Common use of Security Breach Procedures Clause in Contracts

Security Breach Procedures. a) Each Party shall: i) provide the other Party with the name and contact information for one or more of the Party’s employees/security operations or other service desk who/which shall serve as the other Party’s primary security contact and shall be available to assist the other Party twenty- four (24) hours per day, seven (7) days per week as a contact in resolving obligations associated with a Security Breach; ii) notify the other Party of a Security Breach as soon as practicable, but no later than twenty- four (24) hours after the Party becomes aware of it; and iii) notify the other Party of any Security Breaches by emailing the other Party at an address provided by the other Party, with a copy by email to the Party’s primary business contact within the other Party. b) Immediately following notification of a Security Breach, the Parties shall coordinate with each other to investigate the Security Breach. The Parties agree to fully cooperate with each other in the handling of the matter, including, without limitation: (i) assisting with any investigation; (ii) providing physical access to the facilities and operations affected; (iii) facilitating interviews with employees and others involved in the matter; and (iv) making available all relevant records, logs, files, data reporting, and other materials required to comply with applicable law, regulation, industry standards, or as otherwise reasonably required by the other Party. c) The Party responsible for the Security Breach shall (i) at its own expense use best efforts to immediately contain and remedy any Security Breach and prevent any further Security Breach, including, but not limited to taking any and all action necessary to comply with applicable privacy rights, laws, regulations, and standards, and (ii) reimburse the other Party for all actual reasonable costs incurred by the other Party in responding to, and mitigating damages caused by, any Security Breach, including all costs of notice and/or remediation pursuant to Section 4(d). d) Each Party agrees that it shall not inform any third party of a Security Breach without first obtaining the other Party’s prior written consent, other than to inform a complainant that the matter has been forwarded to the Party’s legal counsel. Further, the Receiving Party agrees that the Disclosing Party shall have the sole right to determine: (i) whether notice of the Security Breach is to be provided to any individuals, regulators, law enforcement agencies, consumer reporting agencies, or others as required by law or regulation, or otherwise in Disclosing Party’s discretion; and (ii) the contents of such notice, whether any type of remediation may be offered to affected persons, and the nature and extent of any such remediation. e) The Parties agree to maintain and preserve all documents, records, and other data related to any Security Breach for the longest of the following (the “Applicable Retention Period”): (i) five (5) years; (ii) any applicable retention period required by the Agreement or any other contract f) Each Party agrees to fully cooperate at its own expense with the other Party in any litigation, investigation, or other action resulting from a Security Breach, if deemed reasonably necessary by the other Party to protect its rights relating to the use, disclosure, protection, and maintenance of Personal Information. g) In the event of any Security Breach, the Parties shall promptly use their best efforts to prevent a recurrence of any such Security Breach.

Security Breach Procedures. (a) Each Party In the event of a Security Breach, as defined above, Member shall: : (i) provide the other Party PAEA with the name and contact information for one or more an employee of the Party’s employees/security operations or other service desk who/which Member who shall serve as the other PartyXXXX’s primary security contact and shall be available to assist the other Party twenty- PAEA twenty-four (24) hours per day, seven (7) days per week as a contact in resolving obligations associated with a Security Breach; ; (ii) notify the other Party PAEA of a Security Breach as soon as practicable, but no later than twenty- twenty-four (24) hours after the Party Member becomes aware of it; and and (iii) notify the other Party PAEA of any Security Breaches by emailing telephone at the other Party following number: Security Officer Xxxxx Xxxxxx 000- 000-0000 and e-mailing PAEA with a read receipt at an address provided by the other Party, Xxxxx Xxxxxx: xxxxxxx@xxxxxxxxxx.xxx AND Xxxxxx Xxxxxx xxxxxxx@xxxxxxxxxx.xxx with a copy by email e-mail to the PartyMember’s primary business contact within the other PartyPAEA. (b) Immediately following Member’s notification to PAEA of a Security BreachBreach (as defined in the Agreement), the Parties parties shall coordinate with each other to investigate the Security Breach. The Parties agree Member agrees to fully cooperate with each other XXXX in the XXXX’s handling of the matter, including, without limitation: : (i) assisting with any investigation; ; (ii) providing PAEA with secure and accompanied physical access to the facilities and operations affected; ; (iii) facilitating interviews with Member’s employees and others involved in the matter; and and (iv) making available all relevant records, logs, files, data reporting, reporting and other materials required to comply with applicable law, regulation, industry standards, standards or as otherwise reasonably required by the other PartyPAEA. (c) The Party responsible for the Security Breach Member shall (i) at its own expense use best efforts take reasonable steps to immediately contain and remedy any Security Breach and prevent any further Security Breach, including, but not limited to taking any and all action necessary to comply Breach at Member’s expense in accordance with applicable privacy rights, laws, regulations, regulations and standards, and (ii) reimburse the other Party for all actual reasonable costs incurred by the other Party in responding to, and mitigating damages caused by, any Security Breach, including all costs of notice and/or remediation pursuant to Section 4(d). (d) Each Party Member agrees that that, unless required by applicable law or regulation, it shall not inform any third party of a any Security Breach without first obtaining the other PartyPAEA’s prior written consent, other than to inform a complainant that the matter has been forwarded to the PartyXXXX’s legal counsel. Further, the Receiving Party agrees that the Disclosing Party shall have the sole right to determine: (i) whether notice of the Security Breach is to be provided to any individuals, regulators, law enforcement agencies, consumer reporting agencies, or others as required by law or regulation, or otherwise in Disclosing Party’s discretion; and (ii) the contents of such notice, whether any type of remediation may be offered to affected persons, and the nature and extent of any such remediation. (e) The Parties agree to maintain and preserve all documents, records, and other data related to any Security Breach for the longest of the following (the “Applicable Retention Period”): (i) five (5) years; (ii) any applicable retention period required by the Agreement or any other contract f) Each Party Member agrees to fully cooperate at its own expense with the other Party PAEA in any litigation, investigation, litigation or other formal action resulting from a Security Breach, if deemed reasonably necessary by the other Party PAEA to protect its rights relating to the use, disclosure, protection, protection and maintenance of Personal InformationPAEA Data arising from or related to Member’s obligations to PAEA under the Agreement. g) In the event of any Security Breach, the Parties shall promptly use their best efforts to prevent a recurrence of any such Security Breach.

