBIT C BUSINESS ASSOCIATE AGREEMENT EXHIBIT C BUSINESS ASSOCIATE AGREEMENT THIS AGREEMENT is made and entered into by and between ( Covered Entity ) and KHIN ( Business Associate ). This Agreement is effective as of, 20 ( Effective Date

More information

AIRBUS GROUP BINDING CORPORATE RULES

AIRBUS GROUP BINDING CORPORATE RULES 1 AIRBUS GROUP BINDING CORPORATE RULES 2 Introduction The Binding Corporate Rules (hereinafter BCRs ) of the Airbus Group finalize the Airbus Group s provisions on the protection of Personal Data. These

More information

Louisiana State University System

Louisiana State University System PM-36: Attachment 4 Business Associate Contract Addendum On this day of, 20, the undersigned, [Name of Covered Entity] ("Covered Entity") and [Name of Business Associate] ("Business Associate") have entered

More information

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement ( Agreement ) is effective as of, 2013, and is by and between SOUTHWEST DEVELOPMENTAL SERVICES, INC. ( Covered Entity ) and ( Business Associate

More information

HIPAA BUSINESS ASSOCIATE AGREEMENT

HIPAA BUSINESS ASSOCIATE AGREEMENT HIPAA BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement ( BAA ) is effective ( Effective Date ) by and between ( Covered Entity ) and Egnyte, Inc. ( Egnyte or Business Associate ). RECITALS

More information

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement (Hereinafter "Agreement") dated as of, 2013, is made by and between (Hereinafter Covered Entity ) and (Hereinafter Business Associate ). ARTICLE

More information

Microsoft Online Subscription Agreement/Open Program License Amendment Microsoft Online Services Security Amendment Amendment ID MOS10

Microsoft Online Subscription Agreement/Open Program License Amendment Microsoft Online Services Security Amendment Amendment ID MOS10 Microsoft Online Subscription Agreement/Open Program License Amendment Microsoft Online Services Security Amendment Amendment ID This Microsoft Online Services Security Amendment ( Amendment ) is between

More information

Business Associate Contract

Business Associate Contract Business Associate Contract THIS CONTRACT is made and entered into by and between Imagine! (hereinafter called Contractor ), a not-for-profit Community Centered Board, duly incorporated and existing under

More information

This form may not be modified without prior approval from the Department of Justice.

This form may not be modified without prior approval from the Department of Justice. This form may not be modified without prior approval from the Department of Justice. Delete this header in execution (signature) version of agreement. HIPAA BUSINESS ASSOCIATE AGREEMENT This Business Associate

More information

INFORMATION TECHNOLOGY MANAGEMENT CONTENTS. CHAPTER C RISKS 357-7 8. Risk Assessment 357-7

INFORMATION TECHNOLOGY MANAGEMENT CONTENTS. CHAPTER C RISKS 357-7 8. Risk Assessment 357-7 Information Technology Management Page 357-1 INFORMATION TECHNOLOGY MANAGEMENT CONTENTS CHAPTER A GENERAL 357-3 1. Introduction 357-3 2. Applicability 357-3 CHAPTER B SUPERVISION AND MANAGEMENT 357-4 3.

More information

Disclaimer: Template Business Associate Agreement (45 C.F.R. 164.308)

Disclaimer: Template Business Associate Agreement (45 C.F.R. 164.308) HIPAA Business Associate Agreement Sample Notice Disclaimer: Template Business Associate Agreement (45 C.F.R. 164.308) The information provided in this document does not constitute, and is no substitute

More information

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT BUSINESS ASSOCIATE AGREEMENT THIS BUSINESS ASSOCIATE AGREEMENT ( Agreement ) by and between OUR LADY OF LOURDES HEALTH CARE SERVICES, INC., hereinafter referred to as Covered Entity, and hereinafter referred

More information

TERMS & CONDITIONS of SERVICE for MSKnote. Refers to MSKnote Limited. Refers to you or your organisation

TERMS & CONDITIONS of SERVICE for MSKnote. Refers to MSKnote Limited. Refers to you or your organisation TERMS & CONDITIONS of SERVICE for MSKnote Definitions: "Us or Our or We or Company" You or Your or Client Refers to MSKnote Limited Refers to you or your organisation Information about us: We are MSKnote

More information

Align Technology. Data Protection Binding Corporate Rules Processor Policy. 2014 Align Technology, Inc. All rights reserved.

