Common use of Security Breach Clause in Contracts

Security Breach. In the event of a security breach, the Contractor shall take prompt corrective action to cure any such deficiencies and any action pertaining to such unauthorized disclosure required by applicable federal and state laws and regulations. a. You must report all Security Breaches, whether suspected or confirmed, to the System Manager promptly, but no later than one (1) business day, of the incident. If the System Manager is unavailable, or if there is a potential conflict of interest, report the incident to the Regional Manager or the Authority’s Chief Housing Solutions Officer. b. Document or maintain records of information and actions relevant to the incident as they may be required in the Security Breach handling report. i. Date and time of Security Breach; ii. Type of Security Breach (e.g. virus, hacking, e-mail, etc.); iii. Person(s) involved in Security Breach, if identifiable; and iv. Date and time Security Breach was reported and to whom. c. Any alleged violations that may constitute criminal misconduct, identify theft or other serious misconduct, or reflect systemic violations within the management of the Program will be reported to the MSHDA Compliance Unit as part of the Security Breach reporting Process. d. When reporting a Security Breach, do not further compromise the information or risk causing another Security Breach: i. Do not forward the compromised information when reporting an incident ii. If and when the compromised PII is needed, you will be given instructions regarding the individual to send it to and the process for submission. “Key Persons” are those individuals performing services and those performing services who may be subject to the State Employees’ Retirement Act, 2007 PA 95, MCL 38.68c. The Contractor acknowledges that the following personnel are Key Persons of the Contractor in accordance with Section 11 of the Housing Agent Agreement. Please have each Key Person sign the Exhibit F – Agreement to Use and Release Information to Authority (“Release”), as well as the questions regarding the State Employees’ Retirement Act. The Authority will approve a Key Person only if (a) the Key Person signs the Release, (b) the Criminal Screenings review does not reveal any criminal records that the Authority, in its sole discretion, deems unacceptable, and (c) is not an active Participant on the Program or a current Waiting List Applicant for the Program. Please use one Release for each Key Person who shall be performing. In addition, the selected Contractor will be required to submit additional forms for new service personnel performing services who may be considered Key Persons.

Security Breach. In the event of a security breach, the Contractor shall take prompt corrective action to cure any such deficiencies and any action pertaining to such unauthorized disclosure required by applicable federal and state laws and regulations. a. You must report all Security Breaches, whether suspected or confirmed, to the System Manager promptly, but no later than one (1) business day, of the incident. If the System Manager is unavailable, or if there is a potential conflict of interest, report the incident to the Regional Manager or the Authority’s Chief Housing Solutions Officer. b. Document or maintain records of information and actions relevant to the incident as they may be required in the Security Breach handling report. i. Date and time of Security Breach; ii. Type of Security Breach (e.g. virus, hacking, e-mail, etc.); iii. Person(s) involved in Security Breach, if identifiable; and iv. Date and time Security Breach was reported and to whom. c. Any alleged violations that may constitute criminal misconduct, identify theft or other serious misconduct, or reflect systemic violations within the management of the Program will be reported to the MSHDA Compliance Unit as part of the Security Breach reporting Process. d. When reporting a Security Breach, do not further compromise the information or risk causing another Security Breach: i. Do not forward the compromised information when reporting an incident ii. If and when the compromised PII is needed, you will be given instructions regarding the individual to send it to and the process for submission. “Key Persons” are those individuals performing services and those performing services who may be subject to the State Employees’ Retirement Act, 2007 PA 95, MCL 38.68c. The Contractor acknowledges that the following personnel are Key Persons of the Contractor in accordance with Section 11 of the Housing Agent Agreement. Please have each Key Person sign the Exhibit F – Agreement to Use and Release Information to Authority (“Release”), as well as the questions regarding the State Employees’ Retirement Act. The Authority will approve a Key Person only if (a) the Key Person signs the Release, (b) the Criminal Screenings review does not reveal any criminal records that the Authority, in its sole discretion, deems unacceptable, and (c) is not an active Participant on the Program or a current Waiting List Applicant for the Program. Please use one Release for each Key Person who shall be performing. In addition, the selected Contractor will be required to submit additional forms for new service personnel performing services who may be considered Key Persons. Instructions to Contractor: Please have each Key Person sign the Agreement to Use and Release Information to Authority (“Release”). The Michigan State Housing Development Authority (“Authority”) will approve a Key Person only if (a) the Key Person signs the Release, (b) the Authority Criminal Screenings review does not reveal any criminal records that the Authority, in its sole discretion, deems unacceptable, and (c) is not an active Participant on the Program or a current Waiting List Applicant for the Program. Please use one Release for each Key Person.