Incident and Breach Response Program Sample Clauses

Incident and Breach Response Program. AvePoint has in place an incident response program to mitigate, detect and respond to security incidents which includes the tools to find, eliminate or isolate the cause of any such security incident.
AutoNDA by SimpleDocs

Related to Incident and Breach Response Program

  • Incident Response Operator shall have a written incident response plan that reflects best practices and is consistent with industry standards and federal and state law for responding to a data breach, breach of security, privacy incident or unauthorized acquisition or use of any portion of Data, including PII, and agrees to provide LEA, upon request, an executive summary of the written incident response plan.

  • BREACH DISCOVERY AND NOTIFICATION 17 1. Following the discovery of a Breach of Unsecured PHI, CONTRACTOR shall notify 18 COUNTY of such Breach, however both parties agree to a delay in the notification if so advised by a 19 law enforcement official pursuant to 45 CFR § 164.412. 20 a. A Breach shall be treated as discovered by CONTRACTOR as of the first day on which 21 such Breach is known to CONTRACTOR or, by exercising reasonable diligence, would have been 22 known to CONTRACTOR. 23 b. CONTRACTOR shall be deemed to have knowledge of a Breach, if the Breach is 24 known, or by exercising reasonable diligence would have known, to any person who is an employee, 25 officer, or other agent of CONTRACTOR, as determined by federal common law of agency. 26 2. CONTRACTOR shall provide the notification of the Breach immediately to the COUNTY 27 Privacy Officer. CONTRACTOR’s notification may be oral, but shall be followed by written 28 notification within twenty four (24) hours of the oral notification. 29 3. CONTRACTOR’s notification shall include, to the extent possible: 30 a. The identification of each Individual whose Unsecured PHI has been, or is reasonably 31 believed by CONTRACTOR to have been, accessed, acquired, used, or disclosed during the Breach; 32 b. Any other information that COUNTY is required to include in the notification to 33 Individual under 45 CFR §164.404 (c) at the time CONTRACTOR is required to notify COUNTY or 34 promptly thereafter as this information becomes available, even after the regulatory sixty (60) day 35 period set forth in 45 CFR § 164.410 (b) has elapsed, including: 36 1) A brief description of what happened, including the date of the Breach and the date 37 of the discovery of the Breach, if known; 1 2) A description of the types of Unsecured PHI that were involved in the Breach (such 2 as whether full name, social security number, date of birth, home address, account number, diagnosis, 3 disability code, or other types of information were involved); 4 3) Any steps Individuals should take to protect themselves from potential harm 5 resulting from the Breach; 6 4) A brief description of what CONTRACTOR is doing to investigate the Breach, to 7 mitigate harm to Individuals, and to protect against any future Breaches; and 8 5) Contact procedures for Individuals to ask questions or learn additional information, 9 which shall include a toll-free telephone number, an e-mail address, Web site, or postal address. 10 4. COUNTY may require CONTRACTOR to provide notice to the Individual as required in 11 45 CFR § 164.404, if it is reasonable to do so under the circumstances, at the sole discretion of the 12 COUNTY. 13 5. In the event that CONTRACTOR is responsible for a Breach of Unsecured PHI in violation 14 of the HIPAA Privacy Rule, CONTRACTOR shall have the burden of demonstrating that 15 CONTRACTOR made all notifications to COUNTY consistent with this Subparagraph F and as 16 required by the Breach notification regulations, or, in the alternative, that the acquisition, access, use, or 17 disclosure of PHI did not constitute a Breach. 18 6. CONTRACTOR shall maintain documentation of all required notifications of a Breach or 19 its risk assessment under 45 CFR § 164.402 to demonstrate that a Breach did not occur. 20 7. CONTRACTOR shall provide to COUNTY all specific and pertinent information about the 21 Breach, including the information listed in Section E.3.b.(1)-(5) above, if not yet provided, to permit 22 COUNTY to meet its notification obligations under Subpart D of 45 CFR Part 164 as soon as 23 practicable, but in no event later than fifteen (15) calendar days after CONTRACTOR’s initial report of 24 the Breach to COUNTY pursuant to Subparagraph F.2. above. 25 8. CONTRACTOR shall continue to provide all additional pertinent information about the

  • Your Rights and Our Responsibilities After We Receive Your Written Notice We must acknowledge your letter within 30 days, unless we have corrected the error by then. Within 90 days, we must either correct the error or explain why we believe the bill was correct. After we receive your letter, we cannot try to collect any amount you question, or report you as delinquent. We can continue to bill you for the amount you question, including finance charges and we can apply any unpaid amount against your credit limit. You do not have to pay any questioned amount while we are investigating, but you are still obligated to pay the parts of your bill that are not in question. If we find that we made a mistake on your bill, you will not have to pay any finance charges related to any questioned amount. If we didn’t make a mistake, you may have to pay finance charges, and you will have to make up any missed payments on the questioned amount. In either case, we will send you a statement of the amount you owe and the date that it is due. If you fail to pay the amount that we think you owe, we may report you as delinquent. However, if our explanation does not satisfy you and you write to us within ten days telling us that you still refuse to pay, we must tell anyone we report you to that you have a question about your bill. In addition, we must tell you the name of anyone we reported you to. Upon settlement of a disputed bill, we must notify anyone we reported you to that the matter has been settled. If we don’t follow these rules, we can’t collect the first $50 of the questioned amount, even if your bill was correct.

