Data Breach. a. In the event of a data breach attributed to Embrace®, which means an unauthorized disclosure, access, alteration, or use of School District data by Embrace® or its employees, Embrace® shall promptly institute the following: (1) notify the School District by telephone and email as soon as practicable, but no later than twenty- four hours after Embrace® becomes aware of the data breach; (2) provide the School District with the name and contact information for an Embrace® employee who shall serve as the Embrace’s® primary security contact; (3) assist the School District with any investigation, including interviews of Embrace® employees and review of all relevant records; (4) assist the School District with notification(s) the School District deems reasonably necessary related to the security breach; (5) provision of credit monitoring for one year to those students whose covered information was exposed in a manner during the breach such that a reasonable person would believe it could impact their credit or financial security; and (6) pay the reasonable legal fees (or assume the defense of the district at Embrace's discretion), reasonable audit costs, fines, and any other fees or damages imposed against the school solely as a result of Embrace's actions or failure to act. b. In the event of a data breach attributed to the School District, which means an unauthorized disclosure, access, alteration, or use of School District data the School District shall promptly: (1) notify Embrace® by telephone and email as soon as practicable, but no later than twenty-four hours after the School District becomes aware of the data breach; (2) provide Embrace® with the name and contact information for an employee of the School who shall serve as the School District’s primary security contact; (3) assist Embrace® with any investigation, including interviews with School employees and review of all relevant records. Embrace® shall have no liability for any damages related to a data breach due to or caused by School District’s software, equipment, personnel, students or unauthorized third-parties using or exceeding their authorized use of the School’s access, computer system or network.
Appears in 24 contracts
Samples: Website License Agreement, Embraceiep® Contract, Embrace504 Contract
Data Breach. a. In For purposes of this section, “data breach” means the event unauthorized disclosure of a data, unauthorized provision of physical or electronic means of gaining access to data breach attributed to Embrace®that compromises the security, which means an confidentiality, or integrity of School Student Data, or other unauthorized access, alteration, use or release of School District Data, as well as any other circumstances that could have resulted in such unauthorized disclosure, access, alteration, or use use.
5.5.1 In the event of School District a data by Embrace® or its employeesbreach, Embrace® shall promptly institute the Company agrees to the following: :
(1) notify the School District by telephone and email as soon as practicablewithin the most expedient time possible and without unreasonable delay, but no later than twenty- four 24 hours after Embrace® becomes aware of the data breach; determination that a breach has occurred;
(2) at the time notification of the breach is made, provide the School District with the name and contact information for an Embrace® employee of the Company who shall serve as the Embrace’s® Company’s primary security contact; ;
(3) assist the School District with any investigation, including interviews of Embrace® with Company employees and review of all relevant records; (4) provide the School District within the most expedient time possible and without unreasonable delay, and in no case later than fifteen (15) days after notification to the School District that a data breach occurred, the number of students whose covered information is involved in the breach; the date, estimated date, or estimated date range of the breach; a description of the covered information that was compromised or reasonably believed to have been compromised in the breach; and contact information for the person who parents/guardians may contact at the Company regarding the breach; and (4) assist the School District with notification(s) any notification the School District deems reasonably necessary related to the security breach. The Company agrees to comply with the terms of this Section 5.5.1 regardless of whether the misuse or unauthorized release of School District Data is the result of or constitutes a material breach of the Agreement or this Addendum.
5.5.2 The Company shall not, unless required by law, provide any notices except to the School District without prior written permission from the School District.
5.5.3 The Company shall reimburse and indemnify the School District for all costs imposed on the School District or reasonably undertaken by the School District at its discretion associated with a data breach, including but not limited to reimbursement of costs associated with notifying individuals whose information was compromised and notifying required regulatory agencies; (5) provision of fees paid to provide credit monitoring for one year to those students whose covered information was exposed in a manner during the breach such that a reasonable person would believe it could impact their credit or financial securityimpacted individuals; and (6) pay the reasonable legal fees (or assume the defense of the district at Embrace's discretion)fees, reasonable audit costs, fines, and any other fees or damages reasonably undertaken by or imposed against the school solely School District as a result of Embrace's actions or failure to act.
b. In the event of a data breach attributed to the School Districtsecurity breach; and any other notifications, which means an unauthorized disclosure, access, alterationlegally mandated responses, or use of School District data responses reasonably undertaken by the School District shall promptly: (1) notify Embrace® by telephone and email as soon as practicable, but no later than twenty-four hours after in response to the School District becomes aware of the data breach; (2) provide Embrace® with the name and contact information for an employee of the School who shall serve as the School District’s primary security contact; (3) assist Embrace® with any investigation, including interviews with School employees and review of all relevant records. Embrace® shall have no liability for any damages related to a data breach due to or caused by School District’s software, equipment, personnel, students or unauthorized third-parties using or exceeding their authorized use of the School’s access, computer system or network.
Appears in 3 contracts
Samples: Data Privacy Addendum, Data Privacy Addendum, Data Privacy Addendum
Data Breach. a. In For purposes of this section, “data breach” means the event unauthorized disclosure of a data, unauthorized provision of physical or electronic means of gaining access to data breach attributed to Embrace®that compromises the security, which means an confidentiality, or integrity of School Student Data, or other unauthorized access, alteration, use or release of School District Data, as well as any other circumstances that could have resulted in such unauthorized disclosure, access, alteration, or use oruse.
5.5.1 In the event of School District a data by Embrace® or its employeesbreach, Embrace® shall promptly institute the Company agrees to the following: :
(1) notify the School District by telephone and email as soon as practicablewithin the most expedient time possible and without unreasonable delay, but no later than twenty- four 24 hours after Embrace® becomes aware of the data breachdetermination that a breach has occurred; (2) at the time notification of the breach is made, provide the School District with the name and contact information for an Embrace® employee of the Company who shall serve as the Embrace’s® Company’s primary security contact; (3) assist the School District with any investigation, including interviews of Embrace® with Company employees and review of all relevant records; (4) provide the School District within the most expedient time possible and without unreasonable delay, and in no case later than fifteen (15) days after notification to the School District that a data breach occurred, the number of students whose covered information is involved in the breach; the date, estimated date, or estimated date range of the breach; a description of the covered information that was compromised or reasonably believed to have been compromised in the breach; and contact information for the person who parents/guardians may contact at the Company regarding the breach; and (4) assist the School District with notification(s) any notification the School District deems reasonably necessary related to the security breach. The Company agrees to comply with the terms of this Section 5.5.1 regardless of whether the misuse or unauthorized release of School District Data is the result of or constitutes a material breach of the Agreement or this Addendum.
5.5.2 The Company shall not, unless required by law, provide any notices except to the School District without prior written permission from the School District.
5.5.3 The Company shall reimburse and indemnify the School District for all costs imposed on the School District or reasonably undertaken by the School District at its discretion associated with a data breach, including but not limited to reimbursement of costs associated with notifying individuals whose information was compromised and notifying required regulatory agencies; (5) provision of fees paid to provide credit monitoring for one year to those students whose covered information was exposed in a manner during the breach such that a reasonable person would believe it could impact their credit or financial securityimpacted individuals; and (6) pay the reasonable legal fees (or assume the defense of the district at Embrace's discretion)fees, reasonable audit costs, fines, and any other fees or damages reasonably undertaken by or imposed against the school solely School District as a result of Embrace's actions or failure to act.
b. In the event of a data breach attributed to the School Districtsecurity breach; and any other notifications, which means an unauthorized disclosure, access, alterationlegally mandated responses, or use of School District data responses reasonably undertaken by the School District shall promptly: (1) notify Embrace® by telephone and email as soon as practicable, but no later than twenty-four hours after in response to the School District becomes aware of the data breach; (2) provide Embrace® with the name and contact information for an employee of the School who shall serve as the School District’s primary security contact; (3) assist Embrace® with any investigation, including interviews with School employees and review of all relevant records. Embrace® shall have no liability for any damages related to a data breach due to or caused by School District’s software, equipment, personnel, students or unauthorized third-parties using or exceeding their authorized use of the School’s access, computer system or network.
Appears in 2 contracts
Samples: Data Privacy Addendum, Data Privacy Addendum
Data Breach. a. In For purposes of this section, “data breach” means the event unauthorized disclosure of a data, unauthorized provision of physical or electronic means of gaining access to data breach attributed to Embrace®that compromises the security, which means an confidentiality, or integrity of School Student Data, or other unauthorized access, alteration, use or release of School District Data, as well as any other circumstances that could have resulted in such unauthorized disclosure, access, alteration, or use use.
