Breach and Security Incident Responsibilities Sample Clauses

Breach and Security Incident Responsibilities. 24 A. Notification to COUNTY of Breach or Security Incident: The CONTRACTOR shall notify 25 COUNTY immediately by telephone call plus email or fax upon the discovery of a breach (as defined in 26 this Exhibit), and within twenty-four (24) hours by email or fax of the discovery of any security incident 27 (as defined in this Exhibit), unless a law enforcement agency determines that the notification will 28 impede a criminal investigation, in which case the notification required by this section shall be made to 29 COUNTY immediately after the law enforcement agency determines that such notification will not 30 compromise the investigation. Notification shall be provided to the ADMINSITRATOR, 31 ADMINISTRATOR Privacy Officer, and ADMINISTRATOR Information Security Officer, using the 32 contact information listed in Section X.F., below. If the breach or security incident is discovered after 33 business hours or on a weekend or holiday and involves COUNTY PCI in electronic or computerized 34 form, notification to COUNTY shall be provided by calling ADMINISTRATOR Information Security 35 Office at the telephone numbers listed in Section X.F., below. For purposes of this Section, breaches 36 and security incidents shall be treated as discovered by CONTRACTOR as of the first day on which 37 such breach or security incident is known to the CONTRACTOR, or, by exercising reasonable diligence 1 would have been known to the CONTRACTOR. CONTRACTOR shall be deemed to have knowledge 2 of a breach if such breach is known, or by exercising reasonable diligence would have been known, to 3 any person, other than the person committing the breach, who is an employee or agent of the 4 CONTRACTOR. CONTRACTOR shall take: 5 1. prompt corrective action to mitigate any risks or damages involved with the breach or 6 security incident and to protect the operating environment; and 7 2. any action pertaining to a breach required by applicable federal and state laws, including, 8 specifically, California Civil Code section 1798.29. 9 B. Investigation of Breach and Security Incidents: CONTRACTOR shall immediately investigate 10 such breach or security incident. As soon as the information is known and subject to the legitimate needs 11 of law enforcement, CONTRACTOR shall inform ADMINISTRATOR, ADMINISTRATOR Privacy 12 Officer, and the ADMINISTRATOR Information Security Officer of: 13 1. what data elements were involved and the extent of the data disclosure or access involved 14 in the breach...
AutoNDA by SimpleDocs
Breach and Security Incident Responsibilities. CDPH shall notify Participant immediately by telephone call plus email upon the discovery of a breach (as defined in this Agreement), or within twenty-four (24) hours by email of the discovery of any security incident (as defined in this Agreement) that involves Cal-IVRS Data that was created or collected by Participant in the Cal-IVRS System. Notification shall be provided by CDPH to the Participant Representative, using the contact information listed in Attachment B to this Agreement. A. For purposes of this Section, breaches and security incidents shall be treated as discovered by CDPH as of the first day on which such breach or security incident is known to CDPH, or, by exercising reasonable diligence would have been known to CDPH. CDPH shall be deemed to have knowledge of a breach or security incident if such breach or security incident is known, or by exercising reasonable diligence would have been known, to any person, other than the person committing the breach or security incident, who is a workforce member or agent of CDPH.
Breach and Security Incident Responsibilities. Notification to COUNTY of Breach or Security Incident: The CONTRACTOR shall notify 25 COUNTY immediately by telephone call plus email or fax upon the discovery of a breach (as defined in 26 this Exhibit), and within twenty-four (24) hours by email or fax of the discovery of any security incident 27 (as defined in this Exhibit), unless a law enforcement agency determines that the notification will 28 impede a criminal investigation, in which case the notification required by this section shall be made to 29 COUNTY immediately after the law enforcement agency determines that such notification will not 30 compromise the investigation. Notification shall be provided to the ADMINSITRATOR, 31 ADMINISTRATOR Privacy Officer, and ADMINISTRATOR Information Security Officer, using the 32 contact information listed in Section X.F., below. If the breach or security incident is discovered after 33 business hours or on a weekend or holiday and involves COUNTY PCI in electronic or computerized 34 form, notification to COUNTY shall be provided by calling ADMINISTRATOR Information Security 35 Office at the telephone numbers listed in Section X.F., below. For purposes of this Section, breaches 36 and security incidents shall be treated as discovered by CONTRACTOR as of the first day on which 37 such breach or security incident is known to the CONTRACTOR, or, by exercising reasonable diligence 1 would have been known to the CONTRACTOR. CONTRACTOR shall be deemed to have knowledge 2 of a breach if such breach is known, or by exercising reasonable diligence would have been known, to 3 any person, other than the person committing the breach, who is an employee or agent of the 4 CONTRACTOR. CONTRACTOR shall take:
Breach and Security Incident Responsibilities. CDPH shall notify Participant immediately by telephone call plus email or fax upon the discovery of a breach (as defined in this Agreement), or within twenty-four (24) hours by email or fax of the discovery of any security incident (as defined in this Agreement) that involves CalCONNECT Data that was created or collected by Participant in the CalCONNECT System. Notification shall be provided by CDPH to the Participant Representative, using the contact information listed in Attachment B, which is made a part of this Agreement by this reference. For purposes of this Section, breaches and security incidents shall be treated as discovered by CDPH as of the first day on which such breach or security incident is known to CDPH, or, by exercising reasonable diligence would have been known to CDPH. CDPH shall be deemed to have knowledge of a breach or security incident if such breach or security incident is known, orby exercising reasonable diligence would have been known, to any person, other than the person committing the breach or security incident, who is a workforce member or agent of CDPH.
Breach and Security Incident Responsibilities 