  • Client Responsibility For clarity, the parties agree that in reviewing the documents referred to in clause (b) above, Patheon’s role will be limited to verifying the accuracy of the description of the work undertaken or to be undertaken by Patheon. Subject to the foregoing, Patheon will not assume any responsibility for the accuracy of any application for receipt of an approval by a Regulatory Authority. The Client is solely responsible for the preparation and filing of the application for approval by the Regulatory Authority and any relevant costs will be borne by the Client.

  • Provider Responsibilities The Private Child-Caring Facility (PCC) (a.k.a., Provider) must comply with the following requirements:

  • Scope of Responsibility Notwithstanding any provision to the contrary, the Escrow Agent is obligated only to perform the duties specifically set forth in this Escrow Agreement, which shall be deemed purely ministerial in nature. Under no circumstances will the Escrow Agent be deemed to be a fiduciary to any Party or any other person under this Escrow Agreement. The Escrow Agent will not be responsible or liable for the failure of any Party to perform in accordance with this Escrow Agreement. The Escrow Agent shall neither be responsible for, nor chargeable with, knowledge of the terms and conditions of any other agreement, instrument, or document other than this Escrow Agreement, whether or not an original or a copy of such agreement has been provided to the Escrow Agent; and the Escrow Agent shall have no duty to know or inquire as to the performance or nonperformance of any provision of any such agreement, instrument, or document. References in this Escrow Agreement to any other agreement, instrument, or document are for the convenience of the Parties, and the Escrow Agent has no duties or obligations with respect thereto. This Escrow Agreement sets forth all matters pertinent to the escrow contemplated hereunder, and no additional obligations of the Escrow Agent shall be inferred or implied from the terms of this Escrow Agreement or any other agreement.

  • Client Responsibilities You are responsible for (a) assessing each participants’ suitability for the Training, (b) enrollment in the appropriate course(s) and (c) your participants’ attendance at scheduled courses.

  • Your Responsibility You are solely responsible for the quality, completeness, accuracy, validity and integrity of the image. You are solely responsible if you, intentionally or unintentionally, submit fraudulent, incorrect or illegible images to us or if Mobile Deposit is used, by authorized or unauthorized persons, to submit fraudulent, unauthorized, inaccurate, incorrect or otherwise improper or unusable images to us.

  • Waiver of responsibility 1. Any appraisal of the Programme undertaken before or after its approval by the FMC, does not in any way diminish the responsibility of the National Focal Point and the Programme Operator to verify and confirm the correctness of the documents and information forming the basis of the programme agreement. 2. Nothing contained in the programme agreement shall be construed as imposing upon the FMC or the FMO any responsibility of any kind for the supervision, execution, completion, or operation of the Programme or its projects. 3. The FMC does not assume any risk or responsibility whatsoever for any damages, injuries, or other possible adverse effects caused by the Programme or its projects including, but not limited to inconsistencies in the planning of the Programme or its projects, other project(s) that might affect it or that it might affect, or public discontent. It is the full and sole responsibility of the National Focal Point and the Programme Operator to satisfactorily address such issues. 4. Neither the National Focal Point, the Programme Operator, entities involved in the implementation of projects, nor any other party shall have recourse to the FMC for further financial support or assistance to the Programme in whatsoever form over and above what has been provided for in the programme agreement. 5. Neither the European Free Trade Association, its Secretariat, including the FMO, its officials or employees, nor the FMC, its members or alternate members, nor the EFTA States, can be held liable for any damages or injuries of whatever nature sustained by the National Focal Point or the Beneficiary State, the Programme Operator, Project Promoters or any other third person, in connection, be it direct or indirect, with this programme agreement. 6. Nothing in this programme agreement shall be construed as a waiver of diplomatic immunities and privileges awarded to the European Free Trade Association, its assets, officials or employees.

  • Timely and Sustained Response Interconnection Customer shall ensure that the Small Generating Facility’s real power response to sustained frequency deviations outside of the deadband setting is automatically provided and shall begin immediately after frequency deviates outside of the deadband, and to the extent the Small Generating Facility has operating capability in the direction needed to correct the frequency deviation. Interconnection Customer shall not block or otherwise inhibit the ability of the governor or equivalent controls to respond and shall ensure that the response is not inhibited, except under certain operational constraints including, but not limited to, ambient temperature limitations, physical energy limitations, outages of mechanical equipment, or regulatory requirements. The Small Generating Facility shall sustain the real power response at least until system frequency returns to a value within the deadband setting of the governor or equivalent controls. An Applicable Reliability Standard with equivalent or more stringent requirements shall supersede the above requirements.

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!