Data Breach and Incident Reporting Sample Clauses

Data Breach and Incident Reporting. 8.1. The Contractor will submit reports of cyber incidents through approved reporting mechanisms. The Contractor’s existing notification mechanisms that are already in place to communicate between the Contractor and its customers may be used, as long as those mechanisms demonstrate a level of assurance, equivalent to the listed encrypted mechanisms, for the confidentiality and integrity of the information. 8.2. The Contractor will use a template format when reporting initial incidents by secure fax, telephonically, or by other electronic means. Initial reports may be incomplete. Reporting should balance the necessity of timely reporting (reports with critical information) versus complete reports (those with all blocks completed). Timely reporting is vital, and complete information should follow as details emerge. 8.3. In addition to the above, if the incident concerns a breach of PII or a potential breach of PII, the Contractor will report to the contracting officer’s designee within 24 hours of the discovery of any data breach. The Contractor shall provide Metro with all information and cooperation necessary to enable compliance by the Contractor and/or Metro with data breach reporting and mitigation actions required by applicable law, regulation, policy, and this contract.
Sample 1Sample 2Sample 3
AutoNDA by SimpleDocs
Data Breach and Incident Reporting. The Contractor shall adopt and maintain administrative, technical, and physical safeguards and controls to protect and remedy data breaches, if any, of Government data. The Contractor shall submit reports of cyber incidents through approved reporting mechanisms, as specified in CJCSM 6510.01B, Enclosure C, Section 4. The Contractor’s existing notification mechanisms that are already in place to communicate between the Contractor and its customers for some or all classes of Computer Network Defense (CND) information may be used, as long as those mechanisms demonstrate a level of assurance, equivalent to the listed encrypted mechanisms, for the confidentiality and integrity of the information. CLAUSES INCORPORATED BY REFERENCE 252.211-7003 Item Unique Identification and Valuation MAR 2016 Section I - Contract Clauses CLAUSES INCORPORATED BY REFERENCE 52.202-1 Definitions NOV 2013 52.203-7 Anti-Kickback Procedures MAY 2014 52.203-17 Contractor Employee Whistleblower Rights and Requirement To Inform Employees of Whistleblower Rights APR 2014 52.203-18 Prohibition on Contracting With Entities That Require Certain Internal Confidentiality Agreements or Statements-- Representation JAN 2017 52.204-2 Security Requirements AUG 1996 52.204-13 System for Award Management Maintenance OCT 2018 52.204-18 Commercial and Government Entity Code Maintenance JUL 2016 52.204-22 Alternative Line Item Proposal JAN 2017 52.209-11 Representation by Corporations Regarding Delinquent Tax Liability or a Felony Conviction under any Federal Law FEB 2016 52.215-23 Limitations on Pass-Through Charges OCT 2009 52.216-19 Order Limitations OCT 1995 52.216-24 Limitation Of Government Liability APR 1984 52.222-41 Service Contract Labor Standards AUG 2018 52.222-42 Statement Of Equivalent Rates For Federal Hires MAY 2014 52.222-43 Fair Labor Standards Act And Service Contract Labor Standards - Price Adjustment (Multiple Year And Option Contracts) AUG 2018 52.224-1 Privacy Act Notification APR 1984 52.224-2 Privacy Act APR 1984 52.225-13 Restrictions on Certain Foreign Purchases JUN 2008 52.225-19 Contractor Personnel in a Designated Operational Area or Supporting a Diplomatic or Consular Mission Outside the United States MAR 2008 52.232-1 Payments APR 1984 52.232-8 Discounts For Prompt Payment FEB 2002 52.232-17 Interest MAY 2014 52.232-18 Availability Of Funds APR 1984 52.232-20 Limitation Of Cost APR 1984 52.232-22 Limitation Of Funds APR 1984 52.232-23 Assignment Of Claims MAY 2014 52.232-3...
Sample 1

Related to Data Breach and Incident Reporting

  • Incident Reporting Transfer Agent will use commercially reasonable efforts to promptly furnish to Fund information that Transfer Agent has regarding the general circumstances and extent of such unauthorized access to the Fund Data.

  • Data Breaches 4.1 The Data Processor does not guarantee that its security measures will be effective under all conditions. If the Data Processor discovers a data breach within the meaning of Article

  • Security Incident Reporting A security incident occurs when CDA information assets are or reasonably believed to have been accessed, modified, destroyed, or disclosed without proper authorization, or are lost, or stolen. Subrecipient must comply with CDA’s security incident reporting procedures located at xxxxx://xxx.xxxxx.xx.xxx/ProgramsProviders/#Resources.

