Security Breaches; Security Breach Reporting Sample Clauses

Security Breaches; Security Breach Reporting. To the extent the Contractor or its subcontractors, affiliates or agents has access to, processes, handles, collects, stores, transmits or otherwise deals with State Data, the Contractor acknowledges that in the performance of its obligations under this Master Agreement and any SOW Agreement entered into hereunder, it will be a “data collectorpursuant to Chapter 62 of Title 9 of the Vermont Statutes (9 V.S.A. §2430(3)). The Contractor shall have policies and procedures in place for the effective management of Security Breaches, as defined below. In addition to the requirements set forth in any applicable Business Associate Agreement as may be attached to this Master Agreement, in the event of any actual security breach or reasonable belief of an actual security breach the Contractor either suffers or learns of that either compromises or could compromise State Data (including, as applicable, PII, PHI or ePHI) in any format or media, whether encrypted or unencrypted (for example, but not limited to: physical trespass on a secure facility; intrusion or hacking or other brute force attack on any State environment; loss or theft of a PC, laptop, desktop, tablet, smartphone, removable data storage device or other portable device; loss or theft of printed materials; or failure of security policies) (collectively, a “Security Breach”), the Contractor shall immediately determine the nature and extent of the Security Breach, contain the incident by stopping the unauthorized practice, recover records, shut down the system that was breached, revoke access and/or correct weaknesses in physical security. Contractor shall analyze and document the incident and provide the required notices, as set forth below. In accordance with Section 9 V.S.A. §2435(b)(3), the Contractor shall notify the Office of the Attorney General, or in the case of a Security Breach by a data collector regulated by the Vermont Department of Financial Regulation (“DFR”), DFR, within fourteen
Sample 1Sample 2Sample 3See All (14)
AutoNDA by SimpleDocs
Security Breaches; Security Breach Reporting. To the extent the Contractor or its subcontractors, affiliates or agents handles, collects, stores, disseminates or otherwise deals with State Data, the Contractor acknowledges that in the performance of its obligations under this Contract, it will be a “data collectorpursuant to Chapter 62 of Title 9 of the Vermont Statutes (9 V.S.A. §2430(3)). The Contractor shall have policies and procedures in place for the effective management of Security Breaches, as defined below. In addition to the requirements set forth in any applicable Business Associate Agreement as may be attached to this Contract, in the event of any actual security breach or reasonable belief of an actual security breach the Contractor either suffers or learns of that either compromises or could compromise State Data (including, as applicable, PII, PHI or ePHI) in any format or media, whether encrypted or unencrypted (for example, but not limited to: physical trespass on a secure facility; intrusion or hacking or other brute force attack on any State environment; loss or theft of a PC, laptop, desktop, tablet, smartphone, removable data storage device or other portable device; loss or theft of printed materials; or failure of security policies) (collectively, a “Security Breach”), the Contractor shall immediately determine the nature and extent of the Security Breach, contain the incident by stopping the unauthorized practice, recover records, shut down the system that was breached, revoke access and/or correct weaknesses in physical security. Contractor shall analyze and document the incident and provide the required notices, as set forth below. In accordance with Section 9 V.S.A. §2435(b)(3), the Contractor shall notify the Office of the Attorney General, or in the case of a Security Breach by a data collector regulated by the Vermont Department of Financial Regulation (“DFR”), DFR, within fourteen (14) business days of the Contractor’s discovery of the Security Breach. The notice shall provide a preliminary description of the breach. The foregoing notice requirement shall be included in the subcontracts of any of Contractor’s subcontractors, affiliates or agents which may be “data collectors” hereunder. Except to the extent delayed upon request of law enforcement in accordance with 9 V.S.A. §2435(b)(4), within thirty days of the Security Breach or when the Contractor provides notice to consumers pursuant to this Contract, whichever is sooner, the Contractor shall report to the State: (i...
Sample 1Sample 2See All (4)
Security Breaches; Security Breach Reporting. In addition to the requirements set forth in any applicable Business Associate Agreement as may be attached to this Contract, in the event of any actual security breach or reasonable belief of an actual security breach the Contractor either suffers or learns of that either compromises or could compromise State Data (including, as applicable, PII, PHI or ePHI) in any format or media, whether encrypted or unencrypted (for example, but not limited to: physical trespass on a secure facility; intrusion or hacking or other brute force attack on any State environment; loss or theft of a PC, laptop, desktop, tablet, smartphone, removable data storage device or other portable device; loss or theft of printed materials; or failure of security policies) (collectively, a “Security Breach”), the Contractor shall immediately determine the nature and extent of the Security Breach, contain the incident by stopping the unauthorized practice, recover records, shut down the system that was breached, revoke access and/or correct weaknesses in physical security. Contractor shall analyze and document the incident and provide the required notices, as set forth below. The Contractor shall notify the Office of the Attorney General within fourteen (14) business days of the Contractor’s discovery of the Security Breach. The notice shall provide a preliminary description of the breach. The foregoing notice requirement shall be included in the subcontracts of any of Contractor’s subcontractors, affiliates or agents which may be “data collectors” hereunder. Within thirty (30) calendar days of the Security Breach or when the Contractor provides notice to consumers pursuant to this Contract, whichever is sooner, the Contractor shall report to the State: (i) the nature of the Security Breach; (ii) the State Data used or disclosed; (iii) who made the unauthorized use or received the unauthorized disclosure; (iv) what the Contractor has done or shall do to mitigate any deleterious effect of the unauthorized use or disclosure; and (v) what corrective action the Contractor has taken or shall take to prevent future similar unauthorized use or disclosure. The Contractor shall provide such other information, including a written report, as reasonably requested by the State. The Contractor agrees to fully cooperate with the State, assume responsibility for such notice if the State determines it to be appropriate under the circumstances of any particular Security Breach, and assume all costs associ...
Sample 1
Security Breaches; Security Breach Reporting. To the extent the Contractor or its subcontractors, affiliates, or agents handles, collects, stores, disseminates or otherwise deals with State Data, the Contractor acknowledges that in the performance of its obligations under this Contract, it will be a “data collectorpursuant to Chapter 62 of Title 9 of the Vermont Statutes (9 V.S.A. §2430(3)). The Contractor shall have policies and procedures in place for the effective management of Security Breaches, as defined below. In the event of any actual security breach or reasonable belief of an actual security breach the Contractor either suffers or learns of that either compromises or could compromise State Data (including, as applicable, PII, PHI or ePHI) in any format or media, whether encrypted or unencrypted (for example, but not limited to: physical trespass on a secure facility; intrusion or hacking or other brute force attack on any State environment; loss or theft of a PC, laptop, desktop, tablet, smartphone, removable data storage device or other portable device; loss or theft of printed materials; or failure of security policies) (collectively, a “Security Breach”), the Contractor shall immediately determine the nature and extent of the Security Breach, contain the incident by stopping the unauthorized practice, recover records, shut down the system that was breached, revoke access and/or correct weaknesses in physical security. Contractor shall analyze and document the incident and provide the required notices, as set forth below. In accordance with Section 9 V.S.A. §2435(b)(3), the Contractor shall notify the Office of the Attorney General, or in the case of a Security Breach by a data collector regulated by the Vermont Department of Financial Regulation (“DFR”), DFR, within fourteen
Sample 1

