{"component": "clause", "props": {"groups": [{"snippet": "4.1 Supplier shall notify Buyer as soon as practicable, and in any event within 24 hours, after Supplier becomes aware of any Security Incident or Security Breach.\n4.2 Supplier shall, at its sole cost and expense, use best efforts to immediately remedy any Security Incident or Security Breach and prevent any further Security Incident or Security Breach.\n4.3 Supplier shall, at its sole cost and expense: (a) promptly preserve all relevant records, logs, files, data reporting, and other materials relevant to any Security Incident or Security Breach, and shall provide the same to Buyer upon request; and (b) diligently investigate any Security Incident or Security Breach and shall fully cooperate with Buyer in its own investigation of and response to any such Security Incident or Security Breach.\n4.4 If a Security Incident or Security Breach arises, in whole or in part, from an act or omission of Supplier, Supplier shall reimburse Buyer for all reasonable costs incurred by Buyer in responding to, and mitigating damages caused by, any such Security Incident or Security Breach, including, without limitation, all costs of notice and credit monitoring and identity theft protection services.\n4.5 Unless otherwise required by law, Supplier agrees that it shall not inform any third party of any Security Incident or Security Breach without first obtaining Buyer\u2019s prior written consent, other than to inform a complainant that the matter has been forwarded to \u2587\u2587\u2587\u2587\u2587\u2019s legal counsel. Further, Supplier agrees not to include \u2587\u2587\u2587\u2587\u2587\u2019s name, logo, or any other identifiable information about Buyer or its affiliates in any notice or public statement concerning any Security Incident or Security Breach without Buyer\u2019s prior written approval.", "samples": [{"hash": "dHO9nihNjwi", "uri": "/contracts/dHO9nihNjwi#security-breach-procedures", "label": "Master Purchasing Agreement", "score": 36.4142303284, "published": true}, {"hash": "3mTpmXmBe2I", "uri": "/contracts/3mTpmXmBe2I#security-breach-procedures", "label": "General Terms and Conditions", "score": 36.4142303284, "published": true}, {"hash": "dhmrJGJszOt", "uri": "/contracts/dhmrJGJszOt#security-breach-procedures", "label": "Master Purchasing Agreement", "score": 35.2872848511, "published": true}], "size": 9, "snippet_links": [{"key": "supplier-shall", "type": "clause", "offset": [4, 18]}, {"key": "as-soon-as-practicable", "type": "definition", "offset": [32, 54]}, {"key": "security-incident", "type": "definition", "offset": [126, 143]}, {"key": "security-breach", "type": "definition", "offset": [147, 162]}, {"key": "cost-and-expense", "type": "clause", "offset": [196, 212]}, {"key": "use-best-efforts", "type": "clause", "offset": [214, 230]}, {"key": "further-security", "type": "definition", "offset": [310, 326]}, {"key": "relevant-records", "type": "definition", "offset": [432, 448]}, {"key": "data-reporting", "type": "clause", "offset": [463, 477]}, {"key": "other-materials", "type": "clause", "offset": [483, 498]}, {"key": "provide-the", "type": "clause", "offset": [563, 574]}, {"key": "to-buyer", "type": "definition", "offset": [580, 588]}, {"key": "upon-request", "type": "definition", "offset": [589, 601]}, {"key": "cooperate-with", "type": "clause", "offset": [691, 705]}, {"key": "own-investigation", "type": "clause", "offset": [719, 736]}, {"key": "such-security", "type": "definition", "offset": [760, 773]}, {"key": "act-or-omission", "type": "definition", "offset": [886, 901]}, {"key": "of-supplier", "type": "clause", "offset": [902, 913]}, {"key": "costs-incurred", "type": "clause", "offset": [965, 979]}, {"key": "by-buyer", "type": "clause", "offset": [980, 988]}, {"key": "responding-to", "type": "clause", "offset": [992, 1005]}, {"key": "caused-by", "type": "clause", "offset": [1030, 1039]}, {"key": "without-limitation", "type": "clause", "offset": [1099, 1117]}, {"key": "costs-of-notice", "type": "clause", "offset": [1123, 1138]}, {"key": "credit-monitoring-and-identity-theft-protection-services", "type": "clause", "offset": [1143, 1199]}, {"key": "required-by-law", "type": "definition", "offset": [1222, 1237]}, {"key": "third-party", "type": "clause", "offset": [1284, 1295]}, {"key": "prior-written-consent", "type": "clause", "offset": [1372, 1393]}, {"key": "legal-counsel", "type": "definition", "offset": [1476, 1489]}, {"key": "information-about-buyer", "type": "clause", "offset": [1577, 1600]}, {"key": "any-notice", "type": "clause", "offset": [1622, 1632]}, {"key": "public-statement", "type": "definition", "offset": [1636, 1652]}, {"key": "without-buyer", "type": "clause", "offset": [1705, 1718]}, {"key": "prior-written-approval", "type": "definition", "offset": [1721, 1743]}], "hash": "6d1a8e43c953bed7fdcfeb1b0633bc12", "id": 1}, {"snippet": "For purposes of this section, the term \u201c", "samples": [{"hash": "jUW4JoumrZS", "uri": "/contracts/jUW4JoumrZS#security-breach-procedures", "label": "Fund Accounting Servicing Agreement (Eagle Series Trust)", "score": 25.1601638794, "published": true}, {"hash": "fiH3WOkw0E2", "uri": "/contracts/fiH3WOkw0E2#security-breach-procedures", "label": "Transfer Agent Servicing Agreement (Eagle Growth & Income Fund)", "score": 25.1601638794, "published": true}, {"hash": "e3r9IbSncv2", "uri": "/contracts/e3r9IbSncv2#security-breach-procedures", "label": "Fund Sub Administration Servicing Agreement (Eagle Capital Appreciation Fund)", "score": 25.1601638794, "published": true}], "size": 7, "snippet_links": [{"key": "for-purposes-of-this-section", "type": "clause", "offset": [0, 28]}, {"key": "the-term", "type": "definition", "offset": [30, 38]}], "hash": "57c93b27a86afd4be614dbf37703edf1", "id": 2}, {"snippet": "For purposes of this section, the term \u201cSecurity Breach\u201d shall mean (i) any act or omission that materially compromises either the security, confidentiality or integrity of personal information or the physical, technical, administrative or