Common use of Specific Requirements for Cyber/Data Information Security Insurance Clause in Contracts

Specific Requirements for Cyber/Data Information Security Insurance. The Contractor shall purchase and maintain cyber/information security insurance coverage with combined single limits for each wrongful act of $2,000,000 per occurrence to cover the unauthorized acquisition of personal information such as social security numbers, credit card numbers, financial account information, or other information that uniquely identifies an individual and may be of a sensitive nature in accordance with §2-6-1501, MCA through §2-6-1503, MCA. If the Contractor maintains higher limits than the minimums shown above, the State requires and shall be entitled to coverage for the higher limits maintained by the Contractor. Any available insurance proceeds in excess of the specified minimum limits of insurance and coverage shall be available to the State. Such insurance must cover, at a minimum, privacy notification costs, credit monitoring, forensics investigations, legal fees/costs, regulatory fines and penalties, and third-party liability settlements or judgements as may be caused by any act, omission, or negligence of the Contractor’s officers, agents, representatives, assigns or subcontractors. Note: If occurrence coverage is unavailable or cost-prohibitive, the State will accept ‘claims made’ coverage provided the following conditions are met: 1) the retroactive date must be shown, and must be before the date of the contract or the beginning of contract work; 2) insurance must be maintained and evidence of insurance must be provided for at least three (3) years after completion of the contract of work; and 3) if coverage is canceled or non-renewed, and not replaced with another claims-made policy form with a retroactive date prior to the contract effective date, the Contractor must purchase “extended reporting” coverage for a minimum of three (3) years after completion of work.

Specific Requirements for Cyber/Data Information Security Insurance. The Contractor shall purchase and maintain cyber/information security insurance coverage with combined single limits for each wrongful act of $2,000,000 per occurrence to cover the unauthorized acquisition of personal information such as social security numbers, credit card numbers, financial account information, or other information that uniquely identifies an individual and may be of a sensitive nature in accordance with §§ 2-6-1501, MCA through §§ 2-6-1503, MCA. If the Contractor maintains higher limits than the minimums shown above, the State requires and shall be entitled to coverage for the higher limits maintained by the Contractor. Any available insurance proceeds in excess of the specified minimum limits of insurance and coverage shall be available to the State. Such insurance must cover, at a minimum, privacy notification costs, credit monitoring, forensics investigations, legal fees/costs, regulatory fines and penalties, and third-party liability settlements or judgements as may be caused by any act, omission, or negligence of the Contractor’s officers, agents, representatives, assigns or subcontractors. Note: If occurrence coverage is unavailable or cost-prohibitive, the State will accept ‘claims made’ coverage provided the following conditions are met: 1) the retroactive date must be shown, and must be before the date of the contract or the beginning of contract work; 2) insurance must be maintained and evidence of insurance must be provided for at least three (3) years after completion of the contract of work; and 3) if coverage is canceled or non-renewed, and not replaced with another claims-made policy form with a retroactive date prior to the contract effective date, the Contractor must purchase “extended reporting” coverage for a minimum of three (3) years after completion of work.and

Specific Requirements for Cyber/Data Information Security Insurance. The Contractor shall purchase and maintain cyber/information security insurance coverage with combined single limits for each wrongful act of $2,000,000 per occurrence to cover the unauthorized acquisition of personal information acquisition such as social security numbers, credit card numbers, financial account information, or other information that uniquely identifies an individual and may be of a sensitive nature in accordance with §2-6-1501, MCA through §2-6-1503, MCA. If the Contractor maintains higher limits than the minimums shown above, the State requires and shall be entitled to coverage for the higher limits maintained by the Contractor. Any available insurance proceeds in excess of the specified minimum limits of insurance and coverage shall be available to the State. Such insurance must cover, at a minimum, privacy notification costs, credit monitoring, forensics investigations, legal fees/costs, regulatory fines and penalties, and third-third party liability settlements or judgements judgments as may be caused by any act, omission, or negligence of the Contractor’s officers, agents, representatives, assigns or subcontractors. Note: If occurrence coverage is unavailable or cost-prohibitive, the State will accept ‘claims made’ coverage provided the following conditions are met: 1) the retroactive date must be shown, and must be before the date of the contract or the beginning of contract work; 2) insurance must be maintained and evidence of insurance must be provided for at least three (3) years after completion of the contract of work; and 3) if coverage is canceled or non-renewed, and not replaced with another claims-made policy form with a retroactive date prior to the contract effective date, the Contractor must purchase “extended reporting” coverage for a minimum of three (3) years after completion of work.

