My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
CALIFORNIA DEPARTMENT OF JUSTICE
Clerk
>
Contracts / Agreements
>
C
>
CALIFORNIA DEPARTMENT OF JUSTICE
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
6/10/2019 1:54:03 PM
Creation date
6/10/2019 1:44:54 PM
Metadata
Fields
Template:
Contracts
Company Name
CALIFORNIA DEPARTMENT OF JUSTICE
Contract #
N-2019-101
Agency
Information Technology
Expiration Date
12/31/2019
Destruction Year
2024
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
21
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
California Department of Justice Memorandum of Understanding <br />Exhibit E, Breach Response <br />EXHIBIT E <br />BREACH RESPONSE <br />Discovery of Breach. Agency agrees to notify DOJ immediately by telephone call plus <br />email or fax upon the discovery of any breach of security of any files containing <br />classified criminal justice data (in whatever form, paper or electronic) if the data <br />involved was, or is reasonably believed to have been, acquired by an unauthorized <br />person, or within 24 hours by email or fax of the discovery of any suspected security <br />incident, intrusion or unauthorized use or disclosure of files containing classified <br />criminal justice data in violation of this MOU or potential loss of confidential data <br />affecting this MOU. <br />Notification shall be provided to the DOJ Program and Technical Manager, the DOJ <br />Information Security Officer and the DOJ Chief Information Officer. If the incident <br />occurs after business hours or on a weekend or holiday and involves electronic data, <br />notification shall be provided by contacting the DOJ Information Security Officer. DOJ <br />shall take: <br />Prompt corrective action to mitigate any risks or damages involved with the <br />breach and to protect the operating environment and <br />Any action pertaining to such unauthorized disclosure required by applicable <br />Federal and State taws and regulations. <br />2. Investigationof Breach. Agency shall immediately investigate such security incident, <br />breach, or unauthorized use or disclosure of criminal justice data or any other <br />confidential data. Within 72 hours of the discovery, Agency shall notify the DOJ <br />Program and Technical Manager, the DOJ Information Security Officer and the DOJ <br />Chief Information Officer of: <br />I. The data elements involved and the extent of the data involved in the breach, <br />ll. A description of the unauthorized persons known or reasonably believed to <br />have improperly used or disclosed confidential data, <br />Ill. A description of where the confidential data is believed to have been <br />improperly transmitted, sent, or utilized, <br />IV. A description of the probably causes of the improper use or disclosure; and <br />V. Whether Civil Code sections 1798.29 or 1798.82 or any other federal or state <br />laws requiring individual notifications of breaches are triggered. <br />3. Written Report. Agency shall provide a written report of the investigation to the DOJ <br />Program and Technical Manager, the DOJ Information Security Office and the DOJ <br />Chief Information Officer within ten (10) working days of the discovery of the breach <br />or unauthorized use or disclosure, The report shall include, but not be limited to, the <br />Page 1 of 2 <br />
The URL can be used to link to this page
Your browser does not support the video tag.