Related to Breach and Security Incident Responsibilities

  • Client Responsibilities You are responsible for (a) assessing each participants’ suitability for the Training, (b) enrollment in the appropriate course(s) and (c) your participants’ attendance at scheduled courses.

  • Joint Responsibilities The relationship between SAE ITC, the Activities and its Members shall be, and at all times, advisory only, and no party shall have the authority to enter into any contract or commitment in the name of, or on behalf of, any other party. Nothing in this Agreement shall be construed to confer upon either party the status of employee, agent, partner, joint venturer or legal representative of the other, it being intended by all parties to remain independent legal entities solely responsible for its own actions.

  • Student Responsibilities The school provided Chromebook for the student is an important learning tool to be used for educational purposes. In order to use the device each day, the student must be willing to accept the following responsibilities: ● I understand that district officials have the ability to monitor my use of the device AT ALL TIMES IN AND OUT OF SCHOOL and that communications, files, internet search activities, and any other actions using the device are not considered to be private. Note: RCCSD does not have the ability to and will not remotely operate the camera on the device. However, students can cover it when not in use to ensure others are not. ● I understand that the device assigned to me is on loan from Red Clay Consolidated School District. All accounts, programs, and files are subject to inspection at any time without notice. ● I will be responsible for ALL damage or loss of the device due to NEGLECT OR ABUSE including dropping it, getting it wet, and spills of food or drink. ● I will not try to repair my Chromebook. ● At ALL times when using my Chromebook, I will follow the Acceptable Use, Internet Safety Policy, and Student Code of Conduct, and related policies adopted by the Board of Education, and abide by all local, state, and federal laws. ● I will talk with my parent/guardian about their ground rules for going online when not at school. ● I will notify the school principal and my parents of any damage to the device as soon as possible. ● I will charge the Chromebook battery each night and will bring my Chromebook to school every day or be prepared for remote learning. ● I will keep my Chromebook clean. ● I will not lend my device to anyone. This includes family members and friends. Note: I could be held responsible for any inappropriate content on the District issued Chromebook. ● I will keep all passwords assigned to me secure. ● I will only use my account credentials to sign into my Chromebook. ● I am allowed to connect to non-district printers and wireless networks at home and in public places. ● I agree that e-mail or any other computer communication should be used only for appropriate, legitimate, and responsible communication. ● I agree not to share personal information about myself (full name, address, etc.) or about my family, friends or anyone else. ● I agree not to search for, download, display, post, or distribute vulgar, offensive material or images described in applicable district policies. (See the student handbook and/or the district's Acceptable Use Agreement.) ● I agree to abide by all school rules that address electronic device procedures. ● I will return the device when requested, at the end of the school year or upon my withdrawal. ● I agree to not deface or destroy this property in any way. Inappropriate use of the machine may result in the student losing their right to use the Chromebook. ● I understand that identification labels have been placed on the Chromebook. These labels are not to be removed or modified. Additional stickers, labels, tags, or markings of any kind are NOT to be added to the machine.

  • Security Incident Response Upon becoming aware of a Security Incident, MailChimp shall notify Customer without undue delay and shall provide timely information relating to the Security Incident as it becomes known or as is reasonably requested by Customer.

  • Licensee Responsibilities Licensee is responsible for Licensee’s Users’ compliance with this Agreement. Licensee is responsible for all of Licensee’s uses and accounts. Licensee will be responsible for maintaining the security of Licensee’s accounts, passwords and files. Licensee and Users cannot share Licensee’s accounts or passwords or allow any third party to use Licensee’s accounts or passwords. Licensee will exercise reasonable precautions to prevent unauthorized use of the Software.

