Common use of Incident Response Clause in Contracts

Incident Response. The Contractor (and/or any subcontractor) shall respond to all alerts/Indicators of Compromise (IOCs) provided by HHS Computer Security Incident Response Center (CSIRC)/NIH IRT teams within 24 hours, whether the response is positive or negative. FISMA defines an incident as "an occurrence that (1) actually or imminently jeopardizes, without lawful authority, the integrity, confidentiality, or availability of information or an information system; or (2) constitutes a violation or imminent threat of violation of law, security policies, security procedures, or acceptable use policies. The HHS Policy for IT Security and Privacy Incident Reporting and Response further defines incidents as events involving cyber security and privacy threats, such as viruses, malicious user activity, loss of, unauthorized disclosure or destruction of data, and so on. A privacy breach is a type of incident and is defined by Federal Information Security Modernization Act (FISMA) as the loss of control, compromise, unauthorized disclosure, unauthorized acquisition, or any similar occurrence where (1) a person other than an authorized user accesses or potentially accesses personally identifiable information or (2) an authorized user accesses or potentially accesses personally identifiable information for an other than authorized purpose. The HHS Policy for IT Security and Privacy Incident Reporting and Response further defines a breach as "a suspected or confirmed incident involving PII". In the event of a suspected or confirmed incident or breach, the Contractor (and/or any subcontractor) shall:

Incident Response. The Contractor (and/or any subcontractor) shall respond to all alerts/Indicators of Compromise (IOCs) provided by HHS Computer Security Incident Response Center (CSIRC)/NIH IRT teams within 24 hours, whether the response is positive or negative. FISMA defines an incident as "an occurrence that (1) actually or imminently jeopardizes, without lawful authority, the integrity, confidentiality, or availability of information or an information system; or (2) constitutes a violation or imminent threat of violation of law, security policies, security procedures, or acceptable use policies. .. The HHS Policy for IT Security and Privacy Incident Reporting and Response further defines incidents as events involving cyber security and privacy threats, such as viruses, malicious user activity, loss of, unauthorized disclosure or destruction of data, and so on. A privacy breach is a type of incident and is defined by Federal Information Security Modernization Act (FISMA) as the loss of control, compromise, unauthorized disclosure, unauthorized acquisition, or any similar occurrence where (1) a person other than an authorized user accesses or potentially accesses personally identifiable information or (2) an authorized user accesses or potentially accesses personally identifiable information for an other than authorized purpose. The HHS Policy for IT Security and Privacy Incident Reporting and Response further defines a breach as "a suspected or confirmed incident involving PII"”. In the event of a suspected or confirmed incident or breach, the Contractor (and/or any subcontractor) shall:

Incident Response. The Contractor (and/or any subcontractor) shall respond to all alerts/Indicators of Compromise (IOCs) provided by HHS Computer Security Incident Response Center (CSIRC)/NIH IRT CSIRC)/FDA SMC /Incident Response Team (IRT) teams within 24 hours, whether the response is positive or negative. FISMA defines an incident as "“an occurrence that (1) actually or imminently jeopardizes, without lawful authority, the integrity, confidentiality, or availability of information or an information system; or (2) constitutes a violation or imminent threat of violation of law, security policies, security procedures, or acceptable use policies. .” The HHS Policy for IT Security and Privacy Incident Reporting and Response further defines incidents as events involving cyber security cybersecurity and privacy threats, such as viruses, malicious user activity, loss of, unauthorized disclosure or destruction of data, and so on. A privacy breach is a type of incident and is defined by Federal Information Security Modernization Act (FISMA) FISMA as the loss of control, compromise, unauthorized disclosure, unauthorized acquisition, or any similar occurrence where (1) a person other than an authorized user accesses or potentially accesses personally identifiable information or (2) an authorized user accesses or potentially accesses personally identifiable information for an other than authorized purpose. The HHS Policy for IT Security and Privacy Incident Reporting and Response further defines a breach as "“a suspected or confirmed incident involving PII". .” In the event of a suspected or confirmed incident or breach, the Contractor (and/or any subcontractor) shall: