Sensitive Information Incident Reporting Requirements Sample Clauses

Sensitive Information Incident Reporting Requirements. (1) All known or suspected sensitive information incidents shall be reported to the Headquarters or Component Security Operations Center (SOC) within one hour of discovery in accordance with 4300A Sensitive Systems Handbook Incident Response and Reporting requirements. When notifying the Headquarters or Component SOC, the Contractor shall also notify the Contracting Officer, COR, Headquarters or Component Privacy Officer, and US-CERT using the contact information identified in the contract. If the incident is reported by phone or the Contracting Officer’s email address is not immediately available, the Contractor shall contact the Contracting Officer immediately after reporting the incident to the Headquarters or Component SOC. The Contractor shall not include any sensitive information in the subject or body of any e-mail. To transmit sensitive information, the Contractor shall use FIPS 140-2 Security Requirements for Cryptographic Modules compliant encryption methods to protect sensitive information in attachments to email. Passwords shall not be communicated in the same email as the attachment. A sensitive information incident shall not, by itself, be interpreted as evidence that the Contractor has failed to provide adequate information security safeguards for sensitive information, or has otherwise failed to meet the requirements of the contract. (2) If a sensitive information incident involves PII or SPII, in addition to the reporting requirements in 4300A Sensitive Systems Handbook Incident Response and Reporting, Contractors shall also provide as many of the following data elements that are available at the time the incident is reported, with any remaining data elements provided within 24 hours of submission of the initial incident report: (i) Data Universal Numbering System (DUNS); (ii) Contract numbers affected unless all contracts by the company are affected; (iii) Facility CAGE code if the location of the event is different than the prime contractor location; (iv) Point of contact (POC) if different than the POC recorded in the System for Award Management (address, position, telephone, email); (v) Contracting Officer XXX (address, telephone, email); (vi) Contract clearance level; (vii) Name of subcontractor and CAGE code if this was an incident on a subcontractor network; (viii) Government programs, platforms or systems involved; (ix) Location(s) of incident; (x) Date and time the incident was discovered; (xi) Server names where sensitive informa...
AutoNDA by SimpleDocs
Sensitive Information Incident Reporting Requirements. All known or suspected sensitive information incidents shall be reported to the Headquarters or Component Security Operations Center (SOC) within one hour of discovery in accordance with 4300A Sensitive Systems Handbook Incident Response and Reporting requirements. When notifying the Headquarters or Component SOC, the OTA Entity shall also notify the Contracting Officer, COR, Headquarters or Component Privacy Officer, and US-CERT using the contact information identified in the contract. If the incident is reported by phone or the Contracting Officer’s email address is not immediately available, the OTA Entity shall contact the Contracting Officer immediately after reporting the incident to the Headquarters or Component SOC. The OTA Entity shall not include any sensitive information in the subject or body of any e-mail. To transmit sensitive information, the OTA Entity shall use FIPS 140-2 Security Requirements for Cryptographic Modules compliant encryption methods to protect sensitive information in attachments to email. Passwords shall not be communicated in the same email as the attachment. A sensitive information incident shall not, by itself, be interpreted as evidence that the OTA Entity has failed to provide adequate information security safeguards for sensitive information, or has otherwise failed to meet the requirements of the contract.

Related to Sensitive Information Incident Reporting Requirements

  • Meteorological Data Reporting Requirement (Applicable to wind generation facilities only)

  • EDD Independent Subrecipient Reporting Requirements Effective January 1, 2001, the County of Orange is required to file in accordance with subdivision (a) of Section 6041A of the Internal Revenue Code for services received from a “service provider” to whom the County pays $600 or more or with whom the County enters into a contract for $600 or more within a single calendar year. The purpose of this reporting requirement is to increase child support collection by helping to locate parents who are delinquent in their child support obligations. The term “service provider” is defined in California Unemployment Insurance Code Section 1088.8, Subparagraph B.2 as “an individual who is not an employee of the service recipient for California purposes and who received compensation or executes a contract for services performed for that service recipient within or without the State.” The term is further defined by the California Employment Development Department to refer specifically to independent Subrecipients. An independent Subrecipient is defined as “an individual who is not an employee of the ... government entity for California purposes and who receives compensation or executes a contract for services performed for that ... government entity either in or outside of California.” The reporting requirement does not apply to corporations, general partnerships, limited liability partnerships, and limited liability companies. Additional information on this reporting requirement can be found at the California Employment Development Department web site located at xxxx://xxx.xxx.xx.xxx/Employer_Services.htm

  • Adverse Event Reporting Both Parties acknowledge the obligation to comply with the Protocol and / or applicable regulations governing the collection and reporting of adverse events of which they may become aware during the course of the Clinical Trial. Both Parties agree to fulfil and ensure that their Agents fulfil regulatory requirements with respect to the reporting of adverse events.

  • User Information Any user or usage data or information collected via Station’s digital properties or related to Station’s digital properties, or any information collected from websites operated by Station’s affiliates under this Agreement, shall be the property of Station and/or such affiliates. Advertiser shall have no rights in such information by virtue of this Agreement.