Specific Requirements for Cyber/Data Information Security Insurance. The Contractor shall purchase and maintain cyber/information security insurance coverage with combined single limits for each wrongful act of $2,000,000 per occurrence to cover the unauthorized acquisition of personal information such as social security numbers, credit card numbers, financial account information, or other information that uniquely identifies an individual and may be of a sensitive nature in accordance with §§ 2-6-1501, MCA through §§ 2-6-1503, MCA. If the Contractor maintains higher limits than the minimums shown above, the State requires and shall be entitled to coverage for the higher limits maintained by the Contractor. Any available insurance proceeds in excess of the specified minimum limits of insurance and coverage shall be available to the State. Such insurance must cover, at a minimum, privacy notification costs, credit monitoring, forensics investigations, legal fees/costs, regulatory fines and penalties, and third-third party liability settlements or judgements as may be caused by any act, omission, or negligence of the Contractor’s officers, agents, representatives, assigns or subcontractors. Note: If occurrence coverage is unavailable or cost-prohibitive, the State will accept ‘claims made’ coverage provided the following conditions are met: 1) the retroactive date must be shown, and must be before the date of the contract or the beginning of contract work; 2) insurance must be maintained and evidence of insurance must be provided for at least three (3) years after completion of the contract of work; and 3) if coverage is canceled or non-renewed, and not replaced with another claims-made policy form with a retroactive date prior to the contract effective date, the Contractor must purchase “extended reporting” coverage for a minimum of three (3) years after completion of work.and

Specific Requirements for Cyber/Data Information Security Insurance. The Contractor shall will purchase and maintain cyber/information security insurance coverage with combined single limits for each wrongful act of $2,000,000 per occurrence to cover the unauthorized acquisition of personal information such as social security numbers, credit card numbers, financial account information, or other information that uniquely identifies an individual and may be of a sensitive nature in accordance with §§ 2-6-1501, MCA through §§ 2-6-1503, MCA. If the Contractor maintains higher limits than the minimums shown above, the State requires and shall will be entitled to coverage for the higher limits maintained by the Contractor. Any available insurance proceeds in excess of the specified minimum limits of insurance and coverage shall will be available to the State. Such insurance must cover, at a minimum, privacy notification costs, credit monitoring, forensics investigations, legal fees/costs, regulatory fines and penalties, and third-third party liability settlements or judgements as may be caused by any act, omission, or negligence of the Contractor’s officers, agents, representatives, assigns or subcontractors. Note: If occurrence coverage is unavailable or cost-prohibitive, the State will accept ‘claims made’ coverage provided the following conditions are met: 1) the retroactive date must be shown, and must be before the date of the contract or the beginning of contract work; 2) insurance must be maintained and evidence of insurance must be provided for at least three (3) years after completion of the contract of work; and 3) if coverage is canceled or non-renewed, and not replaced with another claims-made policy form with a retroactive date prior to the contract effective date, the Contractor must purchase “extended reporting” coverage for a minimum of three (3) years after completion of work.and

Specific Requirements for Cyber/Data Information Security Insurance. The Contractor shall purchase and maintain cyber/information security insurance coverage with combined single limits for each wrongful act of $2,000,000 per occurrence to cover the unauthorized acquisition of personal information acquisition such as social security numbers, credit card numbers, financial account information, or other information that uniquely identifies an individual and may be of a sensitive nature in accordance with §2-6-1501, MCA through §2-6-1503, MCA. If the Contractor maintains higher limits than the minimums shown above, the State requires and shall be entitled to coverage for the higher limits maintained by the Contractor. Any available insurance proceeds in excess of the specified minimum limits of insurance and coverage shall be available to the State. Such insurance must cover, at a minimum, privacy notification costs, credit monitoring, forensics investigations, legal fees/costs, regulatory fines and penalties, and third-third party liability settlements or judgements as may be caused by any act, omission, or negligence of the Contractor’s officers, agents, representatives, assigns or subcontractors. Note: If occurrence coverage is unavailable or cost-prohibitive, the State will accept ‘claims made’ coverage provided the following conditions are met: 1) the retroactive date must be shown, and must be before the date of the contract or the beginning of contract work; 2) insurance must be maintained and evidence of insurance must be provided for at least three (3) years after completion of the contract of work; and 3) if coverage is canceled or non-renewed, and not replaced with another claims-made policy form with a retroactive date prior to the contract effective date, the Contractor must purchase “extended reporting” coverage for a minimum of three (3) years after completion of work.

Specific Requirements for Cyber/Data Information Security Insurance. The Contractor shall purchase and maintain cyber/information security insurance coverage with combined single limits for each wrongful act of $2,000,000 5,000,000 per occurrence to cover the unauthorized acquisition of personal information such as social security numbers, credit card numbers, financial account information, or other information that uniquely identifies an individual and may be of a sensitive nature in accordance with §§ 2-6-1501, MCA through §§ 2-6-1503, MCA. If the Contractor maintains higher limits than the minimums shown above, the State requires and shall be entitled to coverage for the higher limits maintained by the Contractor. Any available insurance proceeds in excess of the specified minimum limits of insurance and coverage shall be available to the State. Such insurance must cover, at a minimum, privacy notification costs, credit monitoring, forensics investigations, legal fees/costs, regulatory fines and penalties, and third-third party liability settlements or judgements as may be caused by any act, omission, or negligence of the Contractor’s officers, agents, representatives, assigns or subcontractors. Note: If occurrence coverage is unavailable or cost-prohibitive, the State will accept ‘claims made’ coverage provided the following conditions are met: 1) the retroactive date must be shown, and must be before the date of the contract or the beginning of contract work; 2) insurance must be maintained and evidence of insurance must be provided for at least three (3) years after completion of the contract of work; and 3) if coverage is canceled or non-renewed, and not replaced with another claims-made policy form with a retroactive date prior to the contract effective date, the Contractor must purchase “extended reporting” coverage for a minimum of three (3) years after completion of work.and

Specific Requirements for Cyber/Data Information Security Insurance. The Contractor shall purchase and maintain cyber/information security insurance coverage with combined single limits for each wrongful act of $2,000,000 per occurrence to cover the unauthorized acquisition of personal information such as social security numbers, credit card numbers, financial account information, or other information that uniquely identifies an individual and may be of a sensitive nature in accordance with §2-6-1501, MCA through §2-6-1503, MCA. If the Contractor maintains higher limits than the minimums shown above, the State Department requires and shall be entitled to coverage for the higher limits maintained by the Contractor. Any available insurance proceeds in excess of the specified minimum limits of insurance and coverage shall be available to the StateDepartment. Such insurance must cover, at a minimum, privacy notification costs, credit monitoring, forensics investigations, legal fees/costs, regulatory fines and penalties, and third-third party liability settlements or judgements as may be caused by any act, omission, or negligence of the Contractor’s officers, agents, representatives, assigns or subcontractors. Note: If occurrence coverage is unavailable or cost-prohibitive, the State Department will accept ‘claims made’ coverage provided the following conditions are met: 1) the retroactive date must be shown, and must be before the date of the contract or the beginning of contract work; 2) insurance must be maintained and evidence of insurance must be provided for at least three (3) years after completion of the contract of work; and 3) if coverage is canceled or non-renewed, and not replaced with another claims-made policy form with a retroactive date prior to the contract effective date, the Contractor must purchase “extended reporting” coverage for a minimum of three (3) years after completion of work.

Specific Requirements for Cyber/Data Information Security Insurance. The Contractor shall purchase and maintain cyber/information security insurance coverage with combined single limits for each wrongful act of $2,000,000 per occurrence to cover the unauthorized acquisition of personal information such as social security numbers, credit card numbers, financial account information, or other information that uniquely identifies an individual and may be of a sensitive nature in accordance with §§ 2-6-1501, MCA through §§ 2-6-6- 1503, MCA. If the Contractor maintains higher limits than the minimums shown above, the State requires and shall be entitled to coverage for the higher limits maintained by the Contractor. Any available insurance proceeds in excess of the specified minimum limits of insurance and coverage shall be available to the State. Such insurance must cover, at a minimum, privacy notification costs, credit monitoring, forensics investigations, legal fees/costs, regulatory fines and penalties, and third-party liability settlements or judgements as may be caused by any act, omission, or negligence of the Contractor’s officers, agents, representatives, assigns or subcontractors. Note: If occurrence coverage is unavailable or cost-prohibitive, the State will accept ‘claims made’ coverage provided the following conditions are met: 1) the retroactive date must be shown, and must be before the date of the contract or the beginning of contract work; 2) insurance must be maintained and evidence of insurance must be provided for at least three (3) years after completion of the contract of work; and 3) if coverage is canceled or non-renewed, and not replaced with another claims-made policy form with a retroactive date prior to the contract effective date, the Contractor must purchase “extended reporting” coverage for a minimum of three (3) years after completion of work.

Specific Requirements for Cyber/Data Information Security Insurance. The Contractor shall purchase and maintain cyber/information security insurance coverage with combined single limits for each wrongful act of $2,000,000 per occurrence to cover the unauthorized acquisition of personal information such as social security numbers, credit card numbers, financial account information, or other information that uniquely identifies an individual and may be of a sensitive nature in accordance with §§ 2-6-1501, MCA through §2-6-1503, MCA. If the Contractor maintains higher limits than the minimums shown above, the State requires and shall be entitled to coverage for the higher limits maintained by the Contractor. Any available insurance proceeds in excess of the specified minimum limits of insurance and coverage shall be available to the State. Such insurance must cover, at a minimum, privacy notification costs, credit monitoring, forensics investigations, legal fees/costs, regulatory fines and penalties, and third-third party liability settlements or judgements as may be caused by any act, omission, or negligence of the Contractor’s officers, agents, representatives, assigns or subcontractors. Note: If occurrence coverage is unavailable or cost-prohibitive, the State will accept ‘claims made’ coverage provided the following conditions are met: 1) the retroactive date must be shown, and must be before the date of the contract or the beginning of contract work; 2) insurance must be maintained and evidence of insurance must be provided for at least three (3) years after completion of the contract of work; and 3) if coverage is canceled or non-renewed, and not replaced with another claims-made policy form with a retroactive date prior to the contract effective date, the Contractor must purchase “extended reporting” coverage for a minimum of three (3) years after completion of work.and

Specific Requirements for Cyber/Data Information Security Insurance. The Contractor shall purchase and maintain cyber/information security insurance coverage with combined single limits for each wrongful act of $2,000,000 5,000,000 per occurrence to cover the unauthorized acquisition of personal information such as social security numbers, credit card numbers, financial account information, or other information that uniquely identifies an individual and may be of a sensitive nature in accordance with §2-6-1501, MCA through §2-6-1503, MCA. If the Contractor maintains higher limits than the minimums shown above, the State requires and shall be entitled to coverage for the higher limits maintained by the Contractor. Any available insurance proceeds in excess of the specified minimum limits of insurance and coverage shall be available to the State. Such insurance must cover, at a minimum, privacy notification costs, credit monitoring, forensics investigations, legal fees/costs, regulatory fines and penalties, and third-third party liability settlements or judgements as may be caused by any act, omission, or negligence of the Contractor’s officers, agents, representatives, assigns or subcontractors. Note: If occurrence coverage is unavailable or cost-prohibitive, the State will accept ‘claims made’ coverage provided the following conditions are met: 1) the retroactive date must be shown, and must be before the date of the contract or the beginning of contract work; 2) insurance must be maintained and evidence of insurance must be provided for at least three (3) years after completion of the contract of work; and 3) if coverage is canceled or non-renewed, and not replaced with another claims-made policy form with a retroactive date prior to the contract effective date, the Contractor must purchase “extended reporting” coverage for a minimum of three (3) years after completion of work.and

Specific Requirements for Cyber/Data Information Security Insurance. The Contractor DocuSign shall purchase and maintain cyber/information security insurance coverage with combined single limits for each wrongful act of $2,000,000 per occurrence to cover the unauthorized acquisition of personal information such as social security numbers, credit card numbers, financial account information, or other information that uniquely identifies an individual and may be of a sensitive nature in accordance with §2-6-1501, MCA through §2-6-1503, MCA. If the Contractor DocuSign maintains higher limits than the minimums shown above, the State Customer requires and shall be entitled to coverage for the higher limits maintained by the ContractorDocuSign. Any available insurance proceeds in excess of the specified minimum limits of insurance and coverage shall be available to the StateCustomer. Such insurance must cover, at a minimum, privacy notification costs, credit monitoring, forensics investigations, legal fees/costs, regulatory fines and penalties, and third-third party liability settlements or judgements as may be caused by any act, omission, or negligence of the ContractorDocuSign’s officers, agents, representatives, assigns or subcontractors. Note: If occurrence coverage is unavailable or cost-prohibitive, the State Customer will accept ‘claims made’ coverage provided the following conditions are met: 1) the retroactive date must be shown, and must be before the date of the contract or the beginning of contract work; 2) insurance must be maintained and evidence of insurance must be provided for at least three (3) years after completion of the contract of work; and 3) if coverage is canceled or non-renewed, and not replaced with another claims-made policy form with a retroactive date prior to the contract effective date, the Contractor DocuSign must purchase “extended reporting” coverage for a minimum of three (3) years after completion of work.