  • Data Breach In the event of an unauthorized release, disclosure or acquisition of Student Data that compromises the security, confidentiality or integrity of the Student Data maintained by the Provider the Provider shall provide notification to LEA within seventy-two (72) hours of confirmation of the incident, unless notification within this time limit would disrupt investigation of the incident by law enforcement. In such an event, notification shall be made within a reasonable time after the incident. Provider shall follow the following process: (1) The security breach notification described above shall include, at a minimum, the following information to the extent known by the Provider and as it becomes available: i. The name and contact information of the reporting LEA subject to this section. ii. A list of the types of personal information that were or are reasonably believed to have been the subject of a breach. iii. If the information is possible to determine at the time the notice is provided, then either (1) the date of the breach, (2) the estimated date of the breach, or (3) the date range within which the breach occurred. The notification shall also include the date of the notice. iv. Whether the notification was delayed as a result of a law enforcement investigation, if that information is possible to determine at the time the notice is provided; and v. A general description of the breach incident, if that information is possible to determine at the time the notice is provided. (2) Provider agrees to adhere to all federal and state requirements with respect to a data breach related to the Student Data, including, when appropriate or required, the required responsibilities and procedures for notification and mitigation of any such data breach. (3) Provider further acknowledges and agrees to have a written incident response plan that reflects best practices and is consistent with industry standards and federal and state law for responding to a data breach, breach of security, privacy incident or unauthorized acquisition or use of Student Data or any portion thereof, including personally identifiable information and agrees to provide XXX, upon request, with a summary of said written incident response plan. (4) LEA shall provide notice and facts surrounding the breach to the affected students, parents or guardians. (5) In the event of a breach originating from XXX’s use of the Service, Provider shall cooperate with XXX to the extent necessary to expeditiously secure Student Data.

  • Adverse Event Reporting Both Parties acknowledge the obligation to comply with the Protocol and / or applicable regulations governing the collection and reporting of adverse events of which they may become aware during the course of the Clinical Trial. Both Parties agree to fulfil and ensure that their Agents fulfil regulatory requirements with respect to the reporting of adverse events.

  • Accident Reporting 25.1 If You or an Authorised Driver has an Accident or if the Vehicle is stolen You must report the Accident or theft to Us within 24 hours of it occurring and fully complete an Accident/Theft report form. 25.2 If the Vehicle is stolen or if You or an Authorised Driver of the Vehicle has an Accident where: (a) any person is injured; (b) the other party has failed to stop or leaves the scene of the Accident without exchanging names and addresses; or (c) the other party appears to be under the influence of drugs or alcohol, You or the Authorised Driver must also report the theft or Accident to the Police. 25.3 If You or an Authorised Driver has an Accident You and the Authorised Driver must: (a) exchange names and addresses and telephone numbers with the other driver and drivers licence details; (b) take the registration numbers of all vehicles involved; (c) take as many photos as is reasonable showing: (i) the position of the Vehicles before they are moved for towing or salvage; (ii) the Damage to the Vehicle; (iii) the damage to any third party vehicle or property; and (iv) the general area where the Accident occurred, including any road or traffic signs; (d) obtain the names, addresses and phone numbers of all witnesses; (e) not make any admission of fault or promise to pay the other party's claim or release the other party from any liability; (f) forward all third party correspondence or court documents to Us within 7 days of receipt together with a fully completed Accident Report Form (if not already submitted); and (g) co-operate with Us in the prosecution of any legal proceedings that We may institute or defence of any legal proceedings which may be instituted against You or Us as a result of an Accident, including: (i) attending Our lawyer's office; and (ii) any Court hearing.

  • Independence from Material Breach Determination Except as set forth in Section X.D.1.c, these provisions for payment of Stipulated Penalties shall not affect or otherwise set a standard for OIG’s decision that Xxxxx has materially breached this IA, which decision shall be made at OIG’s discretion and shall be governed by the provisions in Section X.D, below.

  • Reporting Incidents The Interconnection Parties shall report to each other in writing as soon as practical all accidents or occurrences resulting in injuries to any person, including death, and any property damage arising out of the Interconnection Service Agreement.

  • Accident Reports If any of the Equipment is damaged, lost stolen, or destroyed, or if any person is injured or dies, or if any property is damaged as a result of its use, maintenance, or possession, You will promptly notify Us of the occurrence, and will file all necessary accident reports, including those required by law and those required applicable insurers. You, Your employees, and agents will cooperate fully with Us and all insurers providing insurance under this Agreement in the investigation and defense of any claims. You will promptly deliver to Us any documents served or delivered to You, Your employees, or Your agents in connection with any claim or proceeding at law or in equity begun or threatened against You, Us, or both You and Us.

  • Incident Reports Any serious occurrence involving a beneficiary, outside the normal routine of the OTP (see TRICARE Operations Manual (XXX), Chapter 7, Section 4), shall be reported to the referring military providers and/or Military Treatment Facility (MTF)/Enhanced Multi-Service Market (eMSM) referral management office (on behalf of the military provider), and DHA, and/or a designee, as follows: (a) An incident of a life-threatening accident, patient death, patient disappearance, suicide attempt, incident of cruel or abusive treatment, or any equally dangerous situation involving a beneficiary, shall be reported by telephone on the next business day with a full written report within seven days. (b) The incident and the following report shall be documented in the patient’s clinical record. (c) Notification shall be provided, if appropriate, to the parents, legal guardian, or legal authorities.

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!