5.5.1 In the event of School District a data by Embrace® or its employeesbreach, Embrace® shall promptly institute the Company agrees to the following: :
(1) notify the School District by telephone and email as soon as practicablewithin the most expedient time possible and without unreasonable delay, but no later than twenty- four 72 hours after Embrace® becomes aware of the data breach; determination that a breach has occurred;
(2) at the time notification of the breach is made, provide the School District with the name and contact information for an Embrace® employee of the Company who shall serve as the Embrace’s® Company’s primary security contact; ;
(3) assist the School District with any investigation, including interviews of Embrace® with Company employees and review of all relevant records; (4) provide the School District within the most expedient time possible and without unreasonable delay, and in no case later than fifteen (15) days after notification to the School District that a data breach occurred, the number of students whose covered information is involved in the breach; the date, estimated date, or estimated date range of the breach; a description of the covered information that was compromised or reasonably believed to have been compromised in the breach; and contact information for the person who parents/guardians may contact at the Company regarding the breach; and (4) assist the School District with notification(s) any notification the School District deems reasonably necessary related to the security breach. The Company agrees to comply with the terms of this Section 5.5.1 regardless of whether the misuse or unauthorized release of School District Data is the result of or constitutes a material breach of the Agreement or this Addendum.
5.5.2 The Company shall not, unless required by law, provide any notices except to the School District without prior written permission from the School District.
5.5.3 The Company shall reimburse and indemnify the School District for all costs imposed on the School District or reasonably undertaken by the School District at its discretion associated with a data breach, including but not limited to reimbursement of costs associated with notifying individuals whose information was compromised and notifying required regulatory agencies; (5) provision of fees paid to provide credit monitoring for one year to those students whose covered information was exposed in a manner during the breach such that a reasonable person would believe it could impact their credit or financial securityimpacted individuals; and (6) pay the reasonable legal fees (or assume the defense of the district at Embrace's discretion)fees, reasonable audit costs, fines, and any other fees or damages reasonably undertaken by or imposed against the school solely School District as a result of Embrace's actions or failure to act.
b. In the event of a data breach attributed to the School Districtsecurity breach; and any other notifications, which means an unauthorized disclosure, access, alterationlegally mandated responses, or use of School District data responses reasonably undertaken by the School District shall promptly: (1) notify Embrace® by telephone and email as soon as practicable, but no later than twenty-four hours after in response to the School District becomes aware of the data breach; (2) provide Embrace® with the name and contact information for an employee of the School who shall serve as the School District’s primary security contact; (3) assist Embrace® with any investigation, including interviews with School employees and review of all relevant records. Embrace® shall have no liability for any damages related to a data breach due to or caused by School District’s software, equipment, personnel, students or unauthorized third-parties using or exceeding their authorized use of the School’s access, computer system or network.
Appears in 2 contracts
Samples: Data Privacy Addendum, Data Privacy Addendum
Data Breach. a. In For purposes of this section, “data breach” means the event unauthorized disclosure of a data, unauthorized provision of physical or electronic means of gaining access to data breach attributed to Embrace®that compromises the security, which means an confidentiality, or integrity of School Student Data, or other unauthorized access, alteration, use or release of School District Data, as well as any other circumstances that could have resulted in such unauthorized disclosure, access, alteration, or use use.
5.5.1. In the event of School District a data by Embrace® or its employeesbreach, Embrace® shall promptly institute the Company agrees to the following: :
(1) notify the School District by telephone and email as soon as practicablewithin the most expedient time possible and without unreasonable delay, but no later than twenty- four 24 hours after Embrace® becomes aware of the data breach; determination that a breach has occurred;
(2) at the time notification of the breach is made, provide the School District with the name and contact information for an Embrace® employee of the Company who shall serve as the Embrace’s® Company’s primary security contact; ;
(3) assist the School District with any investigation, including interviews of Embrace® with Company employees and review of all relevant records; (4) provide the School District within the most expedient time possible and without unreasonable delay, and in no case later than fifteen (15) days after notification to the School District that a data breach occurred, the number of students whose covered information is involved in the breach; the date, estimated date, or estimated date range of the breach; a description of the covered information that was compromised or reasonably believed to have been compromised in the breach; and contact information for the person who parents/guardians may contact at the Company regarding the breach; and (4) assist the School District with notification(s) any notification the School District deems reasonably necessary related to the security breach. The Company agrees to comply with the terms of this Section 5.5.1 regardless of whether the misuse or unauthorized release of School District Data is the result of or constitutes a material breach of the Agreement or this Addendum.
5.5.2. The Company shall not, unless required by law, provide any notices except to the School District without prior written permission from the School District.
5.5.3. The Company shall reimburse and indemnify the School District for all costs imposed on the School District or reasonably undertaken by the School District at its discretion associated with a data breach, including but not limited to reimbursement of costs associated with notifying individuals whose information was compromised and notifying required regulatory agencies; (5) provision of fees paid to provide credit monitoring for one year to those students whose covered information was exposed in a manner during the breach such that a reasonable person would believe it could impact their credit or financial securityimpacted individuals; and (6) pay the reasonable legal fees (or assume the defense of the district at Embrace's discretion)fees, reasonable audit costs, fines, and any other fees or damages reasonably undertaken by or imposed against the school solely School District as a result of Embrace's actions or failure to act.
b. In the event of a data breach attributed to the School Districtsecurity breach; and any other notifications, which means an unauthorized disclosure, access, alterationlegally mandated responses, or use of School District data responses reasonably undertaken by the School District shall promptly: (1) notify Embrace® by telephone and email as soon as practicable, but no later than twenty-four hours after in response to the School District becomes aware of the data breach; (2) provide Embrace® with the name and contact information for an employee of the School who shall serve as the School District’s primary security contact; (3) assist Embrace® with any investigation, including interviews with School employees and review of all relevant records. Embrace® shall have no liability for any damages related to a data breach due to or caused by School District’s software, equipment, personnel, students or unauthorized third-parties using or exceeding their authorized use of the School’s access, computer system or network.
Appears in 1 contract
Samples: Data Privacy Addendum
Data Breach. a. In For purposes of this section, “data breach” means the event unauthorized disclosure of a data breach attributed to Embrace®School District Data, which means an or other unauthorized access, alteration, use or release of School District Data, as well as any other circumstances that have resulted in such unauthorized disclosure, access, alteration, or use of School District Data.
5.5.1 In the event of a data by Embrace® or its employeesbreach, Embrace® shall promptly institute the Company agrees to the following: :
(1) notify the School District by telephone email within the most expedient time possible and email as soon as practicablewithout unreasonable delay, but no later than twenty- four 72 hours after Embrace® becomes aware of the data breachdetermination that a breach has occurred; (2) at the time notification of the breach is made, provide the School District with the name and contact information for an Embrace® employee of the Company who shall serve as the Embrace’s® Company’s primary security contact; (3) reasonably assist the School District with any investigation, including interviews of Embrace® with Company employees and review of all relevant records; (4) provide the School District within fifteen (15) days after notification to the School District that a data breach occurred, the number of students whose covered information is involved in the breach; the date, estimated date, or estimated date range of the breach; a description of the covered information that was compromised or reasonably believed to have been compromised in the breach; and (4) assist the School District with notification(s) the School District deems reasonably necessary any notification required by applicable law related to the security data breach; (5) provision . The Company agrees to comply with the terms of credit monitoring for one year to those students whose covered information was exposed in this Section 5.5.1 regardless of whether the data breach is the result of or constitutes a manner during the material breach such that a reasonable person would believe it could impact their credit or financial security; and (6) pay the reasonable legal fees (or assume the defense of the district at Embrace's discretion), reasonable audit costs, fines, and any other fees Agreement or damages imposed against the school solely as a result of Embrace's actions or failure to actthis Addendum.
b. In the event of a data breach attributed to the School District5.5.2 The Company shall not, which means an unauthorized disclosureunless required by law, access, alteration, or use of School District data the School District shall promptly: (1) notify Embrace® by telephone and email as soon as practicable, but no later than twenty-four hours after the School District becomes aware of the data breach; (2) provide Embrace® with the name and contact information for an employee of the School who shall serve as the School District’s primary security contact; (3) assist Embrace® with any investigation, including interviews with School employees and review of all relevant records. Embrace® shall have no liability for any damages notices related to a data breach due of School Student Data except to or caused the School District without prior written permission from the School District.
5.5.3 To the extent that a security breach results from Company’s failure to comply with its obligations under this Agreement, and subject to the limitations of liability in the Agreement, Company will indemnify the School District for reasonable out-of-pocket remediation costs incurred by the School District in connection with a third party claim related to that security breach. “Reasonable out-of-pocket remediation costs” consist of: (a) commercially reasonable out-of-pocket expenses for legally- required notifications of the School District’s software, equipment, personnel, students or unauthorized end users of the security breach (but not the costs of any professional third-parties using party services, including those relating to crisis management, public relations or exceeding their authorized use media relations services, which are indirect and consequential damages under the Agreement) and; (b) actual costs of payments, fines, penalties, or sanctions imposed by a court, tribunal, arbitration panel, government body or regulatory agency for the Schoolsecurity breach. the School District must document all such reasonable out-of-pocket remediation costs and, upon Company’s accessrequest, computer system or network.those costs must be validated by an independent third party chosen by both parties. For avoidance of
Appears in 1 contract
Samples: Data Privacy Addendum
Data Breach. a. In For purposes of this section, “data breach” means the event unauthorized disclosure of a data, unauthorized provision of physical or electronic means of gaining access to data breach attributed to Embrace®that compromises the security, which means an confidentiality, or integrity of School Student Data, or other unauthorized access, alteration, use or release of School District Data, as well as any other circumstances that could have resulted in such unauthorized disclosure, access, alteration, or use use.