Align Technology. Data Protection Binding Corporate Rules Processor Policy. 2014 Align Technology, Inc. All rights reserved. Align Technology Data Protection Binding Corporate Rules Processor Policy Confidential Contents INTRODUCTION TO THIS POLICY 3 PART I: BACKGROUND AND ACTIONS 4 PART II: PROCESSOR OBLIGATIONS 6 PART III:

More information

Model Business Associate Agreement

Model Business Associate Agreement Model Business Associate Agreement Instructions: The Texas Health Services Authority (THSA) has developed a model BAA for use between providers (Covered Entities) and HIEs (Business Associates). The model

More information

HIPAA BUSINESS ASSOCIATE AGREEMENT

HIPAA BUSINESS ASSOCIATE AGREEMENT HIPAA BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement ( BA Agreement ) is entered into by Medtep Inc., a Delaware corporation ( Business Associate ) and the covered entity ( Covered Entity

More information

SAMPLE BUSINESS ASSOCIATE AGREEMENT

SAMPLE BUSINESS ASSOCIATE AGREEMENT SAMPLE BUSINESS ASSOCIATE AGREEMENT THIS AGREEMENT IS TO BE USED ONLY AS A SAMPLE IN DEVELOPING YOUR OWN BUSINESS ASSOCIATE AGREEMENT. ANYONE USING THIS DOCUMENT AS GUIDANCE SHOULD DO SO ONLY IN CONSULT

More information

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement (the Agreement ) is by and between ( Covered Entity )and CONEX Med Pro Systems ( Business Associate ). This Agreement has been attached to,

More information

Health Plan Select, Inc. Business Associate Privacy Addendum To The Service Agreement

Health Plan Select, Inc. Business Associate Privacy Addendum To The Service Agreement This (hereinafter referred to as Addendum ) by and between Athens Area Health Plan Select, Inc. (hereinafter referred to as HPS ) a Covered Entity under HIPAA, and INSERT ORG NAME (hereinafter referred

More information

Article 29 Working Party Issues Opinion on Cloud Computing

Article 29 Working Party Issues Opinion on Cloud Computing Client Alert Global Regulatory Enforcement If you have questions or would like additional information on the material covered in this Alert, please contact one of the authors: Cynthia O Donoghue Partner,

More information

The supplier shall have appropriate policies and procedures in place to ensure compliance with

The supplier shall have appropriate policies and procedures in place to ensure compliance with Supplier Instructions for Processing of Personal Data 1 PURPOSE SOS International has legal and contractual obligations on the matters of data protection and IT security. As a part of these obligations

More information

Data Protection. Processing and Transfer of Personal Data in Kvaerner. Binding Corporate Rules Public Document

Data Protection. Processing and Transfer of Personal Data in Kvaerner. Binding Corporate Rules Public Document Data Protection Processing and Transfer of Personal Data in Kvaerner Binding Corporate Rules Public Document 1 of 19 1 / 19 Table of contents 1 Introduction... 4 1.1 Scope... 4 1.2 Definitions... 4 1.2.1

More information

Preferred Professional Insurance Company Subcontractor Business Associate Agreement

Preferred Professional Insurance Company Subcontractor Business Associate Agreement Preferred Professional Insurance Company Subcontractor Business Associate Agreement THIS SUBCONTRACTOR BUSINESS ASSOCIATE AGREEMENT ( Agreement ) amends and is made a part of all Services Agreements (as

More information

ANGUS COUNCIL SUPPLEMENTARY CONDITIONS OF CONTRACT. SC 01 - Contract Performance Guarantee Insurance

ANGUS COUNCIL SUPPLEMENTARY CONDITIONS OF CONTRACT. SC 01 - Contract Performance Guarantee Insurance SC 01 - Contract Performance Guarantee Insurance For contracts equal to or exceeding 750,000 in value the Contractor shall, within 28 days of the date of the award of the Contract, obtain and provide to

