Notice of Breach and Unauthorized Release Sample Clauses

Notice of Breach and Unauthorized Release a. In the event of a breach of this Agreement and unauthorized release of student data, the Vendor shall: 1. Immediately notify Hinsdale Central School District in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or authorized release. 2. Advise Hinsdale Central School District as to the nature of the breach and steps Vendor has taken to minimize said breach. b. In the case of required notification to a parent or eligible student, the Vendor shall: 1. Promptly reimburse Hinsdale Central School District for the full costs of such notification. c. Vendor will cooperate with Hinsdale Central School District and provide as much information as possible directly to Hinsdale Central School District about the incident, including but not limited to: 1. The description of the incident; 2. The date of the incident; 3. The date Vendor discovered or was informed of the incident; 4. A description of the types of Protected Data involved; 5. An estimate of the number of records affected; 6. The school affected; 7. What the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data; and 8. The contact information for Vendor representatives who can assist affected individuals that may have additional questions. d. The Vendor shall indemnify and hold Hinsdale Central School District harmless from any claims arising from its breach within the Data Sharing and Confidentiality Agreement confidentiality and data security and privacy standards provision. e. Vendor acknowledges that upon initial notification from Vendor, Hinsdale Central School District, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by Hinsdale Central School District or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by Hinsdale Central School District, Vendor will promptly inform Hinsdale Central School District of the same.
Sample 1Sample 2Sample 3See All (60)
AutoNDA by SimpleDocs
Notice of Breach and Unauthorized Release a. In the event of a breach of this Agreement and unauthorized release of student data, Clever Prototypes, LLC shall: 1. Immediately notify CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Clever Prototypes, LLC has discovered or been informed of the breach or authorized release. 2. Advise CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL as to the nature of the breach and steps Clever Prototypes, LLC has taken to minimize said breach. b. In the case of required notification to a parent or eligible student, Clever Prototypes, LLC shall: 1. Promptly reimburse CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL for the full costs of such notification. c. Clever Prototypes, LLC will cooperate with CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL and provide as much information as possible directly to CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL about the incident, including but not limited to: 1. The description of the incident; 2. The date of the incident; 3. The date Clever Prototypes, LLC discovered or was informed of the incident; 4. A description of the types of Protected Data involved; 5. An estimate of the number of records affected; 6. The schools within CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL affected; 7. What Clever Prototypes, LLC has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data; and 8. The contact information for Clever Prototypes, LLC representatives who can assist affected individuals that may have additional questions. d. The Clever Prototypes, LLC shall indemnify and hold CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL harmless from any claims arising from its breach within the Data Sharing and Confidentiality Agreement confidentiality and data security and privacy standards provision. e. Clever Prototypes, LLC acknowledges that upon initial notification from Clever Prototypes, LLC, CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL, as the educational agency with which Clever Prototypes, LLC contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Clever Prototypes, LLC agrees not to provide this notification to the CPO directly unless requested by CATTARAUGUS LITTLE VALLEY CENTRAL SCHOOL or otherwise required by law. In the event the CPO contacts Clever Prototypes, LLC directly or requests more information f...
Sample 1
Notice of Breach and Unauthorized Release a. In the event of a breach of this Agreement and unauthorized release of student data, the Vendor shall: 1. Timely notify CRCS in the most expedient way possible and without unreasonable delay, but no more than seven (7) calendar days after Vendor has discovered or been informed of the breach or authorized release. 2. Advise CRCS as to the nature of the breach and steps Vendor has taken to minimize said breach. b. In the case of required notification to a parent or eligible student, the Vendor shall: 1. Promptly reimburse CRCS for the full actual costs of such notification. c. Vendor will cooperate with CRCS and provide as much information as possible directly to CRCS about the incident, including but not limited to: 1. The description of the incident; 2. The date of the incident; 3. The date Vendor discovered or was informed of the incident; 4. A description of the types of Protected Data involved; 5. An estimate of the number of records affected; 6. The schools within CRCS affected; 7. What the Vendor has done or plans to do to investigate the incident, stop the breach and mitigate any further unauthorized access or release of Protected Data; and 8. The contact information for Vendor representatives who can assist CRCS with its response to affected individuals that may have additional questions. d. The Vendor shall indemnify and hold CRCS harmless from any claims arising from its breach within the Data Sharing and Confidentiality Agreement. Such indemnities shall be subject to the following: CRCS shall provide Vendor with (a) prompt written notice of a claim; (b) the right to solely control and direct the investigation, preparation, defense and settlement thereof, and (c) reasonable assistance and information. e. Vendor acknowledges that upon initial notification from Vendor, CRCS, as the educational agency with which Vendor contracts, has an obligation under Section 2-d to in turn notify the Chief Privacy Officer in the New York State Education Department (“CPO”). Vendor agrees not to provide this notification to the CPO directly unless requested by CRCS or otherwise required by law. In the event the CPO contacts Vendor directly or requests more information from Vendor regarding the incident after having been initially informed of the incident by CRCS, Vendor will promptly inform CRCS of the same.
Sample 1

Related to Notice of Breach and Unauthorized Release

  • Notice of Breach The Asset Representations Reviewer will notify the Issuer promptly in the event of an actual or reasonably suspected security breach, unauthorized access, misappropriation or other compromise of the security, confidentiality or integrity of Issuer PII and, where applicable, immediately take action to prevent any further breach.

  • Data Security and Unauthorized Data Release The Requester and Approved Users, including the Requester’s IT Director, acknowledge NIH’s expectation that they have reviewed and agree to manage the requested controlled-access dataset(s) and any Data Derivatives of controlled-access datasets according to NIH’s expectations set forth in the current NIH Security Best Practices for Controlled-Access Data Subject to the GDS Policy and the Requester’s IT security requirements and policies. The Requester, including the Requester’s IT Director, agree that the Requester’s IT security requirements and policies are sufficient to protect the confidentiality and integrity of the NIH controlled-access data entrusted to the Requester. If approved by NIH to use cloud computing for the proposed research project, as outlined in the Research and Cloud Computing Use Statements of the Data Access Request, the Requester acknowledges that the IT Director has reviewed and understands the cloud computing guidelines in the NIH Security Best Practices for Controlled-Access Data Subject to the NIH GDS Policy. The Requester and PI agree to notify the appropriate DAC(s) of any unauthorized data sharing, breaches of data security, or inadvertent data releases that may compromise data confidentiality within 24 hours of when the incident is identified. As permitted by law, notifications should include any known information regarding the incident and a general description of the activities or process in place to define and remediate the situation fully. Within 3 business days of the DAC notification, the Requester agrees to submit to the DAC(s) a detailed written report including the date and nature of the event, actions taken or to be taken to remediate the issue(s), and plans or processes developed to prevent further problems, including specific information on timelines anticipated for action. The Requester agrees to provide documentation verifying that the remediation plans have been implemented. Repeated violations or unresponsiveness to NIH requests may result in further compliance measures affecting the Requester. NIH, or another entity designated by NIH may, as permitted by law, also investigate any data security incident or policy violation. Approved Users and their associates agree to support such investigations and provide information, within the limits of applicable local, state, tribal, and federal laws and regulations. In addition, Requester and Approved Users agree to work with the NIH to assure that plans and procedures that are developed to address identified problems are mutually acceptable and consistent with applicable law.

  • No Unauthorized Use Provider shall not use Student Data or information in a Pupil Record for any purpose other than as explicitly specified in this DPA.

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!