Information Security Incident Notification Sample Clauses
The Information Security Incident Notification clause requires parties to promptly inform each other if a security breach or data incident occurs that could affect shared or sensitive information. Typically, this clause outlines the timeframe for notification, the method of communication, and the specific details that must be included in the notice, such as the nature of the incident and the data involved. Its core function is to ensure timely awareness and coordinated response to security threats, thereby minimizing potential harm and fulfilling legal or contractual obligations regarding data protection.
POPULAR SAMPLE Copied 3 times
Information Security Incident Notification. In the event of any breach or cybersecurity incident impacting Agent that has a reasonable likelihood of resulting in the loss or unauthorized access, use, or disclosure of PII or otherwise prevents Agent from complying with all of the privacy and security requirements set forth in this Agreement or applicable laws and regulations (“Security Incident”), Agent will, at its sole expense (i) immediately (and in any event within 24 hours after Agent, or its affiliate or subcontractor learns of an data breach or suspected data breach report such incident to Company by sending an email to ▇▇-▇▇-▇▇▇▇▇▇▇▇▇▇▇▇▇@▇▇▇▇.▇▇▇, summarizing in reasonable detail the effect on Company or Company Affiliates, if known, and designating a single point of contact at Agent who will be available to Company 24x7 for information and assistance related to the Information Security Incident; Agent hereby certifies to Company that it understands the restrictions and obligations set forth in this Section and will ensure that Agent and anyone acting on Agent’s behalf comply with the same. As needed to comply with applicable laws and regulations concerning the processing of PII or personal information security, or to the extent required by any changes in such laws or the enactment of new laws, the Parties agree to work cooperatively and in good faith to amend this Agreement in a mutually agreeable and timely manner, or to enter into further mutually agreeable agreements in an effort to comply with any such laws applicable to the Parties. If the Parties cannot so agree, or if Agent cannot comply with the new or additional requirements, Company may terminate this Agreement upon written notice to Agent.
Information Security Incident Notification. If Botsify Inc. becomes aware of an Information Security Incident, Botsify Inc. will: (a) notify Customer of the Information Security Incident without undue delay after becoming aware of the Information Security Incident; and (b) take reasonable steps to identify the case of such Information Security Incident, minimize harm and prevent a recurrence.
Information Security Incident Notification. If Blinkfire Analytics becomes aware of an Information Security Incident, Blinkfire Analytics will: (a) notify Customer of the Information Security Incident without undue delay after becoming aware of the Information Security Incident; and (b) take reasonable steps to identify the cause of such Information Security Incident, minimise harm and prevent a recurrence. Customer agrees that the provisions of this Section 5.2 (Information Security Incidents) satisfy the requirements under Clause 5(d)(2) of the Model Contract Clauses.
Information Security Incident Notification. (a) In the event of any Information Security Incident, Voya will, at its sole expense promptly (and in any event within 72 hours after Voya confirms an Information Security Incident) report such Information Security Incident to Client by sending an email to Client Contact Information, summarizing in reasonable detail the effect on Client, if known, and designating a single point of contact at Voya who will be:
(i) Available to Client for information and assistance related to the Information Security Incident; investigate such Information Security Incident, perform a root cause analysis, develop a corrective action plan and take all necessary corrective actions;
(ii) Mitigate, as expeditiously as possible, any harmful effect of such Information Security Incident and cooperate with Client in any reasonable and lawful efforts to prevent, mitigate, rectify and remediate the effects of the Information Security Incident;
(iii) Provide a written report to Client containing all information necessary for Client to determine compliance with all applicable laws, including the extent to which notification to affected persons or to government or regulatory authorities is required; and
(iv) Cooperate with Client in providing any filings, communications, notices, press releases or reports related to such Information Security Incident.
(b) In addition to the other indemnification obligations of Voya set forth in this Agreement, Voya will indemnify, defend and hold harmless Client from and against any and all claims, suits, causes of action, liability, loss, costs and damages, including reasonable attorneys’ fees, arising out of or relating to any Information Security Incident, which may include, without limitation:
(i) Expenses incurred to provide notice to Affected Persons and to law-enforcement agencies, regulatory bodies or other third parties as required to comply with law;
(ii) Expenses related to any reasonably anticipated and commercially recognized consumer data breach mitigation efforts, including, but not limited to, costs associated with the offering of credit monitoring or a similar identify theft protection or mitigation product for a period of at least twelve (12) months or such longer time as is required by applicable laws or any other similar protective measures designed to mitigate any damages to the Affected Persons; and
Information Security Incident Notification. If Oort becomes aware of an Information Security Incident, Oort will: (a) notify Customer of the Information Security Incident without undue delay after becoming aware of the Information Security Incident; and (b) take reasonable steps to identify the case of such Information Security Incident, minimize harm and prevent a recurrence.
Information Security Incident Notification. (a) Vendor shall immediately inform Company in writing of any Information Security Incident of which Vendor becomes aware, but in no case longer than twenty-four (24) hours after it becomes aware of the Information Security Incident. The notification to Company shall include all available information regarding such Information Security Incident, including information on: (i) the nature of the Information Security Incident including where possible, the categories and approximate number of affected individuals and the categories and approximate number of affected Personal Information records; (ii) the likely consequences of the Information Security Incident; and (iii) the measures taken or proposed to be taken to address the Information Security Incident, including, where appropriate, measures to mitigate its possible adverse effects.
(b) Vendor shall promptly investigate such Information Security Incident, take all necessary and advisable corrective actions, and shall cooperate fully with Company in all reasonable and lawful efforts to prevent, mitigate or rectify such incident. Vendor shall provide Company with such assurances as Company shall request that such Information Security Incident is not likely to recur. Vendor shall provide such assistance as required to enable Company to satisfy Company's obligation under Privacy Laws. The content of any filings, communications, notices, press releases or reports related to any Information Security Incident must be approved by Company prior to any publication or communication thereof by or on behalf of Vendor.
(c) Company shall have the right at any time after learning of an Information Security Incident to engage and involve external forensic firms in the investigation of the Information Security Incident (which will include a right to investigate Vendor's systems), and Vendor shall comply with all reasonable requests of such external forensic firm. Vendor shall use commercially reasonable efforts to preserve all applicable evidence relating to the Information Security Incident until Company has completed a forensic investigation or confirmed to Vendor that it waives its right to conduct such an investigation.
(d) In the event of an Information Security Incident involving Personal Information in Vendor's possession, custody or control or for which Vendor is otherwise responsible, Vendor shall reimburse Company on demand for all commercially reasonable Notification Related Costs (as defined below) incurred by C...