organizational safeguards put in place by Custodian (or any authorized persons) that relate to the protection of the security, confidentiality or integrity of personal information, or (ii) receipt of a complaint in relation to the privacy practices of Custodian (or any authorized persons) or a breach or alleged breach of this Agreement relating to such privacy practices. Custodian shall: (i) notify a Trust of a Security Breach as soon as practicable, but no later than twenty-four (24) hours after Custodian becomes aware of it; and (ii) notify a Trust of any Security Breaches by and with a copy by e-mail to Custodian\u2019s primary business contact within the Trust. Immediately following Custodian\u2019s notification to a Trust of a Security Breach, the parties shall coordinate with each other to investigate the Security Breach. Custodian agrees to cooperate with the Trust in the Trust\u2019s handling of the matter, including, without limitation: (i) assisting with any investigation; (ii) providing the Trust with physical access to the facilities and operations affected; (iii) facilitating interviews with Custodian\u2019s employees and others involved in the matter; and (iv) making available all relevant records, logs, files, data reporting and other materials required to comply with applicable law, regulation, industry standards or as otherwise reasonably required by the Trust. Custodian shall immediately remedy any Security Breach and prevent any further Security Breach at Custodian\u2019s expense in accordance with applicable privacy rights, laws, regulations and standards. Custodian shall reimburse the Trust for actual costs incurred by the Trust in responding to, and mitigating damages caused by, any Security Breach, including all costs of notice and/or remediation pursuant to this paragraph.", "samples": [{"hash": "1vLT9rQHoh1", "uri": "/contracts/1vLT9rQHoh1#security-breach-procedures", "label": "Custody Agreement (Eagle Series Trust)", "score": 27.1601638794, "published": true}, {"hash": "LVMPmqhBKn", "uri": "/contracts/LVMPmqhBKn#security-breach-procedures", "label": "Custody Agreement (Eagle Series Trust)", "score": 26.7111568451, "published": true}], "size": 6, "snippet_links": [{"key": "for-purposes-of-this-section", "type": "clause", "offset": [0, 28]}, {"key": "the-term", "type": "definition", "offset": [30, 38]}, {"key": "act-or-omission", "type": "definition", "offset": [76, 91]}, {"key": "integrity-of-personal-information", "type": "clause", "offset": [160, 193]}, {"key": "in-place", "type": "definition", "offset": [270, 278]}, {"key": "by-custodian", "type": "clause", "offset": [279, 291]}, {"key": "authorized-persons", "type": "definition", "offset": [300, 318]}, {"key": "relate-to", "type": "definition", "offset": [325, 334]}, {"key": "protection-of-the-security", "type": "clause", "offset": [339, 365]}, {"key": "receipt-of", "type": "clause", "offset": [429, 439]}, {"key": "in-relation-to", "type": "clause", "offset": [452, 466]}, {"key": "privacy-practices", "type": "definition", "offset": [471, 488]}, {"key": "breach-of-this-agreement", "type": "clause", "offset": [553, 577]}, {"key": "relating-to", "type": "definition", "offset": [578, 589]}, {"key": "as-soon-as-practicable", "type": "definition", "offset": [671, 693]}, {"key": "security-breaches", "type": "clause", "offset": [804, 821]}, {"key": "with-a-copy", "type": "definition", "offset": [829, 840]}, {"key": "to-custodian", "type": "clause", "offset": [851, 863]}, {"key": "business-contact", "type": "clause", "offset": [874, 890]}, {"key": "to-a-trust", "type": "definition", "offset": [956, 966]}, {"key": "the-parties-shall", "type": "clause", "offset": [989, 1006]}, {"key": "agrees-to", "type": "clause", "offset": [1080, 1089]}, {"key": "cooperate-with", "type": "clause", "offset": [1090, 1104]}, {"key": "without-limitation", "type": "clause", "offset": [1165, 1183]}, {"key": "providing-the", "type": "clause", "offset": [1228, 1241]}, {"key": "facilities-and-operations", "type": "clause", "offset": [1276, 1301]}, {"key": "employees-and-others", "type": "clause", "offset": [1359, 1379]}, {"key": "making-available", "type": "definition", "offset": [1413, 1429]}, {"key": "relevant-records", "type": "definition", "offset": [1434, 1450]}, {"key": "data-reporting", "type": "clause", "offset": [1465, 1479]}, {"key": "other-materials", "type": "clause", "offset": [1484, 1499]}, {"key": "applicable-law", "type": "clause", "offset": [1524, 1538]}, {"key": "industry-standards", "type": "definition", "offset": [1552, 1570]}, {"key": "by-the-trust", "type": "clause", "offset": [1607, 1619]}, {"key": "further-security", "type": "definition", "offset": [1692, 1708]}, {"key": "in-accordance-with", "type": "definition", "offset": [1739, 1757]}, {"key": "privacy-rights", "type": "clause", "offset": [1769, 1783]}, {"key": "regulations-and-standards", "type": "clause", "offset": [1791, 1816]}, {"key": "actual-costs-incurred", "type": "clause", "offset": [1858, 1879]}, {"key": "responding-to", "type": "clause", "offset": [1896, 1909]}, {"key": "caused-by", "type": "clause", "offset": [1934, 1943]}, {"key": "costs-of-notice", "type": "clause", "offset": [1980, 1995]}, {"key": "pursuant-to", "type": "definition", "offset": [2015, 2026]}], "hash": "9a836834ef5c2b06cce3c603a3179042", "id": 4}, {"snippet": "(A) Immediately upon the Consultant\u2019s awareness or reasonable belief of a Security Breach, the Consultant shall (i) notify the Manager of the Security Breach, such notice to be given first by telephone at the following telephone number, followed promptly by email at the following email address: (\u2587\u2587\u2587) \u2587\u2587\u2587-\u2587\u2587\u2587\u2587 / SJVIA- \u2587\u2587\u2587\u2587\u2587@\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587.