5.5.1 In the event of School District a data by Embrace® or its employeesbreach, Embrace® shall promptly institute the Company agrees to the following: :
(1) notify the School District by telephone and email as soon as practicablewithin the most expedient time possible and without unreasonable delay, but no later than twenty- four 24 hours after Embrace® becomes aware of the data breachdetermination that a breach has occurred; (2) at the time notification of the breach is made, provide the School District with the name and contact information for an Embrace® employee of the Company who shall serve as the Embrace’s® Company’s primary security contact; (3) assist the School District with any investigation, including interviews of Embrace® with Company employees and review of all relevant records; (4) provide the School District within the most expedient time possible and without unreasonable delay, and in no case later than fifteen (15) days after notification to the School District that a data breach occurred, the number of students whose covered information is involved in thebreach; the date, estimated date, or estimated date range of the breach; a description of the covered information that was compromised or reasonably believed to have been compromised in the breach; and contact information for the person who parents/guardians may contact at the Company regarding the breach; and (4) assist the School District with notification(s) any notification the School District deems reasonably necessary related to the security breach. The Company agrees to comply with the terms of this Section 5.5.1 regardless of whether the misuse or unauthorized release of School District Data is the result of or constitutes a material breach of the Agreement or this Addendum.
5.5.2 The Company shall not, unless required by law, provide any notices except to the School District without prior written permission from the School District.
5.5.3 The Company shall reimburse and indemnify the School District for all costs imposed on the School District or reasonably undertaken by the School District at its discretion associated with a data breach, including but not limited to reimbursement of costs associated with notifying individuals whose information was compromised and notifying required regulatory agencies; (5) provision of fees paid to provide credit monitoring for one year to those students whose covered information was exposed in a manner during the breach such that a reasonable person would believe it could impact their credit or financial securityimpacted individuals; and (6) pay the reasonable legal fees (or assume the defense of the district at Embrace's discretion)fees, reasonable audit costs, fines, and any other fees or damages reasonably undertaken by or imposed against the school solely School District as a result of Embrace's actions or failure to act.
b. In the event of a data breach attributed to the School Districtsecurity breach; and any other notifications, which means an unauthorized disclosure, access, alterationlegally mandated responses, or use of School District data responses reasonably undertaken by the School District shall promptly: (1) notify Embrace® by telephone and email as soon as practicable, but no later than twenty-four hours after in response to the School District becomes aware of the data breach; (2) provide Embrace® with the name and contact information for an employee of the School who shall serve as the School District’s primary security contact; (3) assist Embrace® with any investigation, including interviews with School employees and review of all relevant records. Embrace® shall have no liability for any damages related to a data breach due to or caused by School District’s software, equipment, personnel, students or unauthorized third-parties using or exceeding their authorized use of the School’s access, computer system or network.
Appears in 1 contract
Samples: Data Privacy Addendum
Data Breach. a. In For purposes of this section, “data breach” means a breach of security leading to the event unauthorized disclosure of a data, unauthorized provision of physical or electronic means of gaining access to data breach attributed to Embrace®that compromises the security, which means an confidentiality, or integrity of School Student Data, or other unauthorized access, alteration, use or release of School District Data, as well as any other circumstances that could have resulted in such unauthorized disclosure, access, alteration, or use use.
5.5.1 In the event of School District a confirmed data by Embrace® or its employeesbreach, Embrace® shall promptly institute the Company agrees to the following: (1) notify the School District by telephone in writing within the most expedient time possible and email as soon as practicablewithout unreasonable delay, but no later than twenty- four 72 hours after Embrace® becomes aware of the data breachdetermination that a breach has occurred; (2) at the time notification of the breach is made, provide the School District with the name and contact information for an Embrace® employee of the Company who shall serve as the Embrace’s® Company’s primary security contact; (3) assist the School District with any investigation, including interviews of Embrace® with Company employees and review of all relevant records; (4) to the extent available, provide the School District within the most expedient time possible and without unreasonable delay, and in no case later than fifteen (15) days after notification to the School District that a data breach occurred, the number of students whose covered information is involved in the breach; the date, estimated date, or estimated date range of the breach; a description of the covered information that was compromised or reasonably believed to have been compromised in the breach; and contact information for the person who parents/guardians may contact at the Company regarding the breach; and (4) reasonably assist the School District with notification(s) any notification the School District deems reasonably necessary related to the security data breach; (5) provision . The Company agrees to comply with the terms of credit monitoring for one year to those students whose covered information was exposed in this Section 5.5.1 regardless of whether the misuse or unauthorized release of School District Data is the result of or constitutes a manner during the material breach such that a reasonable person would believe it could impact their credit or financial security; and (6) pay the reasonable legal fees (or assume the defense of the district at Embrace's discretion), reasonable audit costs, fines, and any other fees Agreement or damages imposed against the school solely as a result of Embrace's actions or failure to actthis Addendum.
b. In the event of a data breach attributed 5.5.2 The Company shall not, unless required by law, provide any notices except to the School District, which means an unauthorized disclosure, access, alteration, or use of School District data the School District shall promptly: (1) notify Embrace® by telephone and email as soon as practicable, but no later than twenty-four hours after the School District becomes aware of the data breach; (2) provide Embrace® with the name and contact information for an employee of the School who shall serve as without prior written permission from the School District’s primary security contact; (3) assist Embrace® with any investigation, including interviews with School employees and review of all relevant records. Embrace® shall have no liability for any damages related to a data breach due to or caused by School District’s software, equipment, personnel, students or unauthorized third-parties using or exceeding their authorized use of the School’s access, computer system or network.
Appears in 1 contract
Samples: Data Privacy Addendum
Data Breach. a. In For purposes of this section, “data breach” means the event unauthorized disclosure of a data, unauthorized provision of physical or electronic means of gaining access to data breach attributed to Embrace®that compromises the security, which means an confidentiality, or integrity of School Student Data, or other unauthorized access, alteration, use or release of School District Data, as well as any other circumstances that could have resulted in such unauthorized disclosure, access, alteration, or use use.
5.5.1 In the event of School District a data by Embrace® or its employeesbreach, Embrace® shall promptly institute the Company agrees to the following: :
(1) notify the School District by telephone and email as soon as practicablewithin the most expedient time possible and without unreasonable delay, but no later than twenty- four 24 hours after Embrace® becomes aware of the data breachdetermination that a breach has occurred; (2) at the time notification of the breach is made, provide the School District with the name and contact information for an Embrace® employee of the Company who shall serve as the Embrace’s® Company’s primary security contact; (3) assist the School District with any investigation, including interviews of Embrace® with Company employees and review of all relevant records; (4) provide the School District within the most expedient time possible and without unreasonable delay, and in no case later than fifteen (15) days after notification to the School District that a data breach occurred, the number of students whose covered information is involved in thebreach; the date, estimated date, or estimated date range of the breach; a description of the covered information that was compromised or reasonably believed to have been compromised in the breach; and contact information for the person who parents/guardians may contact at the Company regarding the breach; and (4) assist the School District with notification(s) any notification the School District deems reasonably necessary related to the security breach. The Company agrees to comply with the terms of this Section 5.5.1 regardless of whether the misuse or unauthorized release of School District Data is the result of or constitutes a material breach of the Agreement or this Addendum.
5.5.2 The Company shall not, unless required by law, provide any notices except to the School District without prior written permission from the School District.
5.5.3 The Company shall reimburse and indemnify the School District for costs imposed on the School District or reasonably undertaken by the School District at its discretion associated with a data breach, including but not limited to reimbursement of costs associated with notifying individuals whose information was compromised and notifying required regulatory agencies; (5) provision of fees paid to provide credit monitoring for one year to those students whose covered information was exposed in a manner during the breach such that a reasonable person would believe it could impact their credit or financial securityimpacted individuals; and (6) pay the reasonable legal fees (or assume the defense of the district at Embrace's discretion)fees, reasonable audit costs, fines, and any other fees or damages reasonably undertaken by or imposed against the school solely School District as a result of Embrace's actions or failure to act.
b. In the event of a data breach attributed to the School Districtsecurity breach; and any other notifications, which means an unauthorized disclosure, access, alterationlegally mandated responses, or use of School District data responses reasonably undertaken by the School District in response to the breach. The cost shall promptly: not exceed three thousand (1$3,000) notify Embrace® by telephone and email as soon as practicable, but no later than twenty-four hours after this is provided the School District becomes aware Company has been notified of the data breach; (2) provide Embrace® with the name additional costs and contact information for an employee of the School who shall serve as the School District’s primary security contact; (3) assist Embrace® with any investigation, including interviews with School employees and review of all relevant records. Embrace® shall have no liability for any damages related consented to a data breach due to or caused by School District’s software, equipment, personnel, students or unauthorized third-parties using or exceeding their authorized use of the School’s access, computer system or networkthem.
Appears in 1 contract
Samples: Data Privacy Addendum
Data Breach. a. In For purposes of this section, “data breach” means the event unauthorized disclosure of a data, unauthorized provision of physical or electronic means of gaining access to data breach attributed to Embrace®that compromises the security, which means an confidentiality, or integrity of School Student Data, or other unauthorized access, alteration, use or release of School District Data, as well as any other circumstances that could have resulted in such unauthorized disclosure, access, alteration, or use use.
5.5.1 In the event of School District a data by Embrace® or its employeesbreach, Embrace® shall promptly institute the Company agrees to the following: :
(1) notify the School District by telephone and email as soon as practicablewithin the most expedient time possible and without unreasonable delay, but no later than twenty- four 24 hours after Embrace® becomes aware of the data breachdetermination that a breach has occurred; (2) at the time notification of the breach is made, provide the School District with the name and contact information for an Embrace® employee of the Company who shall serve as the Embrace’s® Company’s primary security contact; (3) assist the School District with any investigation, including interviews of Embrace® with Company employees and review of all relevant records; (4) provide the School District within the most expedient time possible and without unreasonable delay, and in no case later than fifteen (15) days after notification to the School District that a data breach occurred, the number of students whose covered information is involved in the breach; the date, estimated date, or estimated date range of the breach; a description of the covered information that was compromised or reasonably believed to have been compromised in the breach; and contact information for the person who parents/guardians may contact at the Company regarding the breach; and
(4) assist the School District with notification(s) any notification the School District deems reasonably necessary related to the security breach. The Company agrees to comply with the terms of this Section 5.5.1 regardless of whether the misuse or unauthorized release of School District Data is the result of or constitutes a material breach of the Agreement or this Addendum.
5.5.2 The Company shall not, unless required by law, provide any notices except to the School District without prior written permission from the School District.
5.5.3 The Company shall reimburse and indemnify the School District for all costs imposed on the School District or reasonably undertaken by the School District at its discretion associated with a data breach, including but not limited to reimbursement of costs associated with notifying individuals whose information was compromised and notifying required regulatory agencies; (5) provision of fees paid to provide credit monitoring for one year to those students whose covered information was exposed in a manner during the breach such that a reasonable person would believe it could impact their credit or financial securityimpacted individuals; and (6) pay the reasonable legal fees (or assume the defense of the district at Embrace's discretion)fees, reasonable audit costs, fines, and any other fees or damages reasonably undertaken by or imposed against the school solely School District as a result of Embrace's actions or failure to act.
b. In the event of a data breach attributed to the School District, which means an unauthorized disclosure, access, alteration, or use of School District data the School District shall promptly: (1) notify Embrace® by telephone and email as soon as practicable, but no later than twenty-four hours after the School District becomes aware of the data security breach; (2) provide Embrace® with the name and contact information for an employee of the School who shall serve as the School District’s primary security contact; (3) assist Embrace® with any investigation, including interviews with School employees and review of all relevant records. Embrace® shall have no liability for any damages related to a data breach due to or caused by School District’s software, equipment, personnel, students or unauthorized third-parties using or exceeding their authorized use of the School’s access, computer system or network.other
Appears in 1 contract
Samples: Data Privacy Addendum
Data Breach. a. In For purposes of this section, “data breach” means the event unauthorized disclosure of a data, unauthorized provision of physical or electronic means of gaining access to data breach attributed to Embrace®that compromises the security, which means an confidentiality, or integrity of School Student Data, or other unauthorized access, alteration, use or release of School District Data, as well as any other circumstances that could have resulted in such unauthorized disclosure, access, alteration, or use use.
5.5.1 In the event of School District a data by Embrace® or its employeesbreach, Embrace® shall promptly institute the Company agrees to the following: :
(1) notify the School District by telephone and email as soon as practicablewithin the most expedient time possible and without unreasonable delay, but no later than twenty- four 24 hours after Embrace® becomes aware of the data breachdetermination that a breach has occurred; (2) at the time notification of the breach is made, provide the School District with the name and contact information for an Embrace® employee of the Company who shall serve as the Embrace’s® Company’s primary security contact; (3) assist the School District with any investigation, including interviews of Embrace® with Company employees and review of all relevant records; (4) provide the School District within the most expedient time possible and without unreasonable delay, and in no case later than fifteen (15) days after notification to the School District that a data breach occurred, the number of students whose covered information is involved in the breach; the date, estimated date, or estimated date range of the breach; a description of the covered information that was compromised or reasonably believed to have been compromised in the breach; and contact information for the person who parents/guardians may contact at the Company regarding the breach; and (4) assist the School District with notification(s) any notification the School District deems reasonably necessary related to the security breach. The Company agrees to comply with the terms of this Section 5.5.1 regardless of whether the misuse or unauthorized release of School District Data is the result of or constitutes a material breach of the Agreement or this Addendum.
5.5.2 The Company shall not, unless required by law, provide any notices except to the School District without prior written permission from the School District.
5.5.3 If the data breach is attributable to the Company, the Company shall reimburse and indemnify the School District for costs imposed on the School District or reasonably undertaken by the School District at its discretion associated with a data breach, including but not limited to reimbursement of costs associated with notifying individuals whose information was compromised and notifying required regulatory agencies; (5) provision of fees paid to provide credit monitoring for one year to those students whose covered information was exposed in a manner during the breach such that a reasonable person would believe it could impact their credit or financial securityimpacted individuals; and (6) pay the reasonable legal fees (or assume the defense of the district at Embrace's discretion)fees, reasonable audit costs, fines, and any other fees or damages reasonably undertaken by or imposed against the school solely School District as a result of Embrace's actions or failure to act.
b. In the event of a data breach attributed to the School Districtsecurity breach; and any other notifications, which means an unauthorized disclosure, access, alterationlegally mandated responses, or use of School District data responses reasonably undertaken by the School District shall promptly: (1) notify Embrace® by telephone and email as soon as practicable, but no later than twenty-four hours after in response to the School District becomes aware of the data breach; (2) provide Embrace® with the name and contact information for an employee of the School who shall serve as the School District’s primary security contact; (3) assist Embrace® with any investigation, including interviews with School employees and review of all relevant records. Embrace® shall have no liability for any damages related to a data breach due to or caused by School District’s software, equipment, personnel, students or unauthorized third-parties using or exceeding their authorized use of the School’s access, computer system or network.
Appears in 1 contract
Samples: Data Privacy Addendum
Data Breach. a. In For purposes of this section, “data breach” means the event unauthorized disclosure of a data, unauthorized provision of physical or electronic means of gaining access to data breach attributed to Embrace®that compromises the security, which means an confidentiality, or integrity of School Student Data, or other unauthorized access, alteration, use or release of School District Data, as well as any other circumstances that could have resulted in such unauthorized disclosure, access, alteration, or use use.
5.5.1 In the event of School District a data by Embrace® or its employeesbreach, Embrace® shall promptly institute the Company agrees to the following: :
(1) notify the School District by telephone and email as soon as practicablewithin the most expedient time possible and without unreasonable delay, but no later than twenty- four 72 hours after Embrace® becomes aware of the data breachdetermination that a breach has occurred; (2) at the time notification of the breach is made, provide the School District with the name and contact information for an Embrace® employee of the Company who shall serve as the Embrace’s® Company’s primary security contact; (3) assist the School District with any investigation, including interviews of Embrace® with Company employees and review of all relevant records; (4) provide the School District within the most expedient time possible and without unreasonable delay, and in no case later than fifteen (15) days after notification to the School District that a data breach occurred, the number of students whose covered information is involved in the breach; the date, estimated date, or estimated date range of the breach; a description of the covered information that was compromised or reasonably believed to have been compromised in the breach; and contact information for the person who parents/guardians may contact at the Company regarding the breach; and (4) assist the School District with notification(s) any notification the School District deems reasonably necessary related to the security breach. The Company agrees to comply with the terms of this Section 5.5.1 regardless of whether the misuse or unauthorized release of School District Data is the result of or constitutes a material breach of the Agreement or this Addendum.
5.5.2 The Company shall not, unless required by law, provide any notices except to the School District without prior written permission from the School District.
