Cyber Insurance. a. RIB shall procure and maintain, at its sole expense, from an insurance company having an A.M. Best rating of “A-” or better and with a financial size category of at least Class VII or, if such ratings are no longer available, with comparable ratings from a generally recognized insurance rating agency, insurance coverage for the unauthorized acquisition, access, use, physical taking, release, distribution, or disclosure of personal information, identity theft, and breaches by third parties and employees, for costs and expenses arising from or relating to an unauthorized disclosure or use of Customer Data or any use or disclosure of Customer Data in breach of the terms and conditions of this Agreement or in violation of applicable law, including such costs and expenses of notification, fraud alert and credit monitoring, mitigation of damages, consultants, forensic investigation, and legal expenses, such policy to include, at a minimum, (A) third-party coverage for data privacy and computer network security breaches, internet and electronic media liability, and professional services liability, (B) first-party business interruption coverage in the event of a network security breach, (C) first-party cyber extortion coverage for threats against data and identity theft, (E) liability coverage for claims related to computer viruses or other malicious code, (F) liability coverage for claims related to theft or destruction of data, and (G) reimbursement for expenses notification of, and costs associated with credit monitoring for, parties affected by a security breach, costs for investigating and managing a security breach, and data privacy regulatory fines and penalties, with limits of not less than $5,000,000 as an annual aggregate (“Cyber Insurance”). b. Upon its procurement of the foregoing insurance and thereafter upon Customer’s request from time to time, and upon any replacement of or material change to any policy required under this Agreement, RIB shall furnish Customer with certificates or other proof of each such policy reasonably satisfactory to Customer. RIB shall notify Customer within three business days following any cancellation, or receipt of notice of cancellation, of any such policy. c. The requirements as to the types and limits of insurance coverage to be maintained by RIB pursuant to this Agreement, and any approval or waiver of said insurance by Customer, is not intended to, and shall not, limit or qualify in any manner the liabilities and obligations otherwise assumed by RIB pursuant to this Agreement, including without limitation provisions relating to indemnification. The procurement and maintenance of insurance required under this Agreement shall not limit or affect any liability that RIB may have by virtue of this Agreement or otherwise.
Appears in 1 contract
Samples: Data Processing Agreement
Cyber Insurance. a. RIB shall procure The Service Provider agrees to purchase and maintainmaintain throughout the term of this Agreement a technology/professional liability insurance policy, at its sole expense, from an insurance company having an A.M. Best rating of “A-” or better and with a financial size category of at least Class VII or, if such ratings are no longer available, with comparable ratings from a generally recognized insurance rating agency, insurance including coverage for network security/data protection liability insurance (also called “cyber liability”) covering liabilities for financial loss resulting or arising from acts, errors, or omissions, in rendering technology/professional services or in connection with the specific services described in violation or infringement of any right of privacy, including breach of security and breach of security/privacy laws, rules or regulations globally, now or hereinafter constituted or amended; Data theft, damage, unauthorized acquisitiondisclosure, destruction, or corruption, including without limitation, unauthorized access, unauthorized use, physical taking, release, distribution, or disclosure of personal information, identity theft, theft of personally identifiable information or confidential corporate information in whatever form, transmission of a computer virus or other type of malicious code; and breaches by participation in a denial of service attack on third parties party computer systems; Loss or denial of service; No cyber terrorism exclusion; With a minimum limit of $3,000,000 each and employees, for costs every claim and expenses arising from or relating to an unauthorized disclosure or use of Customer Data or any use or disclosure of Customer Data in the aggregate. Such coverage must include technology/professional liability including breach of the terms contract, privacy and conditions security liability, privacy regulatory defense and payment of this Agreement or in violation civil fines, payment of applicable law, including such costs and expenses of notification, fraud alert and credit monitoring, mitigation of damages, consultants, forensic investigationcard provider penalties, and legal expensesbreach response costs (including without limitation, such policy to includenotification costs, at a minimumforensics, (A) third-party credit protection services, call center services, identity theft protection services, and crisis management/public relations services). Such insurance must explicitly address all of the foregoing without limitation if caused by an employee of the Service Provider or an independent contractor working on behalf of the Service Provider in performing services under this Agreement. Policy must provide coverage for data privacy and computer network security breacheswrongful acts, internet and electronic media liabilityclaims, and professional services liability, (B) first-party business interruption coverage lawsuits anywhere in the event of a network security breach, (C) first-party cyber extortion coverage for threats against data and identity theft, (E) world. Such insurance must include affirmative contractual liability coverage for claims related to computer viruses or other malicious codethe data breach indemnity in this Agreement for all damages, (F) liability coverage for claims related to theft or destruction of datadefense costs, and (G) reimbursement for expenses notification of, and costs associated with credit monitoring for, parties affected by a security breach, costs for investigating and managing a security breach, and data privacy regulatory civil fines and penalties, with limits and reasonable and necessary data breach notification, forensics, credit protection services, public relations/crisis management, and other data breach mitigation services resulting from a confidentiality or breach of not less than $5,000,000 as an annual aggregate (“Cyber Insurance”).