  • Your Responsibilities 7.1 You are responsible for installing and configuring, and using the Service, Software, and Hardware, including account set up and configuration settings (unless NCR Voyix provides remote support for any of the foregoing as part of your subscription to the Service), compliance with applicable laws and regulations, and establishing any payment processing or other services certified by NCR Voyix for use with the Service (including through NCR Voyix’s wholly owned affiliates). You are solely responsible for reviewing any default or automated settings and configuring applicable settings to meet all legal, regulatory and other requirements applicable to your business. NCR shall have no liability in connection with such settings or configurations. You acknowledge that NCR Voyix does not provide legal, tax or accounting advice. You will provide NCR Voyix access to your network, system, data, and relevant information as reasonably required to perform the Service. You acknowledge that NCR Voyix personnel may require, and you will provide, the ability to access and correct transaction or input data while the Service is being provided to you. NCR Voyix is not responsible for any damage caused by errors or omissions in any information, instructions, data, or scripts you or a third party provides on your behalf in connection with the Service, or any actions NCR Voyix takes at your direction. 7.2 To use the Service, you must maintain internet access at your own expense. NCR VOYIX IS NOT RESPONSIBLE FOR AND DOES NOT WARRANT THE PERFORMANCE OF ANY INTERNET SERVICE OR OTHER PROVIDER OR ITS SERVICES, AND YOU AGREE THAT NCR VOYIX HAS NO LIABILITY TO YOU FOR SUCH PERFORMANCE OR SERVICES. 7.3 Title to hardware, software, systems, documentation, and other intellectual property NCR Voyix uses to provide the Service will remain with NCR Voyix or its licensors, unless otherwise agreed in writing. You will take reasonable actions to protect NCR Voyix’s intellectual property rights. 7.4 You are responsible for complying with all rules, bylaws, programs, and regulations of the payment card networks in connection with your use of the Service, Software and Hardware, as applicable. You will defend and indemnify NCR Voyix against any claim or loss resulting from your failure to fulfill your responsibilities under this Section. 7.5 Certain Services may perform analysis of transaction records designed to identify transaction patterns and activity that may be indicative of fraud. You acknowledge that the indicia reported by such Services may not necessarily be the result of fraudulent activity. You are responsible for performing its own evaluation of any results. NCR Voyix does not guarantee the detection of fraudulent transactions. 7.6 You are responsible for all data, information, materials and instructions (“Customer Instructions”) provided to NCR Voyix by you or on your behalf. NCR Voyix is entitled to rely upon Customer Instructions. In no event will NCR Voyix be liable with respect to any loss, liability, cost, damage, or expense arising out of a claim by you or any third party to the extent that claim arises as a result of NCR Voyix’s compliance with Customer Instructions.

  • Client Responsibility For clarity, the parties agree that in reviewing the documents referred to in clause (b) above, Patheon’s role will be limited to verifying the accuracy of the description of the work undertaken or to be undertaken by Patheon. Subject to the foregoing, Patheon will not assume any responsibility for the accuracy of any application for receipt of an approval by a Regulatory Authority. The Client is solely responsible for the preparation and filing of the application for approval by the Regulatory Authority and any relevant costs will be borne by the Client.

  • Client’s Responsibilities (a) Client agrees to advise Consultant regarding Client's Project requirements and to provide all relevant information, surveys, data and previous reports accessible to Client which Consultant may reasonably require. (b) Client shall designate a Project Representative to whom all communications from Consultant shall be directed and who shall have limited administrative authority on behalf of Client to receive and transmit information and make decisions with respect to the Project. Said representative shall not, however, have authority to bind Client as to matters of governmental policy or fiscal policy, nor to contract for additions or obligations exceeding a value which is the lesser of $5000 or 5% of the maximum contract price. (c) Client shall examine all documents presented by Consultant, and render decisions pertaining thereto within a reasonable time. The Client's approval of any drawings, specifications, reports, documents or other materials or product furnished hereunder shall not in any way relieve Consultant of responsibility for the professional adequacy of its work. (d) Client shall perform its obligations and render decisions within a reasonable time under the circumstances presented. Based upon the nature of Client and its requirements, a period of 14 days shall be presumed reasonable for any decision not involving policy decision or significant financial impact, when all information reasonably necessary for Client to responsibly render a decision has been furnished. A period of 46 days shall be presumed reasonable for Client to act with respect to any matter involving policy or significant financial impact. The above periods of presumed reasonableness shall be extended where information reasonably required is not within the custody or control of Client but must be procured from others.