5.5.3 The Company shall reimburse and indemnify the School District for all reasonable costs imposed on the School District or reasonably undertaken by the School District at its discretion associated with a data breach, including but not limited to reimbursement of costs associated with notifying individuals whose information was compromised and notifying required regulatory agencies; (5) provision of fees paid to provide credit monitoring for one year to those students whose covered information was exposed in a manner during the breach such that a reasonable person would believe it could impact their credit or financial securityimpacted individuals; and (6) pay the reasonable legal fees (or assume the defense of the district at Embrace's discretion)fees, reasonable audit costs, fines, and any other fees or damages reasonably undertaken by or imposed against the school solely School District as a result of Embrace's actions or failure to act.
b. In the event of a data breach attributed to the School Districtsecurity breach; and any other notifications, which means an unauthorized disclosure, access, alterationlegally mandated responses, or use of School District data responses reasonably undertaken by the School District shall promptly: (1) notify Embrace® by telephone and email as soon as practicable, but no later than twenty-four hours after in response to the School District becomes aware of the data breach; (2) provide Embrace® with the name and contact information for an employee of the School who shall serve as the School District’s primary security contact; (3) assist Embrace® with any investigation, including interviews with School employees and review of all relevant records. Embrace® shall have no liability for any damages related to a data breach due to or caused by School District’s software, equipment, personnel, students or unauthorized third-parties using or exceeding their authorized use of the School’s access, computer system or network.
Appears in 1 contract
Samples: Data Privacy Addendum
Data Breach. a. In For purposes of this section, “data breach” means the event unauthorized disclosure of a data, unauthorized provision of physical or electronic means of gaining access to data breach attributed to Embrace®that compromises the security, which means an confidentiality, or integrity of School Student Data, or other unauthorized access, alteration, use or release of School District Data, as well as any other circumstances that could have resulted in such unauthorized disclosure, access, alteration, or use use.
5.5.1 In the event of School District a data by Embrace® or its employeesbreach, Embrace® shall promptly institute the Company agrees to the following: :
(1) notify the School District by telephone and email as soon as practicablewithin the most expedient time possible and without unreasonable delay, but no later than twenty- four 24 hours after Embrace® becomes aware of the data breachdetermination that a breach has occurred; (2) at the time notification of the breach is made, provide the School District with the name and contact information for an Embrace® employee of the Company who shall serve as the Embrace’s® Company’s primary security contact; (3) assist the School District with any investigation, including interviews of Embrace® with Company employees and review of all relevant records; (4) provide the School District within the most expedient time possible and without unreasonable delay, and in no case later than fifteen (15) days after notification to the School District that a data breach occurred, the number of students whose covered information is involved in the breach; the date, estimated date, or estimated date range of the breach; a description of the covered information that was compromised or reasonably believed to have been compromised in the breach; and contact information for the person who parents/guardians may contact at the Company regarding the breach; and (4) assist the School District with notification(s) any notification the School District deems reasonably necessary related to the security breach. The Company agrees to comply with the terms of this Section 5.5.1 regardless of whether the misuse or unauthorized release of School District Data is the result of or constitutes a material breach of the Agreement or this Addendum.
5.5.2 The Company shall not, unless required by law, provide any notices except to the School District without prior written permission from the School District.
5.5.3 The Company shall reimburse and indemnify the School District for all costs imposed on the School District or reasonably undertaken by the School District at its discretion associated with a data breach, including but not limited to reimbursement of costs associated with notifying individuals whose information was compromised and notifying required regulatory agencies; (5) provision of fees paid to provide credit monitoring for one year to those students whose covered information was exposed in a manner during the breach such that a reasonable person would believe it could impact their credit or financial securityimpacted individuals; and (6) pay the reasonable legal fees (or assume the defense of the district at Embrace's discretion)fees, reasonable audit costs, fines, and any other fees or damages reasonably undertaken by or imposed against the school solely School District as a result of Embrace's actions or failure to act.
b. In the event of a data breach attributed to the School District, which means an unauthorized disclosure, access, alteration, or use of School District data the School District shall promptly: (1) notify Embrace® by telephone and email as soon as practicable, but no later than twenty-four hours after the School District becomes aware of the data security breach; (2) provide Embrace® with the name and contact information for an employee of the School who shall serve as the School District’s primary security contact; (3) assist Embrace® with any investigationother notifications, including interviews with School employees and review of all relevant records. Embrace® shall have no liability for any damages related to a data breach due to or caused by School District’s software, equipment, personnel, students or unauthorized third-parties using or exceeding their authorized use of the School’s access, computer system or network.legally
Appears in 1 contract
Samples: Data Privacy Addendum
Data Breach. a. (A) In the event of a data breach attributed to Embrace®the Company, which means an unauthorized disclosure, access, alteration, or use of School District data by Embrace® or its employeescircumstances that could have resulted in such unauthorized disclosure, Embrace® access, alteration or use, the Company shall promptly institute the following: (1) notify the School District by telephone and email as soon as practicable, but no later than twenty- twenty-four hours after Embrace® the Company becomes aware of the data breach; (2) provide the School District with the name and contact information for an Embrace® employee of the Company who shall serve as the Embrace’s® Company’s primary security contact; (3) assist the School District with any investigation, including interviews of Embrace® with Company employees and review of all relevant records; and (4) assist the School District with notification(s) any notification the School District deems reasonably necessary related to the security breach; (5) provision . The Company shall not, unless required by law, provide any notices except to the School District without prior written permission from the School District. The Company shall reimburse and indemnify the School District for any costs imposed on the School District or reasonably undertaken by the School District at its discretion associated with a data breach, including reimbursement of fees paid by the School District related to providing credit monitoring for one year to those students whose covered information was exposed in a manner during the breach such that a reasonable person would believe it could impact their credit or financial security; affected individuals and (6) pay the reasonable payment of legal fees (or assume the defense of the district at Embrace's discretion)fees, reasonable audit costs, fines, and any other fees undertaken by the School District because of the security breach; provided that Company’s payment requirements under this Section shall not exceed its insurance limits. Company is not responsible for any damages related to a data breach due to or damages imposed against the school solely as a result of Embrace's actions caused by School District’s software, equipment, or failure to actpersonnel.
b. (B) In the event of a data breach attributed to the School District, which means an unauthorized disclosure, access, alteration, or use of School District data or circumstances that could have resulted in such unauthorized disclosure, access, alteration or use, the School District shall promptly: (1) notify Embrace® by telephone and email as soon as practicable, but no later than twenty-four hours after the School District becomes aware of the data breach; (2) provide Embrace® the Company with the name and contact information for an employee of the School who shall serve as the School District’s primary security contact; (3) assist Embrace® the Company with any investigation, including interviews with School employees and review of all relevant records. Embrace® shall have no liability for any damages related to a data breach due to or caused by School District’s software, equipment, personnel, students or unauthorized third-parties using or exceeding their authorized use of the School’s access, computer system or network.
Appears in 1 contract
Samples: Embrace® MTSS Contract
Data Breach. a. In For purposes of this section, “data breach” means the event confirmed unauthorized disclosure of a data, unauthorized provision of physical or electronic means of gaining access to data breach attributed to Embrace®that compromises the security, which means an confidentiality, or integrity of School Student Data, or other unauthorized access, alteration, use or release of School District Data, as well as any other circumstances that could have resulted in such unauthorized disclosure, access, alteration, or use use. 2/1/21
5.5.1 In the event of School District data by Embrace® or its employeesa Data Breach, Embrace® shall promptly institute the Company agrees to the following: :
(1) notify the School District by telephone within the most expedient time possible and email as soon as practicablewithout unreasonable delay, but no later than twenty- four hours five (5) days after Embrace® becomes aware of the data breachdetermination that a breach has occurred; (2) at the time notification of the breach is made, provide the School District with the name and contact information for an Embrace® employee of the Company who shall serve as the Embrace’s® Company’s primary security contact; (3) assist the School District with any investigation, including interviews of Embrace® with Company employees and review of all relevant records; (4) provide the School District within the most expedient time possible and without unreasonable delay, and in no case later than fifteen (15) days after notification to the School District that a data breach occurred, the number of students whose covered information is involved in the breach; the date, estimated date, or estimated date range of the breach; a description of the covered information that was compromised or reasonably believed to have been compromised in the breach; and contact information for the person who parents/guardians may contact at the Company regarding the breach; and (4) assist the School District with notification(s) any notification the School District deems reasonably necessary related to the security breach. The Company agrees to comply with the terms of this Section 5.5.1 regardless of whether the misuse or unauthorized release of School District Data is the result of or constitutes a material breach of the Agreement or this Addendum.
5.5.2 The Company shall not, unless required by law, provide any notices except to the School District without prior written permission from the School District.
