Notification to CDPH of Breach or Security Incident Sample Clauses

Notification to CDPH of Breach or Security Incident. The Contractor shall notify CDPH immediately by telephone call plus email or fax upon the discovery of a breach (as defined in this Exhibit), and within twenty-four (24) hours by email or fax of the discovery of any security incident (as defined in this Exhibit), unless a law enforcement agency determines that the notification will impede a criminal investigation, in which case the notification required by this section shall be made to CDPH immediately after the law enforcement agency determines that such notification will not compromise the investigation. Notification shall be provided to the CDPH Program Contract Manager, the CDPH Privacy Officer and the CDPH Chief Information Security Officer, using the contact information listed in Section XI(F), below. If the breach or security incident is discovered after business hours or on a weekend or holiday and involves CDPH PCI in electronic or computerized form, notification to CDPH shall be provided by calling the CDPH Information Security Office at the telephone numberslisted in Section XI(F), below. For purposes of this Section, breaches and security incidents shall be treated as discovered by Contractor as of the first day on which such breach or security incident is known to the Contractor, or, by exercising reasonable diligence would have been known to the Contractor. Contractor shall be deemed to have knowledge of a breach if such breach is known, or by exercising reasonable diligence would have been known, to any person, other than the person committing the breach, who is a employee or agent of the Contractor. Contractor shall take:
Sample 1Sample 2Sample 3See All (15)
AutoNDA by SimpleDocs
Notification to CDPH of Breach or Security Incident. The Participant shall notify CDPH immediately by telephone call plus email or fax upon the discovery of a breach (as defined in this Agreement), or within twenty-four (24) hours by email or fax of the discovery of any security incident (as defined in this Agreement). Notification shall be provided to the CDPH Program Manager, the CDPH Privacy Officer and the CDPH Chief Information Security Officer, using the contact information listed in Section XII(G), below. If the breach or security incident occurs after business hours or on a weekend or holiday and involves Cal-IVRS Data in electronic or computerized form, notification to CDPH shall be provided by calling the CDPH IT Service Desk at the telephone numbers listed in Section XII(G), below. For purposes of this Section, breaches and security incidents shall be treated as discovered by Participant as of the first day on which such breach or security incident is known to the Participant, or, by exercising reasonable diligence would have been known to the Participant. Participant shall be deemed to have knowledge of a breach or security incident if such breach or security incident is known, or by exercising reasonable diligence would have been known, to any person, other than the person committing the breach or security incident, who is a workforce member or agent of the Participant. Participant shall take:
Sample 1See All (5)
Notification to CDPH of Breach or Security Incident. Blue Shield shall notify CDPH within twenty-four (24) hours by telephone call plus email or fax upon the discovery of a Breach (as defined in this Exhibit), and within twenty-four (24) hours by email or fax of the discovery of any Security Incident (as defined in this Exhibit), that has occurred in a manner not permitted under this Agreement between Blue Shield and the Agency, including this Exhibit, unless a law enforcement agency determines that the notification will impede a criminal investigation, in which case the notification required by this section shall be made to CDPH immediately after the law enforcement agency determines that such notification will not compromise the investigation. Notification shall be provided to the Agency Contract Manager, the CDPH Privacy Officer and the CDPH Chief Information Security Officer, using the contact information listed in Section XII(F), below. If the Breach or Security Incident is discovered after business hours or on a weekend or holiday and involves CDPH PCI in electronic or computerized form, notification to CDPH shall be provided by calling the CDPH Information Security Office at the telephone numbers listed in Section XII(F), below. For purposes of this Section, Breaches and Security Incidents shall be treated as discovered by Blue Shield as of the first day on which such Breach or Security Incident is known to Blue Shield, or, by exercising reasonable industry standard due diligence would have been known to Blue Shield. Blue Shield shall be deemed to have knowledge of a Breach if such Breach is known, or by exercising reasonable diligence would have been known, to any person, other than the person committing the breach, who is an employee or agent of Blue Shield. Blue Shield shall take:
Sample 1Sample 2
Notification to CDPH of Breach or Security Incident. The Contractor shall notify CDPH immediately by telephone call plus email or fax upon the discovery of a breach (as defined in this Exhibit), and within twenty-four
Sample 1

Related to Notification to CDPH of Breach or Security Incident

  • Security Breach Notification In addition to the information enumerated in Article V, Section 4(1) of the DPA Standard Clauses, any Security Breach notification provided by the Provider to the LEA shall include:

  • Notification of Breach During the term of this Agreement:

  • FALSE STATEMENTS; BREACH OF REPRESENTATIONS The Parties acknowledge that this Agreement has been negotiated, and is being executed, in reliance upon the information contained in the Application, and any supplements or amendments thereto, without which the Comptroller would not have approved this Agreement and the District would not have executed this Agreement. By signature to this Agreement, the Applicant:

  • Security Breach Notice and Reporting The Contractor shall have policies and procedures in place for the effective management of Security Breaches, as defined below, which shall be made available to the State upon request. In addition to the requirements set forth in any applicable Business Associate Agreement as may be attached to this Contract, in the event of any actual security breach or reasonable belief of an actual security breach the Contractor either suffers or learns of that either compromises or could compromise State Data (a “Security Breach”), the Contractor shall notify the State within 24 hours of its discovery. Contractor shall immediately determine the nature and extent of the Security Breach, contain the incident by stopping the unauthorized practice, recover records, shut down the system that was breached, revoke access and/or correct weaknesses in physical security. Contractor shall report to the State: (i) the nature of the Security Breach; (ii) the State Data used or disclosed; (iii) who made the unauthorized use or received the unauthorized disclosure; (iv) what the Contractor has done or shall do to mitigate any deleterious effect of the unauthorized use or disclosure; and (v) what corrective action the Contractor has taken or shall take to prevent future similar unauthorized use or disclosure. The Contractor shall provide such other information, including a written report, as reasonably requested by the State. Contractor shall analyze and document the incident and provide all notices required by applicable law. In accordance with Section 9 V.S.A. §2435(b)(3), the Contractor shall notify the Office of the Attorney General, or, if applicable, Vermont Department of Financial Regulation (“DFR”), within fourteen (14) business days of the Contractor’s discovery of the Security Breach. The notice shall provide a preliminary description of the breach. The foregoing notice requirement shall be included in the subcontracts of any of Contractor’s subcontractors, affiliates or agents which may be “data collectors” hereunder. The Contractor agrees to fully cooperate with the State and assume responsibility at its own expense for the following, to be determined in the sole discretion of the State: (i) notice to affected consumers if the State determines it to be appropriate under the circumstances of any particular Security Breach, in a form recommended by the AGO; and (ii) investigation and remediation associated with a Security Breach, including but not limited to, outside investigation, forensics, counsel, crisis management and credit monitoring, in the sole determination of the State. The Contractor agrees to comply with all applicable laws, as such laws may be amended from time to time (including, but not limited to, Chapter 62 of Title 9 of the Vermont Statutes and all applicable State and federal laws, rules or regulations) that require notification in the event of unauthorized release of personally-identifiable information or other event requiring notification. In addition to any other indemnification obligations in this Contract, the Contractor shall fully indemnify and save harmless the State from any costs, loss or damage to the State resulting from a Security Breach or the unauthorized disclosure of State Data by the Contractor, its officers, agents, employees, and subcontractors.

Time is Money Join Law Insider Premium to draft better contracts faster.