Data Breach In the event of an unauthorized release, disclosure or acquisition of Student Data that compromises the security, confidentiality or integrity of the Student Data maintained by the Provider the Provider shall provide notification to LEA within seventy-two (72) hours of confirmation of the incident, unless notification within this time limit would disrupt investigation of the incident by law enforcement. In such an event, notification shall be made within a reasonable time after the incident. Provider shall follow the following process:
Data Breaches A. Upon the discovery by the Contractor of a confirmed breach of security that results in the unauthorized release, disclosure, or acquisition of student data, the Contractor shall provide initial notice to the Board as soon as reasonably possible, after such discovery (“Initial Notice”). The Initial Notice shall be delivered to the Board by electronic mail to Superintendent Xxxxxxx X. Xxxx, xxxxx@xxxxxxxxxxxx.xxx or to the contact currently on file and shall include the following information, to the extent known at the time of notification:
Confidential Information Breach This shall mean, generally, an instance where an unauthorized person or entity accesses Confidential Information in any manner, including but not limited to the following occurrences: (1) any Confidential Information that is not encrypted or protected is misplaced, lost, stolen or in any way compromised; (2)one or more third parties have had access to or taken control or possession of any Confidential Information that is not encrypted or protected without prior written authorization from the State; (3) the unauthorized acquisition of encrypted or protected Confidential Information together with the confidential process or key that is capable of compromising the integrity of the Confidential Information; or (4) if there is a substantial risk of identity theft or fraud to the Client Agency, the Contractor, DAS or State.
Independence from Material Breach Determination Except as set forth in Section X.D.1.c, these provisions for payment of Stipulated Penalties shall not affect or otherwise set a standard for OIG’s decision that CHSI has materially breached this CIA, which decision shall be made at OIG’s discretion and shall be governed by the provisions in Section X.D, below.
Material Breach A material breach for purposes of this Agreement shall include, but not be limited to:
Tea Breaks (a) Every employee will be entitled to a paid 10 minute tea break in each four hours worked at a time to be agreed between the employee and employer.
Personal Data Breach 7.1 Processor shall notify Company without undue delay upon Processor becoming aware of a Personal Data Breach affecting Company Personal Data, providing Company with sufficient information to allow the Company to meet any obligations to report or inform Data Subjects of the Personal Data Breach under the Data Protection Laws.
Security Breach In the event that Seller discovers or is notified of a breach, potential breach of security, or security incident at Seller's Facility or of Seller's systems, Seller shall immediately (i) notify Company of such potential, suspected or actual security breach, whether or not such breach has compromised any of Company's confidential information; (ii) investigate and promptly remediate the effects of the breach, whether or not the breach was caused by Seller; (iii) cooperate with Company with respect to any such breach or unauthorized access or use; (iv) comply with all applicable privacy and data protection laws governing Company's or any other individual's or entity's data; and (v) to the extent such breach was caused by Seller, provide Company with reasonable assurances satisfactory to Company that such breach, potential breach, or security incident shall not recur. Seller shall provide documentation to Company evidencing the length and impact of the breach. Any remediation of any such breach will be at Seller's sole expense.
Personal Data Breaches 5.7.1 The Data Processor shall give immediate notice to the Data Controller if a breach occurs, that can lead to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of or access to, personal data transmitted, stored or otherwise processed re the Personal Data processed on behalf of the Data Controller (a “Personal Data Breach”).
Return or Destruction of Confidential Information If an Interconnection Party provides any Confidential Information to another Interconnection Party in the course of an audit or inspection, the providing Interconnection Party may request the other party to return or destroy such Confidential Information after the termination of the audit period and the resolution of all matters relating to that audit. Each Interconnection Party shall make Reasonable Efforts to comply with any such requests for return or destruction within ten days of receiving the request and shall certify in writing to the other Interconnection Party that it has complied with such request.