Security Incident Reporting A security incident occurs when CDA information assets are or reasonably believed to have been accessed, modified, destroyed, or disclosed without proper authorization, or are lost, or stolen. Subrecipient must comply with CDA’s security incident reporting procedures located at xxxxx://xxx.xxxxx.xx.xxx/ProgramsProviders/#Resources.
Security Incident “Security Incident” means the attempted or successful unauthorized access, use, disclosure, modification, or destruction of information or interference with system operations in an information system.
Security Incident Notification The Transfer Agent shall promptly notify the Trust but in no event later than 72 hours following discovery of any Security Incident(s). Such notification shall include the extent and nature of such intrusion, disclosure, or unauthorized access, the identity of the compromised Customer Confidential Information (to the extent it can be ascertained), how the Transfer Agent was affected by the Security Incident, and its response to such Security Incident. The Transfer Agent shall use continuous and diligent efforts to remedy the cause and the effects of such Security Incident in an expeditious manner and deliver to the Trust a root cause analysis and future incident Mitigation plan with regard to any such incident. The Transfer Agent shall reasonably cooperate with the Trust’s investigation and response to each Security Incident. If the Trust determines in its sole discretion that it may need or be required to notify any individual(s) as a result of a Security Incident, the Trust shall have the right to control all such notifications and the Transfer Agent shall bear all direct costs associated with the notification, to the extent the notification and corresponding actions are required by U.S. law, and subject to the limitation of liability set forth in the Agreement. Without limiting the foregoing, unless otherwise required by U.S. law, no such notifications shall be made by the Transfer Agent without the Trust’s prior written consent and the Trust shall, together with the Transfer Agent, determine the content and delivery of all such notifications. For the avoidance of doubt, the Transfer Agent shall be solely responsible for all costs and expenses, subject to the limitations of liability under the Agreement that the Trust and/or the Transfer Agent may incur to the extent that they are attributable to or arise from the Transfer Agent’s breach of its confidentiality obligations under the Agreement.
Security Incidents 11.1 Includes identification, managing and agreed reporting procedures for actual or suspected security breaches.
Security Incident Response Upon becoming aware of a Security Incident, MailChimp shall notify Customer without undue delay and shall provide timely information relating to the Security Incident as it becomes known or as is reasonably requested by Customer.
Breaches and Security Incidents During the term of the Agreement, CONTRACTOR 27 agrees to implement reasonable systems for the discovery of any Breach of unsecured DHCS PI and PII 28 or security incident. CONTRACTOR agrees to give notification of any beach of unsecured DHCS PI 29 and PII or security incident in accordance with subparagraph F, of the Business Associate Contract, 30 Exhibit B to the Agreement.
Personal Information security breach Supplier/Service Provider’s Obligations a) The Supplier/Service Provider shall notify the Information Officer of Transnet, in writing as soon as possible after it becomes aware of or suspects any loss, unauthorised access or unlawful use of any personal data and shall, at its own cost, take all necessary remedial steps to mitigate the extent of the loss or compromise of personal data and to restore the integrity of the affected Goods/Services as quickly as is possible. The Supplier/Service Provider shall also be required to provide Transnet with details of the persons affected by the compromise and the nature and extent of the compromise, including details of the identity of the unauthorised person who may have accessed or acquired the personal data. b) The Supplier/Service Provider shall provide on-going updates on its progress in resolving the compromise at reasonable intervals until such time as the compromise is resolved. c) Where required, the Supplier/Service Provider may be required to notify the South African Police Service; and/or the State Security Agency and where applicable, the relevant regulator and/or the affected persons of the security breach. Any such notification shall always include sufficient information to allow the persons to take protective measures against the potential consequences of the compromise. d) The Supplier/Service Provider undertakes to co‑operate in any investigation relating to security which is carried out by or on behalf of Transnet including providing any information or material in its possession or control and implementing new security measures.
Error Incident An Error Incident is a single or series of NAV Errors that results from the same act, omission, or use of incorrect data. NAV Errors will be corrected as follows: · If an NAV Error is less than ½ of 1% of NAV and results in a Net Benefit, the fund will retain the benefit. · If an NAV Error is less than ½ of 1% of NAV and results in a Net Loss, the Net Loss will be paid to the fund by the party responsible for causing the NAV Error. · In the case of a Material NAV Error, shareholder transactions/accounts will be corrected/ reprocessed at the corrected (restated) NAV, subject to a $10 per-account correction minimum threshold; any residual Net Benefit after correction of shareholder accounts will be retained by the fund and any residual Net Loss (resulting from uncorrected accounts below the $10 minimum threshold) will be paid to the fund by the party responsible for causing the error. If an NAV error is not caused by either the fund accounting agent or TRP, both TRP and the fund accounting agent will provide all reasonable assistance to the fund in its attempt to recover all costs from the responsible third party. · Notwithstanding any contractual provisions to the contrary, to the extent a NAV Error was caused by the actions or omissions of the fund’s accounting agent, any Net Loss or residual Net Loss equal to $5,000 or less that results from the same Error Incident will be paid by the accounting agent. TRP will be responsible for summarizing and reporting to the funds’ Audit Committee or Trust Company’s Board (or designated committee), as applicable, all NAV Errors related to the funds/trusts in conjunction with other relevant error statistics on a quarterly basis. The report will include corrected NAV Errors as well as the aggregate effect of any uncorrected NAV Errors. The report will also include information about shareholder accounts that were corrected in the discretion of TRP in the case of an NAV Error that is not a Material NAV Error. The funds’ Audit Committee and the Trust Company’s Board shall have the authority to adjust these procedures with respect to the funds and trusts, respectively, to the extent necessary or desirable to address NAV Errors by providing notice thereof to TRP and the fund’s accounting agent.
Security Breach In the event that Seller discovers or is notified of a breach, potential breach of security, or security incident at Seller's Facility or of Seller's systems, Seller shall immediately (i) notify Company of such potential, suspected or actual security breach, whether or not such breach has compromised any of Company's confidential information; (ii) investigate and promptly remediate the effects of the breach, whether or not the breach was caused by Seller; (iii) cooperate with Company with respect to any such breach or unauthorized access or use; (iv) comply with all applicable privacy and data protection laws governing Company's or any other individual's or entity's data; and (v) to the extent such breach was caused by Seller, provide Company with reasonable assurances satisfactory to Company that such breach, potential breach, or security incident shall not recur. Seller shall provide documentation to Company evidencing the length and impact of the breach. Any remediation of any such breach will be at Seller's sole expense.
Amendment of Protected Health Information 8.1 To the extent Covered Entity determines that any Protected Health Information is maintained by Business Associate or its agents or Subcontractors in a Designated Record Set, Business Associate shall, within ten (10) business days after receipt of a written request from Covered Entity, make any amendments to such Protected Health Information that are requested by Covered Entity, in order for Covered Entity to meet the requirements of 45 C.F.R. § 164.526. 8.2 If any Individual requests an amendment to Protected Health Information directly from Business Associate or its agents or Subcontractors, Business Associate shall notify Covered Entity in writing within five (5) days of the receipt of the request. Whether an amendment shall be granted or denied shall be determined by Covered Entity.