Related to Security Breaches; Security Breach Reporting

  • Security Breaches In order to protect your security, it is your sole responsibility to ensure that all usernames and passwords used to access the Website are kept secure and confidential. You must immediately notify us of any unauthorized use of your account, including the unauthorized use of your password, or any other breach of security. We will investigate any breach of security on the Website that we determine in our sole discretion to be serious in nature, but we will not be held responsible or liable in any manner for breaches of security or any unauthorized access to your account however arising.

  • Security Breach In the event that Seller discovers or is notified of a breach, potential breach of security, or security incident at Seller's Facility or of Seller's systems, Seller shall immediately (i) notify Company of such potential, suspected or actual security breach, whether or not such breach has compromised any of Company's confidential information; (ii) investigate and promptly remediate the effects of the breach, whether or not the breach was caused by Seller; (iii) cooperate with Company with respect to any such breach or unauthorized access or use; (iv) comply with all applicable privacy and data protection laws governing Company's or any other individual's or entity's data; and (v) to the extent such breach was caused by Seller, provide Company with reasonable assurances satisfactory to Company that such breach, potential breach, or security incident shall not recur. Seller shall provide documentation to Company evidencing the length and impact of the breach. Any remediation of any such breach will be at Seller's sole expense.

  • Security Breach Notice and Reporting The Contractor shall have policies and procedures in place for the effective management of Security Breaches, as defined below, which shall be made available to the State upon request. In addition to the requirements set forth in any applicable Business Associate Agreement as may be attached to this Contract, in the event of any actual security breach or reasonable belief of an actual security breach the Contractor either suffers or learns of that either compromises or could compromise State Data (a “Security Breach”), the Contractor shall notify the State within 24 hours of its discovery. Contractor shall immediately determine the nature and extent of the Security Breach, contain the incident by stopping the unauthorized practice, recover records, shut down the system that was breached, revoke access and/or correct weaknesses in physical security. Contractor shall report to the State: (i) the nature of the Security Breach; (ii) the State Data used or disclosed; (iii) who made the unauthorized use or received the unauthorized disclosure; (iv) what the Contractor has done or shall do to mitigate any deleterious effect of the unauthorized use or disclosure; and (v) what corrective action the Contractor has taken or shall take to prevent future similar unauthorized use or disclosure. The Contractor shall provide such other information, including a written report, as reasonably requested by the State. Contractor shall analyze and document the incident and provide all notices required by applicable law. In accordance with Section 9 V.S.A. §2435(b)(3), the Contractor shall notify the Office of the Attorney General, or, if applicable, Vermont Department of Financial Regulation (“DFR”), within fourteen (14) business days of the Contractor’s discovery of the Security Breach. The notice shall provide a preliminary description of the breach. The foregoing notice requirement shall be included in the subcontracts of any of Contractor’s subcontractors, affiliates or agents which may be “data collectors” hereunder. The Contractor agrees to fully cooperate with the State and assume responsibility at its own expense for the following, to be determined in the sole discretion of the State: (i) notice to affected consumers if the State determines it to be appropriate under the circumstances of any particular Security Breach, in a form recommended by the AGO; and (ii) investigation and remediation associated with a Security Breach, including but not limited to, outside investigation, forensics, counsel, crisis management and credit monitoring, in the sole determination of the State. The Contractor agrees to comply with all applicable laws, as such laws may be amended from time to time (including, but not limited to, Chapter 62 of Title 9 of the Vermont Statutes and all applicable State and federal laws, rules or regulations) that require notification in the event of unauthorized release of personally-identifiable information or other event requiring notification. In addition to any other indemnification obligations in this Contract, the Contractor shall fully indemnify and save harmless the State from any costs, loss or damage to the State resulting from a Security Breach or the unauthorized disclosure of State Data by the Contractor, its officers, agents, employees, and subcontractors.

  • Security Breach Notifications Notice must be given by the Subrecipient to anyone whose PSCI could have been breached in accordance with HIPAA, the Information Practices Act of 1977, and State policy.

  • Security Breach Notification In addition to the information enumerated in Article V, Section 4(1) of the DPA Standard Clauses, any Security Breach notification provided by the Provider to the LEA shall include:

  • Personal Information security breach Supplier/Service Provider’s Obligations

  • Data Breaches A. Upon the discovery by the Contractor of a confirmed breach of security that results in the unauthorized release, disclosure, or acquisition of student data, the Contractor shall provide initial notice to the Board as soon as reasonably possible, after such discovery (“Initial Notice”). The Initial Notice shall be delivered to the Board by electronic mail to Superintendent Xxxxxxx X. Xxxx, xxxxx@xxxxxxxxxxxx.xxx or to the contact currently on file and shall include the following information, to the extent known at the time of notification:

  • COMPLIANCE WITH NEW YORK STATE INFORMATION SECURITY BREACH AND NOTIFICATION ACT Contractor shall comply with the provisions of the New York State Information Security Breach and Notification Act (General Business Law Section 899-aa; State Technology Law Section 208).

  • Security Incident Reporting A security incident occurs when CDA information assets are or reasonably believed to have been accessed, modified, destroyed, or disclosed without proper authorization, or are lost, or stolen. Subrecipient must comply with CDA’s security incident reporting procedures located at xxxxx://xxx.xxxxx.xx.xxx/ProgramsProviders/#Resources.

  • Data Breach In the event of an unauthorized release, disclosure or acquisition of Student Data that compromises the security, confidentiality or integrity of the Student Data maintained by the Provider the Provider shall provide notification to LEA within seventy-two (72) hours of confirmation of the incident, unless notification within this time limit would disrupt investigation of the incident by law enforcement. In such an event, notification shall be made within a reasonable time after the incident. Provider shall follow the following process:

Time is Money Join Law Insider Premium to draft better contracts faster.