\u2587\u2587\u2587 (which telephone number and email address the SJVIA may update by providing notice to the Consultant), and (ii) preserve all relevant evidence (and cause any affected Authorized Person to preserve all relevant evidence) relating to the Security Breach. The notification shall include, to the extent reasonably possible, the identification of each type and the extent of Personal Information that has been, or is reasonably believed to have been, breached, including but not limited to, compromised, or subjected to unauthorized Use, Disclosure, or modification, or any loss or destruction, corruption, or damage.\n(B) Immediately following the Consultant\u2019s notification to the SJVIA of a Security Breach, as provided pursuant to section 10.4(A) of this agreement, the parties shall coordinate with each other to investigate the Security Breach. The Consultant agrees to fully cooperate with the SJVIA, including, without limitation:\n(1) assisting the SJVIA in conducting any investigation;\n(2) providing the SJVIA with physical access to the facilities and operations affected;\n(3) facilitating interviews with Authorized Persons and any of the Consultant\u2019s other employees knowledgeable of the matter; and\n(4) making available all relevant records, logs, files, data reporting and other materials required to comply with applicable law, regulation, industry standards, or as otherwise reasonably required by the SJVIA. To that end, the Consultant shall, with respect to a Security Breach, be solely responsible, at its cost, for all notifications required by law and regulation, or deemed reasonably necessary by the SJVIA, and the Consultant shall provide a written report of the investigation and reporting required to the Manager within 30 days after the Consultant\u2019s discovery of the Security Breach.\n(C) The SJVIA shall promptly notify the Consultant of the Manager\u2019s knowledge, or reasonable belief, of any Privacy Practices Complaint, and upon the Consultant\u2019s receipt of notification thereof, the Consultant shall promptly address such Privacy Practices Complaint, including taking any corrective action under this Article 10, all at the Consultant\u2019s sole expense, in accordance with applicable privacy rights, laws, regulations and standards. If the Consultant discovers a Security Breach, the Consultant shall treat the Privacy Practices Complaint as a Security Breach. Within 24 hours of the Consultant\u2019s receipt of notification of such Privacy Practices Complaint, the Consultant shall notify the SJVIA whether the matter is a Security Breach, or otherwise has been corrected and the manner of correction, or determined not to require corrective action and the reason therefor.\n(D) The Consultant shall take prompt corrective action to respond to and remedy any Security Breach and take mitigating actions, including but not limiting to, preventing any reoccurrence of the Security Breach and correcting any deficiency in Security Safeguards as a result of such incident, all at the Consultant\u2019s sole expense, in accordance with applicable privacy rights, laws, regulations and standards. The Consultant shall reimburse the SJVIA for all reasonable costs incurred by the SJVIA in", "samples": [{"hash": "grhydNUUuE3", "uri": "/contracts/grhydNUUuE3#security-breach-procedures", "label": "Consultant Agreement", "score": 36.0027008057, "published": true}, {"hash": "kJJVDyJYGdT", "uri": "/contracts/kJJVDyJYGdT#security-breach-procedures", "label": "Consultant Agreement", "score": 32.8801765442, "published": true}, {"hash": "ethfPFmGw5M", "uri": "/contracts/ethfPFmGw5M#security-breach-procedures", "label": "Consultant Agreement", "score": 32.8801765442, "published": true}], "size": 4, "snippet_links": [{"key": "immediately-upon-the", "type": "clause", "offset": [4, 24]}, {"key": "reasonable-belief", "type": "definition", "offset": [51, 68]}, {"key": "security-breach", "type": "definition", "offset": [74, 89]}, {"key": "the-consultant-shall", "type": "clause", "offset": [91, 111]}, {"key": "the-manager", "type": "definition", "offset": [123, 134]}, {"key": "the-security", "type": "clause", "offset": [138, 150]}, {"key": "notice-to-be-given", "type": "clause", "offset": [164, 182]}, {"key": "by-telephone", "type": "definition", "offset": [189, 201]}, {"key": "telephone-number", "type": "definition", "offset": [219, 235]}, {"key": "by-email", "type": "clause", "offset": [255, 263]}, {"key": "email-address", "type": "definition", "offset": [281, 294]}, {"key": "notice-to-the-consultant", "type": "clause", "offset": [421, 445]}, {"key": "relevant-evidence", "type": "definition", "offset": [470, 487]}, {"key": "relating-to", "type": "definition", "offset": [565, 576]}, {"key": "to-the-extent", "type": "clause", "offset": [630, 643]}, {"key": "personal-information", "type": "definition", "offset": [715, 735]}, {"key": "not-limited", "type": "clause", "offset": [815, 826]}, {"key": "unauthorized-use", "type": "definition", "offset": [860, 876]}, {"key": "loss-or-destruction", "type": "clause", "offset": [914, 933]}, {"key": "following-the", "type": "definition", "offset": [974, 987]}, {"key": "notification-to", "type": "clause", "offset": [1001, 1016]}, {"key": "pursuant-to-section", "type": "definition", "offset": [1061, 1080]}, {"key": "this-agreement", "type": "clause", "offset": [1092, 1106]}, {"key": "the-parties-shall", "type": "clause", "offset": [1108, 1125]}, {"key": "agrees-to", "type": "clause", "offset": [1204, 1213]}, {"key": "cooperate-with", "type": "clause", "offset": [1220, 1234]}, {"key": "without-limitation", "type": "clause", "offset": [1257, 1275]}, {"key": "providing-the", "type": "clause", "offset": [1338, 1351]}, {"key": "facilities-and-operations", "type": "clause", "offset": [1386, 1411]}, {"key": "authorized-persons", "type": "definition", "offset": [1455, 1473]}, {"key": "other-employees", "type": "clause", "offset": [1502, 1517]}, {"key": "making-available", "type": "definition", "offset": [1555, 1571]}, {"key": "relevant-records", "type": "definition", "offset": [1576, 1592]}, {"key": "data-reporting", "type": "clause", "offset": [1607, 1621]}, {"key": "other-materials", "type": "clause", "offset": [1626, 1641]}, {"key": "applicable-law", "type": "clause", "offset": [1666, 