Breaches and Security Incidents During the term of the Agreement, CONTRACTOR 27 agrees to implement reasonable systems for the discovery of any Breach of unsecured DHCS PI and PII 28 or security incident. CONTRACTOR agrees to give notification of any beach of unsecured DHCS PI 29 and PII or security incident in accordance with subparagraph F, of the Business Associate Contract, 30 Exhibit B to the Agreement.
Reporting Security Incidents The Business Associate will report to the County any Incident of which the Business Associate becomes aware that is:
Security Incident Reporting A security incident occurs when CDA information assets are or reasonably believed to have been accessed, modified, destroyed, or disclosed without proper authorization, or are lost, or stolen. Subrecipient must comply with CDA’s security incident reporting procedures located at xxxxx://xxx.xxxxx.xx.xxx/ProgramsProviders/#Resources.
Security Incident Response Upon becoming aware of a Security Incident, MailChimp shall notify Customer without undue delay and shall provide timely information relating to the Security Incident as it becomes known or as is reasonably requested by Customer.
Reporting Unsuccessful Security Incidents Business Associate shall provide Covered Entity upon written request a Report that: (a) identifies the categories of Unsuccessful Security Incidents; (b) indicates whether Business Associate believes its current defensive security measures are adequate to address all Unsuccessful Security Incidents, given the scope and nature of such attempts; and (c) if the security measures are not adequate, the measures Business Associate will implement to address the security inadequacies.
Security Incident “Security Incident” means the attempted or successful unauthorized access, use, disclosure, modification, or destruction of information or interference with system operations in an information system.
Security Incidents 11.1 Includes identification, managing and agreed reporting procedures for actual or suspected security breaches.
COMPLIANCE WITH NEW YORK STATE INFORMATION SECURITY BREACH AND NOTIFICATION ACT Contractor shall comply with the provisions of the New York State Information Security Breach and Notification Act (General Business Law Section 899-aa; State Technology Law Section 208).
Reporting and Documenting Breaches 6.1 Business Associate shall Report to Covered Entity any Breach of Unsecured PHI as soon as it, or any Person to whom PHI is disclosed under this Agreement, becomes aware of any such Breach, and in no event later than five (5) business days after such awareness, except when a law enforcement official determines that a notification would impede a criminal investigation or cause damage to national security. Such Report shall be timely made notwithstanding the fact that little information may be known at the time of the Report and need only include such information then available.
EXCLUSION OF INCIDENTAL, CONSEQUENTIAL AND CERTAIN OTHER DAMAGES TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL THE BNPP ENTITIES OR THEIR SUPPLIERS BE LIABLE FOR ANY SPECIAL, INCIDENTAL, INDIRECT, OR CONSEQUENTIAL DAMAGES WHATSOEVER (INCLUDING, BUT NOT LIMITED TO, DAMAGES FOR LOSS OF PROFITS OR CONFIDENTIAL OR OTHER INFORMATION, FOR BUSINESS INTERRUPTION, FOR PERSONAL INJURY, FOR LOSS OF PRIVACY, FOR FAILURE TO MEET ANY DUTY INCLUDING OF GOOD FAITH OR OF REASONABLE CARE, FOR NEGLIGENCE, AND FOR ANY OTHER PECUNIARY OR OTHER LOSS WHATSOEVER) ARISING OUT OF OR IN ANY WAY RELATED TO THE USE OF OR INABILITY TO USE THE SOFTWARE, THE PROVISION OF OR FAILURE TO PROVIDE SUPPORT SERVICES, OR OTHERWISE UNDER OR IN CONNECTION WITH ANY PROVISION OF THIS SECTION 19, EVEN IN THE EVENT OF THE FAULT, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY, BREACH OF CONTRACT OR BREACH OF WARRANTY OF THE BNPP ENTITIES OR ANY SUPPLIER, AND EVEN IF THE BNPP ENTITIES OR ANY SUPPLIER HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. IN NO EVENT SHALL ANY BNPP ENTITY OR ANY SUPPLIER BE LIABLE FOR ACTS OF GOD, ACTS OF WAR OR TERRORISM, MACHINE OR COMPUTER BREAKDOWN OR MALFUNCTION, INTERRUPTION OR MALFUNCTION OF COMMUNICATION FACILITIES, LABOR DIFFICULTIES OR ANY OTHER SIMILAR OR DISSIMILAR CAUSE BEYOND THEIR REASONABLE CONTROL.