Data Breach Incidents Sample Clauses

The Data Breach Incidents clause defines the obligations and procedures that parties must follow in the event of an unauthorized access, disclosure, or loss of sensitive data. Typically, this clause requires the affected party to promptly notify the other party of the breach, cooperate in investigating the incident, and take remedial actions such as informing regulators or impacted individuals. Its core function is to ensure a coordinated and timely response to data breaches, thereby minimizing harm and ensuring compliance with legal and contractual data protection requirements.
Data Breach Incidents. Either Party must as expeditiously as possible after discovery, and at least with sufficient time to allow compliance with the relevant law, notify the other Party of any Data Breach. In the event of a Data Breach, each Party must take such steps as are necessary to: (a) promptly mitigate the effects of such Data Breach and prevent any recurrence; (b) comply with applicable laws relating to such Data Breach including the timeframe for reporting a Data Breach where necessary; and (c) provide prompt and reasonable assistance to the other party in relation to the assessment and response to the Data Breach.
View SourceView Similar (3)
Data Breach Incidents. Data protection related breaches will be handled in accordance with data protection legislation, UK GDPR Article 33, and Information Commissioner’s Office (ICO) guidance for reportable incidents and in accordance with the policies and procedures of each party signed up to this agreement. If any data breaches occur as part of this information sharing agreement, the lead organisation where the breach took place must inform the relevant Data Protection Officers and reportable incidents must be reported to the ICO within 72 hours of the identified breach, or within 24 hours for a significant breach. Where the data breach incident involves data from any of the other partner organisations the investigating officer should inform and consult the relevant organisation(s).
View SourceView Similar (2)
Data Breach Incidents. Data protection related breaches will be handled in accordance with data protection legislation and ICO guidance for reportable incidents and in accordance with the policies and procedures of each party who are part of this agreement. Any data breaches occurring as part of this information sharing agreement, the lead organisation where the breach took place must inform the relevant Data Protection Officers and reportable incidents must be reported to the ICO within 72 hours of the identified breach. Where the data breach incident involves data from any of the other partner organisations the investigating officer should inform and consult the relevant organisation(s). Lessons learnt from the investigation will be shared with the LSAB and relevant partners and where appropriate.
View Source
Data Breach Incidents. Data protection related breaches will be handled in accordance with data protection legislation and ICO guidance for reportable incidents and in accordance with the policies and procedures of each party who are part of this agreement.
View Source
Data Breach Incidents. All parties must have a clear policy and procedure for reporting and handling data protection breaches or data loss incidents. All parties agree to inform the other parties as appropriate if the incident has an impact on the processing of the other parties.
View Source
Data Breach Incidents. 5.1 Akamai shall notify Partner without undue delay, after becoming aware of a Data Breach Incident by providing notice via e-mail to the 24-hour security contacts provided by Partner in Akamai’s ▇▇▇▇ Control Center customer portal. Where Akamai needs to notify a supervisory authority about an incident it will align its communication with the supervisory authority with the Partner as reasonable, permitted, and appropriate. 5.2 Furthermore, in the event of a Data Breach Incident, Akamai shall: 5.2.1 provide timely information and commercially reasonable cooperation so that the Partner may fulfil its obligations under applicable Data Protection Laws in regards, to any required notifications; and 5.2.2 take all commercially reasonable measures and actions as are appropriate to remedy or mitigate the effects of the Data Breach Incident and shall keep Partner (and where applicable the supervisory authority) up-to-date about all developments in connection with the Data Breach Incident.
View Source
Data Breach Incidents. 8.1 During the processing of Personal Data, the Supplier shall notify ALCON in writing, pursuant to Article 10, without undue delay. For Data Breach Incidents, notification shall occur within forty-eight (48) hours (including any breach involving the facilities, systems, or equipment of Supplier subcontractors). The Supplier shall assist and cooperate with ALCON concerning notifications to affected parties, government agencies, or regulatory authorities and any other remedial measures requested by ALCON or required by law. The Supplier shall implement mutually agreed measures to prevent the continuation or recurrence of such Data Breach Incidents. 8.2 Except as required by applicable Data Protection Laws or other legal, regulatory, or judicial orders, the Supplier shall not disclose Data Breach Incidents to affected parties or government, law enforcement, or regulatory authorities without ALCON’s instruction. Notwithstanding the foregoing, in cases of physical damage to facilities or theft of equipment or documents, the Supplier may contact local police authorities. 8.3 The Supplier shall provide commercially reasonable assistance and cooperation to ALCON in making any required disclosures to affected parties or authorities, including notifying Data Subjects of the Data Breach Incident and offering credit monitoring services within a timeframe agreed upon with ALCON. The costs of such services shall be borne by the Supplier.
View Source