b. Upon its procurement security by or on behalf of the foregoing insurance and thereafter upon Customer’s request from time to time, and upon any replacement of or material change to any policy required under this Agreement, RIB shall furnish Customer with certificates or other proof of each such policy reasonably satisfactory to Customer. RIB shall notify Customer within three business days following any cancellation, or receipt of notice of cancellation, of any such policyService Provider.
c. The requirements as to the types and limits of insurance coverage to be maintained by RIB pursuant to this Agreement, and any approval or waiver of said insurance by Customer, is not intended to, and shall not, limit or qualify in any manner the liabilities and obligations otherwise assumed by RIB pursuant to this Agreement, including without limitation provisions relating to indemnification. The procurement and maintenance of insurance required under this Agreement shall not limit or affect any liability that RIB may have by virtue of this Agreement or otherwise.
Appears in 1 contract
Samples: Software/Services Agreement
Cyber Insurance. a. RIB shall procure Contractor agrees to purchase and maintainmaintain throughout the term of the Agreement a technology/professional liability insurance policy, at its sole expense, from an insurance company having an A.M. Best rating of “A-” or better and with a financial size category of at least Class VII or, if such ratings are no longer available, with comparable ratings from a generally recognized insurance rating agency, insurance including coverage for network security/data protection liability insurance (also called “cyber liability”), covering liabilities for financial loss resulting or arising from acts, errors, or omissions in rendering technology/professional services or in connection with the specific services described in violation or infringement of any right of privacy, including: breach of security and breach of security/privacy laws, rules or regulations globally, now or hereinafter constituted or amended; data theft, damage, unauthorized acquisitiondisclosure, destruction, or corruption, including without limitation, unauthorized access, unauthorized use, physical taking, release, distribution, or disclosure of personal information, identity theft, theft of personally identifiable information or confidential corporate information in whatever form, transmission of a computer virus or other type of malicious code, and breaches by participation in a denial of service attack on third parties party computer systems; loss or denial of service; no cyber terrorism exclusion, with a minimum limit of one million dollars ($1,000,000) each and employees, for costs every claim and expenses arising from or relating to an unauthorized disclosure or use of Customer Data or any use or disclosure of Customer Data in the aggregate. Such coverage must include technology/professional liability including breach of the terms contract, privacy and conditions security liability, privacy regulatory defense and payment of this Agreement or in violation civil fines, payment of applicable law, including such costs and expenses of notification, fraud alert and credit monitoring, mitigation of damages, consultants, forensic investigationcard provider penalties, and legal expensesbreach response costs (including without limitation, such notification costs, forensics, credit protection services, call center services, identity theft protection services, and crisis management/public relations services). Such insurance must explicitly address all of the foregoing without limitation if caused by an employee of Contractor or an independent contractor working on behalf of Contractor in performing services under the Agreement. The policy to include, at a minimum, (A) third-party must provide coverage for data privacy and computer network security breacheswrongful acts, internet and electronic media liabilityclaims, and professional services liability, (B) first-party business interruption coverage lawsuits anywhere in the event of a network security breach, (C) first-party cyber extortion coverage for threats against data and identity theft, (E) world. Such insurance must include affirmative contractual liability coverage for claims related to computer viruses or other malicious codethe data breach indemnity in the Agreement for all damages, (F) liability coverage for claims related to theft or destruction of datadefense costs, and (G) reimbursement for expenses notification of, and costs associated with credit monitoring for, parties affected by a security breach, costs for investigating and managing a security breach, and data privacy regulatory civil fines and penalties, with limits of not less than $5,000,000 as an annual aggregate (“Cyber Insurance”).
b. Upon its procurement of the foregoing insurance and thereafter upon Customer’s request from time to timereasonable and necessary data breach notification, forensics, credit protection services, public relations/crisis management, and upon any replacement other data breach mitigation services resulting from a confidentiality or breach of security by or material change to any policy required under this Agreement, RIB shall furnish Customer with certificates or other proof on behalf of each such policy reasonably satisfactory to Customer. RIB shall notify Customer within three business days following any cancellation, or receipt of notice of cancellation, of any such policyContractor.
c. The requirements as to the types and limits of insurance coverage to be maintained by RIB pursuant to this Agreement, and any approval or waiver of said insurance by Customer, is not intended to, and shall not, limit or qualify in any manner the liabilities and obligations otherwise assumed by RIB pursuant to this Agreement, including without limitation provisions relating to indemnification. The procurement and maintenance of insurance required under this Agreement shall not limit or affect any liability that RIB may have by virtue of this Agreement or otherwise.
Appears in 1 contract
Samples: License Agreement
Cyber Insurance. a. RIB shall procure Contractor agrees to purchase and maintainmaintain throughout the term of this Agreement a technology and professional liability insurance policy, at its sole expense, from an insurance company having an A.M. Best rating of “A-” or better and with a financial size category of at least Class VII or, if such ratings are no longer available, with comparable ratings from a generally recognized insurance rating agency, insurance including coverage for network security and data protection liability insurance (also called “cyber liability”) covering liabilities for financial loss resulting or arising from acts, errors, or omissions, in rendering technology or professional services or in connection with the specific services described in violation or infringement of any right of privacy, including breach of security and breach of security or privacy laws, rules or regulations globally, now or hereinafter constituted or amended; data theft, damage, unauthorized acquisitiondisclosure, destruction, or corruption, including without limitation, unauthorized access, unauthorized use, physical taking, release, distribution, or disclosure of personal information, identity theft, theft of personally identifiable information or confidential government, corporate, or public information in whatever form; transmission of a computer virus or other type of malicious code; participation in a denial of service attack on third party computer systems; loss or denial of service; with no cyber terrorism exclusion; with a minimum limit of three million dollars ($3,000,000) for each and breaches by third parties every claim and employees, for costs in the aggregate. Such coverage must include technology and expenses arising from or relating to an unauthorized disclosure or use of Customer Data or any use or disclosure of Customer Data in professional liability including breach of the terms contract, privacy and conditions security liability, privacy regulatory defense and payment of this Agreement or in violation civil fines, payment of applicable law, including such costs and expenses of notification, fraud alert and credit monitoring, mitigation of damages, consultants, forensic investigationcard provider penalties, and legal expensesbreach response costs (including without limitation, such policy to includenotification costs, at a minimumforensics, (A) third-party credit protection services, call center services, identity theft protection services, and crisis management and public relations services). Such insurance must explicitly address all of the foregoing without limitation if caused by an employee of the Contractor or an independent contractor working on behalf of the Contractor in performing services under this Agreement. Policy must provide coverage for data privacy and computer network security breacheswrongful acts, internet and electronic media liabilityclaims, and professional services liability, (B) first-party business interruption coverage lawsuits anywhere in the event of a network security breach, (C) first-party cyber extortion coverage for threats against data and identity theft, (E) world. Such insurance must include affirmative contractual liability coverage for claims related to computer viruses or other malicious codeany data breach indemnity in this Agreement, (F) liability coverage for claims related to theft or destruction of dataall damages, and (G) reimbursement for expenses notification ofdefense costs, and costs associated with credit monitoring for, parties affected by a security breach, costs for investigating and managing a security breach, and data privacy regulatory civil fines and penalties, with limits of not less than $5,000,000 as an annual aggregate (“Cyber Insurance”).
b. Upon its procurement and reasonable and necessary data breach notification, forensics, credit protection services, public relations and crisis management, and other data breach mitigation services resulting from a confidentiality or security breach by or on behalf of the foregoing insurance and thereafter upon Customer’s request from Contractor. Contractor shall furnish evidence of coverage at the time to timeof any bid or proposal, and upon request at any replacement time during the term of or material change to any policy required under this the Agreement, RIB shall furnish Customer with certificates or other proof of each such policy reasonably satisfactory to Customer. RIB shall notify Customer within three business days following any cancellation, or receipt of notice of cancellation, of any such policy.
c. The requirements as to the types and limits of insurance coverage to be maintained by RIB pursuant to this Agreement, and any approval or waiver of said insurance by Customer, is not intended to, and shall not, limit or qualify in any manner the liabilities and obligations otherwise assumed by RIB pursuant to this Agreement, including without limitation provisions relating to indemnification. The procurement and maintenance of insurance required under this Agreement shall not limit or affect any liability that RIB may have by virtue of this Agreement or otherwise.
Appears in 1 contract
Samples: Standard Terms and Conditions