Notification Content. The Notification shall include sufficient information for the Data Governing Board to understand the nature of the actual or potential Breach. For instance, such Notification shall include, to the extent available at the time of the notification, the following information: 1) One or two sentence description of the actual or potential Breach; 2) Description of the roles of the people involved in the actual or potential Breach (e.g. state employees, users, service provider, unauthorized persons, etc.); 3) Type of actual or potential data Breach; 4) Party (ies) likely impacted by actual or potential Breach; 5) Number of users or records impacted/estimated to be impacted by the actual or potential Breach; 6) Actions taken by the Party to mitigate the actual or potential Breach; 7) Current status of the actual or potential Breach (under investigation or resolved); and 8) Corrective action taken and steps planned to be taken to prevent a similar actual or potential Breach. The Notification shall not include any confidential or protected Data. The Party agrees to supplement the information contained in the Notification as it becomes available. If, on the basis of the information available to the Party, the Party believes that it should temporarily cease providing Data with all other Participating Agencies, it may undergo a service level interruption or voluntary suspension in accordance with Appendix 1 of this E-MOU.
Appears in 6 contracts
Samples: Memorandum of Understanding, Data Sharing Agreement, Data Sharing Agreement