Common use of Security Breach Response Actions Clause in Contracts

Security Breach Response Actions. In the event of a Security Breach, Service Provider shall: (a) immediately conduct a reasonable investigation of the reasons for and circumstances of such Security Breach; (b) use reasonable efforts and take all necessary actions to prevent, contain, and mitigate the impact of, such Security Breach, and remediate such Security Breach, without delay; (c) provide notice to Customer using the contact information identified in subsection 4.4 immediately, and in any event within twelve (12) hours after the Service Provider discovered such Security Breach; (d) promptly, and in no event more than two (2) business days after the date Service Provider discovered a Security Breach, provide a written report to Customer providing all relevant details concerning such Security Breach; (e) collect and preserve all evidence concerning the discovery, cause, vulnerability, remedial actions and impact related to such Security Breach, which shall meet reasonable expectations of forensic admissibility; (f) document the incident response and remedial actions taken in detail, which shall meet reasonable expectations of forensic admissibility; (g) if requested by Customer, provide notice to individuals or entities whose Information was affected by the Security Breach, or may have reasonably been exposed or put at risk of exposure, Regulators, public authorities and the media, in a manner and format specified by Customer; and (h) keep the fact and details of the Security Breach confidential, to the extent possible, during the investigation and remediation of the Security Breach and limit communications about the Security Breach to those necessary to fulfill the requirements of subsections 4.1 (a) to (g) above.

Security Breach Response Actions. In the event of a Security Breach, Service Provider shall: (a) immediately conduct a reasonable investigation of the reasons for and circumstances of such Security Breach; (b) use reasonable efforts and take all necessary actions to prevent, contain, and mitigate the impact of, such Security Breach, and remediate such Security Breach, without delay;. ; PORTIONS OF THIS EXHIBIT WERE OMITTED AND HAVE BEEN FILED SEPARATELY WITH THE SECRETARY OF THE COMMISSION PURSUANT TO AN APPLICATION FOR CONFIDENTIAL TREATMENT UNDER RULE 24B-2 OF THE SECURITIES EXCHANGE ACT; [***] DENOTES OMISSIONS (c) provide notice to Customer using the contact information identified in subsection 4.4 immediately, immediately and in any event within twelve (12) hours after the Service Provider discovered such Security Breach; (d) promptly, and in no event more than two (2) business days after the date Service Provider discovered a Security Breach, provide a written report to Customer providing all relevant details concerning such Security Breach; (e) collect and preserve all evidence concerning the discovery, cause, vulnerability, remedial actions and impact related to such Security Breach, which shall meet reasonable expectations of forensic admissibility; (f) document the incident response and remedial actions taken in detail, which shall meet reasonable expectations of forensic admissibility; (g) if requested by Customer, provide notice to individuals or entities whose Information was affected by the Security Breach, or may have reasonably been exposed or put at risk of exposure, Regulators, public authorities and the media, in a manner and format specified by Customer. ; and (h) keep the fact and details of the Security Breach confidential, to the extent possible, during the investigation and remediation of the Security Breach and limit communications about the Security Breach to those necessary to fulfill the requirements of subsections 4.1 (a) to (g) above.