1680]}, {"key": "industry-standards", "type": "definition", "offset": [1694, 1712]}, {"key": "with-respect-to", "type": "clause", "offset": [1799, 1814]}, {"key": "law-and-regulation", "type": "definition", "offset": [1904, 1922]}, {"key": "reasonably-necessary", "type": "clause", "offset": [1934, 1954]}, {"key": "provide-a", "type": "definition", "offset": [1994, 2003]}, {"key": "reporting-required", "type": "clause", "offset": [2044, 2062]}, {"key": "days-after", "type": "definition", "offset": [2088, 2098]}, {"key": "discovery-of", "type": "clause", "offset": [2116, 2128]}, {"key": "promptly-notify", "type": "definition", "offset": [2170, 2185]}, {"key": "privacy-practices-complaint", "type": "definition", "offset": [2258, 2285]}, {"key": "receipt-of", "type": "clause", "offset": [2313, 2323]}, {"key": "article-10", "type": "definition", "offset": [2468, 2478]}, {"key": "sole-expense", "type": "definition", "offset": [2504, 2516]}, {"key": "in-accordance-with", "type": "definition", "offset": [2518, 2536]}, {"key": "privacy-rights", "type": "clause", "offset": [2548, 2562]}, {"key": "regulations-and-standards", "type": "clause", "offset": [2570, 2595]}, {"key": "hours-of", "type": "clause", "offset": [2735, 2743]}, {"key": "notification-of", "type": "definition", "offset": [2772, 2787]}, {"key": "manner-of", "type": "definition", "offset": [2941, 2950]}, {"key": "prompt-corrective-action", "type": "clause", "offset": [3065, 3089]}, {"key": "respond-to", "type": "definition", "offset": [3093, 3103]}, {"key": "not-limiting", "type": "clause", "offset": [3178, 3190]}, {"key": "security-safeguards", "type": "clause", "offset": [3279, 3298]}, {"key": "costs-incurred", "type": "clause", "offset": [3506, 3520]}], "hash": "971ebdd6dc80f93b90105d218f938a61", "id": 5}, {"snippet": "For purposes of this Contract, \u201c", "samples": [{"hash": "7vh5cVQC4vh", "uri": "/contracts/7vh5cVQC4vh#security-breach-procedures", "label": "Contract", "score": 32.2486877441, "published": true}, {"hash": "gRcEYapmi5p", "uri": "/contracts/gRcEYapmi5p#security-breach-procedures", "label": "Contract", "score": 31.7127513885, "published": true}, {"hash": "l3OcLhQRp2", "uri": "/contracts/l3OcLhQRp2#security-breach-procedures", "label": "Contract", "score": 31.1046390533, "published": true}], "size": 6, "snippet_links": [{"key": "this-contract", "type": "clause", "offset": [16, 29]}], "hash": "21373ff457fc8ea8b53275a5d62fcb50", "id": 3}, {"snippet": "(1) Promptly, and without undue delay, upon the Contractor\u2019s confirmation of a Security Breach, the Contractor shall (a) notify the Director of the Security Breach, such notice to be given first by telephone at the following telephone number, followed promptly by email at the following email address: (\u2587\u2587\u2587) \u2587\u2587\u2587-\u2587\u2587\u2587\u2587 / \u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587@\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587\u2587.\u2587\u2587\u2587 (which telephone number and email address the County may update by providing notice to the Contractor), and (b) preserve all relevant evidence (and cause any affected Authorized Person to preserve all relevant evidence) relating to the Security Breach. The notification shall include, to the extent reasonably possible, the identification of each type and the extent of Personal Information that has been, or is reasonably believed to have been, breached, including but not limited to, compromised, or subjected to unauthorized Use, Disclosure, or modification, or any loss or destruction, corruption, or damage.\n(2) Immediately following the Contractor\u2019s notification to the County of a Security Breach, as provided pursuant to subsection D.(1) of this Exhibit E, the Parties shall coordinate with each other to investigate the Security Breach. The Contractor agrees to fully cooperate with the County, including, without limitation: (i) assisting the County in conducting any investigation; (ii) providing the County with physical access to the facilities and operations affected; (iii) facilitating interviews with Authorized Persons and any of the Contractor\u2019s other employees knowledgeable of the matter; and (iv) making available all relevant records, logs, files, data reporting and other materials required to comply with applicable law, regulation, industry standards, or as otherwise reasonably required by the County. To that end, the Contractor shall, with respect to a Security Breach, be solely responsible, at its cost, for all notifications required by law and regulation, and the Contractor shall provide a written report of the investigation and reporting required to the Director within thirty (30) days after the Contractor\u2019s discovery of the Security Breach.\n(3) The County shall promptly notify the Contractor of the Director\u2019s knowledge, or reasonable belief, of any Privacy Practices Complaint, and upon the Contractor\u2019s receipt of notification thereof, the Contractor shall promptly address such Privacy Practices Complaint, including taking any corrective action under this Exhibit E, all at the Contractor\u2019s sole expense, in accordance with applicable privacy rights, laws, regulations and standards. In the event the Contractor discovers a Security Breach, the Contractor shall treat the Privacy Practices Complaint as a Security Breach. Within 24 hours of the Contractor\u2019s receipt of notification of such Privacy Practices Complaint, the Contractor shall notify the County whether the matter is a Security Breach, or otherwise has been corrected and the manner of correction, or determined not to require corrective action and the reason therefor.