Common use of BREACH REPORTING AND NOTIFICATION RESPONSIBILITY Clause in Contracts

BREACH REPORTING AND NOTIFICATION RESPONSIBILITY. Upon disclosure of NDNH information from OCSE to the state agency, the state agency is the responsible party in the event of a confirmed or suspected breach of the information, including responsibility for any costs associated with breach mitigation and remediation. Immediately upon discovery, but in no case later than one hour after discovery of the incident, the state agency shall report confirmed and suspected incidents, in either electronic or physical form, to OCSE, as designated in this security addendum. The state agency is responsible for all reporting and notification activities, including but not limited to: investigating the incident; communicating with required state government breach response officials; notifying individuals whose information is breached; notifying any third parties, including the media; notifying any other public and private sector agencies involved; responding to inquiries about the breach; resolving all issues surrounding the information breach; performing any follow-up activities; correcting the vulnerability that allowed the breach; and any other activity, as required by OMB M-17-12, Preparing for and Responding to a Breach of Personally Identifiable Information, and other federal law and guidance.

Appears in 2 contracts

Samples: Computer Matching Agreement, Computer Matching Agreement

AutoNDA by SimpleDocs

BREACH REPORTING AND NOTIFICATION RESPONSIBILITY. Upon disclosure of NDNH information from OCSE to the state agency, the state agency is the responsible party in the event of a confirmed or suspected breach of the information, including responsibility for any costs associated with breach mitigation and remediation. Immediately upon discovery, but in no case later than one hour after discovery of the incident, the state agency shall must report confirmed and suspected incidents, in either electronic or physical form, to OCSE, as designated in this security addendum. The state agency is responsible for all reporting and notification activities, including but not limited to: investigating the incident; communicating with required state government breach response officials; notifying individuals whose information is breached; notifying any third parties, including the media; notifying any other public and private sector agencies involved; responding to inquiries about the breach; resolving all issues surrounding the information breach; performing any follow-up activities; correcting the vulnerability that allowed the breach; and any other activity, as required by OMB M-17-12, Preparing for and Responding to a Breach of Personally Identifiable Information, and other federal law and guidance...

Appears in 2 contracts

Samples: Computer Matching Agreement, Computer Matching Agreement

BREACH REPORTING AND NOTIFICATION RESPONSIBILITY. Upon disclosure of NDNH information from OCSE to the state agency, the state agency is the responsible party in the event of a confirmed breach or suspected breach of the information, including responsibility for any costs associated with breach mitigation and remediation. Immediately upon discovery, but in no case later than one hour after discovery of the incident, the state agency shall report confirmed and suspected incidents, in either electronic or physical form, to OCSE, as designated in this security addendum. The state agency is responsible for all reporting and notification activities, and associated costs of breach remediation, including but not limited to: investigating the incident; communicating with required state government breach response officials; notifying individuals whose information is breached; notifying any third parties, including the media, as necessary; notifying any other public and private sector agencies involved; responding to inquiries about the breach; resolving all issues surrounding the information breachbreach of NDNH information; performing any necessary follow-up activities; correcting the vulnerability that allowed the breach; and any other activityactivities, as required by OMB M-17-12, Preparing for and Responding to a Breach of Personally Identifiable Information, and other federal law and guidance.

Appears in 1 contract

Samples: Computer Matching Agreement

BREACH REPORTING AND NOTIFICATION RESPONSIBILITY. Upon disclosure of NDNH information from OCSE to the state agencySSA, the state agency SSA is the responsible party in the event of a confirmed breach or suspected breach of the information. Whether NDNH information is in the custody of SSA or an authorized entity, including responsibility for any costs associated with breach mitigation and remediation. Immediately immediately upon discovery, discovery but in no case later than one hour after discovery of the incident, SSA will report the state agency shall report confirmed breach or suspected breach to OCSE security officials and suspected incidents, in either electronic or physical form, to OCSE, as designated in this security addendum. The state agency is responsible for will comply with any and all OMB reporting and notification activitiesrequirements and conduct all activities pertaining to such reporting and notification. These activities include, including but are not limited to: investigating the incident; communicating with required state government breach response officialsUS-CERT; notifying individuals whose information is breached; notifying any third parties, parties including the media; notifying any other public and private sector agencies involved; responding to inquiries about the breach; responding to Congressional inquiries; resolving all issues surrounding the information breach; performing any follow-up activities; correcting the vulnerability that allowed the breach; and any other activity, activity as required by OMB M-17M-07-1216, Preparing for Safeguarding Against and Responding to a the Breach of Personally Identifiable Information, and other federal law and guidance.

Appears in 1 contract

Samples: Computer Matching Agreement

AutoNDA by SimpleDocs

BREACH REPORTING AND NOTIFICATION RESPONSIBILITY. Upon disclosure of NDNH information from OCSE to the state agency, the state agency is the responsible party in the event of a confirmed breach or suspected breach of the information, including responsibility for any costs associated with breach mitigation and remediation. Immediately upon discovery, but in no case later than one hour after discovery of the incident, the state agency shall report confirmed and suspected incidents, in either electronic or physical form, to OCSE, as designated in this security addendum. The state agency is responsible for all reporting and notification activities, and associated costs of breach remediation, including but not limited to: to investigating the incident; communicating with required state government breach response officials; notifying individuals whose information is breached; notifying any third parties, including the media; notifying any other public and private sector agencies involved; responding to inquiries about the breach; resolving all issues surrounding the information breachbreach of NDNH information; performing any necessary follow-up activities; correcting the vulnerability that allowed the breach; and any other activityactivities, as required by OMB M-17-12, Preparing for and Responding to a Breach of Personally Identifiable Information, and other federal law and guidance.

Appears in 1 contract

Samples: Computer Matching Agreement

BREACH REPORTING AND NOTIFICATION RESPONSIBILITY. Upon disclosure of NDNH information from OCSE to the state agencySSA, the state agency SSA is the responsible party in the event of a confirmed or suspected breach of the information, including responsibility for any costs associated with breach mitigation and remediation. Immediately upon discovery, but in no case later than one hour after discovery of the incident, the state agency SSA shall report confirmed and suspected incidents, in either electronic or physical form, to OCSE, OCSE as designated in this security addendum. The state agency SSA is responsible for all reporting and notification activities, including but not limited to: investigating the incident; communicating with required state government breach response officialsUS-CERT; notifying individuals whose information is breached; notifying any third parties, including the media; notifying any other public and private sector agencies involved; responding to inquiries about the breach; responding to Congressional inquiries; resolving all issues surrounding the information breach; performing any follow-up activities; correcting the vulnerability that allowed the breach; and any other activity, activity as required by OMB M-17-12, Preparing for and Responding to a Breach of Personally Identifiable Information, Information and other federal law and guidance.

Appears in 1 contract

Samples: Computer Matching Agreement

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!