Security Breach Procedures. (a) Each Party In the event of a Security Breach, as defined above, Member shall: : (i) provide the other Party PAEA with the name and contact information for one or more an employee of the Party’s employees/security operations or other service desk who/which Member who shall serve as the other PartyXXXX’s primary security contact and shall be available to assist the other Party twenty- PAEA twenty-four (24) hours per day, seven (7) days per week as a contact in resolving obligations associated with a Security Breach; ; (ii) notify the other Party PAEA of a Security Breach as soon as practicable, but no later than twenty- twenty-four (24) hours after the Party Member becomes aware of it; and and (iii) notify the other Party PAEA of any Security Breaches by emailing telephone at the other Party following number: Security Officer Xxxxx Xxxxxx 000-000-0000 and e-mailing PAEA with a read receipt at an address provided by the other Party, Xxxxx Xxxxxx: xxxxxxx@xxxxxxxxxx.xxx AND Xxxxxx Xxxxxx xxxxxxx@xxxxxxxxxx.xxx with a copy by email e-mail to the PartyMember’s primary business contact within the other PartyPAEA. (b) Immediately following Member’s notification to PAEA of a Security BreachBreach (as defined in the Agreement), the Parties parties shall coordinate with each other to investigate the Security Breach. The Parties agree Member agrees to fully cooperate with each other XXXX in the XXXX’s handling of the matter, including, without limitation: : (i) assisting with any investigation; ; (ii) providing PAEA with secure and accompanied physical access to the facilities and operations affected; ; (iii) facilitating interviews with Member’s employees and others involved in the matter; and and (iv) making available all relevant records, logs, files, data reporting, reporting and other materials required to comply with applicable law, regulation, industry standards, standards or as otherwise reasonably required by the other PartyPAEA. (c) The Party responsible for the Security Breach Member shall (i) at its own expense use best efforts take reasonable steps to immediately contain and remedy any Security Breach and prevent any further Security Breach, including, but not limited to taking any and all action necessary to comply Breach at Member’s expense in accordance with applicable privacy rights, laws, regulations, regulations and standards, and (ii) reimburse the other Party for all actual reasonable costs incurred by the other Party in responding to, and mitigating damages caused by, any Security Breach, including all costs of notice and/or remediation pursuant to Section 4(d). (d) Each Party Member agrees that that, unless required by applicable law or regulation, it shall not inform any third party of a any Security Breach without first obtaining the other PartyPAEA’s prior written consent, other than to inform a complainant that the matter has been forwarded to the PartyXXXX’s legal counsel. Further, the Receiving Party agrees that the Disclosing Party shall have the sole right to determine: (i) whether notice of the Security Breach is to be provided to any individuals, regulators, law enforcement agencies, consumer reporting agencies, or others as required by law or regulation, or otherwise in Disclosing Party’s discretion; and (ii) the contents of such notice, whether any type of remediation may be offered to affected persons, and the nature and extent of any such remediation. (e) The Parties agree to maintain and preserve all documents, records, and other data related to any Security Breach for the longest of the following (the “Applicable Retention Period”): (i) five (5) years; (ii) any applicable retention period required by the Agreement or any other contract f) Each Party Member agrees to fully cooperate at its own expense with the other Party PAEA in any litigation, investigation, litigation or other formal action resulting from a Security Breach, if deemed reasonably necessary by the other Party PAEA to protect its rights relating to the use, disclosure, protection, protection and maintenance of Personal InformationPAEA Data arising from or related to Member’s obligations to PAEA under the Agreement. g) In the event of any Security Breach, the Parties shall promptly use their best efforts to prevent a recurrence of any such Security Breach.