|
Contract in relation to any existing lien(s). Documentation establishing the relative priorities
<br /> of said liens, if necessary, is attached to the Project Summary and incorporated herein.
<br /> 14. OPERATION OF PROJECT
<br /> The Borrower shall,without expense or legal liability to the CWCB,manage,operate,and maintain
<br /> the Project continuously in an efficient and economical manner.
<br /> 15. CONFIDENTIAL INFORMATION-STATE RECORDS
<br /> A. Confidentiality
<br /> Borrower shall keep confidential,and cause all Subcontractors to keep confidential, all State
<br /> Records, unless those State Records are publicly available. Borrower shall not, without prior
<br /> written approval of the State,use,publish, copy,disclose to any third party, or permit the use
<br /> by any third party of any State Records,except as otherwise stated in this Contract,permitted
<br /> by law or approved in Writing by the State. Borrower shall provide for the security of all
<br /> State Confidential Information in accordance with all policies promulgated by the Colorado
<br /> Office of Information Security and all applicable laws, rules, policies, publications, and
<br /> guidelines. If Borrower or any of its Subcontractors will or may receive the following types
<br /> of data, Borrower or its Subcontractors shall provide for the security of such data according
<br /> to the following: (i) the most recently promulgated IRS Publication 1075 for all Tax
<br /> Information and in accordance with the Safeguarding Requirements for Federal Tax
<br /> Information attached to this Contract as an Exhibit, if applicable, (ii) the most recently
<br /> updated PCI Data Security Standard from the PCI Security Standards Council for all PCI,
<br /> (iii) the most recently issued version of the U.S. Department of Justice, Federal Bureau of
<br /> Investigation, Criminal Justice Information Services Security Policy for all CJI, and (iv) the
<br /> federal Health Insurance Portability and Accountability Act for all PHI and the HIPAA
<br /> Business Associate Agreement attached to this Contract, if applicable. Borrower shall
<br /> immediately forward any request or demand for State Records to the State's principal
<br /> representative.
<br /> B. Other Entity Access and Nondisclosure Agreements
<br /> Borrower may provide State Records to its agents, employees,assigns and Subcontractors as
<br /> necessary to perform the Work, but shall restrict access to State Confidential Information to
<br /> those agents, employees, assigns and Subcontractors who require access to perform their
<br /> obligations under this Contract. Borrower shall ensure all such agents, employees, assigns,
<br /> and Subcontractors sign agreements containing nondisclosure provisions at least as protective
<br /> as those in this Contract, and that the nondisclosure provisions are in force at all times the
<br /> agent, employee, assign or Subcontractor has access to any State Confidential Information.
<br /> Borrower shall provide copies of those signed nondisclosure provisions to the State upon
<br /> execution of the nondisclosure provisions.
<br /> C. Use, Security, and Retention
<br /> Borrower shall use,hold and maintain State Confidential Information in compliance with any
<br /> and all applicable laws and regulations in facilities located within the United States,and shall
<br /> maintain a secure environment that ensures confidentiality of all State Confidential
<br /> Information wherever located. Borrower shall provide the State with access, subject to
<br /> Borrower's reasonable security requirements, for purposes of inspecting and monitoring
<br /> access and use of State Confidential Information and evaluating security control
<br /> effectiveness.Upon the expiration or termination of this Contract,Borrower shall return State
<br /> Records provided to Borrower or destroy such State Records and certify to the State that it
<br /> Contract Number:CT2019-3687 Page 10 of 19 Version 0119
<br />
|