BREACH REPORTING AND NOTIFICATION RESPONSIBILITY Sample Clauses

BREACH REPORTING AND NOTIFICATION RESPONSIBILITY. Upon disclosure of NDNH information from OCSE to the state agency, the state agency is the responsible party in the event of a confirmed or suspected breach of the information, including responsibility for any costs associated with breach mitigation and remediation. Immediately upon discovery, but in no case later than one hour after discovery of the incident, the state agency shall report confirmed and suspected incidents, in either electronic or physical form, to OCSE, as designated in this security addendum. The state agency is responsible for all reporting and notification activities, including but not limited to: investigating the incident; communicating with required state government breach response officials; notifying individuals whose information is breached; notifying any third parties, including the media; notifying any other public and private sector agencies involved; responding to inquiries about the breach; resolving all issues surrounding the information breach; performing any follow-up activities; correcting the vulnerability that allowed the breach; and any other activity, as required by OMB M-17-12, Preparing for and Responding to a Breach of Personally Identifiable Information, and other federal law and guidance. Policy/Requirements Traceability: US-CERT Federal Incident Notification Guidelines (April 1, 2017); OMB Circular A-130 – Appendix I; OMB M-17-12; NIST SP 800-53 Rev 4, IR-6
Sample 1See All (11)
AutoNDA by SimpleDocs
BREACH REPORTING AND NOTIFICATION RESPONSIBILITY. Upon disclosure of NDNH information from OCSE to the state agency, the state agency is the responsible party in the event of a confirmed or suspected breach of the information, including responsibility for any costs associated with breach mitigation and remediation. Immediately upon discovery, but in no case later than one hour after discovery of the incident, the state agency must report confirmed and suspected incidents, in either electronic or physical form, to OCSE, as designated in this security addendum. The state agency is responsible for all reporting and notification activities, including but not limited to: investigating the incident; communicating with required state government breach response officials; notifying individuals whose information is breached; notifying any third parties, including the media; notifying any other public and private sector agencies involved; responding to inquiries about the breach; resolving all issues surrounding the information breach; performing any follow-up activities; correcting the vulnerability that allowed the breach; and any other activity, as required by OMB M-17-12, Preparing for and Responding to a Breach of Personally Identifiable Information, and other federal law and guidance..
Sample 1Sample 2See All (8)
BREACH REPORTING AND NOTIFICATION RESPONSIBILITY. That the Contractor is subject to s. 501.171, F.S., which requires reporting and remedies for breach of security related to third-party confidential information, as well as fines of up to $500,000 for failure to report timely. For persons affected by a breach who reside outside the state of Florida, the Contractor shall comply with the law of the State where the person resides. If this Contract includes access or disclosure of state or federal Child Support Program information, the Contractor shall immediately, upon discovery, but in no case later than one hour after discovery notify the Department’s Contract Manager and the Child Support Program Director of any suspected or confirmed incident involving unauthorized access and/or disclosure of state or federal Child Support Program confidential information.
Sample 1Sample 2Sample 3
BREACH REPORTING AND NOTIFICATION RESPONSIBILITY. SSA shall have appropriate procedures in place to report security or privacy incidents, or suspected incidents involving NDNH information. Confirmed and suspected incidents in either electronic or physical form must be reported following SSA procedures immediately upon discovery but in no case later than one hour after discovery. The incident or suspected incident must also be reported to the FPLS Information Systems Security Officer (ISSO) designated on this security addendum. The requirement for SSA to report suspected incidents of NDNH information to OCSE exists in addition to, not in lieu of, any SSA requirements to report to US-CERT or other agency. Policy/Requirements Traceability: HHS OCIO Policy for IS2PHandbook, IR 6; OMB Circular A130 – Appendix III; OMB M-06-19; OMB M-07-16; NIST SP 800-53 Rev 4, IR-6
Sample 1
BREACH REPORTING AND NOTIFICATION RESPONSIBILITY. Upon disclosure of FPLS information from OCSE or disclosure of CS program information from another state or tribe to the state CS agency, the state CS agency is the responsible party in the event of a breach or suspected breach of the information. Except as otherwise provided in Section II.B.6, if the state CS agency knows or suspects FPLS or CS program information has been breached, in either electronic or physical form, the state CS agency:
Sample 1
BREACH REPORTING AND NOTIFICATION RESPONSIBILITY. Except as otherwise provided in Section V of the security agreement, in the case of a confirmed or suspected data breach involving FPLS information, the organization providing information system services agrees to report the breach immediately upon discovery, but in no case later than one hour after discovery of the incident, to the OCSS security mailbox, xxxxxxxxxxxx@xxx.xxx.xxx. See Security Agreement, Section V, for additional information. Upon disclosure of FPLS information from OCSS to the state agency, the state agency is the responsible party in the event of a confirmed or suspected breach of the information, including responsibility for any costs associated with breach mitigation and remediation. Immediately upon discovery, but in no case later than one hour after discovery of the incident, the state agency must report confirmed or suspected incidents, in either electronic or physical form, to the OCSS security mailbox. The state agency is responsible for all reporting and notification activities, including but not limited to: investigating the incident; communicating with required state government breach response officials; notifying by U.S. mail all individuals whose information is breached; notifying any third parties, including the media; notifying any other public and private sector agencies involved; responding to inquiries about the breach; resolving all issues surrounding the information breach; performing any follow-up activities; correcting the vulnerability that allowed the breach; and any other activity, as required by OMB M-17-12, Preparing for and Responding to a Breach of Personally Identifiable Information, and other federal law and guidance. Policy/Requirements Traceability: US-CERT Federal Incident Notification Guidelines (April 1, 2017); OMB Circular A-130 – Appendix I; OMB M-17-12; NIST SP 800-53 Rev 5, IR-6 INFORMATION SEGREGATION REQUIREMENTS The organization providing information system services must protect the FPLS information and state child support program information and segregate it from the provider’s infrastructure to ensure that only authorized personnel have access to the FPLS information and state child support program information. AUDIT REQUIREMENTS OCSS reserves the right to audit the state agency and any organization providing information system services to the state agency or to make other provisions to ensure that the state agency is maintaining adequate safeguards to protect the FPLS information and child sup...
Sample 1

