Incident Event and Communications Management a. Incident Management/Notification of Breach - DST shall develop, implement and maintain an incident response plan that specifies actions to be taken when DST or one of its subcontractors suspects or detects that a party has gained material unauthorized access to Fund Data or systems or applications containing any Fund Data (the “Response Plan”). Such Response Plan shall include the following:
i. Escalation Procedures - An escalation procedure that includes notification to senior managers and appropriate reporting to regulatory and law enforcement agencies. This procedure shall provide for reporting of incidents that compromise the confidentiality of Fund Data (including backed up data) to Fund via telephone or email (and provide a confirmatory notice in writing as soon as practicable); provided that the foregoing notice obligation is excused for such period of time as DST is prohibited by law, rule, regulation or other governmental authority from notifying Fund.
ii. Incident Reporting - DST will use commercially reasonable efforts to promptly furnish to Fund information that DST has regarding the general circumstances and extent of such unauthorized access to the Fund Data.
Incident Event and Communications Management a. Incident Management/Notification of Breach - Transfer Agent shall develop, implement and maintain an incident response plan that specifies actions to be taken when Transfer Agent or one of its subcontractors suspects or detects that a party has gained material unauthorized access to Fund Data or systems or applications containing any Fund Data (the “Response Plan”). Such Response Plan shall include the following:
i. Escalation Procedures - An escalation procedure that includes notification to senior managers and appropriate reporting to regulatory and law enforcement agencies. This procedure shall provide for reporting of incidents that compromise the confidentiality of Fund Data (including backed up data) to Fund via telephone or email (and provide a confirmatory notice in writing as soon as practicable); provided that the foregoing notice obligation is excused for such period of time as Transfer Agent is prohibited by law, rule, regulation or other governmental authority from notifying Fund.
Incident Event and Communications Management a. Incident Management/Notification of Breach - State Street shall develop and implement an incident response plan that specifies actions to be taken when State Street or one of its subcontractors suspects or detects that a party has gained unauthorized access to Client Data or systems or applications containing any Client Data (the “Response Plan”). It must be approved by management, and have an owner to maintain and review the program. Such Response Plan shall include the following:
i. Escalation Procedures - An escalation procedure that includes notification to senior managers and appropriate reporting to regulatory and law enforcement agencies. This procedure shall provide for reporting of incidents that compromise the confidentiality of Client Data (including backed up data) to Client via telephone or email (and provide a confirmatory notice in writing as soon as practicable); provided that the foregoing notice obligation is excused for such period of time as State Street is prohibited by law, rule, regulation or other governmental authority from notifying Client.
ii. Incident Reporting - State Street will use commercially reasonable efforts to promptly furnish to Client information that State Street has regarding the general circumstances and extent of such unauthorized access.
Incident Event and Communications Management a. Incident Management/Notification of Breach - State Street will maintain an incident response plan that specifies actions to be taken when State Street or one of its subcontractors suspects or detects that a party has gained unauthorized access to Client Data or systems or applications containing any Client Data (the “Response Plan”). Such Response Plan will include an escalation procedure that includes notification to senior managers and reporting to regulatory and law enforcement agencies, when and if applicable. State Street will use commercially reasonable efforts to investigate, remediate and mitigate such unauthorized access.
b. State Street will notify Client within seventy-two (72) hours after it has determined that unauthorized access to Client Data has occurred, unless otherwise prohibited by Applicable Law. In such an event, and unless prohibited by Applicable Law, State Street will provide information, to the extent available to State Street, sufficient to provide a reasonable description of the general circumstances and extent of such unauthorized access, and will provide reasonable cooperation to Client:
i. in the investigation of any such unauthorized access;
ii. in Client’s efforts to comply with statutory notice or other Applicable Laws applicable to Client or its customers; and
iii. in litigation and investigations brought by Client against third parties, including injunctive or other equitable relief reasonably necessary to protect Client’s proprietary rights.
Incident Event and Communications Management a. Incident Management/Notification of Breach - State Street shall develop and implement an incident response plan that specifies actions to be taken when State Street or one of its subcontractors suspects or detects that a party has gained unauthorized access to Funds’ Data or systems or applications containing any Funds’ Data (the “Response Plan”). It must be approved by management, and have an owner to maintain and review the program. Such Response Plan shall include the following:
i. Escalation Procedures - An escalation procedure that includes notification to senior managers and appropriate reporting to regulatory and law enforcement agencies. This procedure shall provide for reporting of incidents that compromise the confidentiality of Funds’ Data (including backed up data) to the Funds via telephone or email (and provide a confirmatory notice in writing as soon as practicable); provided that the foregoing notice obligation is excused for such period of time as State Street is prohibited by law, rule, regulation or other governmental authority from notifying the Funds.
Incident Event and Communications Management a. Incident Management/Notification of Breach - State Street shall develop and implement an incident response plan that specifies actions to be taken when State Street or one of its subcontractors suspects or detects that a party has gained material unauthorized access to Client Data or systems or applications containing any Client Data (the “Response Plan”). Such Response Plan shall include the following:
i. Escalation Procedures - An escalation procedure that includes notification to senior managers and appropriate reporting to regulatory and law enforcement agencies. This procedure shall provide for reporting of incidents that compromise the confidentiality of Client Data (including backed up data) to Client via telephone or email (and provide a confirmatory notice in writing as Information Classification: Limited Access 37 soon as practicable); provided that the foregoing notice obligation is excused for such period of time as State Street is prohibited by law, rule, regulation or other governmental authority from notifying Client.
ii. Incident Reporting - State Street will use commercially reasonable efforts to promptly furnish to Client information that State Street has regarding the general circumstances and extent of such unauthorized access.