  • Our Responsibilities This notice describes how medical information about you may be used and disclosed and how you can get access to this information. This notice took effect on September 23, 2013. We are required to maintain the privacy of your protected health information and we will follow the terms of this notice while it is in effect. • Your past, present, or future physical or mental health or condition • Providing you health care • The past, present, or future payment for providing you health care We collect your information as necessary to provide you with health insurance products and services and to administer our business. We may also disclose this information to nonaffiliated third parties as described in this notice. The types of information we may collect and disclose include: • Information you or your employer provide on applications and other forms, such as names, addresses, social security numbers, and dates of birth • Information about your interactions with us or others (such as providers) regarding your medical information or claims • Information you provide in person, by phone, in email, or through visits to our website • You can ask to see or get a copy of your health and claims records and other health information we have about you. • We will provide a copy or a summary of your health and claims records, usually within 30 days of your request. We may charge a reasonable, cost-based fee. • We may ask that you submit your request in writing. Please note, if you want to obtain copies of your medical records, you should contact the practitioner or facility. We do not generate, modify, or maintain complete medical records. • You may also request that we send a copy of your information to a third party. We may ask that you submit a written, signed authorization form permitting us to do so and we may charge a reasonable fee for copying and mailing your personal information. • You can ask us to correct your health and claims records if you think they are incorrect or incomplete. • We may say no to your request, but we’ll tell you why in writing within 60 days. • You can ask us to contact you in a specific way (for example, home or office phone) or to send mail to a different address. • We will consider all reasonable requests, and must say “yes” if you tell us you would be in danger if we do not. • All requests should be made in writing. • It may take a short period of time for us to implement your request. • We will comply with your request if it is reasonable and continues to permit us to collect premiums and pay claims under your policy, including issuing certain explanations of benefits and policy information to the BlueShield of Northeastern New York is a division of HealthNow New York Inc., an independent licensee of the BlueCross BlueShield Association. 15049R_NENY_12_19 f11011 subscriber of the policy. For example, even if you request confidential communications: ο We will mail the check for services you receive from a nonparticipating provider to you but made payable to the subscriber ο Accumulated payment information such as deductibles (in which your information might appear), will continue to appear on explanations of benefits sent to the subscriber ο We may disclose to the subscriber, as the contract holder, policy details such as eligibility status or certificates of coverage • You can ask us not to use or share certain health information for treatment, payment, or our operations. • We are not required to agree to your request, but if we do, we will abide by our agreement (except when necessary for treatment in an emergency). • You have the right to authorize individuals to act on your behalf with respect to your information. You must identify your authorized representatives on a HIPAA-compliant authorization form (available on our website) and explain what type of information they may receive. • You have the right to revoke an authorization except for actions already taken based on your authorization. • You can complain if you feel we have violated your rights by contacting us using the information listed on page 4. • You can file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights. • We will not retaliate against you for filing a complaint. • With your family, close friends, or others involved with your health care or payment for your care when you are present and have given us permission to do so. If you are not present, if it is an emergency, or you are not able to give us permission, we may give your information to a family member, friend, or other person if sharing your information is in your best interest. In these cases, the person requesting your information must accurately verify details about you (e.g., name, identification number, date of birth, etc.) and prove involvement with your health care or payment for your health care by providing details relevant to the information requested. For example, if a family member calls us with prior knowledge of a claim (e.g., provider’s name, date of service, etc.), we may confirm the claim’s status, patient responsibility, etc. We will only disclose information directly relevant to that person’s involvement with your health care or payment for your health care. • In a disaster relief situation. In these cases we never share your information unless you give us written permission: • Marketing purposes • Sale of your information • Disclose your psychotherapy notes • Make certain disclosures of information considered sensitive in nature, such as HIV/AIDS, mental health, alcohol or drug dependency, and sexually transmitted diseases. Certain federal and state laws require that we limit how we disclose this information. In general, unless we obtain your written authorization, we will only disclose such information as provided for in applicable laws. We typically use or share your health information in the following ways: • We can use your health information and share it with professionals who are treating you.

  • Resident Responsibilities The Resident agrees to pay all fees specified, to observe all rules and regulations of the University of Connecticut and to abide by the Responsibilities of Community Life: The Student Code, this contract and any addendum, as well as other University publications/policies. Residents assume total responsibility for their room/suite/apartment/house and for the behavior and activities which occur within all assigned living areas. Applicants and/or residents cannot exchange money or favors for a room assignment. Failure to fulfill the terms of the above may lead to termination of this contract, removal from on-campus housing, and a community standards process resulting in a sanction, including but not limited to expulsion.

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!