Incident Response and Reporting Sample Clauses
The Incident Response and Reporting clause outlines the procedures and obligations for identifying, managing, and communicating security incidents or data breaches. Typically, it requires the affected party to promptly notify the other party upon discovering an incident, provide relevant details, and cooperate in investigating and mitigating the impact. This clause ensures that both parties are prepared to respond quickly to security threats, minimizing potential harm and maintaining compliance with legal or contractual obligations.
Incident Response and Reporting. Famic will promptly notify User of any security incidents that may impact User's Data, including data breaches or unauthorized access. The notification will include details of the incident, the Data affected, and the actions taken to mitigate the impact of the breach, including any legal notifications required by applicable law. During the incident reporting phase and the opening of a corresponding support ticket, User must notify Famic of any failure or fault encountered or noted that may help with the diagnosis and speed up Famic's intervention. User must remain available to collaborate with Famic by providing any additional information and/or by carrying out any tests and validations. In all circumstances, Famic is required to ensure only an obligation of means. When the HS experience problems and/or malfunctions that are noted by User and require Famic to intervene, User must contact Famic as soon as possible and open a support ticket in the Client Zone on Famic’s website ▇▇▇▇▇://▇▇▇.▇▇▇▇▇▇▇▇▇.▇▇▇.
Incident Response and Reporting. 1. No later than 24 business hours after detection, FAMS will notify NCRC of any actual or potential security intrusion or violation that will or could affect NCRC Confidential Information, including without limitation, customer data and financial data. This notification includes any complaint or report FAMS receives from a third party (such as NCRC’s customers), but excludes a detailed description of FAMS’s development, review and testing procedures. In FAMS’s notification, it will report on the nature of the incident, estimated impact on NCRC and investigative action taken or planned. Incidents include, without limitation, violations or potential violations of a federal or state law, including, without limitation, the Bank Secrecy Act.
2. FAMS shall provide NCRC with an incident status report every 2 hours or within a timeframe mutually agreed upon by the parties until both parties agree that a status report is no longer necessary.
3. Within three (3) business days after the initial incident report, FAMS will provide NCRC with a written updated report that summarizes the results of the investigative action and corrective/remedial action taken.
4. Upon completion of the investigation, FAMS will provide NCRC with a final written report that gives a full accounting of the extent of the security intrusion or security violation, including, without limitation, a description of NCRC Confidential Information disclosed, destroyed, compromised, or altered; specific corrective/remedial action taken.
5. NCRC reserves the right to disconnect the FAMS service if unauthorized access is discovered. FAMS reserves reciprocal rights. This does not however, relieve FAMS of its commitment to deliver on its service obligations which may be unaffected by this loss in connection. Such unaffected service requirements will have to be met by alternate methods of servicing until the inappropriate access can be investigated and resolved to the satisfaction of NCRC.
Incident Response and Reporting