\n(4) The Contractor shall take prompt corrective action to respond to and remedy any Security Breach and take reasonable mitigating actions, including but not limiting to, preventing any reoccurrence of the Security Breach and correcting any deficiency in Security Safeguards as a result of such incident, all at the Contractor\u2019s sole expense, in accordance with applicable privacy rights, laws, regulations and standards. The Contractor shall reimburse the County for all reasonable costs incurred by the County in responding to, and mitigating damages caused by, any Security Breach, including all costs of the County incurred in relation to any litigation or other action described in subsection D. (5) of this Exhibit E. to the extent applicable: (1) the cost of providing affected individuals with credit monitoring services for a specific period not to exceed twelve (12) months, to the extent the incident could lead to a compromise of the data subject\u2019s credit or credit standing; (2) call center support for such affected individuals for a specific period not to exceed thirty (30) days; and (3) the cost of any measures required under applicable laws.", "samples": [{"hash": "iNIJHI1rIh7", "uri": "/contracts/iNIJHI1rIh7#security-breach-procedures", "label": "Service Agreement", "score": 32.2604675293, "published": true}], "size": 4, "snippet_links": [{"key": "without-undue-delay", "type": "definition", "offset": [18, 37]}, {"key": "confirmation-of", "type": "clause", "offset": [61, 76]}, {"key": "security-breach", "type": "definition", "offset": [79, 94]}, {"key": "director-of", "type": "clause", "offset": [132, 143]}, {"key": "the-security", "type": "clause", "offset": [144, 156]}, {"key": "notice-to-be-given", "type": "clause", "offset": [170, 188]}, {"key": "by-telephone", "type": "definition", "offset": [195, 207]}, {"key": "telephone-number", "type": "definition", "offset": [225, 241]}, {"key": "by-email", "type": "clause", "offset": [261, 269]}, {"key": "email-address", "type": "definition", "offset": [287, 300]}, {"key": "notice-to-the-contractor", "type": "clause", "offset": [425, 449]}, {"key": "relevant-evidence", "type": "definition", "offset": [473, 490]}, {"key": "relating-to", "type": "definition", "offset": [568, 579]}, {"key": "to-the-extent", "type": "clause", "offset": [633, 646]}, {"key": "personal-information", "type": "definition", "offset": [718, 738]}, {"key": "not-limited", "type": "clause", "offset": [818, 829]}, {"key": "unauthorized-use", "type": "definition", "offset": [863, 879]}, {"key": "loss-or-destruction", "type": "clause", "offset": [917, 936]}, {"key": "following-the", "type": "definition", "offset": [977, 990]}, {"key": "county-of", "type": "clause", "offset": [1024, 1033]}, {"key": "pursuant-to-subsection", "type": "clause", "offset": [1065, 1087]}, {"key": "exhibit-e", "type": "definition", "offset": [1102, 1111]}, {"key": "the-parties-shall", "type": "clause", "offset": [1113, 1130]}, {"key": "contractor-agrees-to", "type": "clause", "offset": [1198, 1218]}, {"key": "cooperate-with", "type": "clause", "offset": [1225, 1239]}, {"key": "without-limitation", "type": "clause", "offset": [1263, 1281]}, {"key": "county-in", "type": "definition", "offset": [1301, 1310]}, {"key": "providing-the", "type": "clause", "offset": [1346, 1359]}, {"key": "facilities-and-operations", "type": "clause", "offset": [1395, 1420]}, {"key": "authorized-persons", "type": "definition", "offset": [1466, 1484]}, {"key": "of-the-contractor", "type": "clause", "offset": [1493, 1510]}, {"key": "other-employees", "type": "clause", "offset": [1513, 1528]}, {"key": "making-available", "type": "definition", "offset": [1567, 1583]}, {"key": "relevant-records", "type": "definition", "offset": [1588, 1604]}, {"key": "data-reporting", "type": "clause", "offset": [1619, 1633]}, {"key": "other-materials", "type": "clause", "offset": [1638, 1653]}, {"key": "comply-with-applicable", "type": "clause", "offset": [1666, 1688]}, {"key": "industry-standards", "type": "definition", "offset": [1706, 1724]}, {"key": "by-the-county", "type": "clause", "offset": [1762, 1775]}, {"key": "with-respect-to", "type": "clause", "offset": [1812, 1827]}, {"key": "law-and-regulation", "type": "definition", "offset": [1917, 1935]}, {"key": "provide-a", "type": "definition", "offset": [1962, 1971]}, {"key": "reporting-required", "type": "clause", "offset": [2012, 2030]}, {"key": "within-thirty", "type": "clause", "offset": [2047, 2060]}, {"key": "days-after", "type": "definition", "offset": [2066, 2076]}, {"key": "discovery-of", "type": "clause", "offset": [2094, 2106]}, {"key": "the-county-shall", "type": "clause", "offset": [2132, 2148]}, {"key": "promptly-notify", "type": "definition", "offset": [2149, 2164]}, {"key": "reasonable-belief", "type": "definition", "offset": [2212, 2229]}, {"key": "privacy-practices-complaint", "type": "definition", "offset": [2238, 2265]}, {"key": "receipt-of", "type": "clause", "offset": [2293, 2303]}, {"key": "sole-expense", "type": "definition", "offset": [2483, 2495]}, {"key": "in-accordance-with", "type": "definition", "offset": [2497, 2515]}, {"key": "privacy-rights", "type": "clause", "offset": [2527, 2541]}, {"key": "regulations-and-standards", "type": "clause", "offset": [2549, 2574]}, {"key": "in-the-event-the", "type": "clause", "offset": [2576, 2592]}, {"key": "hours-of", "type": "clause", "offset": [2724, 2732]}, {"key": "notification-of", "type": "definition", "offset": [2761, 2776]}, {"key": "manner-of", "type": "definition", "offset": [2931, 2940]}, {"key": "prompt-corrective-action", "type": "clause", "offset": [3055, 3079]}, {"key": "respond-to", "type": "definition", "offset": [3083, 3093]}, {"key": "not-limiting", "type": "clause", "offset": [3179, 3191]}, {"key": "security-safeguards", "type": "clause", "offset": [3280, 3299]}, {"key": "costs-incurred", "type": "clause", "offset": [3508, 3522]}, {"key": "responding-to", "type": "clause", "offset": [3540, 3553]}, {"key": "caused-by", "type": "clause", "offset": [3578, 3587]}, {"key": "costs-of", "type": "definition", "offset": [3624, 3632]}, {"key": "in-relation-to", "type": "clause", "offset": [3653, 3667]}, {"key": "other-action", "type": "clause", "offset": [3686, 3698]}, {"key": "cost-of", "type": "clause", "offset": [3783, 3790]}, {"key": "affected-individuals", "type": "definition", "offset": [3801, 3821]}, {"key": "services-for", "type": "clause", "offset": [3845, 