Common use of Security Incident or Data Breach Notification Clause in Contracts

Security Incident or Data Breach Notification. Supplier shall inform Customer of any Security Incident or Data Breach a. Supplier may need to communicate with outside parties regarding a Security Incident, which may include contacting law enforcement, fielding media inquiries and seeking external expertise as mutually agreed upon, defined by law or contained in the Contract. If a Security Incident involves Customer Data, Supplier will coordinate with Customer prior to making any such communication. b. Supplier shall report a Security Incident to the Customer identified contact set forth herein within five (5) days of discovery of the Security Incident or within a shorter notice period required by applicable law or regulation (i.e. HIPAA requires notice to be provided within 24 hours). c. Supplier shall: (i) maintain processes and procedures to identify, respond to and analyze Security Incidents; (ii) make summary information regarding such procedures available to Customer at Customer’s request, (iii) mitigate, to the extent practicable, harmful effects of Security Incidents that are known to Supplier; and

Appears in 5 contracts

Samples: Hosting Agreement, Hosting Agreement, Hosting Agreement

AutoNDA by SimpleDocs

Security Incident or Data Breach Notification. Supplier shall inform Customer of any Security Incident or Data Breach. a. 1. Supplier may need to communicate with outside parties regarding a Security Incident, which may include contacting law enforcement, fielding media inquiries and seeking external expertise as mutually agreed upon, defined by law or contained in the Contract. If a Security Incident involves Customer Data, Supplier will coordinate with Customer prior to making any such communication. b. 2. Supplier shall report a Security Incident to the Customer identified contact set forth herein within five (5) days of discovery of the Security Incident or within a shorter notice period required by applicable law or regulation (i.e. HIPAA requires notice to be provided within 24 hours). c. 3. Supplier shall: (i) maintain : a. Maintain processes and procedures to identify, respond to and analyze Security Incidents; (ii) make ; b. Make summary information regarding such procedures available to Customer at Customer’s request, (iii) mitigate; c. Mitigate, to the extent practicable, harmful effects of Security Incidents that are known to Supplier; andand Document all Security Incidents and their outcomes. 4. If Supplier has reasonable belief or actual knowledge of a Data Breach, Supplier shall (1) promptly notify the appropriate Customer identified contact set forth

Appears in 1 contract

Samples: Participating Addendum

AutoNDA by SimpleDocs
Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!