Security Breach Notification. In addition to the information enumerated in Article V, Section 4(1) of the DPA Standard Clauses, any Security Breach notification provided by the Provider to the LEA shall include:
Security Breach Notification. 14 29.2.1 CONTRACTOR shall have policies and procedures in place for the 15 effective management of Security Breaches, as defined below. In the event of any actual, 16 attempted, suspected, threatened, or reasonably foreseeable circumstance CONTRACTOR 17 experiences or learns of that either compromises or could reasonably be expected to comprise 18 COUNTY data through unauthorized use, disclosure, or acquisition of COUNTY data (“Security 19 Breach”), CONTRACTOR shall immediately notify COUNTY of its discovery. After such 20 notification, CONTRACTOR shall, at its own expense, immediately:
Security Breach Notification. 32.2.1 CONTRACTOR shall have policies and procedures in place for the effective management of Security Breaches, as defined below. In the event of any actual, attempted, suspected, threatened, or reasonably foreseeable circumstance CONTRACTOR experiences or learns of that either compromises or could reasonably be expected to comprise COUNTY data through unauthorized use, disclosure, or acquisition of COUNTY data (“Security Breach”), CONTRACTOR shall immediately notify COUNTY of its discovery. After such notification, CONTRACTOR shall, at its own expense, immediately: Investigate to determine the nature and extent of the Security Breach. Contain the incident by taking necessary action, including, but not limited to, attempting to recover records, revoking access, and/or correcting weaknesses in security. Report to COUNTY the nature of the Security Breach, the COUNTY data used or disclosed, the person who made the unauthorized use or received the unauthorized disclosure, what CONTRACTOR has done or will do to mitigate any harmful effect of the unauthorized use or disclosure, and the corrective action CONTRACTOR has taken or will take to prevent future similar unauthorized use or disclosure.
Security Breach Notification. In the event of a security breach, the Contractor shall take prompt corrective action to cure any such deficiencies and any action pertaining to such unauthorized disclosure required by applicable federal and state laws and regulations. The Contractor shall report to the proper Authority staff in writing any use or disclosure of PII, whether suspected or actual, within one (1) business day of becoming aware of such use or disclosure.
Security Breach Notification. The data processor will notify the controller without undue delay, if personal data processed on behalf of the controller is exposed to a breach of security. The data processor’s notification should, at minimum, include information that describes the security breach, which registered subject is affected by the breach, what personal data is affected by the breach, what immediate measures are implemented to address the breach and what preventive measures may have been established to avoid similar incidents in the future. The data controller is responsible for ensuring that the Norwegian Data Protection Authority is notified when required.
Security Breach Notification. Section 9 (Security Breach Notification) of Exhibit G (Supplemental SDPC State Terms for Illinois) is hereby amended by adding “to the extent known by the Provider and as it becomes available” after “...to the LEA shall include”.
Security Breach Notification. Marketo shall notify Customer within seventy-two (72) hours of becoming aware of the unauthorized acquisition, destruction, loss, modification, use or disclosure of Customer Data (“Security Breach”).
Security Breach Notification. We will, to the extent permitted by law, notify Customer without undue delay after becoming aware of any accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, any Customer Data by us or our Sub-Processor(s) (a “Security Incident”). To the extent such a Security Incident is caused by a violation of the requirements of this Addendum by us, we will make reasonable efforts to identify and remediate the cause of such breach, including steps to mitigate the effects and to minimize any damage resulting from the Security Incident. You agree that an unsuccessful Security Incident will not be subject to this Section 7. An unsuccessful Security Incident is one that results in no unauthorized access to Customer Data or to any of MicroStrategy’s or MicroStrategy’s Sub-Processor’s equipment or facilities storing Customer Data, and may include, without limitation, pings and other broadcast attacks on firewalls or edge servers, port scans, unsuccessful log‐on attempts, denial of service attacks, packet sniffing (or other unauthorized access to traffic data that does not result in access beyond headers), or similar incidents; and MicroStrategy’s obligation to report or respond to a Security Incident under this Section 7 is not and will not be construed as an acknowledgement by MicroStrategy of any fault or liability of MicroStrategy with respect to the Security Incident. Notification(s) of Security Incidents, if any, will be delivered to Customer by any means MicroStrategy selects, including via email. It is your sole responsibility to ensure that you provide us with accurate contact information and secure transmission at all times. The information made available by MicroStrategy is intended to assist you in complying with your obligations under Applicable Data Protection Law in respect of data protection impact assessments and prior consultation.
Security Breach Notification. In the event Contractor becomes aware of any act, error or omission, negligence, misconduct, or security incident including unsecure or improper data disposal, theft, loss, unauthorized use and disclosure or access, that compromises or is suspected to compromise the security, confidentiality, or integrity of County Data or the physical, technical, administrative, or organizational safeguards put in place by Contractor that relate to the security, confidentiality, or integrity of County Data, Contractor shall, at its own expense, (1) immediately notify the County’s Chief Information Security Officer and County Privacy Officer of such occurrence and perform a root cause analysis thereon, (2) investigate such occurrence, (3) provide a remediation plan, acceptable to County, to address the occurrence and prevent any further incidents, (4) conduct a forensic investigation to determine what systems, data and information have been affected by such event, and (5) cooperate with County and any law enforcement or regulatory officials investigating such occurrence, including but not limited to making available all relevant records, logs, files, data reporting, and other materials required to comply with applicable law or as otherwise required by County and/or any law enforcement or regulatory officials, and (6) perform or take any other actions required to comply with applicable law as a result of the occurrence (at the direction of County). County shall make the final decision on notifying County persons, entities, employees, service providers, and/or the general public of such occurrence, and the implementation of the remediation plan. If notification to particular persons is required under any law or pursuant to any of County’s privacy or security policies, then notifications to all persons and entities who are affected by the same event shall be considered legally required. Contractor shall reimburse County for all notification related costs incurred by County arising out of or in connection with any such occurrence due to Contractor’s acts, errors or omissions, negligence, and/or misconduct resulting in a requirement for legally required notifications. In the case of personally identifiable information, Contractor shall provide third-party credit and identity monitoring services to each of the affected individuals for the period required to comply with applicable law, or, in the absence of any legally required monitoring services, for no less than twelve (12) mo...
Security Breach Notification. If Contractor breaches this Section, it must (i) promptly cure any deficiencies in Contractor's internal security controls; and (ii) comply with any applicable federal and state laws and regulations pertaining to unauthorized disclosures. Contractor and the State will cooperate to mitigate, to the extent practicable, the effects of any breach, intrusion, or unauthorized access, use, or disclosure. Contractor must notify the State of any unauthorized use or disclosure of Confidential Information, whether suspected or actual, within 10 days of becoming aware of the use or disclosure or a shorter time period as is reasonable under the circumstances. The State may require Contractor to purchase credit monitoring services for any individuals affected by the breach.
