Sensitive Information Incident Reporting Requirements Sample Clauses

Sensitive Information Incident Reporting Requirements. (1) All known or suspected sensitive information incidents shall be reported to the Headquarters or Component Security Operations Center (SOC) within one hour of discovery in accordance with 4300A Sensitive Systems Handbook Incident Response and Reporting requirements. When notifying the Headquarters or Component SOC, the Contractor shall also notify the Contracting Officer, COR, Headquarters or Component Privacy Officer, and US-CERT using the contact information identified in the contract. If the incident is reported by phone or the Contracting Officer’s email address is not immediately available, the Contractor shall contact the Contracting Officer immediately after reporting the incident to the Headquarters or Component SOC. The Contractor shall not include any sensitive information in the subject or body of any e-mail. To transmit sensitive information, the Contractor shall use FIPS 140-2 Security Requirements for Cryptographic Modules compliant encryption methods to protect sensitive information in attachments to email. Passwords shall not be communicated in the same email as the attachment. A sensitive information incident shall not, by itself, be interpreted as evidence that the Contractor has failed to provide adequate information security safeguards for sensitive information, or has otherwise failed to meet the requirements of the contract.
Sample 1Sample 2Sample 3See All (11)
AutoNDA by SimpleDocs
Sensitive Information Incident Reporting Requirements. (1) All known or suspected sensitive information incidents shall be reported to the Headquarters or Component Security Operations Center (SOC) within one hour of discovery in accordance with 4300A Sensitive Systems Handbook Incident Response and Reporting requirements. When notifying the Headquarters or Component SOC, the OTA Entity shall also notify the Contracting Officer, COR, Headquarters or Component Privacy Officer, and US-CERT using the contact information identified in the contract. If the incident is reported by phone or the Contracting Officer’s email address is not immediately available, the OTA Entity shall contact the Contracting Officer immediately after reporting the incident to the Headquarters or Component SOC. The OTA Entity shall not include any sensitive information in the subject or body of any e-mail. To transmit sensitive information, the OTA Entity shall use FIPS 140-2 Security Requirements for Cryptographic Modules compliant encryption methods to protect sensitive information in attachments to email. Passwords shall not be communicated in the same email as the attachment. A sensitive information incident shall not, by itself, be interpreted as evidence that the OTA Entity has failed to provide adequate information security safeguards for sensitive information, or has otherwise failed to meet the requirements of the contract.
Sample 1

Related to Sensitive Information Incident Reporting Requirements

  • Sensitive Information Buyer will inform Licensor if Personal Data falls into any special categories of personal data as defined in Article 9(1) of Regulation (EU) 2016/679.

  • Contractor Sensitive Information 17.1 The Authority must:

  • Grant Reporting Requirements The Grantee must submit the following reports to the Division. All reports shall document the completion of any deliverables/tasks, expenses and activities that occurred during that reporting period. All reports on grant progress will be submitted online via xxx.xxxxxxxxx.xxx. [INSERT PROGRESS REPORT DUE DATES]

  • Meteorological Data Reporting Requirement (Applicable to wind generation facilities only) The wind generation facility shall, at a minimum, be required to provide the Transmission Provider with site-specific meteorological data including: • Temperature (degrees Fahrenheit) • Wind speed (meters/second) • Wind direction (degrees from True North) • Atmosphere pressure (hectopascals) • Forced outage data (wind turbine and MW unavailability)

  • EDD Independent Subrecipient Reporting Requirements Effective January 1, 2001, the County of Orange is required to file in accordance with subdivision (a) of Section 6041A of the Internal Revenue Code for services received from a “service provider” to whom the County pays $600 or more or with whom the County enters into a contract for $600 or more within a single calendar year. The purpose of this reporting requirement is to increase child support collection by helping to locate parents who are delinquent in their child support obligations. The term “service provider” is defined in California Unemployment Insurance Code Section 1088.8, Subparagraph B.2 as “an individual who is not an employee of the service recipient for California purposes and who received compensation or executes a contract for services performed for that service recipient within or without the State.” The term is further defined by the California Employment Development Department to refer specifically to independent Subrecipients. An independent Subrecipient is defined as “an individual who is not an employee of the ... government entity for California purposes and who receives compensation or executes a contract for services performed for that ... government entity either in or outside of California.” The reporting requirement does not apply to corporations, general partnerships, limited liability partnerships, and limited liability companies. Additional information on this reporting requirement can be found at the California Employment Development Department web site located at xxxx://xxx.xxx.xx.xxx/Employer_Services.htm

  • Adverse Event Reporting Both Parties acknowledge the obligation to comply with the Protocol and / or applicable regulations governing the collection and reporting of adverse events of which they may become aware during the course of the Clinical Trial. Both Parties agree to fulfil and ensure that their Agents fulfil regulatory requirements with respect to the reporting of adverse events.

  • User Information Any user or usage data or information collected via Station’s digital properties or related to Station’s digital properties, or any information collected from websites operated by Station’s affiliates under this Agreement, shall be the property of Station and/or such affiliates. Advertiser shall have no rights in such information by virtue of this Agreement.

  • Child Abuse Reporting Requirement Grantee will:

  • Child Abuse Reporting Requirements A. Grantees shall comply with child abuse and neglect reporting requirements in Texas Family Code Chapter 261. This section is in addition to and does not supersede any other legal obligation of the Grantee to report child abuse.

  • Administrative information IV.2.2) Time limit for receipt of tenders or requests to participate Date

Time is Money Join Law Insider Premium to draft better contracts faster.