Data Security; Incident Notification Sample Clauses

Data Security; Incident Notification. The Parties acknowledge and agree to implement commercially reasonable measures to protect the confidentiality, integrity, and availability of all information and records pertaining to education records, as well as any information identified as confidential or sensitive by one party or the other. In the event a party experiences a security incident or breach that involves education records, that party shall inform the other party within 48 hours of its discovery and it shall conduct a reasonable prompt investigation of the same. To the extent that any such breach of security incident requires notification to any individuals under applicable law, the party experiencing the breach of security incident shall bear all reasonable costs associated therewith.
Sample 1Sample 2
AutoNDA by SimpleDocs
Data Security; Incident Notification. If ADP becomes aware of a security breach (as defined in any applicable law) or any other event that compromises the security, confidentiality or integrity of Client's Personal Information (an "Incident"), ADP will take appropriate actions to contain, investigate and mitigate the Incident. In the event that applicable law requires notification to individuals and others of such an Incident, ADP will take additional mitigation steps including providing assistance with the drafting and mailing of such notifications. ADP and Client shall mutually agree on the content and timing of any such notifications, in good faith and as needed to meet applicable legal requirements.
Sample 1Sample 2
Data Security; Incident Notification. If a party (Security Notifying Party) becomes aware of a Data Security Incident the Security Notifying Party must: (a) immediately, and in any event within 24 hours after becoming aware of the Data Security Incident, notify the other party in writing, and give the other party full details regarding the Data Security Incident; (b) provide reasonable co-operation in connection with any audit or investigation launched by the other party into the Data Security Incident (except that nothing in this section is to be read as requiring DNB to provide the Access Seeker or any third party with access to its premises, Personnel and systems); and (c) immediately activate containment measures to minimise the impact of the Data Security Incident; (d) conduct its own investigation into the Data Security Incident, and if the Data Security Incident is determined or likely to have been caused by the Security Notifying Party’s systems or processes: implement rectification measures to prevent any further Data Security Incidents; and confirm to the other party that such rectification measures have been implemented.
Sample 1
Data Security; Incident Notification. Greatland uses commercially reasonable efforts to ensure that its information systems are protected against security risks and vulnerabilities that the Software contains no “computer viruses” or “time bombs” as those terms are commonly understood in the information processing industry. Greatland also uses commercially reasonable efforts to protect your Confidential Information consistent with applicable federal and state laws and regulations. Additional details about Greatland’s security practices and safeguards are available at xxxxx://xxx.xxxxxxxxx.xxx/content/pdf/Greatland-Information-Security-Controls-for-XXXX-and- DPA.pdf. Except where prohibited by applicable law, Greatland will promptly notify you upon becoming aware of any unauthorized access to, use or disclosure of any of your Personal Information while in the possession or control of Greatland, and will take such actions as are commercially reasonable or necessary to assess the nature and scope of such incident to prevent further occurrences.
Sample 1

Related to Data Security; Incident Notification

  • Security Incident Notification The Transfer Agent shall promptly notify the Trust but in no event later than 72 hours following discovery of any Security Incident(s). Such notification shall include the extent and nature of such intrusion, disclosure, or unauthorized access, the identity of the compromised Customer Confidential Information (to the extent it can be ascertained), how the Transfer Agent was affected by the Security Incident, and its response to such Security Incident. The Transfer Agent shall use continuous and diligent efforts to remedy the cause and the effects of such Security Incident in an expeditious manner and deliver to the Trust a root cause analysis and future incident Mitigation plan with regard to any such incident. The Transfer Agent shall reasonably cooperate with the Trust’s investigation and response to each Security Incident. If the Trust determines in its sole discretion that it may need or be required to notify any individual(s) as a result of a Security Incident, the Trust shall have the right to control all such notifications and the Transfer Agent shall bear all direct costs associated with the notification, to the extent the notification and corresponding actions are required by U.S. law, and subject to the limitation of liability set forth in the Agreement. Without limiting the foregoing, unless otherwise required by U.S. law, no such notifications shall be made by the Transfer Agent without the Trust’s prior written consent and the Trust shall, together with the Transfer Agent, determine the content and delivery of all such notifications. For the avoidance of doubt, the Transfer Agent shall be solely responsible for all costs and expenses, subject to the limitations of liability under the Agreement that the Trust and/or the Transfer Agent may incur to the extent that they are attributable to or arise from the Transfer Agent’s breach of its confidentiality obligations under the Agreement.

  • Security Incident Reporting A security incident occurs when CDA information assets are or reasonably believed to have been accessed, modified, destroyed, or disclosed without proper authorization, or are lost, or stolen. Subrecipient must comply with CDA’s security incident reporting procedures located at xxxxx://xxx.xxxxx.xx.xxx/ProgramsProviders/#Resources.

  • Security Incident Response Upon becoming aware of a Security Incident, MailChimp shall notify Customer without undue delay and shall provide timely information relating to the Security Incident as it becomes known or as is reasonably requested by Customer.

  • Security Incident “Security Incident” means the attempted or successful unauthorized access, use, disclosure, modification, or destruction of information or interference with system operations in an information system.

  • Security Incidents 11.1 Includes identification, managing and agreed reporting procedures for actual or suspected security breaches.

  • Incident Notification Google will notify Customer promptly and without undue delay after becoming aware of a Data Incident, and promptly take reasonable steps to minimize harm and secure Customer Data.

  • Security Breach Notification In addition to the information enumerated in Article V, Section 4(1) of the DPA Standard Clauses, any Security Breach notification provided by the Provider to the LEA shall include: a. A list of the students whose Student Data was involved in or is reasonably believed to have been involved in the breach, if known; and b. The name and contact information for an employee of the Provider whom parents may contact to inquire about the breach.

  • Notification of Results Within 10 days after satisfactory inspection and/or testing of Interconnection Facilities built by the Interconnection Customer (including, if applicable, inspection and/or testing after correction of defects or failures), the Interconnected Transmission Owner shall confirm in writing to the Interconnection Customer and Transmission Provider that the successfully inspected and tested facilities are acceptable for energization.

  • Breaches and Security Incidents During the term of the Agreement, CONTRACTOR 27 agrees to implement reasonable systems for the discovery of any Breach of unsecured DHCS PI and PII 28 or security incident. CONTRACTOR agrees to give notification of any beach of unsecured DHCS PI 29 and PII or security incident in accordance with subparagraph F, of the Business Associate Contract, 30 Exhibit B to the Agreement.

  • Electronic Visit Verification ("EVV A. To ensure: 1. the EVV system is used to verify the provision of services governed under 40 TAC, Chapter 68 or its successor; 2. only authorized people access the Contractor's EVV account; 3. all data elements required by HHSC or HHSC's designee are uploaded or entered and maintained in the EVV system completely, accurately, and prior to submitting the claim; 4. that each time services governed by 40 TAC Chapter 68 or its successor are delivered to an individual, the Contractor's staff uses an HHSC-approved EVV system; and 5. service delivery documentation is immediately available for review by HHSC when requested. B. Equipment provided to Contractor by HHSC, HHSC’s designee, or an HHSC-approved EVV vendor, must be returned in good condition when the equipment is no longer needed under this Contract. In the context of this agreement, “good condition” means Contractor must not place any marks or identifying information on the equipment and may not alter information on the equipment including logos and serial numbers. If the equipment is lost, stolen, marked, altered or damaged by Contractor, Contractor may be required to pay the replacement cost for each piece of equipment that is lost, stolen, marked or damaged. Replacement costs for lost, stolen, marked or damaged equipment may be assessed periodically. If Contractor recovers previously lost or stolen equipment for which Contractor paid the replacement cost in the prior 12 months, Contractor may return the equipment and be reimbursed for the replacement costs within 12 months of the date HHSC, HHSC’s designee or an HHSC-approved EVV vendor (as applicable) received payment in full from the Contractor. This is provided the equipment is returned in good condition as specified above. C. HHSC may perform EVV compliance oversight reviews to determine if Contractor has complied with EVV compliance requirements as outlined in 40 TAC Chapter 68 or its successor, EVV Policy posted on the HHSC EVV website or EVV Policy Handbook. D. If the Contractor determines an electronic record in the EVV system needs to be adjusted at any time, the Contractor will make the adjustment in the EVV system using the most appropriate EVV reason code number(s), EVV reason code description(s) and enter any required free text when completing visit maintenance in the EVV system, if applicable. E. Contractor must begin using an HHSC-approved EVV system prior to submitting an EVV relevant claim. F. All claims for services required to use EVV (EVV claims) must match to an accepted EVV visit transaction in the EVV Aggregator (the state’s centralized EVV database) prior to reimbursement of an EVV claim. Without a matching accepted EVV visit transaction, the claim will be denied. G. Contractor must submit all EVV related claims through the Texas Medicaid Claims Administrator, or as otherwise described in the EVV Policy posted on the HHSC EVV website or in the EVV Policy Handbook. H. Contractor must complete all required EVV training as outlined in the EVV Policy posted on the HHSC EVV website or EVV Policy Handbook: • Prior to using either an EVV vendor system or an EVV proprietary system and • Yearly thereafter. I. Contractor and, if applicable, the Contractor’s appointed EVV system administrator, must complete, sign and date the EVV Onboarding Form as outlined in 40 TAC Chapter 68 or its successor, EVV Policy posted on the HHSC website or EVV Policy Handbook.

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!