More information

NON-DISCLOSURE AGREEMENT BETWEEN. HM Treasury AND. (To be completed at Contract Award Stage)

NON-DISCLOSURE AGREEMENT BETWEEN. HM Treasury AND. (To be completed at Contract Award Stage) DATE NON-DISCLOSURE AGREEMENT BETWEEN HM Treasury AND (To be completed at Contract Award Stage) THIS AGREEMENT is made on (Date to be updated at Contract Award stage) BETWEEN: (1) HM Treasury of 1 Horse

More information

Tulane University. Tulane University Business Associates Agreement SCOPE OF POLICY STATEMENT OF POLICY IMPLEMENTATION OF POLICY

Tulane University. Tulane University Business Associates Agreement SCOPE OF POLICY STATEMENT OF POLICY IMPLEMENTATION OF POLICY Tulane University DEPARTMENT: General Counsel s POLICY DESCRIPTION: Business Associates Office -- HIPAA Agreement PAGE: 1 of 1 APPROVED: April 1, 2003 REVISED: November 29, 2004, December 1, 2008, October

More information

SaaS. Business Associate Agreement

SaaS. Business Associate Agreement SaaS Business Associate Agreement This Business Associate Agreement ( BA Agreement ) becomes effective pursuant to the terms of Section 5 of the End User Service Agreement ( EUSA ) between Customer ( Covered

More information

BUSINESS ASSOCIATE AGREEMENT. (Contractor name and address), hereinafter referred to as Business Associate;

BUSINESS ASSOCIATE AGREEMENT. (Contractor name and address), hereinafter referred to as Business Associate; BUSINESS ASSOCIATE AGREEMENT (Agreement #) THIS DOCUMENT CONSTITUTES AN AGREEMENT BETWEEN: AND (Contractor name and address), hereinafter referred to as Business Associate; The Department of Behavioral

More information

FORM OF HIPAA BUSINESS ASSOCIATE AGREEMENT

FORM OF HIPAA BUSINESS ASSOCIATE AGREEMENT FORM OF HIPAA BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement ( Agreement ) is made and entered into to be effective as of, 20 (the Effective Date ), by and between ( Covered Entity ) and

More information

ELECTRONIC TRADING FACILITIES SUPPLEMENTAL TERMS AND CONDITIONS OF TRADING

ELECTRONIC TRADING FACILITIES SUPPLEMENTAL TERMS AND CONDITIONS OF TRADING ELECTRONIC TRADING FACILITIES SUPPLEMENTAL TERMS AND CONDITIONS OF TRADING This Supplemental Terms and Conditions of Trading is supplemental to and forms part of the terms and conditions set out in the

More information

ECSA EuroCloud Star Audit Data Privacy Audit Guide

ECSA EuroCloud Star Audit Data Privacy Audit Guide ECSA EuroCloud Star Audit Data Privacy Audit Guide Page 1 of 15 Table of contents Introduction... 3 ECSA Data Privacy Rules... 4 Governing Law... 6 Sub processing... 6 A. TOMs: Cloud Service... 7 TOMs:

More information

Enrollment for Education Solutions Addendum Microsoft Online Services Agreement Amendment 10 EES17 --------------

Enrollment for Education Solutions Addendum Microsoft Online Services Agreement Amendment 10 EES17 -------------- w Microsoft Volume Licensing Enrollment for Education Solutions Addendum Microsoft Online Services Agreement Amendment 10 Enrollment for Education Solutions number Microsoft to complete --------------

More information

Name of Other Party: Address of Other Party: Effective Date: Reference Number as applicable:

Name of Other Party: Address of Other Party: Effective Date: Reference Number as applicable: PLEASE NOTE: THIS DOCUMENT IS SUBMITTED AS A SAMPLE, FOR INFORMATIONAL PURPOSES ONLY TO ABC ORGANIZATION. HIPAA SOLUTIONS LC IS NOT ENGAGED IN THE PRACTICE OF LAW IN ANY STATE, JURISDICTION, OR VENUE OF

