Common use of Loss Reporting Clause in Contracts

Loss Reporting. If either SSA or CMS experiences an incident involving the loss or breach of PII provided by SSA or CMS under the terms of this agreement, they will follow the incident reporting guidelines issued by OMB. In the event of a reportable incident under OMB guidance involving PII, the agency experiencing the incident is responsible for following its established procedures, including notification to the proper organizations (e.g., United States Computer Emergency Readiness Team and the agency’s privacy office). In addition, the agency experiencing the incident (e.g., electronic or paper) will notify the other agency’s Systems Security Contact named in this agreement. If CMS is unable to speak with the SSA Systems Security Contact within one hour or if for some other reason notifying the SSA Systems Security Contact is not practicable (e.g., it is outside of the normal business hours), CMS will call SSA’s National Network Service Center toll free at 0-000-000-0000. If SSA is unable to speak with CMS’ Systems Security Contact within one hour, SSA will contact CMS IT Service Desk at 0-000-000-0000 or email XXX_XX_Xxxxxxx_Xxxx@xxx.xxx.xxx.

Loss Reporting. If either SSA or CMS ED experiences an incident involving the loss or breach of PII provided by SSA or CMS ED under the terms of this agreementCMA, they will follow the incident reporting guidelines issued by OMB. In the event of a reportable incident under OMB guidance involving PII, the agency experiencing the incident is responsible for following its established procedures, including notification to the proper organizations (e.g., United States Computer Emergency Readiness Team and the agency’s privacy office). In addition, the agency experiencing the incident (e.g., electronic or paper) will notify the other agency’s Systems Security Contact named in this agreementCMA. If CMS ED is unable to speak with the SSA Systems Security Contact within one hour or if for some other reason notifying the SSA Systems Security Contact is not practicable (e.g., it is outside of the normal business hours), CMS ED will call SSA’s National Network Service Center toll free at 0-000-000-0000. If SSA is unable to speak with CMS’ ED Systems Security Contact within one 1 hour, SSA will contact CMS IT Service Desk at 0-ED/FSA: EDSOC: xxxxx@xx.xxx: 000-000-0000 or email XXX_XX_Xxxxxxx_Xxxx@xxx.xxx.xxx.0000

Loss Reporting. If either SSA or CMS experiences an incident involving the loss or breach of PII provided by SSA or CMS under the terms of this agreementAgreement, they will follow the incident reporting guidelines issued by OMB. In the event of a reportable incident under OMB guidance involving PII, the agency experiencing the incident is responsible for following its established procedures, including notification to the proper organizations (e.g., United States Computer Emergency Readiness Team and Team, the agency’s privacy office). In addition, the agency experiencing the incident (e.g., electronic or paper) will notify the other agency’s Systems Security Contact named in this agreementAgreement. If CMS is unable to speak with the SSA Systems Security Contact within one hour or if for some other reason notifying the SSA Systems Security Contact is not practicable (e.g., it is outside of the normal business hours), CMS will call SSA’s National Network Service Center toll free at 0-000-000-0000. If SSA is unable to speak with CMS’ ’s Systems Security Contact within one hour, SSA will contact CMS IT Service Desk at 0-000-000-0000 (410) 786- 2580 or email XXX_XX_Xxxxxxx_Xxxx@xxx.xxx.xxx.

Loss Reporting. If either SSA or CMS RRB experiences an incident involving the a loss or breach of PII provided by SSA or CMS the other agency under the terms of this agreement, they will follow the incident reporting guidelines issued by OMB. In the event of a reportable incident under OMB guidance involving PII, the agency experiencing the incident is responsible for following its established procedures, including notification to the proper organizations (e.g., United States Computer Emergency Readiness Team (CERT), and the agency’s privacy office). In addition, the agency experiencing the incident (e.g., electronic or paper) will notify the other agency’s Systems Security Contact named in this agreement. If CMS RRB is unable to speak with the SSA Systems Security Contact within one hour or or, if for some other reason notifying the SSA Systems Security Contact is not practicable (e.g., it is outside of the normal business hours), CMS RRB will call SSA’s National Network Service Center toll free at 0-000-000-0000. If SSA is unable to speak with CMS’ RRB’s Systems Security Contact within one hour, SSA will contact CMS IT Service Desk Xxxx Xxxxxxxxx, RRB CERT Team Leader, at 0-000-000-0000 or email XXX_XX_Xxxxxxx_Xxxx@xxx.xxx.xxx000-000-0000 (cell).