INFORMATION SECURITY BREACH Sample Clauses

INFORMATION SECURITY BREACH. In the event of a Breach of Security as defined in NY CLS Gen Bus §899-aa and NY CLS State Technology Law §208, or otherwise, involving AGENCY supplied Personal Information or Private Information from systems owned, operated, sub-contracted or otherwise routed through Contractors systems or networks, CONTRACTOR shall notify AGENCY immediately, without unreasonable delay. “
AutoNDA by SimpleDocs
INFORMATION SECURITY BREACH. (a) Subject to the rights of Bayer specified in this Article XXX (Data Security), Supplier shall be responsible for any and all information security incidents involving Personal Data that are handled by, or on behalf of, Supplier. (b) Supplier shall notify Bayer in writing immediately (and in any event within twenty-four
INFORMATION SECURITY BREACH. In accordance with the Information and Security Breach Notification Act (ISBNA) (Chapter 442 of the Laws of 2005, as amended by Chapter 491 of the Laws of 2005), a Contractor with BOE shall be responsible for all applicable provisions of the ISBNA and the following terms herein with respect to any private information (as defined in the ISBNA) received by or on behalf of BOE under this Agreement. • Contractor shall supply BOE with a copy of its notification policy, which shall be modified to be in compliance with this provision, as well as BOE’s notification policy. • Contractor must encrypt any database fields and backup tapes that contain private data elements, as set forth in the ISBNA. • Contractor must ensure that private data elements are encrypted in transit to / from their systems. • In general, contractor must ensure that private data elements are not displayed to users on computer screens or in printed reports; however, specific users who are authorized to view the private data elements and who have been properly authenticated may view/receive such data. • Contractor must monitor for breaches of security to any of its systems that store or process private data owned by BOE. • Contractor shall take all steps as set forth in ISBNA to ensure private information shall not be released without authorization from BOE. • In the event a security breach occurs as defined by ISBNA Contractor shall immediately notify BOE and commence an investigation in cooperation with BOE to determine the scope of the breach. • Contractor shall also take immediate and necessary steps needed to restore the information security system to prevent further breaches. • Contractor shall immediately notify BOE following the discovery that XXX’x system security has been breached. • Unless the Contractor is otherwise instructed, Contractor is to first seek consultation and receive authorization from BOE prior to notifying the individuals whose personal identity information was compromised by the breach of security, the New York State Chief Information Security Office, the Department of State Division of Consumer Protection, the Attorney General’s Office or any consuming reporting agencies of a breach of the information security system or concerning any determination to delay notification for law enforcement investigations. • Contractor shall be responsible for providing all notices required by the ISBNA and for all costs associated with providing said notices. • This policy and proce...
INFORMATION SECURITY BREACH. Participating Provider shall promptly (or in any case within 48 hours) notify Apple if Participating Provider knows or has reason to believe there has been any misuse, compromise, loss, or unauthorized disclosure or acquisition of, or access to, Confidential Data (an “Information Security Breach”). Upon any discovery of an Information Security Breach, Participating Provider will investigate, remediate, and mitigate the effects of the Information Security Breach. To the extent the Information Security Breach relates to Apple’s Confidential Information, Participating Provider will reasonably cooperate with Apple in connection with each of the foregoing and will comply with any reasonable instructions provided by Apple in connection therewith. Without limitation to the foregoing sentence, in the event that Apple reasonably determines that a third-party security assessment is recommended in connection with an Information Security Breach, Participating Provider will engage a third-party security assessor to conduct such an assessment. Participating Provider shall provide any information related to any such Information Security Breach requested by Apple, including but not limited to, vulnerabilities or flaws, start or end date, date of discovery, and specific actions taken to contain and/or mitigate. If any Information Security Breach occurs as a result of an act or omission of Participating Provider or Participating Provider’s Personnel, Participating Provider will, at Participating Provider’s sole expense, undertake remedial measures (including notice, credit monitoring services, fraud insurance and the establishment of a call center to respond to customer inquiries).
INFORMATION SECURITY BREACH. Service Provider shall promptly (inline with the legal and regulatory requirements applicable, whichever is most stringent) notify Flipkart if Service Provider knows or has reason to believe or/and confirmed on there has been any misuse, compromise, loss, or unauthorized disclosure or acquisition of, or access to Flipkart’s confidential data (an “Information Security Breach”). Upon any discovery of an Information Security Breach, the Service Provider shall investigate, remediate, and mitigate the effects of the Information Security Breach, and provide Flipkart with assurances reasonably satisfactory to Flipkart that such Information Security Breach shall not recur. Service Provider shall reasonably cooperate with Flipkart in connection with each of the foregoing and shall comply with any reasonable instructions provided by Flipkart in connection therewith. Flipkart reasonably determines that a third-party security assessment is required in connection with an Information Security Breach. Service Provider shall provide, at Flipkart’s request, any information related to any such Information Security Breach or requested by Flipkart, including but not limited to, vulnerabilities or flaws, start or end date, date of discovery, and specific actions taken to contain and/or mitigate. If any Information Security Breach occurs as a result of an act or omission of a Service Provider or its personnel, the Service Provider shall, at its sole expense, undertake remedial measures.
INFORMATION SECURITY BREACH an Information Security Incident where it is confirmed that a stated organisational policy or legal requirement regarding Information Security has been contravened.
INFORMATION SECURITY BREACH. Supplier will notify Client within a commercially reasonable time period, after it becomes aware that an Information Security Breach has occurred in the Supplier Systems. Supplier will promptly take all necessary steps to mitigate the impact of the Information Security Breach, grant Client access to relevant systems and logs related to the Information Security Breach, and cooperatively share information with Client to address and remediate the Information Security Breach.
AutoNDA by SimpleDocs

