Data Breach In the event of an unauthorized release, disclosure or acquisition of Student Data that compromises the security, confidentiality or integrity of the Student Data maintained by the Provider the Provider shall provide notification to LEA within seventy-two (72) hours of confirmation of the incident, unless notification within this time limit would disrupt investigation of the incident by law enforcement. In such an event, notification shall be made within a reasonable time after the incident. Provider shall follow the following process:
(1) The security breach notification described above shall include, at a minimum, the following information to the extent known by the Provider and as it becomes available:
i. The name and contact information of the reporting LEA subject to this section.
ii. A list of the types of personal information that were or are reasonably believed to have been the subject of a breach.
iii. If the information is possible to determine at the time the notice is provided, then either
(1) the date of the breach, (2) the estimated date of the breach, or (3) the date range within which the breach occurred. The notification shall also include the date of the notice.
iv. Whether the notification was delayed as a result of a law enforcement investigation, if that information is possible to determine at the time the notice is provided; and
v. A general description of the breach incident, if that information is possible to determine at the time the notice is provided.
(2) Provider agrees to adhere to all federal and state requirements with respect to a data breach related to the Student Data, including, when appropriate or required, the required responsibilities and procedures for notification and mitigation of any such data breach.
(3) Provider further acknowledges and agrees to have a written incident response plan that reflects best practices and is consistent with industry standards and federal and state law for responding to a data breach, breach of security, privacy incident or unauthorized acquisition or use of Student Data or any portion thereof, including personally identifiable information and agrees to provide XXX, upon request, with a summary of said written incident response plan.
(4) LEA shall provide notice and facts surrounding the breach to the affected students, parents or guardians.
(5) In the event of a breach originating from XXX’s use of the Service, Provider shall cooperate with XXX to the extent necessary to expeditiously secure Student Data.
Data Breaches 4.1 The Data Processor does not guarantee that its security measures will be effective under all conditions. If the Data Processor discovers a data breach within the meaning of Article
Personal Data Breach 7.1 Processor shall notify Company without undue delay upon Processor becoming aware of a Personal Data Breach affecting Company Personal Data, providing Company with sufficient information to allow the Company to meet any obligations to report or inform Data Subjects of the Personal Data Breach under the Data Protection Laws.
7.2 Processor shall co-operate with the Company and take reasonable commercial steps as are directed by Company to assist in the investigation, mitigation and remediation of each such Personal Data Breach.
Notification of personal data breach 1. In case of any personal data breach, the data processor shall, without undue delay after having become aware of it, notify the data controller of the personal data breach.
2. The data processor’s notification to the data controller shall, if possible, take place within 24 hours after the data processor has become aware of the personal data breach to enable the data controller to comply with the data controller’s obligation to notify the personal data breach to the competent supervisory authority, cf. Article 33
Personal Data Breaches 5.7.1 The Data Processor shall give immediate notice to the Data Controller if a breach occurs, that can lead to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of or access to, personal data transmitted, stored or otherwise processed re the Personal Data processed on behalf of the Data Controller (a “Personal Data Breach”).
5.7.2 The Data Processor shall make reasonable efforts to identify the cause of such a breach and take those steps as they deem necessary to establish the cause, and to prevent such a breach from reoccurring.
Patient Information Each Party agrees to abide by all laws, rules, regulations, and orders of all applicable supranational, national, federal, state, provincial, and local governmental entities concerning the confidentiality or protection of patient identifiable information and/or patients’ protected health information, as defined by any other applicable legislation in the course of their performance under this Agreement.
Handling Sensitive Personal Information and Breach Notification A. As part of its contract with HHSC Contractor may receive or create sensitive personal information, as section 521.002 of the Business and Commerce Code defines that phrase. Contractor must use appropriate safeguards to protect this sensitive personal information. These safeguards must include maintaining the sensitive personal information in a form that is unusable, unreadable, or indecipherable to unauthorized persons. Contractor may consult the “Guidance to Render Unsecured Protected Health Information Unusable, Unreadable, or Indecipherable to Unauthorized Individuals” issued by the U.S. Department of Health and Human Services to determine ways to meet this standard.
B. Contractor must notify HHSC of any confirmed or suspected unauthorized acquisition, access, use or disclosure of sensitive personal information related to this Contract, including any breach of system security, as section 521.053 of the Business and Commerce Code defines that phrase. Contractor must submit a written report to HHSC as soon as possible but no later than 10 business days after discovering the unauthorized acquisition, access, use or disclosure. The written report must identify everyone whose sensitive personal information has been or is reasonably believed to have been compromised.