Specific Requirements for Cyber/Data Information Security Insurance. The Contractor shall purchase and maintain cyber/information security insurance coverage with combined single limits for each wrongful act of $2,000,000 per occurrence to cover the unauthorized acquisition of personal information such as social security numbers, credit card numbers, financial account information, or other information that uniquely identifies an individual and may be of a sensitive nature in accordance with §§ 2-6-1501, MCA through §§ 2-6-1503, MCA. If the Contractor maintains higher limits than the minimums shown above, the State requires and shall be entitled to coverage for the higher limits maintained by the Contractor. Any available insurance proceeds in excess of the specified minimum limits of insurance and coverage shall be available to the State. Such insurance must cover, at a minimum, privacy notification costs, credit monitoring, forensics investigations, legal fees/costs, regulatory fines and penalties, and third-party liability settlements or judgements as may be caused by any act, omission, or negligence of the Contractor’s officers, agents, representatives, assigns or subcontractors. Note: If occurrence coverage is unavailable or cost-prohibitive, the State will accept ‘claims made’ coverage provided the following conditions are met: 1) the retroactive date must be shown, and must be before the date of the contract Contract or the beginning of contract Contract work; 2) insurance must be maintained and evidence of insurance must be provided for at least three (3) years after completion of the contract Contract of work; and 3) if coverage is canceled or non-renewed, and not replaced with another claims-made policy form with a retroactive date prior to the contract effective date, the Contractor must purchase “extended reporting” coverage for a minimum of three (3) years after completion of work.and

Specific Requirements for Cyber/Data Information Security Insurance. The Contractor shall purchase and maintain cyber/information security insurance coverage with combined single limits for each wrongful act of $2,000,000 per occurrence to cover the unauthorized acquisition of personal information such as social security numbers, credit card numbers, financial account information, or other information that uniquely identifies an individual and may be of a sensitive nature in accordance with §2-6-1501, MCA through §2-6-1503, MCA. If the Contractor maintains higher limits than the minimums shown above, the State MPERB requires and shall be entitled to coverage for the higher limits maintained by the Contractor. Any available insurance proceeds in excess of the specified minimum limits of insurance and coverage shall be available to the StateMPERB. Such insurance must cover, at a minimum, privacy notification costs, credit monitoring, forensics investigations, legal fees/costs, regulatory fines and penalties, and third-party liability settlements or judgements as may be caused by any act, omission, or negligence of the Contractor’s officers, agents, representatives, assigns or subcontractors. Note: If occurrence coverage is unavailable or cost-prohibitive, the State MPERB will accept ‘“claims made’ ” coverage provided the following conditions are met: 1) the retroactive date must be shown, and must be before the date of the contract or the beginning of contract work; 2) insurance must be maintained and evidence of insurance must be provided for at least three (3) years after completion of the contract of work; and 3) if coverage is canceled or non-renewed, and not replaced with another claims-made policy form with a retroactive date prior to the contract effective date, the Contractor must purchase “extended reporting” coverage for a minimum of three (3) years after completion of work.

Specific Requirements for Cyber/Data Information Security Insurance. The Contractor shall purchase and maintain cyber/information security insurance coverage with combined single limits for each wrongful act of $2,000,000 per occurrence to cover the unauthorized acquisition of personal information such as social security numbers, credit card numbers, financial account information, or other information that uniquely identifies an individual and may be of a sensitive nature in accordance with §§ 2-6-1501, MCA through §2-6-6- 1503, MCA. If the Contractor maintains higher limits than the minimums shown above, the State requires and shall be entitled to coverage for the higher limits maintained by the Contractor. Any available insurance proceeds in excess of the specified minimum limits of insurance and coverage shall be available to the State. Such insurance must cover, at a minimum, privacy notification costs, credit monitoring, forensics investigations, legal fees/costs, regulatory fines and penalties, and third-third party liability settlements or judgements as judgementsas may be caused by any act, omission, or negligence of the Contractor’s officers, agents, representatives, assigns or subcontractors. Note: If occurrence coverage is unavailable or cost-prohibitive, the State will accept ‘claims made’ coverage provided the following conditions are met: 1) the retroactive date must be shown, and must be before the date of the contract or the beginning of contract work; 2) insurance must be maintained and evidence of insurance must be provided for at least three (3) years after completion of the contract of work; and 3) if coverage is canceled or non-renewed, and not replaced with another claims-made policy form with a retroactive date prior to the contract effective date, the Contractor must purchase “extended reporting” coverage for coveragefor a minimum of three (3) years after completion of work.