17-Oct-St. Charles Mesa Water District- Long-Term Potable Water Supply to the Zinno Subdivision_CTGG1 2018-1918

Home Browse Search

not,without prior written approval of the State,use for Grantee's own benefit,publish, copy, or otherwise disclose to any third party, or permit the use by any third party for its benefit or to the detriment of the State, any State Records, except as otherwise stated in this Grant Award Letter. Grantee shall provide for the security of all State Confidential Information in accordance with all policies promulgated by the Colorado Office of Information Security and all applicable laws,rules,policies,publications,and guidelines including,without limitation: (i)the most recently promulgated IRS Publication 1075 for all Tax Information, (ii)the most recently updated PCI Data Security Standard from the PCI Security Standards Council for all PCI, (iii)the most recently issued version of the U.S. Department of Justice, Federal Bureau of Investigation, Criminal Justice Information Services Security Policy for all CJI, and (iv) the federal Health Insurance Portability and Accountability Act for all PHI and the HIPAA Business Associate Addendum attached to this Contract. Grantee shall immediately forward any request or demand for State Records to the State's principal representative. B. Other Entity Access and Nondisclosure Agreements Grantee may provide State Records to its agents, employees, assigns and Subcontractors as necessary to perform the Work, but shall restrict access to State Confidential Information to those agents, employees, assigns and Subcontractors who require access to perform their obligations under this Grant Award Letter. Grantee shall ensure all such agents, employees, assigns, and Subcontractors sign nondisclosure agreements with provisions at least as protective as those in this Grant, and that the nondisclosure agreements are in force at all times the agent, employee, assign or Subcontractor has access to any State Confidential Information. Grantee shall provide copies of those signed nondisclosure restrictions to the State upon request. C. Use, Security, and Retention Grantee shall use, hold and maintain State Confidential Information in compliance with any and all applicable laws and regulations in facilities located within the United States,and shall maintain a secure environment that ensures confidentiality of all State Confidential Information wherever located. Grantee shall provide the State with access, subject to Grantee's reasonable security requirements,for purposes of inspecting and monitoring access and use of State Confidential Information and evaluating security control effectiveness.Upon the expiration or termination of this Grant, Grantee shall return State Records provided to Grantee or destroy such State Records and certify to the State that it has done so, as directed by the State. If Grantee is prevented by law or regulation from returning or destroying State Confidential Information, Grantee warrants it will guarantee the confidentiality of, and cease to use, such State Confidential Information. D. Incident Notice and Remediation If Grantee becomes aware of any Incident,it shall notify the State immediately and cooperate with the State regarding recovery,remediation,and the necessity to involve law enforcement, as determined by the State. After an Incident, Grantee shall take steps to reduce the risk of incurring a similar type of Incident in the future as directed by the State, which may include, but is not limited to,developing and implementing a remediation plan that is approved by the State at no additional cost to the State. 11. CONFLICTS OF INTEREST Grantee shall not engage in any business or activities,or maintain any relationships that conflict in any way with the full performance of the obligations of Grantee under this Grant. Grantee Contract No.CTGG1 2018-1918 Page 6 of 9 Version 0717