C. Contractor must either disclose the unauthorized acquisition, access, use or disclosure to everyone whose sensitive personal information has been or is reasonably believed to have been compromised or pay the expenses associated with HHSC doing the disclosure if:
1. Contractor experiences a breach of system security involving information owned by HHSC for which disclosure or notification is required under section 521.053 of the Business and Commerce Code; or
2. Contractor experiences a breach of unsecured protected health information, as 45 C.F.R. §164.402 defines that phrase, and HHSC becomes responsible for doing the notification required by 45 C.F.R. §164.404. HHSC may, at its discretion, waive Contractor's payment of expenses associated with HHSC doing the disclosure.
LIFE COMPANY TO PROVIDE DOCUMENTS; INFORMATION ABOUT AVIF (a) LIFE COMPANY will provide to AVIF or its designated agent at least one (1) complete copy of all SEC registration statements, Account Prospectuses, reports, any preliminary and final voting instruction solicitation material, applications for exemptions, requests for no-action letters, and all amendments to any of the above, that relate to each Account or the Contracts, contemporaneously with the filing of such document with the SEC or other regulatory authorities.
(b) LIFE COMPANY will provide to AVIF or its designated agent at least one (1) complete copy of each piece of sales literature or other promotional material in which AVIF or any of its affiliates is named, at least five (5) Business Days prior to its use or such shorter period as the Parties hereto may, from time to time, agree upon. No such material shall be used if AVIF or its designated agent objects to such use within five (5) Business Days after receipt of such material or such shorter period as the Parties hereto may, from time to time, agree upon. AVIF hereby designates INVESCO as the entity to receive such sales literature, until such time as AVIF appoints another designated agent by giving notice to LIFE COMPANY in the manner required by Section 9 hereof.
(c) Neither LIFE COMPANY nor any of its affiliates, will give any information or make any representations or statements on behalf of or concerning AVIF or its affiliates in connection with the sale of the Contracts other than (i) the information or representations contained in the registration statement, including the AVIF Prospectus contained therein, relating to Shares, as such registration statement and AVIF Prospectus may be amended from time to time; or (ii) in reports or proxy materials for AVIF ; or (iii) in published reports for AVIF that are in the public domain and approved by AVIF for distribution; or (iv) in sales literature or other promotional material approved by AVIF , except with the express written permission of AVIF .
(d) LIFE COMPANY shall adopt and implement procedures reasonably designed to ensure that information concerning AVIF and its affiliates that is intended for use only by brokers or agents selling the Contracts (i.e., information that is not intended for distribution to Participants) (“broker only materials”) is so used, and neither AVIF nor any of its affiliates shall be liable for any losses, damages or expenses relating to the improper use of such broker only materials.
(e) For the purposes of this Section 4.5, the phrase “sales literature or other promotional material” includes, but is not limited to, advertisements (such as material published, or designed for use in, a newspaper, magazine, or other periodical, radio, television, telephone or tape recording, videotape display, signs or billboards, motion pictures, or other public media, (e.g., on-line networks such as the Internet or other electronic messages), sales literature (i.e., any written communication distributed or made generally available to customers or the public, including brochures, circulars, research reports, market letters, form letters, seminar texts, reprints or excerpts of any other advertisement, sales literature, or published article), educational or training materials or other communications distributed or made generally available to some or all agents or employees, registration statements, prospectuses, statements of additional information, shareholder reports, and proxy materials and any other material constituting sales literature or advertising under FINRA rules, the 1933 Act, or the 0000 Xxx.
Data Disclosure Under Minnesota Statute § 270C.65, Subdivision 3 and other applicable law, the Contractor consents to disclosure of its social security number, federal employer tax identification number, and/or Minnesota tax identification number, already provided to the State, to federal and state agencies and state personnel involved in the payment of state obligations. These identification numbers may be used in the enforcement of federal and state laws which could result in action requiring the Contractor to file state tax returns, pay delinquent state tax liabilities, if any, or pay other state liabilities.
Tea Breaks (a) Every employee will be entitled to a paid 10 minute tea break in each four hours worked at a time to be agreed between the employee and employer.
(b) Subject to agreement between the employer and employee, such breaks may alternatively be taken as one 20 minute tea break.
(c) Xxx breaks will count as time worked.