5.5.3 The Company shall reimburse and indemnify the School District for all direct costs imposed on the School District or reasonably undertaken by the School District associated with a Data Breach, including but not limited to reimbursement of costs associated with notifying individuals whose information was compromised and notifying required regulatory agencies; (5) provision of fees paid to provide credit monitoring for one year to those students whose covered information was exposed in a manner during the breach such that a reasonable person would believe it could impact their credit or financial securityimpacted individuals; and (6) pay the reasonable legal fees (or assume the defense of the district at Embrace's discretion)fees, reasonable audit costs, fines, and any other fees or damages reasonably undertaken by or imposed against the school solely School District as a result of Embrace's actions or failure to act.
b. In the event of a data breach attributed to the School Districtsecurity breach; and any other notifications, which means an unauthorized disclosure, access, alterationlegally mandated responses, or use of School District data responses reasonably undertaken by the School District shall promptly: (1) notify Embrace® by telephone and email as soon as practicable, but no later than twenty-four hours after in response to the School District becomes aware of the data breach; (2) provide Embrace® with the name and contact information for an employee of the School who shall serve as the School District’s primary security contact; (3) assist Embrace® with any investigation, including interviews with School employees and review of all relevant records. Embrace® shall have no liability for any damages related to a data breach due to or caused by School District’s software, equipment, personnel, students or unauthorized third-parties using or exceeding their authorized use of the School’s access, computer system or network.
Appears in 1 contract
Samples: Data Privacy Addendum
Data Breach. a. In For purposes of this section, “data breach” means the event unauthorized disclosure of a data, unauthorized provision of physical or electronic means of gaining access to data breach attributed to Embrace®that compromises the security, which means an confidentiality, or integrity of School Student Data, or other unauthorized access, alteration, use or release of School District Data, as well as any other circumstances that could have resulted in such unauthorized disclosure, access, alteration, or use use.
5.5.1 In the event of School District a data by Embrace® or its employeesbreach, Embrace® shall promptly institute the Company agrees to the following: :
(1) notify the School District by telephone and email as soon as practicablewithin the most expedient time possible and without unreasonable delay, but no later than twenty- four 24 hours after Embrace® becomes aware of the data breach; determination that a breach has occurred;
(2) at the time notification of the breach is made, provide the School District with the name and contact information for an Embrace® employee of the Company who shall serve as the Embrace’s® Company’s primary security contact; ;
(3) assist the School District with any investigation, including interviews of Embrace® with Company employees and review of all relevant records;
(4) provide the School District within the most expedient time possible and without unreasonable delay, and in no case later than fifteen (15) days after notification to the School District that a data breach occurred, the number of students whose covered information is involved in the breach; the date, estimated date, or estimated date range of the breach; a description of the covered information that was compromised or reasonably believed to have been compromised in the breach; and contact information for the person who parents/guardians may contact at the Company regarding the breach; and (4) assist the School District with notification(s) any notification the School District deems reasonably necessary related to the security breach. The Company agrees to comply with the terms of this Section 5.5.1 regardless of whether the misuse or unauthorized release of School District Data is the result of or constitutes a material breach of the or this Agreement.
5.5.2 The Company shall not, unless required by law, provide any notices except to the School District without prior written permission from the School District.
5.5.3 The Company shall reimburse and indemnify the School District for all costs imposed on the School District or reasonably undertaken by the School District at its discretion associated with a data breach, including but not limited to reimbursement of costs associated with notifying individuals whose information was compromised and notifying required regulatory agencies; (5) provision of fees paid to provide credit monitoring for one year to those students whose covered information was exposed in a manner during the breach such that a reasonable person would believe it could impact their credit or financial securityimpacted individuals; and (6) pay the reasonable legal fees (or assume the defense of the district at Embrace's discretion)fees, reasonable audit costs, fines, and any other fees or damages reasonably undertaken by or imposed against the school solely School District as a result of Embrace's actions or failure to act.
b. In the event of a data breach attributed to the School Districtsecurity breach; and any other notifications, which means an unauthorized disclosure, access, alterationlegally mandated responses, or use of School District data responses reasonably undertaken by the School District shall promptly: (1) notify Embrace® by telephone and email as soon as practicable, but no later than twenty-four hours after in response to the School District becomes aware of the data breach; (2) provide Embrace® with the name and contact information for an employee of the School who shall serve as the School District’s primary security contact; (3) assist Embrace® with any investigation, including interviews with School employees and review of all relevant records. Embrace® shall have no liability for any damages related to a data breach due to or caused by School District’s software, equipment, personnel, students or unauthorized third-parties using or exceeding their authorized use of the School’s access, computer system or network.
Appears in 1 contract
Samples: Data Privacy Agreement
Data Breach. a. In For purposes of this section, “data breach” means the event unauthorized disclosure of a data, unauthorized provision of physical or electronic means of gaining access to data breach attributed to Embrace®that compromises the security, which means an confidentiality, or integrity of School Student Data, or other unauthorized access, alteration, use or release of School District Data, as well as any other circumstances that could have resulted in such unauthorized disclosure, access, alteration, or use use.
5.5.1 In the event of School District a data by Embrace® or its employeesbreach, Embrace® shall promptly institute the Company agrees to the following: :
(1) notify the School District by telephone and email as soon as reasonably practicable, but no later than twenty- four hours after Embrace® becomes aware of the data breach; (2) at the time notification of the breach is made, provide the School District with the name and contact information for an Embrace® employee of the Company who shall serve as the Embrace’s® Company’s primary security contact; (3) assist the School District with any investigation, including interviews of Embrace® with Company employees and review of all relevant records; (4) provide the School District within the most expedient time possible and without unreasonable delay, and in no case later than fifteen (15) days after notification to the School District that a data breach occurred, the number of students whose covered information is involved in the breach; the date, estimated date, or estimated date range of the breach; a description of the covered information that was compromised or reasonably believed to have been compromised in the breach; and contact information for the person who parents/guardians may contact at the Company regarding the breach, in each case to the extent that such information is available at the time; and (5) assist the School District with notification(s) the School District deems reasonably necessary any legally required notifications related to the security breach. The Company agrees to comply with the terms of this Section 5.5.1 regardless of whether the misuse or unauthorized release of School District Data is the result of or constitutes a material breach of the Agreement or this Addendum.
5.5.2 The Company shall not, unless required by law, provide any notices except to the School District without prior written permission from the School District.
5.5.3 The Company shall reimburse and indemnify the School District for all legally mandated costs and fees imposed on the School District in connection with a data breach, including but not limited to reimbursement of costs associated with notifying individuals whose information was compromised and notifying required regulatory agencies; (5) provision of fees paid to provide credit monitoring for one year to those students whose covered information was exposed in a manner during the breach such that a reasonable person would believe it could impact their credit or financial securityimpacted individuals; and (6) pay the reasonable legal fees (or assume the defense of the district at Embrace's discretion)fees, reasonable audit costs, fines, and any other fees or damages reasonably undertaken by or imposed against the school solely School District as a result of Embrace's actions the security breach; and any other legally mandated notifications or failure to act.
b. In the event of a data breach attributed to the School District, which means an unauthorized disclosure, access, alteration, or use of School District data responses undertaken by the School District shall promptly: (1) notify Embrace® by telephone and email as soon as practicable, but no later than twenty-four hours after in response to the School District becomes aware of the data breach; (2) provide Embrace® with the name and contact information for an employee of the School who shall serve as the School District’s primary security contact; (3) assist Embrace® with any investigation, including interviews with School employees and review of all relevant records. Embrace® shall have no liability for any damages related to a data breach due to or caused by School District’s software, equipment, personnel, students or unauthorized third-parties using or exceeding their authorized use of the School’s access, computer system or network.
Appears in 1 contract
Samples: Data Privacy Addendum
Data Breach. a. In For purposes of this section, "data breach" means the event unauthorized disclosure of a data, unauthorized provision of physical or electronic means of gaining access to data breach attributed to Embrace®that compromises the security, which means an confidentiality, or integrity of School Student Data, or other unauthorized access, alteration, use or release of School District Data, as well as any other circumstances that could have resulted in such unauthorized disclosure, access, alteration, or use use.
5.5.1 In the event of School District a data by Embrace® or its employeesbreach, Embrace® shall promptly institute the Company agrees to the following: :
(1) notify the School District by telephone and email as soon as practicablewithin the most expedient time possible and without unreasonable delay, but no later than twenty- four 72 hours after Embrace® becomes aware of the data breachdetermination that a breach has occurred; (2) at the time notification of the breach is made, provide the School District 2/1/21 with the name and contact information for an Embrace® employee of the Company who shall serve as the Embrace’s® Company's primary security contact; (3) assist the School District with any investigation, including interviews of Embrace® with Company employees and review of all relevant records; (4) provide the School District within the most expedient time possible and without unreasonable delay, and in no case later than fifteen (15) days after notification to the School District that a data breach occurred, the number of students whose covered information is involved in the breach; the date, estimated date, or estimated date range of the breach; a description of the covered information that was compromised or reasonably believed to have been compromised in the breach; and contact information for the person who parents/guardians may contact at the Company regarding the breach; and (4) assist the School District with notification(s) any notification the School District deems reasonably necessary related to the security breach. The Company agrees to comply with the terms of this Section 5.5.1 regardless of whether the misuse or unauthorized release of School District Data is the result of or constitutes a material breach of the Agreement or this Addendum.
