Breach of Security. 6.1 Either party shall notify the other immediately upon becoming aware of any Breach of Security including, but not limited to an actual, potential or attempted breach, or threat to, the Security Plan.
6.2 Upon becoming aware of any of the circumstances referred to in paragraph 6.1, the Contractor shall;
a) immediately take all reasonable steps necessary to;
(i) remedy such breach or protect the Contractor ICT System against any such potential or attempted breach or threat; and
(ii) prevent an equivalent breach in the future. Such steps shall include any action or changes reasonably required by the Authority. In the event that such action is taken in response to a breach that is determined by the Authority acting reasonably not to be covered by the obligations of the Contractor under this Contract, then the Contractor shall be entitled to refer the matter to the change control procedure in clause F3 (Variation).
b) as soon as reasonably practicable provide to the Authority full details (using such reporting mechanism as may be specified by the Authority from time to time) of such actual, potential or attempted breach and of the steps taken in respect thereof.
Breach of Security. 5.1. Provider agrees to provide the GLO with the name and contact information for an employee of the Provider which shall serve as the GLO’s primary security contact.
5.2. Upon discovery of a Breach of Security or suspected Breach of Security by the Provider, the Provider agrees to notify the GLO as soon as possible upon discovery of the Breach of Security or suspected Breach of Security, but in no event shall notification occur later than 24 hours after discovery. Within 72 hours, the Provider agrees to provide, at minimum, a written preliminary report regarding the Breach or suspected Breach to the GLO with root cause analysis including a log detailing the data affected.
5.3. The initial notification and preliminary report shall be submitted to the GLO Information Security Officer at xxxxxxxxxxxxxxxxxxx@xxx.xxxxx.xxx.
5.4. Provider agrees to take all reasonable steps to immediately remedy a Breach of Security and prevent any further Breach of Security.
5.5. Provider agrees that it shall not inform any third party of any Breach of Security or suspected Breach of Security without obtaining GLO’s prior written consent.
5.6. If the Breach of Security includes SPI, including Social Security Numbers, payment card information, or health information, the Provider agrees to provide affected individuals complimentary access for one (1) year of credit monitoring services.
Breach of Security. 6.1 Either party shall notify the other immediately upon becoming aware of any Breach of Security including, but not limited to an actual, potential or attempted breach, or threat to, the Security Plan.
6.2 Upon becoming aware of any of the circumstances referred to in paragraph 6.1, the Contractor shall;
a) immediately take all reasonable steps necessary to;
i) remedy such breach or protect the Contractor ICT System against any such potential or attempted breach or threat; and
ii) prevent an equivalent breach in the future. Such steps shall include any action or changes reasonably required by the Authority. In the event that such action is taken in response to a breach that is determined by the Authority acting reasonably not to be covered by the obligations of the Contractor under this Contract, then the Contractor shall be entitled to refer the matter to the change control procedure in clause F3 (Variation).
Breach of Security. Each Party shall promptly notify the other in accordance with the agreed security incident management process as defined by the Security Plan upon becoming aware that a Breach of Security or attempted or potential Breach of Security has or may have taken place. Without prejudice to the security incident management process, upon becoming aware of any of the circumstances referred to in paragraph 48, the Service Provider shall: immediately take all reasonable steps (which shall include any action or changes reasonably required by the Purchaser) necessary to: minimise the extent of actual or potential harm caused by any Breach of Security; remedy such Breach of Security to the extent possible and protect the integrity of the Purchaser’s System and the Service Provider’s System to the extent within its control against any such Breach of Security or attempted or potential Breach of Security and provide the Purchaser details of any mitigation measures recommended by the Service Provider to be taken by the Purchaser in respect of the Purchaser’s System within the control of the Purchaser; apply a tested mitigation against any such Breach of Security or attempted or potential Breach of Security and, provided that reasonable testing has been undertaken by the Service Provider, if the mitigation adversely affects the Service Provider’s ability to deliver the Services so as to meet the Service Levels (if applicable), the Service Provider shall be granted relief against any resultant under-performance for such period as the Purchaser, acting reasonably, may specify by written notice to the Service Provider; prevent a further Breach of Security or attempted or potential Breach of Security in the future exploiting the same root cause failure; and supply any requested data to the Purchaser within two (2) Working Days of the Purchaser’s request and without charge (where such requests are reasonably related to a possible incident or compromise); and investigate the Breach of Security or attempted or potential Breach of Security completely and promptly and as soon as reasonably practicable provide to the Purchaser full details (using the reporting mechanism defined by the Security Plan) of the Breach of Security or attempted or potential Breach of Security, including a root cause analysis where required by the Purchaser. If any action is taken in response to a Breach of Security or potential or attempted Breach of Security that demonstrates non-compliance of the Security Pl...
Breach of Security. Either party shall notify the other in accordance with the agreed security incident management process (as detailed in the Security Management Plan if one exists) upon becoming aware of any Breach of Security or any potential or attempted Breach of Security. Without prejudice to the security incident management process, upon becoming aware of any of the circumstances referred to in paragraph 95.1, the Supplier shall: immediately take all reasonable steps(which shall include any action or changes reasonably required by the Customer) necessary to: minimise the extent of actual or potential harm caused by any Breach of Security; remedy such Breach of Security to the extent possible and protect the integrity of the Customer and the provision of the Goods and/or Services to the extent within its control against any such Breach of Security or attempted Breach of Security; prevent an equivalent breach in the future exploiting the same root cause failure; and as soon as reasonably practicable provide to the Customer, where the Customer so requests, full details (using the reporting mechanism defined by the Security Management Plan if one exists) of the Breach of Security or attempted Breach of Security, including a root cause analysis where required by the Customer. In the event that any action is taken in response to a Breach of Security or potential or attempted Breach of Security that demonstrates non-compliance of the Security Management Plan with the Security policy or the requirements of this Contract Schedule 7, then any required change to the Security Management Plan shall be at no cost to the Customer. 12/08/2013 [LONG FORM – PARAGRAPHS 1 TO 8] In this Contract Schedule 7, the following definitions shall apply:
Breach of Security. Any breach or violation by Contractor of any of the foregoing shall be deemed a material breach of a material obligation of Contractor under this Contract and may be deemed an incurable and material breach of a material obligation of Contractor under this Contract resulting in termination. Contractor shall, at all times, comply with and abide by all reasonable policies and procedures of County (or that may be established thereby, from time to time) that pertain to conduct on County’s premises, possession or distribution of contraband, or the access to, and security of, the Party’s real property or facilities, to the extent that Contractor has been provided with a copy of each such policy or procedure. Contractor shall exercise due care and diligence to prevent any injury to persons or damage to property while on the other Party’s premises. The operation of vehicles by either Party’s personnel on the other Party’s property shall conform to posted and other applicable regulations and safe-driving practices. Vehicular accidents occurring on a Party’s property and involving either Party’s personnel shall be reported promptly to the appropriate Party’s personnel. Each Party covenants that at all times during the Term, it, and its employees, agents, and subcontractors shall comply with, and take no action that results in the other Party being in violation of, any applicable federal, state, and local laws, ordinances, regulations, and rules. Each Party’s personnel shall clearly identify themselves as the appropriate Party’s personnel and not as employees of the other Party. When on the other Party’s premises, each Party’s personnel shall wear and clearly display identification badges or tags, as approved by the other Party.
Breach of Security. Any breach or violation by Contractor of any of the foregoing shall be deemed a material breach of a material obligation of Contractor under this Contract and may be deemed an incurable and material breach of a material obligation of Contractor under this Contract resulting in termination.
Breach of Security. Either Party shall notify the other immediately upon becoming aware of any Breach of Security including, but not limited to an actual, potential or attempted breach, or threat to, the Security Plan.
Breach of Security. 5.1. Provider shall provide the GLO with the name and contact information for an employee of Provider which shall serve as the GLO’s primary security contact.
5.2. Upon Provider’s discovery of a Breach of Security or suspected Breach of Security, Provider shall notify the GLO as soon as possible, but no later than 24 hours after discovery of the Breach of Security or suspected Breach of Security. Within 72 hours, Provider shall provide to the GLO, at minimum, a written preliminary report regarding the Breach or suspected Breach to the GLO with root cause analysis including a log detailing the data affected.
5.3. Provider shall submit the initial notification and preliminary report to the GLO Information Security Officer at xxxxxxxxxxxxxxxxxxx@xxx.xxxxx.xxx.
5.4. Provider shall take all reasonable steps to immediately remedy a Breach of Security and prevent any further Breach of Security.
5.5. Provider shall not inform any third party of any Breach of Security or suspected Breach of Security without first obtaining GLO’s prior written consent unless such action is required by law or is limited to third party personnel that have a need to know for the sole purpose of containing or remediating the Breach of Security or suspected Breach of Security. However, while a third party may be informed of the Breach or suspected Breach for the sole purpose of containing or remediating it, no GLO Data shall be shared with such third party unless express written permission is obtained from the GLO in accordance with Section 2.5. Provider will legally bind such third party to the same requirements stated herein and obligations stipulated in the Contract and documents related thereto as soon as practicable upon securing such third party to contain or remediate the Breach of Security or suspected Breach of Security.
5.6. Notwithstanding the remedies provided in the Contract, if a Breach of Security includes SPI, Provider shall, at the discretion of the GLO, notify affected individuals of such Breach and provide affected individuals complimentary access to one (1) year of credit monitoring services.
Breach of Security. 6.1 Either party shall notify the other in writing in accordance with the agreed security incident management process as defined by the ISMS upon becoming aware of any Breach of Security or any potential or attempted Breach of Security.
6.2 Without prejudice to the security incident management process, upon becoming aware of any of the circumstances referred to in paragraph 6.1, the Supplier shall:
6.2.1 immediately take all reasonable steps necessary to:
6.2.1.1 remedy such breach or protect the integrity of the ISMS against any such potential or attempted breach or threat; and
6.2.2.2 prevent an equivalent breach in the future. Such steps shall include any action or changes reasonably required by the Customer. In the event that such action is taken in response to a breach that is determined by the Customer acting reasonably not to be covered by the obligations of the Supplier under this Contract, then the Supplier shall be entitled to refer the matter to the variation procedure in clause 2.2; and
6.2.2 as soon as reasonably practicable provide to the Customer full details (using such reporting mechanism as defined by the ISMS) of the Breach of Security or the potential or attempted Breach of Security. The Customer treats its information as a valuable asset and considers that it is essential that information must be protected, together with the systems, equipment and processes which support its use. These information assets may include data, text, drawings, diagrams, images or sounds in electronic, magnetic, optical or tangible media, together with any Customer’s Personal Data. In order to protect Governmental information appropriately, Suppliers must provide the security measures and safeguards appropriate to the nature and use of the information. All Suppliers of services to the Customer must comply, and be able to demonstrate compliance, with the Customer’s relevant policies and standards. The Chief Executive or other suitable senior official of the Supplier must agree in writing to comply with these policies and standards. Each Supplier must also appoint a named officer who will act as a first point of contact with the Customer for security issues. In addition all Staff working for the Supplier and where relevant Sub-Contractors, with access to Governmental IT Systems, the Contract Services or Governmental information must be made aware of these requirements and must comply with them. The Suppliers must comply with the relevant Standards from the Cust...
