Common use of Data Security Measures Clause in Contracts

Data Security Measures. 12.4.1 TDC shall implement and maintain administrative, technical and physical safeguards (the “Security Procedures”) designed to: (i) ensure the security and confidentiality of Confidential Information and of Protected Information; (ii) protect against any anticipated threats or hazards to the security or integrity of Confidential Information and Protected Information; (iii) protect against unauthorized access to or use of Confidential Information and Protected Information that could result in harm to Customer, its employees, customers or consumers; and (iv) detect relevant identity theft “red flags” that may arise in the performance of the Services. TDC shall, upon detecting a red flag as described in clause (iv) either report the red flag to Customer or take appropriate steps to prevent or mitigate identify theft associated with such red flag. 12.4.2 If TDC becomes aware of any actual or suspected unauthorized access to Confidential Information and/or Protected Information (an “Incident”), TDC will take appropriate actions to contain and mitigate the Incident, including notification to Customer as soon as possible, but at most within forty-eight (48) hours of confirming the Incident (subject to any delay requested by an appropriate law enforcement agency), to enable Customer to expeditiously implement its response program. Upon request of Customer, TDC will cooperate with Customer to investigate the nature and scope of any Incident and to take appropriate actions to mitigate, remediate and otherwise respond to the Incident or associated risks.