Cyber Insurance. The Contractor shall maintain network risk and cyber liability coverage (including coverage for unauthorized access, failure of security, breach of privacy perils, as well at notification costs and regulatory defense) in an amount of not less than $1,000,000. Such insurance shall be maintained in force at all times during the term of the Contract and for a period of two years thereafter for services completed during the term of the Contract.
Cyber Insurance. In addition to insurance required under the Agreement, Supplier shall at its sole cost and expense procure and maintain through the term of the Agreement and for two (2) years following the termination or expiration of the Agreement cyber/network privacy insurance with limits of $5,000,000 per claim/in aggregate. Such policy shall provide coverage for disclosures and/or breaches of University Data arising out of or relating to Supplier’s Services. Such policy shall also include coverage for the costs associated with restoring lost or damaged University Data, sending breach notifications to affected individuals, public relations expenses, fines and penalties. Such policy shall not contain exclusions for the acts or omissions of either Supplier or University or their respective employees, agents, subcontractors or volunteers, whether intentional or unintentional, resulting in or relating to any Use of University Data not expressly permitted by the Agreement and this Addendum or any breach of University Data. Supplier must notify University at least thirty (30) days prior to the cancellation or modification of such policy.
Cyber Insurance. If the Vendor will be communicating with the District electronically and/or collecting any sensitive staff or student data, the Vendor must have coverage applicable to first- and third-party claims including but not limited to data compromise expenses and liability, forensic review costs, legal review costs, data restoration and re-creation costs, public relations costs, extortion costs, network security liability, identity recovery costs, regulatory fines and penalties, and credit monitoring costs. Coverage limits shall be no less than: Each Occurrence/Claim $1,000,000 Aggregate $1,000,000
Cyber Insurance. Client shall secure and maintain for the duration of the contract Cyber Liability Insurance to insure Client cyber exposures. Specific limits and coverages should be evaluated by a qualified insurance broker or risk manager to determine Client specific coverage and policy limit requirements. A minimal $1,000,000 Policy per occurrence/aggregate limit is required.
Cyber Insurance. Each Party receiving Confidential Information shall secure, provide and maintain during the term of this Agreement, an insurance policy that provides coverage for any and all liabilities, damages, claims, losses, costs and expenses, of any kind, that may be incurred by or asserted against the Central Xxxxxx resulting from or related to:
(1) any act, error, or omission or negligence related to Company's technology and/or professional services;
(2) intellectual property infringement arising out of software and/or content;
(3) breaches of security;
(4) violation or infringement of any right to privacy, or any breach of federal, state, local or foreign security and/or privacy laws or regulations;
(5) theft, damage, destruction, or corruption of any data of Central Xxxxxx or any employee, or customer of Central Xxxxxx, including without limitation, unauthorized access, unauthorized use, identity theft, theft of personally identifiable information or confidential corporate information, transmission of a computer virus or other type of malicious code; and
(6) participation, including a denial of service attack on a third party. Minimum limits of $3,000,000 per occurrence. Such insurance must cover all of the foregoing without limitation if caused by an independent Company working on behalf of the Company, in performing Services under this Agreement. The policy must be kept in force by Company during the term of this Agreement and for six (6) years (either as a policy in force or extended reporting period) after this Agreement is terminated or after completion of the Project provided for herein, whichever is later.
Cyber Insurance. What types of cyber insurance does the vendor have in place? New insurance products have emerged that are designed specifically to address first and third party claims related to data, including the costs of responding to a breach. If the vendor under consideration carries such insurance, the vendor will be in a better position to respond in the event of a breach. Does the vendor’s policy provide coverage for breach remediation and notification expenses? Management of breach response by counsel? Forensic investigation and credit monitoring services? Does the policy provide coverage for regulatory fines and penalties? Reimbursement for crisis management and public relations services? Does the policy contain exclusions baring coverage for mechanical failure, failure to maintain the computer network or system, failure to maintain risk controls or lack of encryption? Focusing on these questions before negotiating the vendor agreement can help the parties better understand the options that may be available with respect to liability and indemnification. What audit reports are available with respect to the vendor’s data security practices? Below are some examples of audit reports that are increasingly available to a vendor’s potential customers: A Service Organization Controls Report 2 (SOC 2) is intended to demonstrate that the organization’s internal controls related to security, availability, processing, integrity, confidentiality and data privacy are operating effectively. A SOC 2 Type I report focuses on management’s description of a service organizations’ system, and the suitability of the design of the controls. The SOC 2 Type II report focuses on management’s description of a service organization’s system and the suitability of the design and operating effectiveness of the controls. The report includes an examination and confirmation of the steps involved, and an evaluation of the operating effectiveness of the controls for a stated period of time. The distinctions between a Type I report and a Type II report are subtle, but important. When evaluating a Type I report, the focus is on whether management has adequately described the system and adopted suitable controls for security, availability, processing, integrity, confidentiality and data privacy. The Type II report, in contrast, evaluates whether that system operates effectively. What type of report required depends on the nature of the engagement and the data to which the vendor will have access. SOC...
Cyber Insurance. Contractor agrees to purchase and maintain throughout the term of the Agreement a technology/professional liability insurance policy, including coverage for network security/data protection liability insurance (also called “cyber liability”), covering liabilities for financial loss resulting or arising from acts, errors, or omissions in rendering technology/professional services or in connection with the specific services described in violation or infringement of any right of privacy, including: breach of security and breach of security/privacy laws, rules or regulations globally, now or hereinafter constituted or amended; data theft, damage, unauthorized disclosure, destruction, or corruption, including without limitation, unauthorized access, unauthorized use, identity theft, theft of personally identifiable information or confidential corporate information in whatever form, transmission of a computer virus or other type of malicious code, and participation in a denial of service attack on third party computer systems; loss or denial of service; no cyber terrorism exclusion, with a minimum limit of one million dollars ($1,000,000) each and every claim and in the aggregate. Such coverage must include technology/professional liability including breach of contract, privacy and security liability, privacy regulatory defense and payment of civil fines, payment of credit card provider penalties, and breach response costs (including without limitation, notification costs, forensics, credit protection services, call center services, identity theft protection services, and crisis management/public relations services). Such insurance must explicitly address all of the foregoing without limitation if caused by an employee of Contractor or an independent contractor working on behalf of Contractor in performing services under the Agreement. The policy must provide coverage for wrongful acts, claims, and lawsuits anywhere in the world. Such insurance must include affirmative contractual liability coverage for the data breach indemnity in the Agreement for all damages, defense costs, privacy regulatory civil fines and penalties, and reasonable and necessary data breach notification, forensics, credit protection services, public relations/crisis management, and other data breach mitigation services resulting from a confidentiality or breach of security by or on behalf of Contractor.
Cyber Insurance. If Consultant will have access to the City’s network or City’s data, Consultant must maintain throughout the duration of this Agreement and for a period of three (3) years after the termination of this Agreement. Coverage must include: Cyber Incident/Breach Response and Remediation Expenses, Digital Data Recovery, Privacy and Network Security Liability, and Notification Expense.
Cyber Insurance. The Company shall have procured cyber (including HIPAA) liability insurance runoff coverage with a limit of liability of at least USD $1 million and at least 3 years’ prior acts coverage and shall have delivered a certificate of insurance evidencing such coverage to the Purchaser.
Cyber Insurance. Business Associate will maintain in force during the term of this Agreement cyber information technology and cyber errors and omissions liability insurance with a combined single limit of not less than $10,000,000.00 in the aggregate. Such coverage shall include but not be limited to, third party liability coverage for loss or disclosure of data, including electronic data, network security failure, unauthorized access and/or use or other intrusions, infringement of any intellectual property rights (except patent infringement and trade secret misappropriation) unintentional breach of contract, negligence or breach of duty to use reasonable care, breach of any duty of confidentiality, invasion of privacy, or violation of any other legal protections for personal information, defamation, libel, slander, commercial disparagement, negligent transmission of computer virus, worm, logic bomb, or Trojan horse or negligence in connection with denial of service attacks, or negligent misrepresentation. Upon request, Business Associate shall provide evidence of continuous coverage to Covered Entity. Business Associate will notify Covered Entity immediately if Business Associate’s insurance coverage is reduced or terminated.