3857]}, {"key": "specific-period", "type": "clause", "offset": [3860, 3875]}, {"key": "not-to-exceed", "type": "definition", "offset": [3876, 3889]}, {"key": "data-subject", "type": "clause", "offset": [3971, 3983]}, {"key": "credit-standing", "type": "clause", "offset": [3996, 4011]}, {"key": "call-center-support", "type": "clause", "offset": [4017, 4036]}, {"key": "applicable-laws", "type": "definition", "offset": [4169, 4184]}], "hash": "d23618d1137d5728bcd1d765256b91eb", "id": 6}, {"snippet": "In the event either party determines that there has been an unauthorized or improper disclosure of the information exchanged under this MSA, such party must promptly notify the other party, unless legally prohibited from doing so or specifically directed by law enforcement not to do so, within seventy two hours (or any shorter period as may be required by Law) after such party becomes aware of it. Such notification will include the nature of the incident, the other party's information that was compromised, and the action taken or to be taken. Additionally, each party will reasonably assist the other party in remediating and mitigating any potential damage. Each party shall bear the costs of such remediation or mitigation to the extent the breach or security incident was caused by its acts or omissions. If the Institution learns or has reason to believe that unauthorized access to a password protected area of the Clearinghouse website has occurred or is about to occur, the Institution shall notify the Clearinghouse promptly, and without unreasonable delay, and the Clearinghouse may suspend Institution\u2019s access until the threat has been contained.", "samples": [{"hash": "gbasdhBlhLB", "uri": "/contracts/gbasdhBlhLB#security-breach-procedures", "label": "Master Service Agreement", "score": 31.0926742554, "published": true}, {"hash": "UzuERWq0Mt", "uri": "/contracts/UzuERWq0Mt#security-breach-procedures", "label": "Master Service Agreement", "score": 31.0926742554, "published": true}], "size": 2, "snippet_links": [{"key": "in-the-event", "type": "clause", "offset": [0, 12]}, {"key": "either-party", "type": "definition", "offset": [13, 25]}, {"key": "information-exchanged", "type": "clause", "offset": [103, 124]}, {"key": "such-party", "type": "clause", "offset": [141, 151]}, {"key": "notify-the", "type": "clause", "offset": [166, 176]}, {"key": "other-party", "type": "definition", "offset": [177, 188]}, {"key": "specifically-directed", "type": "definition", "offset": [233, 254]}, {"key": "law-enforcement", "type": "clause", "offset": [258, 273]}, {"key": "required-by-law", "type": "definition", "offset": [346, 361]}, {"key": "nature-of-the", "type": "clause", "offset": [436, 449]}, {"key": "action-taken", "type": "definition", "offset": [520, 532]}, {"key": "each-party-will", "type": "clause", "offset": [563, 578]}, {"key": "assist-the", "type": "clause", "offset": [590, 600]}, {"key": "potential-damage", "type": "definition", "offset": [647, 663]}, {"key": "costs-of", "type": "definition", "offset": [691, 699]}, {"key": "to-the-extent", "type": "clause", "offset": [731, 744]}, {"key": "security-incident", "type": "definition", "offset": [759, 776]}, {"key": "caused-by", "type": "clause", "offset": [781, 790]}, {"key": "acts-or-omissions", "type": "definition", "offset": [795, 812]}, {"key": "the-institution", "type": "clause", "offset": [817, 832]}, {"key": "reason-to-believe", "type": "definition", "offset": [847, 864]}, {"key": "access-to", "type": "definition", "offset": [883, 892]}, {"key": "protected-area", "type": "clause", "offset": [904, 918]}, {"key": "institution-shall", "type": "clause", "offset": [987, 1004]}, {"key": "without-unreasonable-delay", "type": "definition", "offset": [1044, 1070]}], "hash": "a1c8362939068341268be009e78e4245", "id": 7}, {"snippet": "a. Provider shall:\ni. provide Smart Start with the name and contact information for one or more employees of Provider who shall serve as Smart Start\u2019s primary security contact and shall be available to assist Smart Start twenty-four", "samples": [{"hash": "kIAKk6UFFp7", "uri": "/contracts/kIAKk6UFFp7#security-breach-procedures", "label": "Kiosk Services Agreement", "score": 33.7793807983, "published": true}, {"hash": "aV7Wdssls5a", "uri": "/contracts/aV7Wdssls5a#security-breach-procedures", "label": "Master Services Agreement", "score": 27.5735797882, "published": true}], "size": 2, "snippet_links": [{"key": "provider-shall", "type": "clause", "offset": [3, 17]}, {"key": "name-and-contact-information", "type": "clause", "offset": [51, 79]}, {"key": "employees-of", "type": "clause", "offset": [96, 108]}, {"key": "primary-security-contact", "type": "definition", "offset": [151, 175]}, {"key": "to-assist", "type": "clause", "offset": [199, 208]}], "hash": "70b466b34d53459a649ec92e23035c86", "id": 8}, {"snippet": "Galvanize maintains an Incident Response Plan managed by its Security Incident Response Team (SIRT). Galvanize will notify Customer without undue delay if Galvanize determines that the security of the Cloud Products\u2019 systems has been breached and this results in Customer Data being accessed by or disclosed to an individual or entity who is not authorized to access or receive such information. Notice will include a brief description of the incident, including the nature of the breach, the date it occurred and, if known, the general type(s) of data involved. Galvanize will report to Customer on the corrective action being taken and will cooperate with Customer to mitigate the effects of any lost or compromised Customer Data. Galvanize will conduct a root cause analysis to determine the cause of the incident and to ensure corrective actions are focused on the true root cause of the incident. Customer will implement any corrective measures required by Galvanize.", "samples": [{"hash": "cO2rYAJm2lK", "uri": "/contracts/cO2rYAJm2lK#security-breach-procedures", "label": "Master Subscription Agreement", "score": 32.1438217163, "published": true}, {"hash": "18jl2V3mYO1", "uri": "/contracts/18jl2V3mYO1#security-breach-procedures", "label": "Master Subscription Agreement", "score": 32.1246604919, "published": true}], "size": 2, "snippet_links": [{"key": "plan-managed", "type": "clause", "offset": [41, 53]}, {"key": "incident-response-team", "type": "definition", "offset": [70, 92]}, {"key": "without-undue-delay", "type": "definition", "offset": [132, 151]}, {"key": "security-of-the", "type": "clause", "offset": [185, 200]}, {"key": "cloud-products", "type": "clause", "offset": [201, 215]}, {"key": "customer-data", "type": "definition", "offset": [263, 276]}, {"key": "an-individual", "type": "clause", "offset": [311, 324]}, {"key": "such-information", "type": "definition", "offset": [378, 394]}, {"key": "description-of-the", "type": "clause", "offset": [424, 442]}, {"key": "nature-of-the", "type": "clause", "offset": [467, 480]}, {"key": "the-general", "type": "clause", "offset": [525, 536]}, {"key": "to-customer", "type": "clause", "offset": [585, 596]}, {"key": "cooperate-with", "type": "clause", "offset": [643, 657]}, {"key": "to-mitigate", "type": "definition", "offset": [667, 678]}, {"key": "root-cause-analysis", "type": "clause", "offset": [758, 777]}, {"key": "determine-the", "type": "clause", "offset": [781, 794]}, {"key": "to-ensure", "type": "clause", "offset": [821, 830]}, {"key": "corrective-actions", "type": "definition", "offset": [831, 849]}, {"key": "customer-will", "type": "clause", "offset": [902, 915]}, {"key": "corrective-measures", "type": "clause", "offset": [930, 949]}, {"key": "required-by", "type": "definition", "offset": [950, 961]}], "hash": "e9fcc1f00b11f902dc5f851f280f2579", "id": 9}, {"snippet": "a) Each Party shall: i) provide the other Party with the name and contact information for one or more of the Party\u2019s employees/security operations or other service desk who/which shall serve as the other Party\u2019s primary security contact and shall be available to assist the other Party twenty- four (24) hours per day, seven (7) days per week as a contact in resolving obligations associated with a Security Breach; ii) notify the other Party of a Security Breach as soon as practicable, but no later than twenty- four (24) hours after the Party becomes aware of it; and iii) notify the other Party of any Security Breaches by emailing the other Party at an address provided by the other Party, with a copy by email to the Party\u2019s primary business contact within the other Party.\nb) Immediately following notification of a Security Breach, the Parties shall coordinate with each other to investigate the Security Breach. The Parties agree to fully cooperate with each other in the handling of the matter, including, without limitation: (i) assisting with any investigation; (ii) providing physical access to the facilities and operations affected; (iii) facilitating interviews with employees and others involved in the matter; and (iv) making available all relevant records, logs, files, data reporting, and other materials required to comply with applicable law, regulation, industry standards, or as otherwise reasonably required by the other Party.\nc) The Party responsible for the Security Breach shall (i) at its own expense use best efforts to immediately contain and remedy any Security Breach and prevent any further Security Breach, including, but not limited to taking any and all action necessary to comply with applicable privacy rights, laws, regulations, and standards, and (ii) reimburse the other Party for all actual reasonable costs incurred by the other Party in responding to, and mitigating damages caused by, any Security Breach, including all costs of notice and/or remediation pursuant to Section 4(d).\nd) Each Party agrees that it shall not inform any third party of a Security Breach without first obtaining the other Party\u2019s prior written consent, other than to inform a complainant that the matter has been forwarded to the Party\u2019s legal counsel. Further, the Receiving Party agrees that the Disclosing Party shall have the sole right to determine: (i) whether notice of the Security Breach is to be provided to any individuals, regulators, law enforcement agencies, consumer reporting agencies, or others as required by law or regulation, or otherwise in Disclosing Party\u2019s discretion; and (ii) the contents of such notice, whether any type of remediation may be offered to affected persons, and the nature and extent of any such remediation.\ne) The Parties agree to maintain and preserve all documents, records, and other data related to any Security Breach for the longest of the following (the \u201cApplicable Retention Period\u201d): (i) five (5) years; (ii) any applicable retention period required by the Agreement or any other contract\nf) Each Party agrees to fully cooperate at its own expense with the other Party in any litigation, investigation, or other action resulting from a Security Breach, if deemed reasonably necessary by the other Party to protect its rights relating to the use, disclosure, protection, and maintenance of Personal Information.\ng) In the event of any Security Breach, the Parties shall promptly use their best efforts to prevent a recurrence of any such Security Breach.", "samples": [{"hash": "kGtSIvPLcCa", "uri": "/contracts/kGtSIvPLcCa#security-breach-procedures", "label": "Program Administrator Agreement (AMERICAN COASTAL INSURANCE Corp)", "score": 33.3655014038, "published": true}, {"hash": "2SKDrESLVga", "uri": "/contracts/2SKDrESLVga#security-breach-procedures", "label": "Claims Services Agreement (AMERICAN COASTAL INSURANCE Corp)", "score": 33.3655014038, "published": true}], "size": 2, "snippet_links": [{"key": "each-party", "type": "definition", "offset": [3, 13]}, {"key": "provide-the", "type": "clause", "offset": [24, 35]}, {"key": "other-party", "type": "definition", "offset": [36, 47]}, {"key": "name-and-contact-information", "type": "clause", "offset": [57, 85]}, {"key": "the-party", "type": "clause", "offset": [105, 114]}, {"key": "security-operations", "type": "clause", "offset": [127, 146]}, {"key": "service-desk", "type": "definition", "offset": [156, 168]}, {"key": "primary-security-contact", "type": "definition", "offset": [212, 236]}, {"key": "assist-the", "type": "clause", "offset": [263, 273]}, {"key": "hours-per-day", "type": "clause", "offset": [304, 317]}, {"key": "days-per-week", "type": "definition", "offset": [329, 342]}, {"key": "associated-with", "type": "definition", "offset": [381, 396]}, {"key": "notify-the", "type": "clause", "offset": [420, 430]}, {"key": "as-soon-as-practicable", "type": "definition", "offset": [464, 486]}, {"key": "security-breaches", "type": "clause", "offset": [606, 623]}, {"key": "with-a-copy", "type": "definition", "offset": [695, 706]}, {"key": "by-email", "type": "clause", "offset": [707, 715]}, {"key": "business-contact", "type": "clause", "offset": [739, 755]}, {"key": "following-notification-of", "type": "clause", "offset": [795, 820]}, {"key": "the-parties-shall", "type": "clause", "offset": [840, 857]}, {"key": "the-security", "type": "clause", "offset": [900, 912]}, {"key": "agree-to", "type": "clause", "offset": [933, 941]}, {"key": "cooperate-with", "type": "clause", "offset": [948, 962]}, {"key": "without-limitation", "type": "clause", "offset": [1016, 1034]}, {"key": "facilities-and-operations", "type": "clause", "offset": [1112, 1137]}, {"key": "employees-and-others", "type": "clause", "offset": [1183, 1203]}, {"key": "making-available", "type": "definition", "offset": [1237, 1253]}, {"key": "relevant-records", "type": "definition", "offset": [1258, 1274]}, {"key": "data-reporting", "type": "clause", "offset": [1289, 1303]}, {"key": "other-materials", "type": "clause", "offset": [1309, 1324]}, {"key": "applicable-law", "type": "clause", "offset": [1349, 1363]}, {"key": "industry-standards", "type": "definition", "offset": [1377, 1395]}, {"key": "responsible-for", "type": "clause", "offset": [1466, 1481]}, {"key": "use-best-efforts", "type": "clause", "offset": [1531, 1547]}, {"key": "further-security", "type": "definition", "offset": [1618, 1634]}, {"key": "not-limited", "type": "clause", "offset": [1658, 1669]}, {"key": "privacy-rights", "type": "clause", "offset": [1735, 1749]}, {"key": "and-standards", "type": "clause", "offset": [1770, 1783]}, {"key": "costs-incurred", "type": "clause", "offset": [1846, 1860]}, {"key": "responding-to", "type": "clause", "offset": [1883, 1896]}, {"key": "caused-by", "type": "clause", "offset": [1921, 1930]}, {"key": "costs-of-notice", "type": "clause", "offset": [1967, 1982]}, {"key": "pursuant-to-section", "type": "definition", "offset": [2002, 2021]}, {"key": "third-party", "type": "clause", "offset": [2078, 2089]}, {"key": "prior-written-consent", "type": "clause", "offset": [2153, 2174]}, {"key": "legal-counsel", "type": "definition", "offset": [2261, 2274]}, {"key": "the-receiving-party-agrees", "type": "clause", "offset": [2285, 2311]}, {"key": "disclosing-party", "type": "definition", "offset": [2321, 2337]}, {"key": "to-determine", "type": "clause", "offset": [2364, 2376]}, {"key": "notice-of-the", "type": "clause", "offset": [2390, 2403]}, {"key": "law-enforcement-agencies", "type": "definition", "offset": [2470, 2494]}, {"key": "consumer-reporting-agencies", "type": "definition", "offset": [2496, 2523]}, {"key": "law-or-regulation", "type": "clause", "offset": [2550, 2567]}, {"key": "type-of", "type": "definition", "offset": [2666, 2673]}, {"key": "affected-persons", "type": "definition", "offset": [2704, 2720]}, {"key": "nature-and-extent", "type": "clause", "offset": [2730, 2747]}, {"key": "to-maintain", "type": "clause", "offset": [2794, 2805]}, {"key": "all-documents", "type": "definition", "offset": [2819, 2832]}, {"key": "other-data", "type": "clause", "offset": [2847, 2857]}, {"key": "related-to", "type": "clause", "offset": [2858, 2868]}, {"key": "retention-period", "type": "clause", "offset": [2939, 2955]}, {"key": "agreement-or", "type": "definition", "offset": [3032, 3044]}, {"key": "other-contract", "type": "definition", "offset": [3049, 3063]}, {"key": "agrees-to", "type": "clause", "offset": [3078, 3087]}, {"key": "other-action", "type": "clause", "offset": [3181, 3193]}, {"key": "resulting-from", "type": "definition", "offset": [3194, 3208]}, {"key": "reasonably-necessary", "type": "clause", "offset": [3238, 3258]}, {"key": "relating-to", "type": "definition", "offset": [3300, 3311]}, {"key": "maintenance-of", "type": "clause", "offset": [3349, 3363]}, {"key": "personal-information", "type": "definition", "offset": [3364, 3384]}, {"key": "in-the-event-of", "type": "definition", "offset": [3389, 3404]}, {"key": "such-security", "type": "definition", "offset": [3507, 3520]}], "hash": "038c78d861d9f6018dff0ff6226f7827", "id": 10}], "next_curs": "CmMSXWoVc35sYXdpbnNpZGVyY29udHJhY3Rzcj8LEhZDbGF1c2VTbmlwcGV0R3JvdXBfdjU2IiNzZWN1cml0eS1icmVhY2gtcHJvY2VkdXJlcyMwMDAwMDAwYQyiAQJlbhgAIAA=", "clause": {"title": "Security Breach Procedures", "size": 80, "children": [["vendor-shall", "Vendor shall"], ["", ""], ["updates", "Updates"], ["technical-support", "Technical Support"], ["compensation", "Compensation"]], "parents": [["data-protection-and-information-security", "Data Protection and Information Security"], ["data-security-obligation", "Data Security Obligation"], ["data-security", "Data Security"], ["records-reports-audits-and-monitoring-and-data-security", "Records Reports Audits and Monitoring and Data Security"], ["additional-terms-and-conditions", "Additional Terms and Conditions"]], "id": "security-breach-procedures", "related": [["security-breach-notification", "Security Breach Notification", "Security Breach Notification"], ["security-breach", "Security Breach", "Security Breach"], ["third-party-claim-procedures", "Third Party Claim Procedures", "Third Party Claim Procedures"], ["claim-procedures", "Claim Procedures", "Claim Procedures"], ["complaint-procedures", "COMPLAINT PROCEDURES", "COMPLAINT PROCEDURES"]], "related_snippets": [], "updated": "2025-07-10T04:27:38+00:00"}, "json": true, "cursor": ""}}