Investigation of Breach and Security Incidents. The Contractor shall immediately investigate such breach or security incident. As soon as the information is known and subject to the legitimate needs of law enforcement, Contractor shall inform the DSH Program Contract Manager, the DSH Privacy Officer, and the DSH Chief Information Security Officer of: 1. what data elements were involved, and the extent of the data disclosure or access involved in the breach, including, specifically, the number of individuals whose personal information was breached; and 2. a description of the unauthorized persons known or reasonably believed to have improperly used the DSH PCI and/or a description of the unauthorized persons known or reasonably believed to have improperly accessed or acquired the DSH PCI, or to whom it is known or reasonably believed to have had the DSH PCI improperly disclosed to them; and 3. a description of where the DSH PCI is believed to have been improperly used or disclosed; and 4. a description of the probable and proximate causes of the breach or security incident; and
Appears in 4 contracts
Samples: Scope of Work Agreement, Emergency Agreement, Scope of Work Agreement
Investigation of Breach and Security Incidents. The Contractor shall immediately investigate such breach or security incident. As soon as the information is known and subject to the legitimate needs of law enforcement, Contractor shall inform the DSH CDPH Program Contract Manager, the DSH CDPH Privacy Officer, and the DSH CDPH Chief Information Security Officer of:
1. what data elements were involved, involved and the extent of the data disclosure or access involved in the breach, including, specifically, the number of individuals whose personal information was breached; and
2. a description of the unauthorized persons known or reasonably believed to have improperly used the DSH CDPH PCI and/or a description of the unauthorized persons known or reasonably believed to have improperly accessed or acquired the DSH CDPH PCI, or to whom it is known or reasonably believed to have had the DSH CDPH PCI improperly disclosed to them; and
3. a description of where the DSH CDPH PCI is believed to have been improperly used or disclosed; and
4. a description of the probable and proximate causes of the breach or security incident; and
5. whether Civil Code section 1798.29 or any other federal or state laws requiring individual notifications of breaches have been triggered.
Appears in 3 contracts
Samples: Grant Agreement, Grant Agreement, Grant Agreement
Investigation of Breach and Security Incidents. The Contractor shall immediately investigate such breach or security incident. As soon as the information is known and subject to the legitimate needs of law enforcement, Contractor shall inform the DSH CDPH Program Contract Manager, the DSH CDPH Privacy Officer, and the DSH CDPH Chief Information Security Officer of:
1. what data elements were involved, and the extent of the data disclosure or access involved in the breach, including, specifically, the number of individuals whose personal information was breached; and
2. a description of the unauthorized persons known or reasonably believed to have improperly used the DSH CDPH PCI and/or a description of the unauthorized persons known or reasonably believed to have improperly accessed or acquired the DSH CDPH PCI, or to whom it is known or reasonably believed to have had the DSH CDPH PCI improperly disclosed to them; and
3. a description of where the DSH CDPH PCI is believed to have been improperly used or disclosed; and
4. a description of the probable and proximate causes of the breach or security incident; and
5. whether Civil Code section 1798.29 or any other federal or state laws requiring individual notifications of breaches have been triggered.
Appears in 2 contracts
Samples: Grant Agreement, Grant Agreement
Investigation of Breach and Security Incidents. The Contractor shall immediately investigate such breach or security incident. As soon as the information is known and subject to the legitimate needs of law enforcement, Contractor shall inform the DSH CDPH Program Contract Manager, the DSH CDPH Privacy Officer, and the DSH CDPH Chief Information Security Officer of:
1. what data elements were involved, involved and the extent of the data disclosure or access involved in the breach, including, specifically, the number of individuals whose personal information was breached; and;
2. a description of the unauthorized persons known or reasonably believed to have improperly used the DSH CDPH PCI and/or a description of the unauthorized persons known or reasonably believed to have improperly accessed or acquired the DSH CDPH PCI, or to whom it is known or reasonably believed to have had the DSH CDPH PCI improperly disclosed to them; and;
3. a description of where the DSH CDPH PCI is believed to have been improperly used or disclosed; and;
4. a description of the probable and proximate causes of the breach or security incident; and
5. whether Civil Code section 1798.29 or any other federal or state laws requiring individual notifications of breaches have been triggered.