5.5.2 The Company shall not, unless required by law, provide any notices except to the School District without prior written permission from the School District.
5.5.3 The Company shall reimburse and indemnify the School District for all costs imposed on the School District or reasonably undertaken by the School District at its discretion associated with a data breach by the Company, including but not limited to reimbursement of costs associated with notifying individuals whose information was compromised and notifying required regulatory agencies; (5) provision of fees paid to provide credit monitoring for one year to those students whose covered information was exposed in a manner during the breach such that a reasonable person would believe it could impact their credit or financial securityimpacted individuals; and (6) pay the reasonable legal fees (or assume the defense of the district at Embrace's discretion)fees, reasonable audit costs, fines, and any other fees or damages reasonably undertaken by or imposed against the school solely School District as a result of Embrace's actions or failure to act.
b. In the event of a data breach attributed to the School Districtsecurity breach; and any other notifications, which means an unauthorized disclosure, access, alterationlegally mandated responses, or use of School District data responses reasonably undertaken by the School District shall promptly: (1) notify Embrace® by telephone and email as soon as practicable, but no later than twenty-four hours after in response to the School District becomes aware of the data breach; (2) provide Embrace® with the name and contact information for an employee of the School who shall serve as the School District’s primary security contact; (3) assist Embrace® with any investigation, including interviews with School employees and review of all relevant records. Embrace® shall have no liability for any damages related to a data breach due to or caused by School District’s software, equipment, personnel, students or unauthorized third-parties using or exceeding their authorized use of the School’s access, computer system or network.
Appears in 1 contract
Samples: Data Privacy Addendum
Data Breach. a. unauthorized disclosure of data, unauthorized provision of physical or electronic means of gaining access to data that compromises the security, confidentiality, or integrity of School Student Data, or other unauthorized access, alteration, use or release of School District Data.
5.5.1 In the event of a data breach attributed breach, the Company agrees to Embrace®, which means an unauthorized disclosure, access, alteration, or use of School District data by Embrace® or its employees, Embrace® shall promptly institute the following: :
(1) notify the School District by telephone and email as soon as practicablewithin the most expedient time possible and without unreasonable delay, but no later than twenty- four hours 7 calendar days after Embrace® becomes aware of the data breachdetermination that a breach has occurred; (2) at the time notification of the breach is made, provide the School District with the name and contact information for an Embrace® employee who shall serve as the Embrace’s® primary security contact; (3) assist the School District with any investigation, including interviews of Embrace® with Company employees and review of all relevant records;
(4) provide the School District within the most expedient time possible and without unreasonable delay, and in no case later than fifteen (15) days after notification to the School District that a data breach occurred, the number of students whose covered information is involved in the breach; the date, estimated date, or estimated date range of the breach; a description of the covered information that was compromised or reasonably believed to have been compromised in the breach; and contact information for the person who parents/guardians may contact at the Company regarding the breach; and (4) assist the School District with notification(s) any notification the School District deems reasonably necessary related to the security breach. The Company agrees to comply with the terms of this Section 5.5.1 regardless of whether the misuse or unauthorized release of School District Data is the result of or constitutes a material breach of the Agreement or this Addendum.
5.5.2 The Company shall not, unless required by law, provide any notices except to the School District without prior written permission from the School District.
5.5.3 The Company shall reimburse and indemnify the School District for all costs imposed on the School District or reasonably undertaken by the School District at its discretion associated with a data breach attributable to Company, including but not limited to reimbursement of costs associated with notifying individuals whose information was compromised and notifying required regulatory agencies; (5) provision of fees paid to provide credit monitoring for one year to those students whose covered information was exposed in a manner during the breach such that a reasonable person would believe it could impact their credit or financial securityimpacted individuals; and (6) pay the reasonable legal fees (or assume the defense of the district at Embrace's discretion)fees, reasonable audit costs, fines, and any other fees or damages reasonably undertaken by or imposed against the school solely School District as a result of Embrace's actions or failure to act.
b. In the event of a data breach attributed to the School Districtsecurity breach; and any other notifications, which means an unauthorized disclosure, access, alterationlegally mandated responses, or use of School District data responses reasonably undertaken by the School District shall promptly: (1) notify Embrace® by telephone and email as soon as practicable, but no later than twenty-four hours after in response to the School District becomes aware of the data breach; (2) provide Embrace® with the name and contact information for an employee of the School who shall serve as the School District’s primary security contact; (3) assist Embrace® with any investigation, including interviews with School employees and review of all relevant records. Embrace® shall have no liability for any damages related to a data breach due to or caused by School District’s software, equipment, personnel, students or unauthorized third-parties using or exceeding their authorized use of the School’s access, computer system or network.
Appears in 1 contract
Samples: Data Privacy Addendum
Data Breach. a. In For purposes of this section, “data breach” means the event unauthorized disclosure of a data, unauthorized provision of physical or electronic means of gaining access to data breach attributed to Embrace®that compromises the security, which means an confidentiality, or integrity of School Student Data, or other unauthorized access, alteration, use or release of School District Data, as well as any other circumstances that could have resulted in such unauthorized disclosure, access, alteration, or use use.
5.5.1 In the event of School District a data by Embrace® or its employeesbreach, Embrace® shall promptly institute the Company agrees to the following: :
(1) notify the School District by telephone and email as soon as practicablewithin the most expedient time possible and without unreasonable delay, but no later than twenty- four 24 hours after Embrace® becomes aware of the data breachdetermination that a breach has occurred; (2) at the time notification of the breach is made, provide the School District with the name and contact information for an Embrace® employee of the Company who shall serve as the Embrace’s® Company’s primary security contact; (3) assist the School District with any investigation, including interviews of Embrace® with Company employees and review of all relevant records; (4) provide the School District within the most expedient time possible and without unreasonable delay, and in no case later than fifteen (15) days after notification to the School District that a data breach occurred, the number of students whose covered information is involved in the breach; the date, estimated date, or estimated date range of the breach; a description of the covered information that was compromised or reasonably believed to have been compromised in the breach; and contact information for the person who parents/guardians may contact at the Company regarding the breach; and (4) assist the School District with notification(s) any notification the School District deems reasonably necessary related to the security breach. The Company agrees to comply with the terms of this Section 5.5.1 regardless of whether the misuse or unauthorized release of School District Data is the result of or constitutes a material breach of the Agreement or this Addendum.
5.5.2 The Company shall not, unless required by law, provide any notices except to the School District without prior written permission from the School District.
5.5.3 The Company shall reimburse and indemnify the School District for all costs imposed on the School District or reasonably undertaken by the School District at its discretion associated with a data breach up to the total cost of the contract, including but not limited to reimbursement of costs associated with notifying individuals whose information was compromised and notifying required regulatory agencies; (5) provision of fees paid to provide credit monitoring for one year to those students whose covered information was exposed in a manner during the breach such that a reasonable person would believe it could impact their credit or financial securityimpacted individuals; and (6) pay the reasonable legal fees (or assume the defense of the district at Embrace's discretion)fees, reasonable audit costs, fines, and any other fees or damages reasonably undertaken by or imposed against the school solely School District as a result of Embrace's actions or failure to act.
b. In the event of a data breach attributed to the School District, which means an unauthorized disclosure, access, alterationsecurity breach; and any other notifications legally mandated responses, or use of School District data responses reasonably undertaken by the School District shall promptly: (1) notify Embrace® by telephone and email as soon as practicable, but no later than twenty-four hours after in response to the School District becomes aware of the data breach; (2) provide Embrace® with the name and contact information for an employee of the School who shall serve as the School District’s primary security contact; (3) assist Embrace® with any investigation, including interviews with School employees and review of all relevant records. Embrace® shall have no liability for any damages related to a data breach due to or caused by School District’s software, equipment, personnel, students or unauthorized third-parties using or exceeding their authorized use of the School’s access, computer system or network.
Appears in 1 contract
Samples: Data Privacy Addendum
Data Breach. a. In For purposes of this section, “data breach” means the event unauthorized disclosure of a data, unauthorized provision of physical or electronic means of gaining access to data breach attributed to Embrace®that compromises the security, which means an confidentiality, or integrity of School Student Data, or other unauthorized access, alteration, use or release of School District Data, as well as any other circumstances that could have resulted in such unauthorized disclosure, access, alteration, or use use.