Related to INFORMATION SECURITY BREACH

  • Information Security IET information security management practices, policies and regulatory compliance requirements are aimed at assuring the confidentiality, integrity and availability of Customer information. The UC Xxxxx Cyber-safety Policy, UC Xxxxx Security Standards Policy (PPM Section 310-22), is adopted by the campus and IET to define the responsibilities and key practices for assuring the security of UC Xxxxx computing systems and electronic data.

  • Information Security Program (1) DTI shall implement and maintain a comprehensive written information security program applicable to the Personal Information ("Information Security Program") which shall include commercially reasonable measures, including, as appropriate, policies and procedures and technical, physical, and administrative safeguards that are consistent with industry standards, providing for (i) the security and confidentiality of the Personal Information, (ii) protection of the Personal Information against reasonably foreseeable threats or hazards to the security or integrity of the Personal Information, (iii) protection against unauthorized access to or use of or loss or theft of the Personal Information, and (iv) appropriate disposal of the Personal Information. Without limiting the generality of the foregoing, the Information Security Program shall provide for (i) continual assessment and re-assessment of the risks to the security of Personal Information acquired or maintained by DTI and its agents, contractors and subcontractors in connection with the Services, including but not limited to (A) identification of internal and external threats that could result in unauthorized disclosure, alteration or destruction of Personal Information and systems used by DTI and its agents, contractors and subcontractors, (B) assessment of the likelihood and potential damage of such threats, taking into account the sensitivity of such Personal Information, and (C) assessment of the sufficiency of policies, procedures, information systems of DTI and its agents, contractors and subcontractors, and other arrangements in place, to control risks; and (ii) appropriate protection against such risks. (2) The Information Security Program shall require encryption of any Personal Information in electronic format while in transit or in storage, and enhanced controls and standards for transport and disposal of physical media containing Personal Information. DTI shall, and shall require its agents, contractors and subcontractors who access or use Personal Information or Confidential Information to, regularly test key controls, systems and procedures relating to the Information Security Program ("ISP Tests"). DTI shall advise the Funds of any material issues identified in the ISP Tests potentially affecting the Information Security Program. (3) DTI shall comply with its Information Security Program.

  • Security Breach Notification In addition to the information enumerated in Article V, Section 4(1) of the DPA Standard Clauses, any Security Breach notification provided by the Provider to the LEA shall include: a. A list of the students whose Student Data was involved in or is reasonably believed to have been involved in the breach, if known; and b. The name and contact information for an employee of the Provider whom parents may contact to inquire about the breach.

  • Data Breach In the event of an unauthorized release, disclosure or acquisition of Student Data that compromises the security, confidentiality or integrity of the Student Data maintained by the Provider the Provider shall provide notification to LEA within seventy-two (72) hours of confirmation of the incident, unless notification within this time limit would disrupt investigation of the incident by law enforcement. In such an event, notification shall be made within a reasonable time after the incident. Provider shall follow the following process: (1) The security breach notification described above shall include, at a minimum, the following information to the extent known by the Provider and as it becomes available: i. The name and contact information of the reporting LEA subject to this section. ii. A list of the types of personal information that were or are reasonably believed to have been the subject of a breach. iii. If the information is possible to determine at the time the notice is provided, then either (1) the date of the breach, (2) the estimated date of the breach, or (3) the date range within which the breach occurred. The notification shall also include the date of the notice. iv. Whether the notification was delayed as a result of a law enforcement investigation, if that information is possible to determine at the time the notice is provided; and v. A general description of the breach incident, if that information is possible to determine at the time the notice is provided. (2) Provider agrees to adhere to all federal and state requirements with respect to a data breach related to the Student Data, including, when appropriate or required, the required responsibilities and procedures for notification and mitigation of any such data breach. (3) Provider further acknowledges and agrees to have a written incident response plan that reflects best practices and is consistent with industry standards and federal and state law for responding to a data breach, breach of security, privacy incident or unauthorized acquisition or use of Student Data or any portion thereof, including personally identifiable information and agrees to provide XXX, upon request, with a summary of said written incident response plan. (4) LEA shall provide notice and facts surrounding the breach to the affected students, parents or guardians. (5) In the event of a breach originating from XXX’s use of the Service, Provider shall cooperate with XXX to the extent necessary to expeditiously secure Student Data.

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!