Related to BREACH REPORTING AND NOTIFICATION RESPONSIBILITY

  • Reporting Responsibility a) Vendor shall be responsible for reporting all services purchased under the Contract. Vendor shall file the monthly reports, subcontract reports, and pay the administrative fees in accordance with the due dates specified in this section.

  • BREACH DISCOVERY AND NOTIFICATION 23 1. Following the discovery of a Breach of Unsecured PHI, CONTRACTOR shall notify 24 COUNTY of such Breach, however both parties agree to a delay in the notification if so advised by a 25 law enforcement official pursuant to 45 CFR § 164.412.

  • Reporting Responsibilities The IRA Owner agrees to provide the Custodian with information necessary for the Custodian to prepare any reports required under Code Sections 408(i), 408A(d)(3)(D), and Regulations Sections 1.408-5 and 1.408-6. The Custodian agrees to submit reports to the IRS and the IRA Owner (or Beneficiary(ies) upon the IRA Owner’s death) as prescribed by the IRS and such additional reports as the Custodian may choose to deliver. The Custodian shall furnish annual calendar-year reports concerning the status of the IRA and such information concerning required minimum distributions as is prescribed by the Commissioner of the IRS.

  • Engineers Responsibility The Engineer shall be responsible for the accuracy of its work and shall promptly make necessary revisions or corrections resulting from its errors, omissions, or negligent acts without compensation. The Engineer will not be relieved of the responsibility for subsequent correction of any such errors or omissions or for clarification of any ambiguities until after the construction phase of the project has been completed.

  • Your Responsibility You are solely responsible for the quality, completeness, accuracy, validity and integrity of the image. You are solely responsible if you, intentionally or unintentionally, submit fraudulent, incorrect or illegible images to us or if Mobile Deposit is used, by authorized or unauthorized persons, to submit fraudulent, unauthorized, inaccurate, incorrect or otherwise improper or unusable images to us. In addition you agree that you will not modify, change, alter, translate, create derivative works from, reverse engineer, disassemble or decompile the technology or Service, copy or reproduce all or any part of the technology or Service, or interfere, or attempt to interfere, with the technology or Service. The Bank and its technology partners, inclusive of, but not limited to, Q2 and ProfitStars, retain all rights, title and interests in and to the Services, Software and Development made available to you.

Time is Money Join Law Insider Premium to draft better contracts faster.