Investigation of Breach and Security Incidents Clause Samples

The 'Investigation of Breach and Security Incidents' clause outlines the obligations and procedures for identifying, investigating, and responding to actual or suspected breaches of security within a contractual relationship. Typically, this clause requires the affected party to promptly notify the other party of any security incident, conduct a thorough investigation to determine the scope and impact, and take appropriate remedial actions. It may also specify timelines for notification and detail the type of information that must be shared. The core function of this clause is to ensure a coordinated and timely response to security threats, thereby minimizing potential harm and clarifying responsibilities in the event of a data breach or similar incident.
Investigation of Breach and Security Incidents. The Contractor shall immediately investigate such breach or security incident. As soon as the information is known and subject to the legitimate needs of law enforcement, Contractor shall inform the DSH Program Contract Manager, the DSH Privacy Officer, and the DSH Chief Information Security Officer of: 1. what data elements were involved, and the extent of the data disclosure or access involved in the breach, including, specifically, the number of individuals whose personal information was breached; and 2. a description of the unauthorized persons known or reasonably believed to have improperly used the DSH PCI and/or a description of the unauthorized persons known or reasonably believed to have improperly accessed or acquired the DSH PCI, or to whom it is known or reasonably believed to have had the DSH PCI improperly disclosed to them; and 3. a description of where the DSH PCI is believed to have been improperly used or disclosed; and 4. a description of the probable and proximate causes of the breach or security incident; and
View SourceView Similar (20)
Investigation of Breach and Security Incidents. The Agency shall immediately investigate such breach or security incident. As soon as the information is known and shall inform the City of: i. what data elements were involved, and the extent of the data disclosure or access involved in the breach, including, specifically, the number of individuals whose personal information was breached; and ii. a description of the unauthorized persons known or reasonably believed to have improperly used the City Data and/or a description of the unauthorized persons known or reasonably believed to have improperly accessed or acquired the City Data, or to whom it is known or reasonably believed to have had the City Data improperly disclosed to them; and iii. a description of where the City Data is believed to have been improperly used or disclosed; and iv. a description of the probable and proximate causes of the breach or security incident; and v. whether any federal or state laws requiring individual notifications of breaches have been triggered.
View SourceView Similar (6)
Investigation of Breach and Security Incidents. To the extent a breach or security system is identified within Third Party’s System that involves City Data provided under this Agreement, Third Party shall investigate such breach or security incident. For the avoidance of doubt, City shall investigate any breach or security incident identified within the City’s Data System To the extent of Third Party discovery of information that relates to the breach or security incident of City Data, Third Party User shall inform the City of: i. the City Data believed to have been the subject of breach; ii. a description of the unauthorized persons known or reasonably believed to have improperly used, accessed or acquired the City Data; iii. to the extent known, a description of where the City Data is believed to have been improperly used or disclosed; and iv. to the extent known, a description of the probable and proximate causes of the breach or security incident;
View SourceView Similar (3)
Investigation of Breach and Security Incidents. Blue Shield shall immediately investigate such Breach or Security Incident. As soon as the information is known, and subject to the legitimate needs of law enforcement, Blue Shield shall inform the Agency Contract Manager, the CDPH Privacy Officer, and the CDPH Chief Information Security Officer of: 1. what data elements were involved and the extent of the data unauthorized Use or Disclosure involved in the Breach or Security Incident, including, specifically, the number of individuals whose CDPH PCI was breached; and 2. a description of the unauthorized persons known or reasonably believed to have improperly Used or Disclosed the CDPH PCI, and/or to the persons whom it is known or reasonably believed to have had the CDPH PCI improperly Disclosed to them; and 3. a description of where the CDPH PCI is believed to have been improperly Used or Disclosed; and
View SourceView Similar (2)
Investigation of Breach and Security Incidents. The Contractor shall immediately investigate such breach or security incident. As soon as the information is known and subject to the legitimate needs of law enforcement, Contractor shall inform the CDPH Program Contract Manager, the CDPH Privacy Officer, and the CDPH Chief Information Security Officer of: 1. what data elements were involved and the extent of the data disclosure or access involved in the breach, including, specifically, the number of individuals whose personal information was breached; and 2. a description of the unauthorized persons known or reasonably believed to have improperly used the CDPH PCI and/or a description of the unauthorized persons known or reasonably believed to have improperly accessed or acquired the CDPH PCI, or to whom it is known or reasonably believed to have had the CDPH PCI improperly disclosed to them; and 3. a description of where the CDPH PCI is believed to have been improperly used or disclosed; and CDPH IPSR (10/19)
View Source
Investigation of Breach and Security Incidents. The Applicant shall immediately investigate such breach or security incident. As soon as the information is known and subject to the legitimate needs of law enforcement, Applicant shall inform the CDPH Program Contract Manager, the CDPH Privacy Officer, and the CDPH Chief Information Security Officer of: 1. what data elements were involved, and the extent of the data disclosure or access involved in the breach, including, specifically, the number of individuals whose personal information was breached; and 2. a description of the unauthorized persons known or reasonably believed to have improperly used the CDPH PCI and/or a description of the unauthorized persons known or reasonably believed to have improperly accessed or acquired the CDPH PCI, or to whom it is known or reasonably believed to have had the CDPH PCI improperly disclosed to them; and 3. a description of where the CDPH PCI is believed to have been improperly used or disclosed; and 4. a description of the probable and proximate causes of the breach or security incident; and 5. whether Civil Code section 1798.29 or any other federal or state laws requiring individual notifications of breaches have been triggered.
View Source

Related to Investigation of Breach and Security Incidents

  • Security Incidents 11.1 Includes identification, managing and agreed reporting procedures for actual or suspected security breaches.