  • Child Abuse Reporting Requirement Grantee will: a. comply with child abuse and neglect reporting requirements in Texas Family Code Chapter 261. This section is in addition to and does not supersede any other legal obligation of the Grantee to report child abuse. b. develop, implement and enforce a written policy that includes at a minimum the System Agency’s Child Abuse Screening, Documenting, and Reporting Policy for Grantees/Providers and train all staff on reporting requirements. c. use the System Agency Child Abuse Reporting Form located at xxxxx://xxx.xxxx.xxxxx.xx.xx/Contact Us/report abuse.asp as required by the System Agency. d. retain reporting documentation on site and make it available for inspection by the System Agency.

  • Account Reporting Information Italian residents who, at any time during the fiscal year, hold foreign financial assets (including cash and shares of Common Stock) which may generate income taxable in Italy are required to report these assets on their annual tax returns (UNICO Form, RW Schedule) for the year during which the assets are held, or on a special form if no tax return is due. These reporting obligations will also apply to Italian residents who are the beneficial owners of foreign financial assets under Italian money laundering provisions.

  • Child Abuse Reporting Requirements A. Grantees shall comply with child abuse and neglect reporting requirements in Texas Family Code Chapter 261. This section is in addition to and does not supersede any other legal obligation of the Grantee to report child abuse. B. Grantee shall use the Texas Abuse Hotline Website located at xxxxx://xxx.xxxxxxxxxxxxxx.xxx/Login/Default.aspx as required by the System Agency. Grantee shall retain reporting documentation on site and make it available for inspection by the System Agency.

  • - CLEC INFORMATION 3.1 Except as otherwise required by law, CenturyLink will not provide or establish Interconnection, Unbundled Network Elements, ancillary services and/or resale of Telecommunications Services in accordance with the terms and conditions of this Agreement prior to CLEC's execution of this Agreement. The Parties shall complete CenturyLink's "New Customer Questionnaire," as it applies to CLEC's obtaining of Interconnection, Unbundled Network Elements, ancillary services, and/or resale of Telecommunications Services hereunder. 3.2 Prior to placing any orders for services under this Agreement, the Parties will jointly complete the following sections of CenturyLink's "New Customer Questionnaire:" General Information Billing and Collection (Section 1) Credit Information Billing Information Summary Billing OSS and Network Outage Notification Contact Information System Administration Contact Information Ordering Information for LIS Trunks, Collocation, and Associated Products (if CLEC plans to order these services) Design Layout Request – LIS Trunking and Unbundled Loop (if CLEC plans to order these services) 3.2.1 The remainder of this questionnaire must be completed within two (2) weeks of completing the initial portion of the questionnaire. This questionnaire will be used to: Determine geographical requirements; Identify CLEC identification codes; Determine CenturyLink system requirements to support CLEC's specific activity; Collect credit information; Obtain Billing information; Create summary bills; Establish input and output requirements; Create and distribute CenturyLink and CLEC contact lists; and Identify CLEC hours and holidays. 3.2.2 CLECs that have previously completed a Questionnaire need not fill out a New Customer Questionnaire; however, CLEC will update its New Customer Questionnaire with any changes in the required information that have occurred and communicate those changes to CenturyLink. Before placing an order for a new product, CLEC will need to complete the relevant New Product Questionnaire and amend this Agreement.

  • KYC Information (i) Upon the reasonable request of the Lender made at least 1 day prior to the Closing Date, the Borrower shall have provided to the Lender the documentation and other information so requested in connection with applicable “know your customer” and anti-money-laundering rules and regulations, including the PATRIOT Act, in each case at least five days prior to the Closing Date. (ii) [reserved].

  • Information Reporting We may report your performance under this Agreement to credit reporting agencies, including your failure to make minimum payments on time. A negative credit report may significantly harm your ability to obtain credit from other sources. We may also obtain follow-up credit reports on you (for example, when we review your Account for a credit line increase). We may exchange information about you or your Account with our affiliates, and, to the extent permitted by law, with other third parties. However, if you prefer that we not share such information with our affiliate companies, just call us at (000) 000-0000 or outside the Albuquerque area, 0-000-000-0000. You may also write to us at Nusenda Federal Credit Union, P.O. Box 8530, Albuquerque, New Mexico 87198. Closing Your Account. You may close your Account at any time by notifying us in writing. However, you remain responsible to pay the balance according to the terms of this Agreement. We may close your Account or suspend your Account privileges at any time without prior notice. We may also reissue a different Card, Account number, or different checks at any time. You must return the Card or the checks to us upon request. Lost or Stolen Cards. If any Card, Account Number or PIN is lost or stolen, or if you think someone used or may use them without your permission, notify us at once by calling the telephone number shown on the billing statement or by calling 0-000-000-0000. We may require you to provide certain information in writing to help us find out what happened. Do not use the Card after we've been notified, even if it is found or returned. You will not be liable for any unauthorized purchases or cash advances made after we've been notified of the loss or the theft; however, you must identify for us the charges on the billing statement that were not made by you or someone authorized by you, and from which you received no benefit. Credit Authorizations. We are not responsible if we do not approve a purchase or cash advance on your Account, or if a third party refuses to accept or honor the Card, even if you have sufficient credit available. We may limit the number of purchases or cash advances which may be approved in one day. If we detect unusual or suspicious activity on your Account, we may temporarily suspend your credit privileges until we can verify the activity. We may approve purchases or cash advances that cause the balance to exceed your credit line without waiving any of our rights under the Agreement. Waiver. Our failure to exercise, or our delay in exercising any of our rights under this Agreement for any reason does not mean that we will be unable to exercise these rights later.

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!