INFORMATION SECURITY BREACH AND NOTIFICATION ACT Sample Clauses

INFORMATION SECURITY BREACH AND NOTIFICATION ACT. Section 208 of the State Technology Law (STL) and Section 899-aa of the General Business Law (GBL) require that State entities and persons or businesses conducting business in New York who own or license computerized data which includes private information including an individual's unencrypted personal information plus one or more of the following: social security number, driver's license number or non-driver ID, account number, credit or debit card number plus security code, access code or password which permits access to an individual's financial account, must disclose to a New York resident when their private information was, or is reasonably believed to have been, acquired by a person without valid authorization. Disclosure of breach of that private information to all individuals affected or potentially affected must occur in the most expedient time possible without unreasonable delay, after necessary measures to determine the scope of the breach and to restore integrity, but with delay if law enforcement determines it impedes a criminal investigation. When notification is necessary, the State entity or person or business conducting business in New York must also notify the following New York State agencies: the Attorney General, the Office of Cyber Security & Critical Infrastructure Coordination (CSCIC) and the Consumer Protection Board (CPB). Information relative to the law and the notification process is available at: xxxx://xxx.xxxxx.xxxxx.xx.xx/security/securitybreach/
Sample 1Sample 2Sample 3See All (36)
AutoNDA by SimpleDocs
INFORMATION SECURITY BREACH AND NOTIFICATION ACT. 208 of the State Technology Law (STL) and § 899-aa of the General Business Law (GBL) require that State entities and persons or businesses conducting business in New York who own or license computerized data which includes private information including an individual's unencrypted personal information plus one or more of the following: social security number, driver's license number or non-driver ID, account number, credit or Debit Card number plus security code, access code or password which permits access to an individual's financial account, shall disclose to a New York resident when their private information was, or is reasonably believed to have been, acquired by a person without valid authorization. Disclosure of breach of that private information to all individuals affected or potentially affected shall occur in the most expedient time possible without unreasonable delay, after necessary measures to determine the scope of the breach and to restore integrity, but with delay if law enforcement determines it impedes a criminal investigation. When notification is necessary, the State entity or person or business conducting business in New York shall also notify the following New York State agencies: the Attorney General, the Office of Cyber Security & Critical Infrastructure Coordination (CSCIC) and the Consumer Protection Board (CPB). Information relative to the law and the notification process is available at: xxxxx://xxx.xx.xxx/eiso.
Sample 1Sample 2Sample 3See All (5)
INFORMATION SECURITY BREACH AND NOTIFICATION ACT. Contractor agrees to be responsible for the Department’s obligation to comply with the provisions of Section 208 of the State Technology Law,, commonly known as the Information Security Breach and Notification Act (the “ISBNA” or “Act”), and any future amendments thereto, to the extent an information security breach occurs as a result of the acts or omissions of the Contractor, including being responsible to pay all costs associated with and/or incurred because of the breach.. Contractor shall comply with all obligations imposed by the Act on the Department with respect to any breach of “private information” (as defined in the Act) used, received, handled, processed, uploaded, stored, or maintained by Contractor on behalf of the Department under this Agreement (“Department Information”). In the event of abreach of the security of the system” (as defined by the Act), Contractor shall immediately notify the Department upon Contractor’s discovery or receipt of notification of such breach. Such notice to the Department shall be made by contacting the Information Security Office by email to: XXX.Xxxx@xxx.xx.xxx. Contractor shall immediately commence an investigation, in cooperation with the Department, to determine the scope of the breach and to restore the security of the system. To the extent the Department determines that further notifications are required to be sent out pursuant to the Act, Contractor shall be responsible for providing such notifications to all required recipients including, in accordance with New York State policy NYS-PO3-002, non-New York State residents whose private information is reasonably believed to have been exposed as a result of the breach. All costs associated with providing breach notifications shall be borne by the Contractor. It is expressly agreed that Contractor shall be obligated to receive authorization from the Department prior to making additional notifications hereunder to any individuals, the State Office of Information Technology Services, the State Consumer Protection Board, the Attorney General’s Office or any consumer reporting agencies of a breach of the security of the system, or concerning making any determination to delay notifications due to law enforcement investigations. Contractor agrees that the Department shall have final approval over the form, content, mode of transmission, and timing of any notice to be provided concerning a breach of the security of the Department Information. Nothing contained her...
Sample 1Sample 2Sample 3See All (4)
INFORMATION SECURITY BREACH AND NOTIFICATION ACT. Section 208 of the State Technology Law (STL) and Section 899-aa of the General Business Law (GBL) require that State entities and persons or businesses conducting business in New York who own or license computerized data which includes private information including an individual's unencrypted personal information plus one or more of the following: social security number, driver's license number or non-driver ID, account number, credit or debit card number plus security code, access code or password which permits access to an individual's financial account, must disclose to a New York resident when their private information was, or is reasonably believed to have been, acquired by a person without valid authorization. Disclosure of breach of that private information to all individuals affected or potentially affected must occur in the most expedient time possible without unreasonable delay, after necessary measures to determine the scope of the breach and to restore integrity, but with delay if law enforcement determines it impedes a criminal investigation. When notification is necessary, the State entity or person or business conducting business in New York must also notify the following New York State agencies: the Attorney General, the Office of Cyber Security & Critical Infrastructure Coordination (CSCIC) and the Consumer Protection Board (CPB). Information relative to the law and the notification process is available at: xxxx://xxx.xxxxx.xxxxx.xx.xx/security/securitybreach/ DIESEL EMISSION REDUCTION ACT OF 2006 (NEW REQUIREMENT OF LAW): On February 12, 2007 the Diesel Emissions Reduction Act took effect as law (the “Law”). Pursuant to new §19‑0323 of the N.Y. Environmental Conservation Law (“NYECL”) it is now a requirement that heavy duty diesel vehicles in excess of 8,500 pounds use the best available retrofit technology (“BART”) and ultra low sulfur diesel fuel (“ULSD”). The requirement of the Law applies to all vehicles owned, operated by or on behalf of, or leased by State agencies and State or regional public authorities. They need to be operated exclusively on ULSD by February 12, 2007. It also requires that such vehicles owned, operated by or on behalf of, or leased by State agencies and State or regional public authorities with more than half of its governing body appointed by the Governor utilize BART. As a contract vendor the Law may be applicable to vehicles used by contract vendors “on behalf of” State agencies and public authorities. Thirt...
Sample 1Sample 2See All (4)
INFORMATION SECURITY BREACH AND NOTIFICATION ACT. ‌ The Offeror shall comply with the provisions of the New York State Information Security Breach and Notification Act (General Business Law Section 899-aa and State Technology Law, Section 208). The Offeror shall be liable for the costs associated with such breach if caused by its negligent or willful acts or omissions, or the negligent or willful acts or omissions of its agents, officers, employees or subcontractors.
Sample 1Sample 2
INFORMATION SECURITY BREACH AND NOTIFICATION ACT. Section 208 of the State Technology Law (STL) and Section 899-aa of the General Business Law (GBL) require that State entities and persons or businesses conducting business in New York State who own or license computerized data which includes private information including an individual's unencrypted personal information plus one (1) or more of the following: social security number, driver's license number or non-driver ID, account number, credit or debit card number plus security code, access code or password which permits access to an individual's financial account, must disclose to a New York resident when their private information was, or is reasonably believed to have been, acquired by a person without valid authorization. Disclosure of breach of that private information to all individuals affected or potentially affected must occur in the most expedient time possible without unreasonable delay, after necessary measures to determine the scope of the breach and to restore integrity, but with delay if law enforcement determines it impedes a criminal investigation. When notification is necessary, the State entity or person or business conducting business in New York must also notify the following New York State agencies: Office of the Attorney General and the Department of State and the State Office of Information Technology Services (for Section 208 only), and the State Police (for Section 899 Only). Information relative to the law and the notification process is available at: xxxxx://xxx.xx.xxx/incident-reporting.
Sample 1
INFORMATION SECURITY BREACH AND NOTIFICATION ACT. To the extent applicable to the Contract, the Contracting Party shall comply with the provisions of the New York State Information Security Breach and Notification Act (General Business Law Section 899-aa; State Technology Law Section 208, as each such provision may hereafter be amended). April 8, 2013 APPENDIX C OSC POLICY STATEMENT ON DISCRIMINATION AND HARASSMENT,
Sample 1
AutoNDA by SimpleDocs
INFORMATION SECURITY BREACH AND NOTIFICATION ACT. The Contractor agrees to be responsible for the State’s obligation to comply with provisions of Section 208 of the State Technology Law, commonly known as the Information Security Breach and Notification Act (the “ISBNA” or “Act”), and any future amendments thereto, to the extent an information security breach occurs as a result of the acts or omissions of the Contractor, including being responsible to pay all costs associated with and/or incurred because of the breach. The Contractor shall comply with all obligations imposed by the Act on the State with respect to any breach of “private information” (as defined in the Act) used, received, handled, processed, uploaded, stored, or maintained by the Contractor on behalf of the State under this Agreement (“Department Information”). In the event of abreach of the security of the system” (as defined by the Act), the Contractor shall immediately notify the Department upon the Contractor’s discovery or receipt of notification of such breach. Such notice to the Department shall be made by contacting the Information Security Office by e-mail to: XXX.Xxxx@xxx.xx.
Sample 1

