Disposition of Breach Alerts and Notifications. A. Review of the Breach by the Data Governing Board 1) The impact of the Breach or potential Breach on the privacy, security, confidentiality and integrity of the Data Sharing process; 2) Whether the Data Governing Board needs to take any action to suspend the Party(ies) involved in the Breach or potential Breach in accordance with Appendix 1 of this E-MOU; 3) Whether the Data Governing Board should take any other measures in response to the notification or alert; 4) The Data Governing Board shall, if needed, request additional information from the Party(ies) involved in the Breach or potential Breach to fulfill its responsibilities. However, with respect to potential Breach alerts, the Data Governing Board is encouraged to hold inquiries and request additional information to allow the Party(ies) time to determine whether a Breach actually occurred. After determination of a Breach (whether actual, potential or it is determined that it is not a Breach), there should be documentation kept by the Party(ies) of the event that occurred, in order to maintain records for review in case of audit, etc.
Appears in 6 contracts
Samples: Memorandum of Understanding, Data Sharing Agreement, Data Sharing Agreement
