Incident Response Plan. Vendor shall have a written incident response plan, to include prompt notification to HCSD in the event of a security or privacy incident, as well as best practices for responding to a breach of HCSD Protected Information and Data. Provider agrees to share its incident response plan upon request. Upon the occurrence of any actual or suspected unauthorized use or disclosure of HCSD Protected Information and Data. Vendor shall take reasonable steps to minimize or mitigate the risk of harmful or potentially harmful effects resulting from said actual or suspected unauthorized use or disclosure.
Appears in 2 contracts