DATA BREACH NOTIFICATIONS Clause Samples

DATA BREACH NOTIFICATIONS. If Customer determines that a data breach with respect to its Personal Data requires notification to any Supervisory Authority, Data Subjects, and/or the public or portions of the public, Customer will notify TnG before delivering the notification and supply TnG with copies of the proposed notification that references TnG, its security measures, and/or role in the data breach, whether or not by name. Subject to Customer’s compliance with applicable data protection law, Customer will consult with TnG in good faith and take account of any clarifications or corrections TnG reasonably requests to such notifications. The Parties acknowledge that it is the obligation of the Customer to determine if such breach is notifiable with reference to applicable law.

DATA BREACH NOTIFICATIONS. 6.1 Data Processor shall inform the Data Controller without undue delay after becoming aware of any accidental or unauthorized access to personal data or any other security incidents (personal data breach). 6.2 Data Processor shall assist Data Controller with any information reasonably required to fulfil its data breach notification requirements.

DATA BREACH NOTIFICATIONS. In the event of a security breach of Personal Student Information or other confidential information of our subscribers, we notify affected subscribers as soon as practicable in accordance with applicable laws. We have an Information Security Team that will monitor the recovery and repair of the technical or process vulnerability.

DATA BREACH NOTIFICATIONS. In the event of a suspected or confirmed security breach, compromise, or unauthorized access of PII or Student Education Records, Contractor will notify the GCSD in accordance with applicable state law or immediately and without unreasonable delay., whichever occurs sooner, In the event a Security Breach is confirmed, Contractor and the GCSD will work together to prepare and transmit notification(s) to the affected persons, the entire cost of which will be borne solely by Contractor. Contractor agrees to not send notice to persons affected by the breach pursuant to Mississippi Code § 74-24-29 or any other Federal or State law without first obtaining the GCSD’s approval for such notice, which approval will not be unreasonably withheld.

DATA BREACH NOTIFICATIONS. 9.2.1 The OAIC has the role of receiving data breach notifications under the PCEHR Act from the System Operator, registered repository operators (RROs) and registered portal operators (RPOs). The OAIC may also provide advice to these entities to assist them in meeting their data breach notification obligations under the PCEHR Act. In the event of a breach or suspected breach, the OAIC may investigate the contravention, event or circumstances associated with the breach and/or the entity’s compliance with the data breach notification provisions under s 75 of the PCEHR Act. The OAIC may take enforcement action where the circumstances warrant it. 9.2.2 The System Operator also has the role of receiving notifications of data breaches from RROs and RPOs. The System Operator will liaise with the OAIC and may investigate, take corrective actions and help the RRO or RPO to mitigate any loss or damage that may result from the breach. Where the System Operator is aware of the data breach, the System Operator is required to notify affected individuals and, where a significant number of people are affected, the general public. If an RRO or RPO fails to report a notifiable data breach to the System Operator and the OAIC as required under s 75(2) of the PCEHR Act (such failure can be subject to a civil penalty), the System Operator can take any action which it deems appropriate in the circumstances, including cancelling, suspending or varying the registration of a RRO or RPO or accepting an undertaking. 9.2.3 If the OAIC receives a data breach notification from a state or territory authority or instrumentality, the OAIC will advise the entity to contact the System Operator and the OAIC will consult the System Operator to ensure the notification was received. If either party receives a data breach notification from an entity other than a state or territory authority or instrumentality and has reason to believe that the entity has not notified the other party as required under s 75, the receiving party will direct the entity to notify the other party and will consult with the other party to confirm the notification was received. 9.2.4 The OAIC and the System Operator may consult each other when carrying out their respective roles in relation to a data breach notifications, as appropriate. 9.2.5 Both parties will inform each other of the data breach notifications they receive which may be relevant to the other party, as soon as practicable.

DATA BREACH NOTIFICATIONS. 10.1 Sana shall without undue delay inform the Subscriber after becoming aware of any Personal Data breach. 10.2 Sana shall assist the Subscriber with any information reasonably required to fulfill the Subscriber’s data breach notification requirements under Applicable Data Protection Laws.

DATA BREACH NOTIFICATIONS. Findify shall inform the Customer without undue delay after becoming aware of any personal data breach.

DATA BREACH NOTIFICATIONS. 10.1 Sana Labs shall without undue delay inform the Subscriber after becoming aware of any Personal Data breach. 10.2 Sana Labs shall assist the Subscriber with any information reasonably required to fulfill the Subscriber’s data breach notification requirements under Applicable Data Protection Laws.

DATA BREACH NOTIFICATIONS. To the extent a Security Incident results in unauthorized disclosure or access of DIR Personal Data attributable to Successful Respondent’s failure to comply with its obligations under this Agreement, DIR or DIR Customer may, upon request, require Successful Respondent to assist with or provide breach notifications to individuals, law enforcement, or regulatory authorities as required by Law and specified by DIR or the applicable DIR Customer. In assisting with or providing breach notifications, Successful Respondent shall: (i) comply with all requirements of Law applicable to the notification; (ii) upon request of DIR or DIR Customer, prepare and send the notifications under Successful Respondent’s name and letterhead; (iii) identify the name and contact information of Successful Respondent’s representative who can provide additional information to individuals impacted by the breach; (iv) if requested to prepare the notifications, provide DIR or DIR Customer with draft notifications for approval at least five (5) Business Days prior to the legal deadline for providing notifications, and duplicates of the notifications upon distribution; and (v) provide thirty-six (36) months of credit-monitoring services and identity theft insurance in the amount of $50,000 for individuals whose personal information was subject to the unauthorized disclosure or access.