Data Breach Notification Sample Clauses
Data Breach Notification. Seller will promptly notify Buyer of any actual or potential exposure or misappropriation of Buyer data ("breach") that comes to Seller's attention. Seller will cooperate with Xxxxx and in investigating any such breach, at Xxxxxx's expense. Seller will likewise cooperate with Buyer and, as applicable, with law enforcement agencies in any effort to notify injured or potentially injured parties, and such cooperation will be at Seller's expense, except to the extent that the breach was caused by Xxxxx. The remedies and obligations set forth in this subsection are in addition to any others Buyer may have, including, but not limited to, any requirements in the “Privacy, Confidentiality, and Security” provisions of this Agreement.
Data Breach Notification a. The Breach or potential compromise of Data must be reported to the HCA Privacy Officer at XxxxxxxXxxxxxx@xxx.xx.xxx and the County Program Manager within 2 business days of discovery. If the Contractor does not have full details, it will report what information it has, and provide full details within 15 business days of discovery. To the extent possible, these reports must include the following:
i. The identification of each individual whose PHI has been or may have been improperly accessed, acquired, used, or disclosed;
ii. The nature of the unauthorized use or disclosure, including a brief description of what happened, the date of the event(s), and the date of discovery;
iii. A description of the types of PHI involved;
iv. The investigative and remedial actions the Contractor took or will take to prevent and mitigate harmful effects, and protect against recurrence;
v. Any details necessary for a determination of the potential harm to individuals whose PHI is believed to have been used or disclosed and the steps those individuals should take to protect themselves; and
vi. Any other information HCA or the County reasonably requests.
b. The Contractor must take actions to mitigate the risk of loss and comply with any notification or other requirements imposed by law or HCA including but not limited to 45 C.F.R. Part 164, Subpart D, RCW 42.56.590; RCW 19.255.010; or WAC 000-00-000.
c. If notification of the Breach or possible Breach must, in judgement of HCA or the County, be made under the HIPAA Breach Notification Rule, or RCW 42.56.590 or RCW 19.255.010; or other law or rule, then:
i. HCA or the County may choose to make any required notifications to the individuals, to the U.S. Department of Health and Human Services (DSHS) Secretary, and to the media, or direct Contractor to make them or any of them.
ii. In any case, Contractor will pay reasonable costs of notification to individuals, media, and governmental agencies and of other actions HCA or the County reasonably considers appropriate to protect HCA clients, such as paying for their regular credit watches in some cases.
iii. Contractor will compensate HCA clients for xxxxx caused to them by any Breach or possible Breach.
d. Contractor is responsible for all costs incurred in connection with a security incident, privacy Breach, or potential compromise of Data, including:
i. Computer forensics assistance to assess the impact of a Data Breach, determine root cause, and help determine whether and the ...
Data Breach Notification. Webflow shall notify Customer without undue delay in the event of a confirmed Data Breach.
Data Breach Notification. In the event Seller reasonably believes that unauthorized access to, disclosure of, or breach in the security of Buyer’s data may have occurred, Seller, at its own cost and expense must:
A. In the most expeditious manner possible, without unreasonable delay, and in any event no later than 72 hours, notify Buyer of any potential data security breach involving Buyer’s data;
B. Promptly provide Buyer full details of the potential breach of the data security of Buyer’s data;
C. Assist Buyer and any third parties authorized by Xxxxx, including law enforcement authorities, in investigating and remediating any potential breach of the data security of Buyer’s data
D. Promptly use best efforts to prevent a recurrence of any potential breach of the data security of Buyer’s data; and
X. Xxxxxxxxx with Xxxxx in notifying individuals injured or potentially injured by the potential breach of the data security of Xxxxx’s data.
Data Breach Notification. If Service Provider becomes aware of any potential breach, or experiences a security breach, relating to any of the foregoing Confidential or Sensitive Information, in addition to Service Provider's responsibilities under state and federal law, Service Provider shall immediately, but no later than thee (3) business days, notify the Academy and shall fully cooperate with the Academy. “Data Breach” shall be defined to include, but is not limited to, unauthorized access, use, loss or disclosure of Individually Identifiable Information protected under federal and state laws identified in this Section, including, without limitation, HIPAA/HITECH and the Federal Trade Commission Act (and their respective regulations and guidelines) and state data breach notification acts. Service Provider shall indemnify the Academy for any breach of confidentiality or failure of its responsibilities to protect confidential information, specifically with regard to, but not limited to, the cost of notification of affected persons as a result of its accidental or negligent release of data provided to Service Provider pursuant to this Agreement.
