Common use of Loss Reporting Clause in Contracts

Loss Reporting. If either SSA or VA experiences an incident involving the loss or breach of PII provided by SSA or VA under the terms of this agreement, they will follow the incident reporting guidelines issued by OMB. In the event of a reportable incident under OMB guidance involving PII, the agency experiencing the incident is responsible for following its established procedures, including notification to the proper organizations (e.g., United States Computer Emergency Readiness Team and the agency’s privacy office). In addition, the agency experiencing the incident (e.g., electronic or paper) will notify the other agency’s Information Security Contact named in this agreement. If VA is unable to speak with the SSA Information Security Contact within one hour or if for some other reason notifying the SSA Information Security Contact is not practicable (e.g., it is outside of the normal business hours), VA will call SSA’s National Network Service Center toll free at ▇-▇▇▇-▇▇▇-▇▇▇▇. If SSA is unable to speak with VA’s Information Security Contact within one hour, SSA will contact the VA Network and Security Operations Center at ▇-▇▇▇-▇▇▇-▇▇▇▇, Option 6 then Option 4.

Loss Reporting. If either SSA or VA CMS experiences an incident involving the loss or breach of PII provided by SSA or VA CMS under the terms of this agreementAgreement, they will follow the incident reporting guidelines issued by OMB. In the event of a reportable incident under OMB guidance involving PII, the agency experiencing the incident is responsible for following its established procedures, including notification to the proper organizations (e.g., United States Computer Emergency Readiness Team and Team, the agency’s privacy office). In addition, the agency experiencing the incident (e.g., electronic or paper) will notify the other agency’s Information Systems Security Contact named in this agreementAgreement. If VA CMS is unable to speak with the SSA Information Systems Security Contact within one hour or if for some other reason notifying the SSA Information Systems Security Contact is not practicable (e.g., it is outside of the normal business hours), VA CMS will call SSA’s National Network Service Center toll free at ▇-▇▇▇-▇▇▇-▇▇▇▇. If SSA is unable to speak with VACMS’s Information Systems Security Contact within one hour, SSA will contact the VA Network and Security Operations Center CMS IT Service Desk at ▇-(410) 786- 2580 or email ▇▇▇-_▇▇▇-_▇▇▇▇, Option 6 then Option 4▇▇▇_▇▇▇▇@▇▇▇.▇▇▇.▇▇▇.

Loss Reporting. If either SSA or VA RRB experiences an incident involving the loss or breach of PII provided by SSA or VA RRB under the terms of this agreement, they will follow the incident reporting guidelines issued by OMB. In the event of a reportable incident under OMB guidance involving PII, the agency experiencing the incident is responsible for following its established procedures, including notification to the proper organizations (e.g., United States Computer Emergency Readiness Team and the agency’s privacy office). In addition, the agency experiencing the incident (e.g., electronic or paper) will notify the other agency’s Information Systems Security Contact named in this agreement. If VA is unable to speak with the SSA Information Security Contact within one hour or if for some other reason notifying the SSA Information Systems Security Contact is not practicable (e.g., it is outside of the normal business hours), VA RRB will call SSA’s National Network Service Center toll free at ▇-▇▇▇-▇▇▇-▇▇▇▇. If SSA is unable to speak with VARRB’s Information Systems Security Contact within one hour, SSA will contact the VA Network and ▇▇▇▇▇ ▇. ▇▇▇▇▇▇▇, Chief Information Security Operations Center Officer (CISO) for RRB computer system at ▇▇▇-▇▇▇-▇▇▇▇ or cell ▇▇▇-▇▇▇-▇▇▇▇, Option 6 then Option 4.

Loss Reporting. If either SSA or VA CMS experiences an incident involving the loss or breach of PII provided by SSA or VA CMS under the terms of this agreement, they will follow the incident reporting guidelines issued by OMB. In the event of a reportable incident under OMB guidance involving PII, the agency experiencing the incident is responsible for following its established procedures, including notification to the proper organizations (e.g., United States Computer Emergency Readiness Team and the agency’s privacy office). In addition, the agency experiencing the incident (e.g., electronic or paper) will notify the other agency’s Information Systems Security Contact named in this agreement. If VA CMS is unable to speak with the SSA Information Systems Security Contact within one hour or if for some other reason notifying the SSA Information Systems Security Contact is not practicable (e.g., it is outside of the normal business hours), VA CMS will call SSA’s National Network Service Center toll free at ▇-▇▇▇-▇▇▇-▇▇▇▇. If SSA is unable to speak with VA’s Information CMS’ Systems Security Contact within one hour, SSA will contact the VA Network and Security Operations Center CMS IT Service Desk at ▇-▇▇▇-▇▇▇-▇▇▇▇ or email ▇, Option 6 then Option 4▇▇_▇▇_▇▇▇▇▇▇▇_▇▇▇▇@▇▇▇.▇▇▇.▇▇▇.

Loss Reporting. If either SSA or VA ED experiences an incident involving the loss or breach of PII provided by SSA or VA ED under the terms of this agreementCMA, they will follow the incident reporting guidelines issued by OMB. In the event of a reportable incident under OMB guidance involving PII, the agency experiencing the incident is responsible for following its established procedures, including notification to the proper organizations (e.g., United States Computer Emergency Readiness Team and the agency’s privacy office). In addition, the agency experiencing the incident (e.g., electronic or paper) will notify the other agency’s Information Systems Security Contact named in this agreementCMA. If VA ED is unable to speak with the SSA Information Systems Security Contact within one hour or if for some other reason notifying the SSA Information Systems Security Contact is not practicable (e.g., it is outside of the normal business hours), VA ED will call SSA’s National Network Service Center toll free at ▇-▇▇▇-▇▇▇-▇▇▇▇. If SSA is unable to speak with VA’s Information ED Systems Security Contact within one 1 hour, SSA will contact the VA Network and Security Operations Center at ED/FSA: EDSOC: ▇-▇▇▇▇@▇▇.▇▇▇: ▇▇▇-▇▇▇-▇▇▇▇, Option 6 then Option 4.

Loss Reporting. If either SSA or VA RRB experiences an incident involving the a loss or breach of PII provided by SSA or VA the other agency under the terms of this agreement, they will follow the incident reporting guidelines issued by OMB. In the event of a reportable incident under OMB guidance involving PII, the agency experiencing the incident is responsible for following its established procedures, including notification to the proper organizations (e.g., United States Computer Emergency Readiness Team (CERT), and the agency’s privacy office). In addition, the agency experiencing the incident (e.g., electronic or paper) will notify the other agency’s Information Systems Security Contact named in this agreement. If VA RRB is unable to speak with the SSA Information Systems Security Contact within one hour or or, if for some other reason notifying the SSA Information Systems Security Contact is not practicable (e.g., it is outside of the normal business hours), VA RRB will call SSA’s National Network Service Center toll free at ▇-▇▇▇-▇▇▇-▇▇▇▇. If SSA is unable to speak with VARRB’s Information Systems Security Contact within one hour, SSA will contact the VA Network and Security Operations Center ▇▇▇▇ ▇▇▇▇▇▇▇▇▇, RRB CERT Team Leader, at ▇-▇▇▇-▇▇▇-▇▇▇▇ or ▇, Option 6 then Option 4▇▇-▇▇▇-▇▇▇▇ (cell).