Security Incident Response Plan. The Grantee must develop and implement a Security Incident Response Plan that provides a coordinated approach to security incidents. The plan must contain a comprehensive approach to how the Grantee would respond to a security breach or suspicion of unauthorized access. A Security Incident Response Plan must be submitted within twenty (20) business days after effective date of the contract. On-going plan updates and changes shall be submitted to HHSC for approval at least thirty (30) business days before a change becomes effective. The Security Incident Response Plan: A security incident is defined as an occurrence that actually or potentially jeopardizes confidentiality, integrity, or availability of the Grantee's information system and/or HHSC confidential information. The plan must include but is not limited to the following:
Security Incident Response Plan. Provider maintains a security incident response policy and related plan and procedures which address the measures that Provider will take in the event of loss of control, theft, unauthorized disclosure, unauthorized access, or unauthorized acquisition of Personal Data. These measures may include incident analysis, containment, response, remediation, reporting, and the return to normal operations.
Security Incident Response Plan. Bluecore has a comprehensive security incident response plan that outlines responsibilities and actions to be performed in the event of a breach of security, both physical and informational. The plan, which is closely modeled after Bluecore’s non-security incident triage process, includes step-by-step procedures for denial of service situations, malicious code exposure, unauthorized access and inappropriate usage. Guidance for incident participants, based on company role, is detailed within the plan. The plan includes an incident runback, documentation requirements and guidance on forensic matters as well as communication plans.
Security Incident Response Plan. Arista maintains a security incident response policy and related plan and procedures which address the measures that Arista will take in the event of loss of control, theft, unauthorized disclosure, unauthorized access, or unauthorized acquisition of personal data. These measures may include incident analysis, containment, response, remediation, reporting and the return to normal operations.
Security Incident Response Plan. Business Associate will maintain a formal incident response plan, which shall, at minimum, address detecting, analyzing, prioritizing and handling security incidents. Business Associate will review and update as appropriate its incident response plan annually. Business Associate shall document security incidents and their outcomes.
Security Incident Response Plan. The Grantee must develop and implement a Security Incident Response Plan that provides a coordinated approach to security incidents. The plan must contain a comprehensive approach to how the Grantee would respond to a security breach or suspicion of unauthorized access. A Security Incident Response Plan must be submitted within twenty
Security Incident Response Plan. Clever has an information security incident management protocol to detect, assess, mitigate and respond to security incidents and threats. If Clever believes that there has been unauthorized acquisition or disclosure that compromises the security, integrity or confidentiality of a customer’s personal information, we will take all necessary steps to notify the affected customers of the incident as quickly as possible, and in no case greater than two business days after we learn of the breach. Once the communication has been drafted and finalized, within 72 hours of discovery of the incident in the absence of any statutes or custom agreements, we will use Clever’s standard outgoing email systems to send the email to the address associated with the Clever district account owner. To the extent known, this notice will identify (i) the nature of the Security Incident, (ii) the steps we have executed to investigate the Security Incident, (iii) the type of personal information affected, (iv) the cause of the Security Incident, if known, (v) the actions we have taken or will take to remediate any deleterious effects of the Security Incident, and (vi) any corrective actions we have taken or will take to prevent a future Security Incident. If the incident triggers any third party notice requirements under applicable laws, Clever will comply with its notification obligations under applicable law and the terms of its contractual agreement with the customer. EXHIBIT B District’s Parents’ Bill of Rights The Xxxxx Xxxxxxx Charter School’s Parent’s Bill of Right can be located on the Xxxxx Xxxxxxx Charter School’s website at xxxx://xxx.xxxxxxxxxxxxxx.xxx/wp- content/uploads/2020/10/Parents-Bill-of-Rights.pdf Exhibit C Parents’ Bill of Rights for Data Privacy and Security: Supplemental Information Third Party Contractor: Clever, Inc.(the “third-party contractor”) Educational Agency: Xxxxx Xxxxxxx Charter School (the “District”) New York Education Law §2-d requires educational agencies to make a Parents’ Bill of Rights for Data Privacy and Security available to the public, along with additional information concerning agreements with third-party contractors under which personally identifiable student information and certain teacher and principal information (referred to herein as “student data or teacher or principal data”) is disclosed. The terms used herein shall have the meanings given to them in New York Education Law §2-d and its implementing regulations. In accordance w...
Security Incident Response Plan. Xxxxx maintains a security incident response policy and related plan and procedures which address the measures that Expel will take in the event of loss of control, theft, unauthorized disclosure, unauthorized access, or unauthorized use or acquisition of personal data. These measures may include incident analysis, containment, response, remediation, reporting and the return to normal operations.
Security Incident Response Plan. Data importer maintains a security incident response policy and related plan and procedures which address the measures that data importer will take in the event of loss of control, theft, unauthorized disclosure, unauthorized access, or unauthorized acquisition of personal data. These measures may include incident analysis, containment, response, remediation, reporting and the return to normal operations.
Security Incident Response Plan. I. Grantee will develop and implement a Security Incident Response Plan that provides a coordinated approach to security incidents. The plan must contain a comprehensive approach to how Grantee will respond to a security incident or suspicion of unauthorized access. A Security Incident Response Plan must be submitted within 20 business days after the Operational Start Date . Ongoing plan updates and changes shall be submitted to HHSC for approval at least 30 business days before a change becomes effective. The Security Incident Response Plan: