Pursuant to Applicable. Data Protection Law and the additional requirements set out in the OH-SSS, Supplier shall implement and maintain appropriate and documented Security Incident procedures and policies designed to (i) detect, analyze, monitor and resolve Security Incidents; and (ii) without undue delay but at the latest within twenty-four (24) hours of any Security Incident, report such Security Incidents to Oracle Health. Such report shall contain a detailed description of the nature of the Security Incident, categories and approximate number of Personal Information records and Data Subjects concerned, name and contact details of a contact point where more information can be obtained, likely consequences of the Security Incident, and measures to address the Security Incident.
Appears in 2 contracts
Sources: Data Processing Agreement, Data Processing Agreement