Laserfiche WebLink
REV: 04-27-2021 MI <br />Because the GCDA will match incident-level data with anonymized identifiers of individuals, these <br />data are expected to contain confidential information, the disclosure of which is restricted by a <br />provision of law. Some examples of "confidential information" include, but are not limited to, <br />"personal information" about individuals as defined in California Civil Code Section 1798.3 of the <br />Information Practices Act and “personal information” about students as defined by the Code of Federal <br />Regulations CFR Title 34 Volume 1 Part 99.3. <br />C. TRANSFER OF DATA <br />Redwood City and JGC shall use a secure, mutually agreed upon means and schedule for <br />transferring confidential information. Redwood City will create data extracts and validate the data. <br />Extracts will be updated using a mutually agreed upon schedule. At no time will data be sent <br />electronically to or from the parties, except via a mutually agreed and secure file transfer protocol <br />system. <br />D. PERIOD OF AGREEMENT <br />This Agreement shall be effective per specifications in Attachment B, unless terminated earlier by <br />either party pursuant to Section F. <br />E. JGC RESPONSIBILITIES <br />JGC agrees to the following confidentiality statements: <br />1. JGC acknowledges that these data are confidential data and proprietary to Redwood City, and <br />agree to protect such information from unauthorized disclosures and comply with all applicable <br />confidentiality laws which may include but is not limited to, the Health Insurance Portability <br />and Accountability Act (HIPAA), the California Education Code and the Family Education <br />Rights and Privacy Act (FERPA) as set forth in this agreement. JGC is responsible for <br />complying with all District, Local, State and Federal confidentiality applicable laws and <br />regulations. <br />2. JGC will use appropriate safeguards to prevent the use or disclosure of the information other <br />than as provided by this data use Agreement. Servers, laptop and desktop computers, mobile <br />devices, and software applications that will be used for transfer, storage, management, <br />manipulation, and analysis of Redwood City’s data will comply with Stanford University’s <br />Minimum Security Standards for High Risk data (accessible at <br />https://uit.stanford.edu/guide/securitystandards#security-standards-servers). <br />3. JGC shall (a) instruct all staff with access to confidential information about the requirements <br />for handling confidential information (b) provide all staff with access to confidential <br />information statements of organizational policies and procedures for the protection of human <br />subjects and data confidentiality and (c) notify staff of the sanctions against unauthorized <br />disclosure or use of confidential and private information. JGC will ensure that all staff and <br />subcontractors, to whom they provide the limited data sets obtained under this Agreement, <br />agree to the same restrictions and conditions that apply to JGC in this Agreement with respect <br />to such information. Other than as provided herein, no confidential data will be released by <br />JGC. <br />ATTY/AGR.2021.088/Gardner Center-Stanford (Page 2 of 7)