Security Breach Procedures. 4.1 Supplier shall notify Buyer as soon as practicable, and in any event within 24 hours, after Supplier becomes aware of any Security Incident or Security Breach.
4.2 Supplier shall, at its sole cost and expense, use best efforts to immediately remedy any Security Incident or Security Breach and prevent any further Security Incident or Security Breach.
4.3 Supplier shall, at its sole cost and expense: (a) promptly preserve all relevant records, logs, files, data reporting, and other materials relevant to any Security Incident or Security Breach, and shall provide the same to Buyer upon request; and (b) diligently investigate any Security Incident or Security Breach and shall fully cooperate with Buyer in its own investigation of and response to any such Security Incident or Security Breach.
4.4 If a Security Incident or Security Breach arises, in whole or in part, from an act or omission of Supplier, Supplier shall reimburse Buyer for all reasonable costs incurred by Buyer in responding to, and mitigating damages caused by, any such Security Incident or Security Breach, including, without limitation, all costs of notice and credit monitoring and identity theft protection services.
4.5 Unless otherwise required by law, Supplier agrees that it shall not inform any third party of any Security Incident or Security Breach without first obtaining Buyer’s prior written consent, other than to inform a complainant that the matter has been forwarded to Xxxxx’s legal counsel. Further, Supplier agrees not to include Xxxxx’s name, logo, or any other identifiable information about Buyer or its affiliates in any notice or public statement concerning any Security Incident or Security Breach without Buyer’s prior written approval.
Security Breach Procedures. For purposes of this section, the term “
Security Breach Procedures. For purposes of this Contract, “
Security Breach Procedures. For purposes of this section, the term “Security Breach” shall mean (i) any act or omission that materially compromises either the security, confidentiality or integrity of personal information or the physical, technical, administrative or organizational safeguards put in place by Custodian (or any authorized persons) that relate to the protection of the security, confidentiality or integrity of personal information, or (ii) receipt of a complaint in relation to the privacy practices of Custodian (or any authorized persons) or a breach or alleged breach of this Agreement relating to such privacy practices. Custodian shall: (i) notify a Trust of a Security Breach as soon as practicable, but no later than twenty-four (24) hours after Custodian becomes aware of it; and (ii) notify a Trust of any Security Breaches by and with a copy by e-mail to Custodian’s primary business contact within the Trust. Immediately following Custodian’s notification to a Trust of a Security Breach, the parties shall coordinate with each other to investigate the Security Breach. Custodian agrees to cooperate with the Trust in the Trust’s handling of the matter, including, without limitation: (i) assisting with any investigation; (ii) providing the Trust with physical access to the facilities and operations affected; (iii) facilitating interviews with Custodian’s employees and others involved in the matter; and (iv) making available all relevant records, logs, files, data reporting and other materials required to comply with applicable law, regulation, industry standards or as otherwise reasonably required by the Trust. Custodian shall immediately remedy any Security Breach and prevent any further Security Breach at Custodian’s expense in accordance with applicable privacy rights, laws, regulations and standards. Custodian shall reimburse the Trust for actual costs incurred by the Trust in responding to, and mitigating damages caused by, any Security Breach, including all costs of notice and/or remediation pursuant to this paragraph.
Security Breach Procedures a) Each Party shall: i) provide the other Party with the name and contact information for one or more of the Party’s employees/security operations or other service desk who/which shall serve as the other Party’s primary security contact and shall be available to assist the other Party twenty- four (24) hours per day, seven (7) days per week as a contact in resolving obligations associated with a Security Breach; ii) notify the other Party of a Security Breach as soon as practicable, but no later than twenty- four (24) hours after the Party becomes aware of it; and iii) notify the other Party of any Security Breaches by emailing the other Party at an address provided by the other Party, with a copy by email to the Party’s primary business contact within the other Party.
b) Immediately following notification of a Security Breach, the Parties shall coordinate with each other to investigate the Security Breach. The Parties agree to fully cooperate with each other in the handling of the matter, including, without limitation: (i) assisting with any investigation; (ii) providing physical access to the facilities and operations affected; (iii) facilitating interviews with employees and others involved in the matter; and (iv) making available all relevant records, logs, files, data reporting, and other materials required to comply with applicable law, regulation, industry standards, or as otherwise reasonably required by the other Party.
c) The Party responsible for the Security Breach shall (i) at its own expense use best efforts to immediately contain and remedy any Security Breach and prevent any further Security Breach, including, but not limited to taking any and all action necessary to comply with applicable privacy rights, laws, regulations, and standards, and (ii) reimburse the other Party for all actual reasonable costs incurred by the other Party in responding to, and mitigating damages caused by, any Security Breach, including all costs of notice and/or remediation pursuant to Section 4(d).
d) Each Party agrees that it shall not inform any third party of a Security Breach without first obtaining the other Party’s prior written consent, other than to inform a complainant that the matter has been forwarded to the Party’s legal counsel. Further, the Receiving Party agrees that the Disclosing Party shall have the sole right to determine: (i) whether notice of the Security Breach is to be provided to any individuals, regulators, law enforcement agencies, cons...