More information

BUSINESS ASSOCIATE CONTRACTUAL ADDENDUM

BUSINESS ASSOCIATE CONTRACTUAL ADDENDUM BUSINESS ASSOCIATE CONTRACTUAL ADDENDUM This HIPAA Addendum ("Addendum") is entered into effective this first day of November 1, 2015, by and between "Business Associate" AND COUNTY OF OTTAWA Ottawa County

More information

BUSINESS ASSOCIATE ADDENDUM

BUSINESS ASSOCIATE ADDENDUM BUSINESS ASSOCIATE ADDENDUM This Business Associate Addendum ( Addendum ) is entered into this day of 2014. Perry Memorial Hospital ( Covered Entity ) and [ABC Company] ( Business Associate ) referred

More information

Business Associate Agreement

Business Associate Agreement Business Associate Agreement This Business Associate Contract (Agreement) is entered into by and between, as a Covered Entity as defined in relevant federal and state law, and HMS Agency, Inc., as their

More information

CONTRACT ADDENDUM BUSINESS ASSOCIATE CONTRACT 1

CONTRACT ADDENDUM BUSINESS ASSOCIATE CONTRACT 1 CONTRACT ADDENDUM BUSINESS ASSOCIATE CONTRACT 1 THIS AGREEMENT is entered into on ( Effective Date ) by and between LaSalle County Health Department, hereinafter called Covered Entity and, hereinafter

More information

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT BUSINESS ASSOCIATE AGREEMENT Please complete the following and return signed via Fax: 919-785-1205 via Mail: Aesthetic & Reconstructive Plastic Surgery, PLLC 2304 Wesvill Court Suite 360 Raleigh, NC 27607

More information

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT BUSINESS ASSOCIATE AGREEMENT Express Scripts, Inc. and one or more of its subsidiaries ( ESI ), and Sponsor or one of its affiliates ( Sponsor ), are parties to an agreement ( PBM Agreement ) whereby ESI

More information

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement (the "Agreement") is made and entered into this day of,, by and between Quicktate and idictate ("Business Associate") and ("Covered Entity").

More information

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT Note: This form is not meant to encompass all the various ways in which any particular facility may use health information and should be specifically tailored to your organization. In addition, as with

More information

CATHOLIC SOCIAL SERVICES BUSINESS ASSOCIATE AGREEMENT

CATHOLIC SOCIAL SERVICES BUSINESS ASSOCIATE AGREEMENT CATHOLIC SOCIAL SERVICES BUSINESS ASSOCIATE AGREEMENT THIS BUSINESS ASSOCIATE AGREEMENT (Agreement) is made this day of, 20, between the Catholic Social Services ( CSS ), whose business address is 3710

More information

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT BUSINESS ASSOCIATE AGREEMENT This HIPAA Business Associate Agreement ( BA Agreement ) amends, supplements, and is made a part of the Agreement ( Agreement ) entered with Client ( CLIENT ) and International

More information

7.08.2 Privacy Rules for Customer, Supplier and Business Partner Data. Directive 7.08 Protection of Personal Data

7.08.2 Privacy Rules for Customer, Supplier and Business Partner Data. Directive 7.08 Protection of Personal Data Akzo Nobel N.V. Executive Committee Rules 7.08.2 Privacy Rules for Customer, Supplier and Business Partner Data Source Directive Content Owner Directive 7.08 Protection of Personal Data AkzoNobel Legal

More information

General Terms of Public Procurement in Service Contracts JYSE 2014 SERVICES

General Terms of Public Procurement in Service Contracts JYSE 2014 SERVICES General Terms of Public Procurement in Service Contracts January 2015 Contents Introduction...3 Issues to be observed in applying...5 General Terms of Public Procurement in Service Contracts ()...9 1 Definitions...9

More information

Responsibilities of Custodians and Health Information Act Administration Checklist

Responsibilities of Custodians and Health Information Act Administration Checklist Responsibilities of Custodians and Administration Checklist APPENDIX 3 Responsibilities of Custodians in Administering the Each custodian under the Act must establish internal processes and procedures

More information

Exhibit 2. Business Associate Addendum

Exhibit 2. Business Associate Addendum Exhibit 2 Business Associate Addendum This Business Associate Addendum ( Addendum ) governs the use and disclosure of Protected Health Information by EOHHS when functioning as a Business Associate in performing

More information

Asset Protection Agreement Templates - Customer Explanatory Notes. Explanatory Notes on Asset Protection Agreement

Asset Protection Agreement Templates - Customer Explanatory Notes. Explanatory Notes on Asset Protection Agreement Asset Protection Agreement Templates - Customer Explanatory Notes Explanatory Notes on Asset Protection Agreement Clause Heading Background The Asset Protection Agreement is intended for use where the

More information

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement (this Agreement ) is made effective as of ( Effective Date ) by and between Sentara Health Plans, Inc. ( Covered Entity ) and ( Business Associate

More information

Annex 1. Contract Checklist for Cloud-Based Genomic Research Version 1.0, 21 July 2015

Annex 1. Contract Checklist for Cloud-Based Genomic Research Version 1.0, 21 July 2015 Annex 1. Contract Checklist for Cloud-Based Genomic Research Version 1.0, 21 July 2015 The following comprises a checklist of areas that genomic research organizations or consortia (collectively referred

More information

HIPAA BUSINESS ASSOCIATE AGREEMENT

HIPAA BUSINESS ASSOCIATE AGREEMENT HIPAA BUSINESS ASSOCIATE AGREEMENT THIS HIPAA BUSINESS ASSOCIATE AGREEMENT ( BAA ) is entered into effective the day of, 20 ( Effective Date ), by and between the Regents of the University of Michigan,

More information

USER AGREEMENT FOR: ELECTRONIC DEALINGS THROUGH THE CUSTOMS CONNECT FACILITY

USER AGREEMENT FOR: ELECTRONIC DEALINGS THROUGH THE CUSTOMS CONNECT FACILITY USER AGREEMENT FOR: ELECTRONIC DEALINGS THROUGH THE CUSTOMS CONNECT FACILITY CONDITIONS OF USE FOR ELECTRONIC DEALINGS THROUGH THE CUSTOMS CONNECT FACILITY Between: the Commonwealth of Australia, acting

More information

TERMS AND CONDITIONS OF USE

TERMS AND CONDITIONS OF USE TERMS AND CONDITIONS OF USE These Terms and Conditions of Use (herein after Agreement ) govern the terms and conditions pursuant to which the Account Holder through its User(s) will have access to the

More information

Advanced AMC, Inc. Appraiser Services Agreement (Independent Contractor Agreement)

Advanced AMC, Inc. Appraiser Services Agreement (Independent Contractor Agreement) Advanced AMC, Inc.. Appraiser Services Agreement (Independent Contractor Agreement) This Appraiser Services Agreement ( Agreement ) shall be effective as of the Effective Date by and between Advanced AMC,

More information

HIPAA BUSINESS ASSOCIATE AGREEMENT

HIPAA BUSINESS ASSOCIATE AGREEMENT HIPAA BUSINESS ASSOCIATE AGREEMENT This HIPAA Business Associate Agreement and is made between BEST Life and Health Insurance Company ( BEST Life ) and ( Business Associate ). RECITALS WHEREAS, the U.S.

More information

Terms and Conditions for Embedded Software Products and Embedded Software Services

Terms and Conditions for Embedded Software Products and Embedded Software Services 1 Terms and Conditions for Embedded Software Products and Embedded Software Services I. Delivery of Embedded Software Products of Vector (Standard Software) 1 Scope of Delivery 1.1 Vector shall deliver

More information

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT BUSINESS ASSOCIATE AGREEMENT This Agreement ( Agreement ) is made and entered into this day of [Month], [Year] by and between [Business Name] ( Covered Entity ), [Type of Entity], whose business address

More information

APPLICANT VERIFICATION SERVICES TERMS AND CONDITIONS OF USE

APPLICANT VERIFICATION SERVICES TERMS AND CONDITIONS OF USE APPLICANT VERIFICATION SERVICES TERMS AND CONDITIONS OF USE 1 P a g e Contents 1. Interpretation and Definitions 2. Commencement and Term 3. Recitals and Relationship 4. Services 5. Systems and Software