5.5.1 In the event of School District a data by Embrace® or its employeesbreach, Embrace® shall promptly institute the Company agrees to the following: :
(1) notify the School District by telephone and email as soon as practicablewithin the most expedient time possible and without unreasonable delay, but no later than twenty- four 24 hours after Embrace® becomes aware of the data breachdetermination that a breach has occurred; (2) at the time notification of the breach is made, provide the School District with the name and contact information for an Embrace® employee of the Company who shall serve as the Embrace’s® Company’s primary security contact; (3) assist the School District with any investigation, including interviews of Embrace® with Company employees and review of all relevant records; (4) provide the School District within the most expedient time possible and without unreasonable delay, and in no case later than fifteen (15) days after notification to the School District that a data breach occurred, the number of students whose covered information is involved in thebreach; the date, estimated date, or estimated date range of the breach; a description of the covered information that was compromised or reasonably believed to have been compromised in the breach; and contact information for the person who parents/guardians may contact at the Company regarding the breach; and (4) assist the School District with notification(s) any notification the School District deems reasonably necessary related to the security breach; (5) provision . The Company agrees to comply with the terms of credit monitoring this Section 5.5.1 regardless of whether the misuse or unauthorized release of School District Data is the result of or constitutes a material breach of the Agreement or this Addendum.
5.5.2 The Company shall not, unless required by law, provide any notices except to the School District without prior written permission from the School District.
5.5.3 If the data breach is caused by Company’s negligence or recklessness, the Company shall reimburse and indemnify the School District for one year all costs imposed on the School District or reasonably undertaken by the School District at its discretion associated with a databreach, including but not limited to those students reimbursement of costs associated with notifying individuals whose covered information was exposed in a manner during the breach such that a reasonable person would believe it could impact their credit or financial securitycompromised and notifying required regulatory agencies; and (6) pay the reasonable fees paid to provide creditmonitoring to impacted individuals; legal fees (or assume the defense of the district at Embrace's discretion)fees, reasonable audit costs, fines, and any other fees or damages reasonably undertaken by or imposed against the school solely School District as a result of Embrace's actions or failure to act.
b. In the event of a data breach attributed to the School Districtsecurity breach; and any other notifications, which means an unauthorized disclosure, access, alterationlegally mandated responses, or use of School District data responses reasonably undertaken by the School District shall promptly: (1) notify Embrace® by telephone and email as soon as practicable, but no later than twenty-four hours after in response to the School District becomes aware of the data breach; (2) provide Embrace® with the name and contact information for an employee of the School who shall serve as the School District’s primary security contact; (3) assist Embrace® with any investigation, including interviews with School employees and review of all relevant records. Embrace® shall have no liability for any damages related to a data breach due to or caused by School District’s software, equipment, personnel, students or unauthorized third-parties using or exceeding their authorized use of the School’s access, computer system or network.
Appears in 1 contract
Samples: Data Privacy Addendum
Data Breach. a. In For purposes of this section, “data breach” means the event unauthorized disclosure of a data, unauthorized provision of physical or electronic means of gaining access to data breach attributed to Embrace®that compromises the security, which means an confidentiality, or integrity of School Student Data, or other unauthorized access, alteration, use or release of School District Data, as well as any other circumstances that could have resulted in such unauthorized disclosure, access, alteration, or use use.
5.5.1 In the event of School District a data by Embrace® or its employeesbreach, Embrace® shall promptly institute the Company agrees to the following: :
(1) notify the School District by telephone and email as soon as practicablewithin the most expedient time possible and without unreasonable delay, but no later than twenty- four 24 hours after Embrace® becomes aware of the data breachdetermination that a breach has occurred; (2) at the time notification of the breach is made, provide the School District with the name and contact information for an Embrace® employee of the Company who shall serve as the Embrace’s® Company’s primary security contact; (3) assist the School District with any investigation, including interviews of Embrace® with Company employees and review of all relevant records; (4) provide the School District within the most expedient time possible and without unreasonable delay, and in no case later than fifteen (15) days after notification to the School District that a data breach occurred, the number of students whose covered information is involved in the breach; the date, estimated date, or estimated date range of the breach; a description of the covered information that wascompromised or reasonably believed to have been compromised in the breach; and contact information for the person who parents/guardians may contact at the Company regarding the breach; and (4) assist the School District with notification(s) any notification the School District deems reasonably necessary related to the security breach. The Company agrees to comply with the terms of this Section 5.5.1 regardless of whether the misuse or unauthorized release of School District Data is the result of or constitutes a material breach of the Agreement or this Addendum.
5.5.2 The Company shall not, unless required by law, provide any notices except to the School District without prior written permission from the School District.
5.5.3 The Company shall reimburse and indemnify the School District for all costs imposed on the School District or reasonably undertaken by the School District at its discretion associated with a data breach, including but not limited to reimbursement of costs associated with notifying individuals whose information was compromised and notifying required regulatory agencies; (5) provision of fees paid to provide credit monitoring for one year to those students whose covered information was exposed in a manner during the breach such that a reasonable person would believe it could impact their credit or financial securityimpacted individuals; and (6) pay the reasonable legal fees (or assume the defense of the district at Embrace's discretion)fees, reasonable audit costs, fines, and any other fees or damages reasonably undertaken by or imposed against the school solely School District as a result of Embrace's actions or failure to act.
b. In the event of a data breach attributed to the School Districtsecurity breach; and any other notifications, which means an unauthorized disclosure, access, alterationlegally mandated responses, or use of School District data responses reasonably undertaken by the School District shall promptly: (1) notify Embrace® by telephone and email as soon as practicable, but no later than twenty-four hours after in response to the School District becomes aware of the data breach; (2) provide Embrace® with the name and contact information for an employee of the School who shall serve as the School District’s primary security contact; (3) assist Embrace® with any investigation, including interviews with School employees and review of all relevant records. Embrace® shall have no liability for any damages related to a data breach due to or caused by School District’s software, equipment, personnel, students or unauthorized third-parties using or exceeding their authorized use of the School’s access, computer system or network.
Appears in 1 contract
Samples: Data Privacy Addendum
Data Breach. a. In For purposes of this section, “data breach” means the event unauthorized disclosure of a data, unauthorized provision of physical or electronic means of gaining access to data breach attributed to Embrace®that compromises the security, which means an confidentiality, or integrity of School Student Data, or other unauthorized access, alteration, use or release of School District Data, as well as any other circumstances that could have resulted in such unauthorized disclosure, access, alteration, or use use.
5.5.1 In the event of School District a data by Embrace® or its employeesbreach, Embrace® shall promptly institute the Company agrees to the following: :
(1) notify the School District by telephone and email as soon as practicablewithin the most expedient time possible and without unreasonable delay, but no later than twenty- four 72 hours after Embrace® becomes aware of the data breach; determination that a breach has occurred;
(2) at the time notification of the breach is made, provide the School District with the name and contact information for an Embrace® employee of the Company who shall serve as the Embrace’s® Company's primary security contact; ;
(3) assist the School District with any investigation, including interviews of Embrace® with Company employees and review of all relevant records; (4) provide the School District within the most expedient time possible and without unreasonable delay, and in no case later than fifteen (15) days after notification to the School District that a data breach occurred, the number of students whose covered information is involved in the breach; the date, estimated date, or estimated date range of the breach; a description of the covered information that was compromised or reasonably believed to have been compromised in the breach; and contact information for the person who parents/guardians may contact at the Company regarding the breach; and (4) assist the School District with notification(s) any notification the School District deems reasonably necessary related to the security breach. The Company agrees to comply with the terms of this Section 5.5.1 regardless of whether the misuse or unauthorized release of School District Data is the result of or constitutes a material breach of the Agreement or this Addendum.
5.5.2 The Company shall not, unless required by law, provide any notices of a data breach except to the School District without prior written permission from the School District.
5.5.3 The Company shall reimburse and indemnify the School District for all costs imposed on the School District or reasonably undertaken by the School District at its discretion associated with a data breach, including but not limited to reimbursement of costs associated with notifying individuals whose information was compromised and notifying required regulatory agencies; (5) provision of fees paid to provide credit monitoring for one year to those students whose covered information was exposed in a manner during the breach such that a reasonable person would believe it could impact their credit or financial securityimpacted individuals; and (6) pay the reasonable legal fees (or assume the defense of the district at Embrace's discretion)fees, reasonable audit costs, fines, and any other fees or damages reasonably undertaken by or imposed against the school solely School District as a result of Embrace's actions or failure to act.
b. In the event of a data breach attributed to the School Districtsecurity breach; and any other notifications, which means an unauthorized disclosure, access, alterationlegally mandated responses, or use of School District data responses reasonably undertaken by the School District shall promptly: (1) notify Embrace® by telephone and email as soon as practicable, but no later than twenty-four hours after in response to the School District becomes aware of the data breach; (2) provide Embrace® with the name and contact information for an employee of the School who shall serve as the School District’s primary security contact; (3) assist Embrace® with any investigation, including interviews with School employees and review of all relevant records. Embrace® shall have no liability for any damages related to a data breach due to or caused by School District’s software, equipment, personnel, students or unauthorized third-parties using or exceeding their authorized use of the School’s access, computer system or network.
Appears in 1 contract
Samples: Data Privacy Addendum
