Sensitive Information Incident Response Requirements Sample Clauses

Sensitive Information Incident Response Requirements. (1) All determinations related to sensitive information incidents, including response activities, notifications to affected individuals and/or Federal agencies, and related services (e.g., credit monitoring) will be made in writing by the Contracting Officer in consultation with the Headquarters or Component CIO and Headquarters or Component Privacy Officer. (2) The Contractor shall provide full access and cooperation for all activities determined by the Government to be required to ensure an effective incident response, including providing all requested images, log files, and event information to facilitate rapid resolution of sensitive information incidents. (3) Incident response activities determined to be required by the Government may include, but are not limited to, the following: (i) Inspections, (ii) Investigations, (iii) Forensic reviews, and (iv) Data analyses and processing. (4) The Government, at its sole discretion, may obtain the assistance from other Federal agencies and/or third-party firms to aid in incident response activities.
Sample 1Sample 2Sample 3See All (9)
AutoNDA by SimpleDocs
Sensitive Information Incident Response Requirements. 1) All determinations related to sensitive information incidents, including response activities, notifications to affected individuals and/or Federal agencies, and related services (e.g., credit monitoring) will be made in writing by the Contracting Officer in consultation with the Headquarters or Component CIO and Headquarters or Component Privacy Officer. 2) The Contractor shall provide full access and cooperation for all activities determined by the Government to be required to ensure an effective incident response, including providing all requested images, log files, and event information to facilitate rapid resolution of sensitive information incidents. 3) Incident response activities determined to be required by the Government may include, but are not limited to, the following: 4) The Government, at its sole discretion, may obtain the assistance from other Federal agencies and/or third-party firms to aid in incident response activities. (i) Inspections, (ii) Investigations, (iii) Forensic reviews, and (iv) Data analyses and processing.
Sample 1Sample 2
Sensitive Information Incident Response Requirements. All determinations related to sensitive information incidents, including response activities, notifications to affected individuals and/or Federal agencies, and related services (e.g., credit monitoring) will be made in writing by the Contracting Officer in consultation with the Headquarters or Component CIO and Headquarters or Component Privacy Officer.
Sample 1

Related to Sensitive Information Incident Response Requirements

  • Sensitive Information Information that requires special precautions to protect from unauthorized use, access, disclosure, modification, loss, or deletion. Sensitive Information may be either Public Information or Confidential Information. It is information that requires a higher than normal assurance of accuracy and completeness. Thus, the key factor for Sensitive Information is that of integrity. Typically, Sensitive Information includes records of agency financial transactions and regulatory actions.

  • Handling Sensitive Personal Information and Breach Notification A. As part of its contract with HHSC Contractor may receive or create sensitive personal information, as section 521.002 of the Business and Commerce Code defines that phrase. Contractor must use appropriate safeguards to protect this sensitive personal information. These safeguards must include maintaining the sensitive personal information in a form that is unusable, unreadable, or indecipherable to unauthorized persons. Contractor may consult the “Guidance to Render Unsecured Protected Health Information Unusable, Unreadable, or Indecipherable to Unauthorized Individuals” issued by the U.S. Department of Health and Human Services to determine ways to meet this standard. B. Contractor must notify HHSC of any confirmed or suspected unauthorized acquisition, access, use or disclosure of sensitive personal information related to this Contract, including any breach of system security, as section 521.053 of the Business and Commerce Code defines that phrase. Contractor must submit a written report to HHSC as soon as possible but no later than 10 business days after discovering the unauthorized acquisition, access, use or disclosure. The written report must identify everyone whose sensitive personal information has been or is reasonably believed to have been compromised. C. Contractor must either disclose the unauthorized acquisition, access, use or disclosure to everyone whose sensitive personal information has been or is reasonably believed to have been compromised or pay the expenses associated with HHSC doing the disclosure if: 1. Contractor experiences a breach of system security involving information owned by HHSC for which disclosure or notification is required under section 521.053 of the Business and Commerce Code; or 2. Contractor experiences a breach of unsecured protected health information, as 45 C.F.R. §164.402 defines that phrase, and HHSC becomes responsible for doing the notification required by 45 C.F.R. §164.404. HHSC may, at its discretion, waive Contractor's payment of expenses associated with HHSC doing the disclosure.

  • Return or Destruction of Confidential Information If an Interconnection Party provides any Confidential Information to another Interconnection Party in the course of an audit or inspection, the providing Interconnection Party may request the other party to return or destroy such Confidential Information after the termination of the audit period and the resolution of all matters relating to that audit. Each Interconnection Party shall make Reasonable Efforts to comply with any such requests for return or destruction within ten days of receiving the request and shall certify in writing to the other Interconnection Party that it has complied with such request.

  • Administrative information Time limit for receipt of tenders or requests to participate

  • Substance Abuse Treatment Information Substance abuse treatment information shall be maintained in compliance with 42 C.F.R. Part 2 if the Party or subcontractor(s) are Part 2 covered programs, or if substance abuse treatment information is received from a Part 2 covered program by the Party or subcontractor(s).

  • Notice Information Notice identifier/version: 40a68d79­9ad0­4d9b­8159­24a5b33376ad ­ 02 Form type: Competition Notice type: Contract or concession notice – standard regime Notice dispatch date: 2024­02­09Z 09:56:06Z Languages in which this notice is officially available: English

  • User Information Any user or usage data or information collected via Station’s digital properties or related to Station’s digital properties, or any information collected from websites operated by Station’s affiliates under this Agreement, shall be the property of Station and/or such affiliates. Advertiser shall have no rights in such information by virtue of this Agreement.

  • Service Information Service Visit Date

  • Retention or destruction of Confidential Information If Network Rail or the Train Operator, as the case may be, has not received a request to return any Confidential Information to the other party under and within the time limits specified in Clause 14.3, it may destroy or retain such Confidential Information.

  • Patient Information Each Party agrees to abide by all laws, rules, regulations, and orders of all applicable supranational, national, federal, state, provincial, and local governmental entities concerning the confidentiality or protection of patient identifiable information and/or patients’ protected health information, as defined by any other applicable legislation in the course of their performance under this Agreement.

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!