NOTIFICATION AND INVESTIGATION OF BREACHES AND SECURITY INCIDENTS. During the term of this Agreement, the County Department/Agency agrees to implement reasonable systems for the discovery and prompt reporting of any breach or security incident, and to take the following steps:
NOTIFICATION AND INVESTIGATION OF BREACHES AND SECURITY INCIDENTS. During the term of this Agreement, Contractor agrees to implement reasonable systems for the discovery and prompt reporting of any Breach or Security Incident, and to take the following steps:
NOTIFICATION AND INVESTIGATION OF BREACHES AND SECURITY INCIDENTS. During the term of this PSA, the County Department agrees to implement reasonable systems for the discovery and prompt reporting of any Breach or Security Incident, and to take the following steps:
NOTIFICATION AND INVESTIGATION OF BREACHES AND SECURITY INCIDENTS. During the term of this Agreement, the County agrees to implement reasonable systems for the discovery and prompt reporting of any Breach or Security Incident, and to take the following steps:
a. Initial Notice to HHS:
i. The Contractor will provide initial notice to the County. The Contractor agrees to perform the following incident reporting to County.
ii. Immediately upon discovery of a suspected security incident that involves data provided to Contractor by County, the Contractor will notify the County by email or telephone.
iii. Within one working day of discovery, the Contractor will notify the County by email or telephone of unsecured PII, if that PII was, or is, reasonably believed to have been accessed or acquired by an unauthorized person, any suspected security incident, intrusion, or unauthorized access, use, or disclosure of PII in violation of this Agreement, or potential loss of confidential data affecting this Agreement. Notice shall be made by contacting the County as provided in this agreement, including all information known at the time.
iv. A breach shall be treated as discovered by the Contractor as of the first day on which the breach is known, or by exercising reasonable diligence would have been known, to any person (other than the person committing the breach), who is an employee, officer or other agent of the Contractor.
v. Upon discovery of a breach, security incident, intrusion, or unauthorized access, use, or disclosure of PII, the Contractor shall take:
A. Prompt corrective action to mitigate any risks or damages involved with the breach and to protect the operating environment; and DocuSign Envelope ID: C1699981-367A-4E93-B66A-CA0849068709 DocuSign Envelope ID: 81A5495A-230D-4264-8358-EB12B24A8B8D DocuSign Envelope ID: 8FC5ECED-4536-49EB-A4AB-9CA23D0B1D81
B. Any action pertaining to such unauthorized disclosure required by applicable Federal and State laws and regulations.
NOTIFICATION AND INVESTIGATION OF BREACHES AND SECURITY INCIDENTS. During the term of this Agreement, the County agrees to implement reasonable systems for the discovery and prompt reporting of any Breach or Security Incident, and to take the following steps:
a. Initial Notice to HHS: MA-063-24010922 May 23, 2024 DocuSignDocuSign EnvelopeEnvelope ID:ID:
i. The Contractor will provide initial notice to the County. The Contractor agrees to perform the following incident reporting to County.
ii. Immediately upon discovery of a suspected security incident that involves data provided to Contractor by County, the Contractor will notify the County by email or telephone.
iii. Within one working day of discovery, the Contractor will notify the County by email or telephone of unsecured PII, if that PII was, or is, reasonably believed to have been accessed or acquired by an unauthorized person, any suspected security incident, intrusion, or unauthorized access, use, or disclosure of PII in violation of this Agreement, or potential loss of confidential data affecting this Agreement. Notice shall be made by contacting the County as provided in this agreement, including all information known at the time.
iv. A breach shall be treated as discovered by the Contractor as of the first day on which the breach is known, or by exercising reasonable diligence would have been known, to any person (other than the person committing the breach), who is an employee, officer or other agent of the Contractor.
v. Upon discovery of a breach, security incident, intrusion, or unauthorized access, use, or disclosure of PII, the Contractor shall take:
A. Prompt corrective action to mitigate any risks or damages involved with the breach and to protect the operating environment; and
B. Any action pertaining to such unauthorized disclosure required by applicable Federal and State laws and regulations.
NOTIFICATION AND INVESTIGATION OF BREACHES AND SECURITY INCIDENTS. During the term of this Agreement, the CalSAWS Consortium agrees to implement reasonable systems for the discovery and prompt reporting of any breach or security incident, and to take the following steps:
NOTIFICATION AND INVESTIGATION OF BREACHES AND SECURITY INCIDENTS. During the term of this Agreement, the Contractor agrees to implement reasonable systems for the discovery and prompt reporting of any Breach or Security Incident, and to take the following steps:
1. Contractor agrees to notify County of any breach or suspected or actual Security Incident immediately upon discovery by telephone at 000-000-0000 and HSS- Xxxxxxxxxx@xxxxxxxxxxxx.xxx and will include, to the extent possible, the identification of each individual whose unsecured PII has been, or is reasonably believed by the Contractor to have been accessed, acquired, used, or disclosed, a description of the PII involved, the nature of the unauthorized access, use or disclosure, the dates of the breach and discovery of the breach, and a description of any remedial action taken or proposed to be taken by Contractor, together with such other information County may reasonably require from Contractor from time to time in order for County to comply with its own reporting obligations.
2. A breach or unauthorized access, use or disclosure shall be treated as discovered by the Contractor on the first day on which such unauthorized access, use, or disclosure is known, or should reasonably have been known, to the Contractor or to any person, other than the individual committing the unauthorized disclosure, that is an employee, officer, subcontractor, agent or other representative of the Contractor.
3. Contractor shall consult with County to mitigate, to the extent practicable, any harmful effect that results from a Breach, Security Incident, or unauthorized access, use or disclosure of unsecured PII by Contractor or its employees, officers, subcontractors, agents or representatives.
4. Following a breach, security incident, or any unauthorized access, use or disclosure of unsecured PII, Contractor agrees to take any and all corrective action necessary to halt and/or contain the improper use or disclosure, prevent recurrence, to document any such action, and to make all documentation available to the County.
5. Except as provided by law, Contractor agrees that it will not inform any third party of a Breach or unauthorized access, use or disclosure of unsecured PII without consultation with County. County hereby reserves the sole right to determine whether and how such notice is to be provided to any individuals, regulatory agencies, or others as may be required by law, regulation or contract terms, as well as the contents of such notice. When applicable law requires the b...
NOTIFICATION AND INVESTIGATION OF BREACHES AND SECURITY INCIDENTS. During the term of this Agreement, the SUBRECIPIENT and its Sub-Contractor agrees to implement reasonable systems for the discovery and prompt reporting of any Breach or Security Incident, and to take the following steps:
NOTIFICATION AND INVESTIGATION OF BREACHES AND SECURITY INCIDENTS. During the term of this PSA, the LCSA agrees to implement reasonable systems for the discovery and prompt reporting of any Breach or Security Incident, and to take the following steps: