Data Breach In the event of an unauthorized release, disclosure or acquisition of Student Data that compromises the security, confidentiality or integrity of the Student Data maintained by the Provider the Provider shall provide notification to LEA within seventy-two (72) hours of confirmation of the incident, unless notification within this time limit would disrupt investigation of the incident by law enforcement. In such an event, notification shall be made within a reasonable time after the incident. Provider shall follow the following process:
(1) The security breach notification described above shall include, at a minimum, the following information to the extent known by the Provider and as it becomes available:
i. The name and contact information of the reporting LEA subject to this section.
ii. A list of the types of personal information that were or are reasonably believed to have been the subject of a breach.
iii. If the information is possible to determine at the time the notice is provided, then either
(1) the date of the breach, (2) the estimated date of the breach, or (3) the date range within which the breach occurred. The notification shall also include the date of the notice.
iv. Whether the notification was delayed as a result of a law enforcement investigation, if that information is possible to determine at the time the notice is provided; and
v. A general description of the breach incident, if that information is possible to determine at the time the notice is provided.
(2) Provider agrees to adhere to all federal and state requirements with respect to a data breach related to the Student Data, including, when appropriate or required, the required responsibilities and procedures for notification and mitigation of any such data breach.
(3) Provider further acknowledges and agrees to have a written incident response plan that reflects best practices and is consistent with industry standards and federal and state law for responding to a data breach, breach of security, privacy incident or unauthorized acquisition or use of Student Data or any portion thereof, including personally identifiable information and agrees to provide XXX, upon request, with a summary of said written incident response plan.
(4) LEA shall provide notice and facts surrounding the breach to the affected students, parents or guardians.
(5) In the event of a breach originating from XXX’s use of the Service, Provider shall cooperate with XXX to the extent necessary to expeditiously secure Student Data.
Data Breaches Contractor shall notify the School District in writing as soon as commercially practicable, however no later than forty-eight (48) hours, after Contractor has either actual or constructive knowledge of a breach which affects the School District’s Data (an “Incident”) unless it is determined by law enforcement that such notification would impede or delay their investigation. Contractor shall have actual or constructive knowledge of an Incident if Contractor actually knows there has been an Incident or if Contractor has reasonable basis in facts or circumstances, whether acts or omissions, for its belief that an Incident has occurred. The notification required by this section shall be made as soon as commercially practicable after the law enforcement agency determines that notification will not impede or compromise the investigation. Contractor shall cooperate with law enforcement in accordance with applicable law provided however, that such cooperation shall not result in or cause an undue delay to remediation of the Incident. Contractor shall promptly take appropriate action to mitigate such risk or potential problem at Contractor’s or OPERATOR’s expense. In the event of an Incident, Contractor shall, at its sole cost and expense, restore the Confidential Information, to as close its original state as practical, including, without limitation any and all Data, and institute appropriate measures to prevent any recurrence of the problem as soon as is commercially practicable. Contractor will conduct periodic risk assessments and remediate any identified security vulnerabilities in a timely manner. Contractor will also have a written incident response plan, to include prompt notification of the District in the event of a security or privacy incident, as well as best practices for responding to a breach of PII.
Confidential Information Breach This shall mean, generally, an instance where an unauthorized person or entity accesses Confidential Information in any manner, including but not limited to the following occurrences: (1) any Confidential Information that is not encrypted or protected is misplaced, lost, stolen or in any way compromised; (2)one or more third parties have had access to or taken control or possession of any Confidential Information that is not encrypted or protected without prior written authorization from the State; (3) the unauthorized acquisition of encrypted or protected Confidential Information together with the confidential process or key that is capable of compromising the integrity of the Confidential Information; or (4) if there is a substantial risk of identity theft or fraud to the Client Agency, the Contractor, DAS or State.
Independence from Material Breach Determination Except as set forth in Section X.D.1.c, these provisions for payment of Stipulated Penalties shall not affect or otherwise set a standard for OIG’s decision that Xxxxx has materially breached this IA, which decision shall be made at OIG’s discretion and shall be governed by the provisions in Section X.D, below.
Material Breach A material breach for purposes of this Agreement shall include, but not be limited to:
(a) Failure to timely furnish the documents described in Section 6 or the information requested by GO-Biz or the FTB relating to Taxpayer’s compliance with this Agreement.
(b) Material misstatements in any information provided to GO-Biz as part of the application process and/or after this Agreement is signed.
(c) Failure to materially satisfy applicable Milestones as set forth in Exhibit A, materiality of which shall be determined by GO-Biz, by the end of the last taxable year identified in Exhibit A.
(d) Failure to maintain one or more Milestones for a minimum of three (3) subsequent taxable years after achieving the Milestone(s).
Seller’s Breach Upon discovery by a Responsible Officer of the Master Servicer, the Securities Administrator or the Trustee or notice to the Master Servicer, the Securities Administrator or the Trustee of any defective or missing document (as described in the related Sale Agreement) in a Trustee Mortgage Loan File, or of any breach by any Seller of any representation, warranty or covenant under the related Sale Agreement, which defect or breach materially and adversely affects the value of any Mortgage Loan or the interest of the Trust therein (it being understood that any such defect or breach shall be deemed to have materially and adversely affected the value of the related Mortgage Loan or the interest of the Trust therein if the Trust incurs a loss as a result of such defect or breach),the parties discovering or receiving notice of such defect or breach shall notify the Securities Administrator. Upon discovering or receipt of notice of such breach, the Securities Administrator shall promptly request that such Seller cure such breach and, if such Seller does not cure such defect or breach in all material respects by the end of the cure period specified in such Sale Agreement and any extension of the cure period granted as permitted by such Sale Agreement, shall enforce such Seller’s obligation under such Sale Agreement to purchase such Mortgage Loan from the Trustee. In the event any Servicer has breached a representation or warranty under the related Servicing Agreement that is substantially identical to a representation or warranty breached by a Seller, the Securities Administrator shall first proceed against such Servicer. If such Servicer does not within 60 days (or such other period provided in the related Servicing Agreement) after notification of the breach, either take steps to cure such breach (which may be evidenced by a certificate asking for an extension of time in which to effectuate a cure) or complete the purchase of the Mortgage Loan, then (i) the Securities Administrator, shall enforce the obligations of the Seller under the related Sale Agreement to cure such breach or to purchase the Mortgage Loan from the Trust, and (ii) such Seller shall succeed to the rights of the Securities Administrator to enforce the obligations of the Servicer to cure such breach or repurchase such Mortgage Loan under the Servicing Agreement with respect to such Mortgage Loan. Notwithstanding the foregoing, however, if any breach of a representation or warranty by the Servicer or of a Seller is a Qualification Defect, a cure or purchase must take place within 75 days of the Defect Discovery Date.
Tea Breaks (a) Every employee will be entitled to a paid 10 minute tea break in each four hours worked at a time to be agreed between the employee and employer.
(b) Subject to agreement between the employer and employee, such breaks may alternatively be taken as one 20 minute tea break.
(c) Xxx breaks will count as time worked.
Personal Data Breach 7.1 Processor shall notify Company without undue delay upon Processor becoming aware of a Personal Data Breach affecting Company Personal Data, providing Company with sufficient information to allow the Company to meet any obligations to report or inform Data Subjects of the Personal Data Breach under the Data Protection Laws.
7.2 Processor shall co-operate with the Company and take reasonable commercial steps as are directed by Company to assist in the investigation, mitigation and remediation of each such Personal Data Breach.
Security Breach In the event that Seller discovers or is notified of a breach, potential breach of security, or security incident at Seller's Facility or of Seller's systems, Seller shall immediately (i) notify Company of such potential, suspected or actual security breach, whether or not such breach has compromised any of Company's confidential information; (ii) investigate and promptly remediate the effects of the breach, whether or not the breach was caused by Seller; (iii) cooperate with Company with respect to any such breach or unauthorized access or use; (iv) comply with all applicable privacy and data protection laws governing Company's or any other individual's or entity's data; and (v) to the extent such breach was caused by Seller, provide Company with reasonable assurances satisfactory to Company that such breach, potential breach, or security incident shall not recur. Seller shall provide documentation to Company evidencing the length and impact of the breach. Any remediation of any such breach will be at Seller's sole expense.
Personal Data Breaches 5.7.1 The Data Processor shall give immediate notice to the Data Controller if a breach occurs, that can lead to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of or access to, personal data transmitted, stored or otherwise processed re the Personal Data processed on behalf of the Data Controller (a “Personal Data Breach”).
5.7.2 The Data Processor shall make reasonable efforts to identify the cause of such a breach and take those steps as they deem necessary to establish the cause, and to prevent such a breach from reoccurring.
