Reporting Unsuccessful Security Incidents Business Associate shall provide Covered Entity upon written request a Report that: (a) identifies the categories of Unsuccessful Security Incidents; (b) indicates whether Business Associate believes its current defensive security measures are adequate to address all Unsuccessful Security Incidents, given the scope and nature of such attempts; and (c) if the security measures are not adequate, the measures Business Associate will implement to address the security inadequacies.
Security Incident “Security Incident” means the attempted or successful unauthorized access, use, disclosure, modification, or destruction of information or interference with system operations in an information system.
Security Incidents 11.1 Includes identification, managing and agreed reporting procedures for actual or suspected security breaches.
Breaches and Security Incidents During the term of the Agreement, CONTRACTOR 27 agrees to implement reasonable systems for the discovery of any Breach of unsecured DHCS PI and PII 28 or security incident. CONTRACTOR agrees to give notification of any beach of unsecured DHCS PI 29 and PII or security incident in accordance with subparagraph F, of the Business Associate Contract, 30 Exhibit B to the Agreement.
Security Incident Notification The Transfer Agent shall promptly notify the Trust but in no event later than 72 hours following discovery of any Security Incident(s). Such notification shall include the extent and nature of such intrusion, disclosure, or unauthorized access, the identity of the compromised Customer Confidential Information (to the extent it can be ascertained), how the Transfer Agent was affected by the Security Incident, and its response to such Security Incident. The Transfer Agent shall use continuous and diligent efforts to remedy the cause and the effects of such Security Incident in an expeditious manner and deliver to the Trust a root cause analysis and future incident Mitigation plan with regard to any such incident. The Transfer Agent shall reasonably cooperate with the Trust’s investigation and response to each Security Incident. If the Trust determines in its sole discretion that it may need or be required to notify any individual(s) as a result of a Security Incident, the Trust shall have the right to control all such notifications and the Transfer Agent shall bear all direct costs associated with the notification, to the extent the notification and corresponding actions are required by U.S. law, and subject to the limitation of liability set forth in the Agreement. Without limiting the foregoing, unless otherwise required by U.S. law, no such notifications shall be made by the Transfer Agent without the Trust’s prior written consent and the Trust shall, together with the Transfer Agent, determine the content and delivery of all such notifications. For the avoidance of doubt, the Transfer Agent shall be solely responsible for all costs and expenses, subject to the limitations of liability under the Agreement that the Trust and/or the Transfer Agent may incur to the extent that they are attributable to or arise from the Transfer Agent’s breach of its confidentiality obligations under the Agreement.
Reporting Security Incidents The Business Associate will report to the County any Incident of which the Business Associate becomes aware that is:
Security Incident Reporting A security incident occurs when CDA information assets are or reasonably believed to have been accessed, modified, destroyed, or disclosed without proper authorization, or are lost, or stolen. Subrecipient must comply with CDA’s security incident reporting procedures located at xxxxx://xxx.xxxxx.xx.xxx/ProgramsProviders/#Resources.
Security Incident Response Upon becoming aware of a Security Incident, MailChimp shall notify Customer without undue delay and shall provide timely information relating to the Security Incident as it becomes known or as is reasonably requested by Customer.
Data Incidents Merchant must report all instances of a Data Incident (as defined in the American Express Merchant Operating Guide) immediately to ISO after discovery of the incident. Merchant must ensure data quality and that Transaction Data and customer information is processed promptly, accurately, and completely, and complies with the American Express Technical Specifications. THE FOLLOWING SERVICES ARE PROVIDED BY ISO ONLY. Bank shall not have any obligation or liability of any nature in connection with such services. PART THREE
Sale of Note; Change of Loan Servicer; Notice of Grievance The Note or a partial interest in the Note (together with this Security Instrument) can be sold one or more times without prior notice to Borrower. A sale might result in a change in the entity (known as the “Loan Servicer”) that collects Periodic Payments due under the Note and this Security Instrument and performs other mortgage loan servicing obligations under the Note, this Security Instrument, and Applicable Law. There also might be one or more changes of the Loan Servicer unrelated to a sale of the Note. If there is a change of the Loan Servicer, Borrower will be given written notice of the change which will state the name and address of the new Loan Servicer, the address to which payments should be made and any other information RESPA requires in connection with a notice of transfer of servicing. If the Note is sold and thereafter the Loan is serviced by a Loan Servicer other than the purchaser of the Note, the mortgage loan servicing obligations to Borrower will remain with the Loan Servicer or be transferred to a successor Loan Servicer and are not assumed by the Note purchaser unless otherwise provided by the Note purchaser. Neither Borrower nor Lender may commence, join, or be joined to any judicial action (as either an individual litigant or the member of a class) that arises from the other party’s actions pursuant to this Security Instrument or that alleges that the other party has breached any provision of, or any duty owed by reason of, this Security Instrument, until such Borrower or Lender has notified the other party (with such notice given in compliance with the requirements of Section 15) of such alleged breach and afforded the other party hereto a reasonable period after the giving of such notice to take corrective action. If Applicable Law provides a time period which must elapse before certain action can be taken, that time period will be deemed to be reasonable for purposes of this paragraph. The notice of acceleration and opportunity to cure given to Borrower pursuant to Section 22 and the notice of acceleration given to Borrower pursuant to Section 18 shall be deemed to satisfy the notice and opportunity to take corrective action provisions of this Section 20.
