Common use of Notification of Data Security Incident Clause in Contracts

Notification of Data Security Incident. For purposes of this section, “Data Security Incident” is defined as unauthorized access to the CONSULTANT’s business and/or business systems by a third party, which access could potentially expose COUNTY data or systems to unauthorized access, disclosure, or misuse. In the event of a Data Security Incident, CONSULTANT must notify COUNTY in writing within 48 hours. Notice should be made to XXXXX@xxxxxx.xx.xxx and to all parties referenced in the “Notices” section of the AGREEMENT. Notice must reference this contract number. Notice under this section must include the date of incident and CONSULTANT’s systems and/or locations which were affected. The duty to notify under this section is broad, requiring disclosure whether or not any impact to COUNTY data is known at the time, to enable COUNTY to take immediate protective actions of its data and cloud environments. Failure to notify under this section is a material breach, and COUNTY may immediately terminate the AGREEMENT for failure to comply.

Notification of Data Security Incident. For purposes of this section, “Data Security Incident” is defined as unauthorized access to the CONSULTANTContractor’s business and/or business systems by a third party, which access could potentially expose COUNTY County data or systems to unauthorized access, disclosure, or misuse. In the event of a Data Security Incident, CONSULTANT Contractor must notify COUNTY County in writing within as soon as possible and no later than 48 hourshours after Contractor determines a Data Security Incident has occurred. Notice should be made to XXXXX@xxxxxx.xx.xxx and to all parties referenced in the “Notices” section of the AGREEMENTAgreement. Notice must reference this contract number. Notice under this section must include the date of incident and CONSULTANTincident, Contractor’s systems and/or locations which were affected, and County services or data affected. The duty to notify under this section is broad, requiring disclosure whether or not any impact to COUNTY County data is known at the time, to enable COUNTY County to take immediate protective actions of its data and cloud environments. Failure to notify under this section is a material breach, and COUNTY County may immediately terminate the AGREEMENT Agreement for failure to comply.