More information

FREESSL SUBSCRIBER AGREEMENT

FREESSL SUBSCRIBER AGREEMENT FREESSL SUBSCRIBER AGREEMENT PLEASE READ THE FOLLOWING AGREEMENT CAREFULLY. BY SUBMITTING AN ENROLLMENT FORM TO OBTAIN A FREESSL DIGITAL CERTIFICATE (THE CERTIFICATE ) AND ACCEPTING AND USING SUCH CERTIFICATE,

More information

WE RECOMMEND THAT YOU PRINT OUT AND KEEP A COPY OF THIS AGREEMENT FOR YOUR FUTURE REFERENCE.

WE RECOMMEND THAT YOU PRINT OUT AND KEEP A COPY OF THIS AGREEMENT FOR YOUR FUTURE REFERENCE. RAPID CONNECT SERVICES(sm) and SPECIFICATION LICENSE AGREEMENT THIS RAPID CONNECT SERVICES AND SPECIFICATION LICENSE AGREEMENT IS BETWEEN FIRST DATA MERCHANT SERVICES CORPORATION ( FDMS ) FDMS AND YOU,

More information

CIHI Submission: 2011 Prescribed Entity Review

CIHI Submission: 2011 Prescribed Entity Review pic pic CIHI Submission: 2011 Prescribed Entity Review October 2011 Who We Are Established in 1994, CIHI is an independent, not-for-profit corporation that provides essential information on Canada s health

More information

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT BUSINESS ASSOCIATE AGREEMENT THIS BUSINESS ASSOCIATE AGREEMENT is made and entered into as of the day of, 2013 ( Effective Date ), by and between [Physician Practice] on behalf of itself and each of its

More information

FIRST DATA CORPORATION PROCESSOR DATA PROTECTION STANDARDS

FIRST DATA CORPORATION PROCESSOR DATA PROTECTION STANDARDS FIRST DATA CORPORATION PROCESSOR DATA PROTECTION STANDARDS As a world leader in electronic commerce and payment services, First Data Corporation and its subsidiaries ( First Data entity or entities ),

More information

Enclosure. Dear Vendor,

Enclosure. Dear Vendor, Dear Vendor, As you may be aware, the Omnibus Rule was finalized on January 25, 2013 and took effect on March 26, 2013. Under the Health Insurance Portability & Accountability Act (HIPAA) and the Omnibus

More information

STATE OF NEVADA DEPARTMENT OF HEALTH AND HUMAN SERVICES BUSINESS ASSOCIATE ADDENDUM

STATE OF NEVADA DEPARTMENT OF HEALTH AND HUMAN SERVICES BUSINESS ASSOCIATE ADDENDUM STATE OF NEVADA DEPARTMENT OF HEALTH AND HUMAN SERVICES BUSINESS ASSOCIATE ADDENDUM BETWEEN The Division of Health Care Financing and Policy Herein after referred to as the Covered Entity and (Enter Business

More information

AGREEMENT FOR ACCESS TO PROTECTED HEALTH INFORMATION BETWEEN WAKE FOREST UNIVERSITY BAPTIST MEDICAL CENTER AND

AGREEMENT FOR ACCESS TO PROTECTED HEALTH INFORMATION BETWEEN WAKE FOREST UNIVERSITY BAPTIST MEDICAL CENTER AND AGREEMENT FOR ACCESS TO PROTECTED HEALTH INFORMATION BETWEEN WAKE FOREST UNIVERSITY BAPTIST MEDICAL CENTER AND THIS AGREEMENT for Access to Protected Health Information ( PHI ) ( Agreement ) is entered

More information

Application Programming Interface (API) Application (app) - The API app is the connector between epages and the developers service.

Application Programming Interface (API) Application (app) - The API app is the connector between epages and the developers service. Developer Program 0. Preamble epages is the owner and vendor of the online shop software epages which enables merchants to run their online shop in the cloud. epages provides a developer program for third

More information

General Terms and Conditions. Horatio Assurance Group B.V. Horatio Accountants B.V. Horatio Schade-Auditors B.V.

General Terms and Conditions. Horatio Assurance Group B.V. Horatio Accountants B.V. Horatio Schade-Auditors B.V. General Terms and Conditions Horatio Assurance Group B.V. Horatio Accountants B.V. Horatio Schade-Auditors B.V. A. General In these General Terms and Conditions the terms listed below have the following

More information

HIPAA BUSINESS ASSOCIATE AGREEMENT

HIPAA BUSINESS ASSOCIATE AGREEMENT HIPAA BUSINESS ASSOCIATE AGREEMENT This HIPAA Business Associate Agreement ( Agreement ) is by and between ( Covered Entity ) and Xelex Digital, LLC ( Business Associate ), and is effective as of. WHEREAS,

More information

MASTER ADVERTISING AGREEMENT

MASTER ADVERTISING AGREEMENT MASTER ADVERTISING AGREEMENT THE UNDERSIGNED: 1. [ ] B.V., registered in the trade register with the number [ ], having its registered office in Voorburg, legally represented in this matter by Mr. R. Van

More information

CONTRACT FOR CONSULTANCY SERVICES. Section 1 Form of Contract

CONTRACT FOR CONSULTANCY SERVICES. Section 1 Form of Contract CONTRACT FOR CONSULTANCY SERVICES Equatorial Fidelity Centre 2 nd Floor, Off Waiyaki Way P.O Box 313-00606 Nairobi, Kenya. Tel +254 20 423 5000 Section 1 Form of Contract CONTRACT FOR: [Insert Title here]

More information

On Data Protection and the Detailed and Uniform Data Management Regulation

On Data Protection and the Detailed and Uniform Data Management Regulation Rector s Directive No. 1/2013 On Data Protection and the Detailed and Uniform Data Management Regulation Budapest, 2013 Version effective as of 31 January 2013 Directives on Data Protection and the Uniform

More information

Infinedi HIPAA Business Associate Agreement RECITALS SAMPLE

Infinedi HIPAA Business Associate Agreement RECITALS SAMPLE Infinedi HIPAA Business Associate Agreement This Business Associate Agreement ( Agreement ) is entered into this day of, 20 between ( Company ) and Infinedi, LLC, a Limited Liability Corporation, ( Contractor

More information

SCHEDULE 16. Exit Plan. sets out the strategy to be followed on the termination (including Partial Termination) or expiry of this Agreement; and

SCHEDULE 16. Exit Plan. sets out the strategy to be followed on the termination (including Partial Termination) or expiry of this Agreement; and SCHEDULE 16 Exit Plan 1. Scope 1.1 This schedule: (A) sets out the strategy to be followed on the termination (including Partial Termination) or expiry of this Agreement; and requires the Service Provider

More information

Business Associate Agreement

Business Associate Agreement Business Associate Agreement This Agreement is entered into as of ("Effective Date"), between ( Covered Entity ), and ( Business Associate ). RECITALS WHEREAS, Business Associate provides services on behalf

More information

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement (the Agreement ) is entered into by and between Professional Office Services, Inc., with principal place of business at PO Box 450, Waterloo,

More information

Cloud Hosting Terms and Conditions

Cloud Hosting Terms and Conditions 1 DEFINITIONS. 1.1 The following definitions shall apply in this Schedule. Any reference in this Schedule to "day" will be a calendar day. "Acceptable Use Policy" "Affiliate" "Cloud Services" "Customer

More information

BENCHMARK MEDICAL LLC, BUSINESS ASSOCIATE AGREEMENT

BENCHMARK MEDICAL LLC, BUSINESS ASSOCIATE AGREEMENT BENCHMARK MEDICAL LLC, BUSINESS ASSOCIATE AGREEMENT This BUSINESS ASSOCIATE AGREEMENT ( Agreement ) dated as of the signature below, (the Effective Date ), is entered into by and between the signing organization

More information

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT BUSINESS ASSOCIATE AGREEMENT 1. DEFINITIONS: 1.1 Undefined Terms: Terms used, but not otherwise defined, in this Agreement shall have the same meaning as those terms defined by the Health Insurance Portability

More information