Related to Data Breach Incidents

  • Data Breach In the event of an unauthorized release, disclosure or acquisition of Student Data that compromises the security, confidentiality or integrity of the Student Data maintained by the Provider the Provider shall provide notification to LEA within seventy-two (72) hours of confirmation of the incident, unless notification within this time limit would disrupt investigation of the incident by law enforcement. In such an event, notification shall be made within a reasonable time after the incident. Provider shall follow the following process: (1) The security breach notification described above shall include, at a minimum, the following information to the extent known by the Provider and as it becomes available: i. The name and contact information of the reporting LEA subject to this section. ii. A list of the types of personal information that were or are reasonably believed to have been the subject of a breach. iii. If the information is possible to determine at the time the notice is provided, then either (1) the date of the breach, (2) the estimated date of the breach, or (3) the date range within which the breach occurred. The notification shall also include the date of the notice. iv. Whether the notification was delayed as a result of a law enforcement investigation, if that information is possible to determine at the time the notice is provided; and v. A general description of the breach incident, if that information is possible to determine at the time the notice is provided. (2) Provider agrees to adhere to all federal and state requirements with respect to a data breach related to the Student Data, including, when appropriate or required, the required responsibilities and procedures for notification and mitigation of any such data breach. (3) Provider further acknowledges and agrees to have a written incident response plan that reflects best practices and is consistent with industry standards and federal and state law for responding to a data breach, breach of security, privacy incident or unauthorized acquisition or use of Student Data or any portion thereof, including personally identifiable information and agrees to provide ▇▇▇, upon request, with a summary of said written incident response plan. (4) LEA shall provide notice and facts surrounding the breach to the affected students, parents or guardians. (5) In the event of a breach originating from ▇▇▇’s use of the Service, Provider shall cooperate with ▇▇▇ to the extent necessary to expeditiously secure Student Data.

  • Data Breaches Contractor shall notify the School District in writing as soon as commercially practicable, however no later than forty-eight (48) hours, after Contractor has either actual or constructive knowledge of a breach which affects the School District’s Data (an “Incident”) unless it is determined by law enforcement that such notification would impede or delay their investigation. Contractor shall have actual or constructive knowledge of an Incident if Contractor actually knows there has been an Incident or if Contractor has reasonable basis in facts or circumstances, whether acts or omissions, for its belief that an Incident has occurred. The notification required by this section shall be made as soon as commercially practicable after the law enforcement agency determines that notification will not impede or compromise the investigation. Contractor shall cooperate with law enforcement in accordance with applicable law provided however, that such cooperation shall not result in or cause an undue delay to remediation of the Incident. Contractor shall promptly take appropriate action to mitigate such risk or potential problem at Contractor’s or OPERATOR’s expense. In the event of an Incident, Contractor shall, at its sole cost and expense, restore the Confidential Information, to as close its original state as practical, including, without limitation any and all Data, and institute appropriate measures to prevent any recurrence of the problem as soon as is commercially practicable. Contractor will conduct periodic risk assessments and remediate any identified security vulnerabilities in a timely manner. Contractor will also have a written incident response plan, to include prompt notification of the District in the event of a security or privacy incident, as well as best practices for responding to a breach of PII.

  • Personal Data Breach 7.1 Processor shall notify Company without undue delay upon Processor becoming aware of a Personal Data Breach affecting Company Personal Data, providing Company with sufficient information to allow the Company to meet any obligations to report or inform Data Subjects of the Personal Data Breach under the Data Protection Laws. 7.2 Processor shall co-operate with the Company and take reasonable commercial steps as are directed by Company to assist in the investigation, mitigation and remediation of each such Personal Data Breach.

  • Personal Data Breaches 5.7.1 The Data Processor shall give immediate notice to the Data Controller if a breach occurs, that can lead to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of or access to, personal data transmitted, stored or otherwise processed re the Personal Data processed on behalf of the Data Controller (a “Personal Data Breach”). 5.7.2 The Data Processor shall make reasonable efforts to identify the cause of such a breach and take those steps as they deem necessary to establish the cause, and to prevent such a breach from reoccurring.

  • Tea Breaks (a) Every employee will be entitled to a paid 10 minute tea break in each four hours worked at a time to be agreed between the employee and employer. (b) Subject to agreement between the employer and employee, such breaks may alternatively be taken as one 20 minute tea break. (c) ▇▇▇ breaks will count as time worked.