Appears in 2 contracts
Samples: Grant Agreement, Grant Agreement
Investigation of Breach and Security Incidents. The Contractor shall immediately investigate such breach or security incident. As soon as the information is known and subject to the legitimate needs of law enforcement, Contractor shall inform the DSH Program Contract Manager, the DSH Privacy Officer, and the DSH Chief Information Security Officer of:
1. what data elements were involved, and the extent of the data disclosure or access involved in the breach, including, specifically, the number of individuals whose personal information was breached; and
2. a description of the unauthorized persons known or reasonably believed to have improperly used the DSH PCI and/or a description of the unauthorized persons known or reasonably believed to have improperly accessed or acquired the DSH PCI, or to whom it is known or reasonably believed to have had the DSH PCI improperly disclosed to them; and
3. a description of where the DSH PCI is believed to have been improperly used or disclosed; and
4. a description of the probable and proximate causes of the breach or security incident; and
5. whether Civil Code sections 1798.29 and 1798.82 (2021) or any other federal or state laws requiring individual notifications of breaches have been triggered.
Appears in 1 contract
Samples: Service Agreement
Investigation of Breach and Security Incidents. The Contractor shall immediately investigate such breach or security incident. As soon as the information is known and subject to the legitimate needs of law enforcement, Contractor shall inform the DSH Program DSH Contract Manager, the DSH Privacy Officer, and the DSH Chief Information Security Officer of:
1. what data elements were involved, and the extent of the data disclosure or access involved in the breach, including, specifically, the number of individuals whose personal information was breached; and
2. a description of the unauthorized persons known or reasonably believed to have improperly used the DSH PCI and/or a description of the unauthorized persons known or reasonably believed to have improperly accessed or acquired the DSH PCI, or to whom it is known or reasonably believed to have had the DSH PCI improperly disclosed to them; and
3. a description of where the DSH PCI is believed to have been improperly used or disclosed; and
4. a description of the probable and proximate causes of the breach or security sec urity incident; and
Appears in 1 contract
Samples: Healthcare Agreements
Investigation of Breach and Security Incidents. The Contractor shall immediately investigate such breach or security incident. As soon as the information is known and subject to the legitimate needs of law enforcement, Contractor shall inform the DSH Program Contract Manager, the DSH Privacy Officer, DCSS Project Representative and the DSH DCSS Chief Information Security Officer of:
1. ) what data elements were involved, and the extent of the data disclosure or access involved in the breach, including, specifically, the number of individuals whose personal information was breached; and
2. ) a description of the unauthorized persons known or reasonably believed to have improperly used the DSH PCI DCSS PCSI and/or a description of the unauthorized persons known or reasonably believed to have improperly accessed or acquired the DSH PCIDCSS PCSI, or to whom it is known or reasonably believed to have had the DSH PCI DCSS PCSI improperly disclosed to them; and
3. ) a description of where the DSH PCI DCSS PCSI is believed to have been improperly used or disclosed; and
4. ) a description of the probable and proximate causes of the breach or security incident; and
5) whether Civil Code section 1798.29 or any other federal or state laws requiring individual notifications of breaches have been triggered.
Appears in 1 contract
Samples: Request for Offer
Investigation of Breach and Security Incidents. The Contractor shall immediately investigate such breach or security incident. As soon as the information is known and subject to the legitimate needs of law enforcement, Contractor shall inform the DSH Program DSH Contract Manager, the DSH Privacy Officer, and the DSH Chief Information Security Officer of:
1. what data elements were involved, and the extent of the data disclosure or access involved in the breach, including, specifically, the number of individuals whose personal information was breached; and
2. a description of the unauthorized persons known or reasonably believed to have improperly used the DSH PCI and/or a description of the unauthorized persons known or reasonably believed to have improperly accessed or acquired the DSH PCI, or to whom it is known or reasonably believed to have had the DSH PCI improperly disclosed to them; and
3. a description of where the DSH PCI is believed to have been improperly used or disclosed; and
4. a description of the probable and proximate causes of the breach or security incident; and
Appears in 1 contract
Samples: Healthcare Agreements
Investigation of Breach and Security Incidents. The Contractor shall immediately investigate such breach or security incident. As soon as the information is known and subject to the legitimate needs of law enforcement, Contractor shall inform the DSH CDPH Program Contract Manager, the DSH CDPH Privacy Officer, and the DSH CDPH Chief Information Security Officer of:
1. ) what data elements were involved, involved and the extent of the data disclosure or access involved in the breach, including, specifically, the number of individuals whose personal information was breached; and
2. ) a description of the unauthorized persons known or reasonably believed to have improperly used the DSH CDPH PCI and/or a description of the unauthorized persons known or reasonably believed to have improperly accessed or acquired the DSH CDPH PCI, or to whom it is known or reasonably believed to have had the DSH CDPH PCI improperly disclosed to them; and
3. ) a description of where the DSH CDPH PCI is believed to have been improperly used or disclosed; and
4. a description of the probable and proximate causes of the breach or security incident; and
Appears in 1 contract
Samples: Contact Tracing Solution Agreement