Incident Event and Communications Management a. Incident Management/Notification of Breach - State Street will maintain an incident response plan that specifies actions to be taken when State Street or one of its subcontractors suspects or detects that a party has gained unauthorized access to Client Data or systems or applications containing any Client Data (the “Response Plan”). Such Response Plan will include an escalation procedure that includes notification to senior managers and reporting to regulatory and law enforcement agencies, when and if applicable. State Street will use commercially reasonable efforts to investigate, remediate and mitigate such unauthorized access.
b. State Street will notify Client within forty-eight (48) hours after it has determined that unauthorized access to Client Data has occurred, unless otherwise prohibited by Applicable Law. In such an event, and unless prohibited by Applicable Law, State Street will provide information, to the extent available to State Street, sufficient to provide a reasonable description of the general circumstances and extent of such unauthorized access, and will provide reasonable cooperation to Client:
i. in the investigation of any such unauthorized access;
ii. in Client’s efforts to comply with statutory notice or other Applicable Laws applicable to Client or its customers; and
iii. in litigation and investigations brought by Client against third parties, including injunctive or other equitable relief reasonably necessary to protect Client’s proprietary rights. For the avoidance of doubt, State Street will not be required to disclose information that State Street reasonably determines would compromise the security of State Street’s technology or premises or that would impact other State Street clients. Information Classification: Limited Access Lord Xxxxxx Private Credit Fund Delaware Yes Lord Xxxxxx Private Credit Funding 1, LLC Delaware No Information Classification: Limited Access
Incident Event and Communications Management. (a) Incident Management/Notification of Breach - State Street shall develop and implement an incident response plan that specifies actions to be taken when State Street or one of its Delegates detects that a party has gained unauthorized access (including inadvertent disclosures) to Fund Data (the “Response Plan”). Such Response Plan shall include an escalation procedure that includes notification to senior managers and appropriate reporting to Regulatory Authorities and law enforcement agencies. This procedure shall provide for reporting of incidents that compromise the confidentiality of Fund Data (including backed up data) to the Funds via telephone or email (and provide a confirmatory notice in writing as soon as practicable); provided that the foregoing notice obligation is excused for such period of time as State Street is prohibited by Legal Requirement from notifying the Funds.
(b) State Street shall promptly notify the Funds (but in no event later than forty-eight (48) hours or such shorter timeframe as may be required under applicable Legal Requirement) after State Street knows that unauthorized access to Fund Data has occurred, unless otherwise prohibited by Legal Requirement. In such an event, and unless prohibited by Legal Requirement, State Street shall provide as part of such notification, to the extent available to State Street, a reasonable description of the circumstances and extent of such unauthorized access sufficient for the Funds to understand material details of any such unauthorized disclosure or access, and shall provide reasonable cooperation to the Funds, their investigators and any Regulatory Authorities:
(i) in the investigation, remediation, and resolution of, any other response to, any such unauthorized access;
(ii) in the Funds’ efforts to comply with statutory notice or other Legal Requirements applicable to the Funds or their Clients arising as a result of such unauthorized access; and
(iii) in litigation and investigations involving the Funds arising as a result of such unauthorized access. For the avoidance of doubt, State Street shall not be required to disclose or otherwise make available information pursuant to the terms of Section 6.1(e) of this Amendment.
(c) With respect to each unauthorized disclosure or access, State Street shall promptly use commercially reasonable efforts (i) to contain such unauthorized disclosure or access and, further, to prevent further unauthorized access to or misuse of the Fund Data; an...
Incident Event and Communications Management. A. Incident Management/ Notification of Security Incident or Breach - Contractor shall maintain an approved Incident Response Plan that specifies actions to be taken when the Contractor, one of its subcontractors, or SWK suspects, detects, or has reason to believe that a Security Incident or Breach has occurred or that a party has otherwise gained unauthorized access to SWK Data, systems, or applications containing any SWK Data or supporting delivery of Services. Such Response Plan shall include:
I. Escalation Procedures - Escalation procedures must exist to notify senior managers and appropriate reporting to regulatory and law enforcement agencies. Contractor shall immediately report to SWK via telephone or email (and provide a confirmatory notice in writing as soon as practicable but in any event within 24 hours) all incidents that in anyway affect the operation of SWK or the confidentiality, availability or integrity of SWK Data (including backed up data), including but not limited to, any Security Incident, Breach, or successful or attempted unauthorized access to systems or networks which contain or provide access to SWK Data.
Incident Event and Communications Management. Incident Management/Notification of Breach – AvePoint has developed and implemented an incident response plan that specifies actions to be taken when AvePoint suspects or detects that a party has gained unauthorized access to Customer Data or systems or applications containing any Customer Data (the “Response Plan”). The Response Plan includes: • Incident Reporting – AvePoint will strive to promptly furnish to customer full details that AvePoint has or may obtain regarding the general circumstances and extent of such unauthorized access, including without limitation, the categories of Customer personal data and the number and/or identities of the data subjects affected, as well as any steps taken to secure the Customer Data and preserve information for any necessary investigation. • Investigation & Prevention – AvePoint uses reasonable efforts to assist customer in investigating or preventing the reoccurrence of any such access and strives to
(i) cooperate with the customer in its efforts to comply with statutory notice or other legal obligations applicable to customer or its clients arising out of unauthorized access or use and to seek injunctive or other equitable relief; and
(ii) promptly take all reasonable actions necessary to prevent a reoccurrence of and mitigate against loss from any such authorized access. • Personnel Training and Confidentiality – AvePoint has robust policies and procedures in place to ensure that all personnel fully understand the process and conditions under which they are required to invoke the appropriate incident response. AvePoint maintains strict confidentiality regarding actual or suspected authorized possession, use or knowledge of Customer Data or any other failure of AvePoint’s security measures or non-compliance with its security policies or procedures.