Data Breach Notification. Processor shall notify Xxxxxx in writing without undue delay after becoming aware of a suspected Data Breach. In no event shall such notification be made less than 24 hours after Processor’s discovery of the Data Breach.
Data Breach Notification. PowerDMS will notify Customer of unauthorized access to, or unauthorized use, loss or disclosure of Customer Data within custody and control (a “Security Breach”) within 72 hours of PowerDMS’s confirmation of the nature and extent of the same or when required by applicable law, whichever is earlier. Each party will reasonably cooperate with the other with respect to the investigation and resolution of any Security Breach. Except to the extent required otherwise by applicable law, Customer will have approval rights on notifying any third-party regulatory authority of the Security Breach. If applicable law or Customer’s policies require notification of its Users or others of the Security Breach, Customer shall be responsible for such notification.
Data Breach Notification a. Save where the Supplier is legally prohibited from notifying the Company, the Supplier shall notify the Company without undue delay and in any case within twenty-four (24) hours after becoming aware of any actual or suspected Personal Data Breach. Such notification shall:
i. Describe as far as is known to the Processor, the nature of the Personal Data Breach including where possible, the categories and approximate number of Data Subjects affected and the categories and approximate number of Personal Data records concerned;
ii. Communicate the name and contact details of the data protection officer or other point of contact where further information, if any, can be obtained;
iii. Describe the likely consequences of the Personal Data Breach;
iv. Describe the measures taken or proposed to be taken by the Processor to address the Personal Data Breach, including, where appropriate, measures to mitigate its possible adverse effects.
b. The Supplier acknowledges and understands that the Controller may be obligated to notify the relevant Regulators (within seventy-two (72) hours of having become aware of the Personal Data Breach) and may also be obligated to notify affected Data Subjects. The Processor shall provide all necessary assistance and relevant information reasonably requested by the other Party, in order to allow the Company to properly assess, investigate, mitigate and remedy the Personal Data Breach and to meet its respective obligations under Applicable Laws. Once the Supplier has notified the Company of any Personal Data Breach, the Supplier shall use its reasonable endeavours to not notify the relevant Regulators or the affected Data Subjects without obtaining the Company's prior approval. On request for approval, the Company shall not unreasonably delay or withhold approval where the Supplier is required under Applicable Law to notify a relevant Regulator of the Personal Data Breach.
Data Breach Notification. 1.4.1 Language Line TI Ltd shall notify Customer without undue delay after having become aware of a Personal Data Breach. Such notification shall:
(a) describe the nature of the Personal Data Breach, including where possible the categories and approximate number of Data Subjects concerned and the categories and approximate number of the Customer Personal Data records concerned; and
(b) describe the measures taken or proposed to be taken by Language Line TI Ltd to address the Personal Data Breach, including where appropriate measures to mitigate its possible adverse effects, provided that where, and in so far as, it is not possible for Language Line TI Ltd to provide the above information at the same time, the information may be provided in phases without undue further delay. Customer acknowledges and agrees that, as at the GDPR Effective Date, the Personal data Breach process that the Language Line TI Ltd has in place is appropriate to the risk associated with the Processing Activities, having regard to the Security Considerations.
1.4.2 Subject to clause 1.6.1, Language Line TI Ltd shall assist Customer in ensuring compliance with its obligations under Articles 33 (notification of a personal data breach to the Supervisory Authority) and 34 (notification of a personal data breach to the Data Subject) of the GDPR, to the extent relating to Customer Personal Data Processed by Language Line TI Ltd under this Agreement and taking into account the nature of the Processing Activities and the information available to Language Line TI Ltd.
1.4.3 In order to mitigate the impact of a Data Protection Breach, Customer shall, where practicable, prior to communicating details of a Personal Data Breach to a Supervisory Authority or any Data Subject:
(a) consult with Language Line TI Ltd and implement any Language Line TI Ltd proposal on the form and content of such notification, including without limitation in relation to the description (including the description of the likely consequences) of the Data Security Breach and the measures referred to in sub-clause 1.4.3(b) below; and
(b) afford Language Line TI Ltd a reasonable opportunity (having regard to the circumstances of the Personal Data Breach) to propose and implement measures to address the Personal Data Breach.
Data Breach Notification. 3.1. Provider shall notify University immediately (and in any event no later than 24 hours) after having Personal a Data Breach. Such notification shall:
3.1.1. describe the nature of the Personal Data Breach, including where possible the categories and approximate number of Data Subjects concerned and the categories and approximate number of the University Personal Data records concerned; and
3.1.2. describe the measures taken or proposed to be taken by Provider to address the Personal Data Breach, including where appropriate measures to mitigate its possible adverse effects.