Laserfiche WebLink
City of Santa Ana_Master Services Agreement_5.23.23 6 <br />Empower Software and systems, as further set forth in the Data Security & Privacy Addendum attached <br />hereto as Exhibit 1. <br />5.2. Mutual Notice of an Information Security Breach. (A) Notice by Empower. Empower <br />will notify the Plan Sponsor of an Information Security Breach as set forth Exhibit 1, Data Security & Privacy <br />Addendum. (B) Notice by Plan Sponsor. In order to help Empower facilitate the safety of Data and <br />Participant accounts, Plan Sponsor will notify Empower: (i) promptly in the event of a security breach of <br />Plan Sponsor’s systems that could impact Empower’s systems or the integrity of Data sent to Empower, <br />including without limitation a suspected virus or malware event; and/or (ii) immediately upon discovering a <br />compromise of the security and/or log-on credentials of any Plan Sponsor employee or agent that has a <br />plan administration role in Empower’s system. Such notice shall include: (a) information reasonably <br />necessary to enable Empower to pr omptly put additional protective measures in place, such as file <br />scrubbing protocols and/or fraud alerts on Participant accounts ; and (b) the corrective action taken to <br />remedy the breach. <br />6.BUSINESS CONTINUITY & DISASTER RECOVERY <br />Empower will maintain business continuity and disaster recovery procedures to address the <br />security, integrity and availability of the technology, operational, financial, human and other resources <br />required to provide mission-critical Services in the event of a natural disaster or other interruption of normal <br />business operations. Such procedures will be tested at least once annually. Empower Financial Services, <br />Inc.’s current Business Continuity Plan Notice is attached to this MSA. By executing this MSA, Plan <br />Sponsor acknowledges receipt of this Notice. <br />7.RECORDS <br />7.1 Record Retention. Empower shall retain all records in its custody and control that are <br />pertinent to performance under this MSA in accordance with its record retention policy and as required by <br />law. Subject to the foregoing, each party agrees to return or destroy the other party’s Confidential <br />Information and Data once it is no longer required for the purpose of performing or receiving the Services, <br />provided that the parties are not obligated to destroy copies of Confidential Information or Data that must <br />be retained for audit, legal or regulatory purposes, or that is stored in non-readily accessible electronic <br />format, such as on archival systems; in such cases Empower’s data protection obligations shall continue <br />until such Data is destroyed in accordance with Empower’s record retention policy. <br />8.INTELLECTUAL PROPERTY RIGHTS <br />8.1 Plan Sponsor Materials. As between the parties hereto, excluding the Empower <br />Materials (as defined below), Plan Sponsor shall own materials, trademarks, trade names, logos, trade <br />dress, and other Confidential Information provided or made accessible by Plan Sponsor to Empower for <br />use in providing the Services (collectively, the “Plan Sponsor Materials”). Plan Sponsor grants Empower <br />a limited, revocable right and license to use Plan Sponsor’s name, logo, and trademarks in materials <br />created by Empower in connection with providing the Services. Nothing contained herein shall prohibit <br />Empower from referencing client partnerships in the normal course of public -relations communications or <br />in materials prepared at the request of prospective clients.