Related to INFORMATION SECURITY BREACH AND NOTIFICATION ACT

  • COMPLIANCE WITH NEW YORK STATE INFORMATION SECURITY BREACH AND NOTIFICATION ACT Contractor shall comply with the provisions of the New York State Information Security Breach and Notification Act (General Business Law Section 899-aa; State Technology Law Section 208).

  • Personal Information security breach Supplier/Service Provider’s Obligations

  • BREACH DISCOVERY AND NOTIFICATION 23 1. Following the discovery of a Breach of Unsecured PHI, CONTRACTOR shall notify 24 COUNTY of such Breach, however both parties agree to a delay in the notification if so advised by a 25 law enforcement official pursuant to 45 CFR § 164.412.

  • Security Breach Notification In addition to the information enumerated in Article V, Section 4(1) of the DPA Standard Clauses, any Security Breach notification provided by the Provider to the LEA shall include:

  • Third-Party Information; Privacy or Data Protection Laws Each Party acknowledges that it and members of its Group may presently have and, following the Effective Time, may gain access to or possession of confidential or proprietary information of, or personal information relating to, Third Parties (i) that was received under confidentiality or non-disclosure agreements entered into between such Third Parties, on the one hand, and the other Party or members of such Party’s Group, on the other hand, prior to the Effective Time; or (ii) that, as between the two Parties, was originally collected by the other Party or members of such Party’s Group and that may be subject to and protected by privacy, data protection or other applicable Laws. Each Party agrees that it shall hold, protect and use, and shall cause the members of its Group and its and their respective Representatives to hold, protect and use, in strict confidence the confidential and proprietary information of, or personal information relating to, Third Parties in accordance with privacy, data protection or other applicable Laws and the terms of any agreements that were either entered into before the Effective Time or affirmative commitments or representations that were made before the Effective Time by, between or among the other Party or members of the other Party’s Group, on the one hand, and such Third Parties, on the other hand.

  • Personal Data Breach Notification SAP will notify Customer without undue delay after becoming aware of any Personal Data Breach and provide reasonable information in its possession to assist Customer to meet Customer’s obligations to report a Personal Data Breach as required under Data Protection Law. SAP may provide such information in phases as it becomes available. Such notification shall not be interpreted or construed as an admission of fault or liability by SAP.

  • Handling Sensitive Personal Information and Breach Notification A. As part of its contract with HHSC Contractor may receive or create sensitive personal information, as section 521.002 of the Business and Commerce Code defines that phrase. Contractor must use appropriate safeguards to protect this sensitive personal information. These safeguards must include maintaining the sensitive personal information in a form that is unusable, unreadable, or indecipherable to unauthorized persons. Contractor may consult the “Guidance to Render Unsecured Protected Health Information Unusable, Unreadable, or Indecipherable to Unauthorized Individuals” issued by the U.S. Department of Health and Human Services to determine ways to meet this standard.

  • Data Protection Act 7.1.1 The Supplier shall (and shall procure that its entire Staff) comply with any notification requirements under the DPA and both Parties will duly observe all their obligations under the DPA which arise in connection with the Contract.

  • PERSONAL DATA PROTECTION ACT 7.1. PAH is committed to protecting the privacy, confidentiality and security of all personal data to which it is entrusted. It has been our policy to ensure your personal information are protected. With the introduction of the Malaysian Personal Data Protection Act 2010 ("PDPA"), we are even committed to ensure the privacy and confidentiality and security of all personal data are protected in line with the PDPA. We process personal data which you have provided to us voluntarily through our website upon your registration and this includes personal data such as your name, address, NRIC and contact details. In this regards, you have expressly consent to our processing of your personal data. If you give us personal data or information about another person, you must first confirm that he/she has appointed you to act for him/her, to consent to the processing of his/her personal data and to receive on his/her behalf any data protection notices. We may request your assistance to procure the consent of such persons whose personal data is provided by you to us and you agree to do so. You shall indemnify us in the event we suffer loss and damage as a result of your failure to comply with the same. We will only retain your personal data for as long as necessary for the fulfilment of the specified purposes or as legislated

  • Collection of Personal Information 10.1 The Subscriber acknowledges and consents to the fact that the Company is collecting the Subscriber's personal information for the purpose of fulfilling this Subscription Agreement and completing the Offering. The Subscriber's personal information (and, if applicable, the personal information of those on whose behalf the Subscriber is contracting hereunder) may be disclosed by the Company to (a) stock exchanges or securities regulatory authorities, (b) the Company's registrar and transfer agent, (c) Canadian tax authorities, (d) authorities pursuant to the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (Canada) and (e) any of the other parties involved in the Offering, including legal counsel, and may be included in record books in connection with the Offering. By executing this Subscription Agreement, the Subscriber is deemed to be consenting to the foregoing collection, use and disclosure of the Subscriber's personal information (and, if applicable, the personal information of those on whose behalf the Subscriber is contracting hereunder) and to the retention of such personal information for as long as permitted or required by law or business practice. Notwithstanding that the Subscriber may be purchasing Shares as agent on behalf of an undisclosed principal, the Subscriber agrees to provide, on request, particulars as to the identity of such undisclosed principal as may be required by the Company in order to comply with the foregoing.

Time is Money Join Law Insider Premium to draft better contracts faster.