Security Breach Procedures. (A) Immediately upon the Consultant’s awareness or reasonable belief of a Security Breach, the Consultant shall (i) notify the Manager of the Security Breach, such notice to be given first by telephone at the following telephone number, followed promptly by email at the following email address: (000) 000-0000 / SJVIA- Xxxxx@xxxxxxxxxxxxxx.xxx (which telephone number and email address the SJVIA may update by providing notice to the Consultant), and (ii) preserve all relevant evidence (and cause any affected Authorized Person to preserve all relevant evidence) relating to the Security Breach. The notification shall include, to the extent reasonably possible, the identification of each type and the extent of Personal Information that has been, or is reasonably believed to have been, breached, including but not limited to, compromised, or subjected to unauthorized Use, Disclosure, or modification, or any loss or destruction, corruption, or damage.
(B) Immediately following the Consultant’s notification to the SJVIA of a Security Breach, as provided pursuant to section 10.4(A) of this agreement, the parties shall coordinate with each other to investigate the Security Breach. The Consultant agrees to fully cooperate with the SJVIA, including, without limitation:
(1) assisting the SJVIA in conducting any investigation;
(2) providing the SJVIA with physical access to the facilities and operations affected;
(3) facilitating interviews with Authorized Persons and any of the Consultant’s other employees knowledgeable of the matter; and
(4) making available all relevant records, logs, files, data reporting and other materials required to comply with applicable law, regulation, industry standards, or as otherwise reasonably required by the SJVIA. To that end, the Consultant shall, with respect to a Security Breach, be solely responsible, at its cost, for all notifications required by law and regulation, or deemed reasonably necessary by the SJVIA, and the Consultant shall provide a written report of the investigation and reporting required to the Manager within 30 days after the Consultant’s discovery of the Security Breach.
(C) The SJVIA shall promptly notify the Consultant of the Manager’s knowledge, or reasonable belief, of any Privacy Practices Complaint, and upon the Consultant’s receipt of notification thereof, the Consultant shall promptly address such Privacy Practices Complaint, including taking any corrective action under this Article 10, all at the Consultan...
Security Breach Procedures. (a) Vendor shall develop, implement, maintain and comply with policies and procedures for responding to Security Breaches, including any policies provided to Vendor by City.
(b) Vendor will promptly notify the City, no later than twenty four (24) hours after notice, if any City Information is lost or destroyed or becomes damaged, corrupted, or unusable. Vendor will restore such City Information at its own expense.
(c) If Vendor discovers or if it becomes aware of: any unauthorized or unlawful Processing of City Information; or actual or reasonably suspected Security Breach, whether or not such breach has compromised any City Information, Vendor shall:
(i) immediately conduct an investigation of the reasons for and circumstances surrounding such Security Breach, including by engaging third party experts and forensic investigators;
(ii) use best efforts and take all necessary actions to contain and mitigate the impact of such Security Breach;
(iii) provide notice to City at ( ) - no later than 24 hours after the Vendor discovers a Security Breach;
(iv) within 72 hours of discovering a Security Breach, Vendor must provide a written report to City concerning such Security Breach detailing Vendor's findings, and update such report on a periodic basis, no less frequently than weekly, thereafter;
(v) collect and preserve all evidence concerning the cause, remedial actions and impact related to such Security Breach, which shall meet reasonable expectations of forensic admissibility;
(vi) document the incident response and remedial actions taken in
(vii) if required by law, or in City's sole discretion, provide notice to individuals whose Personal Information was or may have been exposed, in a manner and format required by law and/or specified by City; and
(viii) provide City with any relevant documents related to such Security Breach, including without limitation, any security assessment and security control audit reports, logs, and any forensic analysis of such Security Breach.
(d) Without limiting the foregoing, immediately following any unauthorized or unlawful City Information Processing or Security Breach, the parties will coordinate with each other to investigate the matter. Vendor will reasonably cooperate with City in City 's handling of the matter, including Vendor:
(i) investigating and promptly remediating the effects of the Security Breach, potential breach, or security incident, whether or not the breach was caused by Vendor;
(ii) cooperating with Cit...
Security Breach Procedures. Galvanize maintains an Incident Response Plan managed by its Security Incident Response Team (SIRT). Galvanize will notify Customer without undue delay if Galvanize determines that the security of the Cloud Products’ systems has been breached and this results in Customer Data being accessed by or disclosed to an individual or entity who is not authorized to access or receive such information. Notice will include a brief description of the incident, including the nature of the breach, the date it occurred and, if known, the general type(s) of data involved. Galvanize will report to Customer on the corrective action being taken and will cooperate with Customer to mitigate the effects of any lost or compromised Customer Data. Galvanize will conduct a root cause analysis to determine the cause of the incident and to ensure corrective actions are focused on the true root cause of the incident. Customer will implement any corrective measures required by Galvanize.
Security Breach Procedures. In the event either party determines that there has been an unauthorized or improper disclosure of the information exchanged under this MSA, such party must promptly notify the other party, unless legally prohibited from doing so or specifically directed by law enforcement not to do so, within seventy two hours (or any shorter period as may be required by Law) after such party becomes aware of it. Such notification will include the nature of the incident, the other party's information that was compromised, and the action taken or to be taken. Additionally, each party will reasonably assist the other party in remediating and mitigating any potential damage. Each party shall bear the costs of such remediation or mitigation to the extent the breach or security incident was caused by its acts or omissions. If the Institution learns or has reason to believe that unauthorized access to a password protected area of the Clearinghouse website has occurred or is about to occur, the Institution shall notify the Clearinghouse promptly, and without unreasonable delay, and the Clearinghouse may suspend Institution’s access until the threat has been contained.
Security Breach Procedures a. Provider shall:
i. provide Smart Start with the name and contact information for one or more employees of Provider who shall serve as Smart Start’s primary security contact and shall be available to assist Smart Start twenty-four
