My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
Agenda Packet_2025-07-15
Clerk
>
Agenda Packets / Staff Reports
>
City Council (2004 - Present)
>
2025
>
07/15/2025
>
Agenda Packet_2025-07-15
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
7/9/2025 11:22:49 AM
Creation date
7/9/2025 9:14:21 AM
Metadata
Fields
Template:
City Clerk
Doc Type
Agenda Packet
Date
7/15/2025
Destruction Year
P
Jump to thumbnail
< previous set
next set >
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
1754
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
Docustgn Envelope ID: 72A91 B3B-BEA1-46FE-ACOD-146571 B87804 <br />EXHIBIT 2 <br />incident known at that time. The Contractor shall provide status update to County on a <br />regular basis as agreed upon. <br />The Contractor shall provide to County all specific and pertinent information about the <br />Breach, including copies of any reports conducted by the Contractor or on behalf of the <br />Contractor. The Contractor shall waive any assertion of privilege in relation to such <br />reports. Such information and/or reports shall be provided to County without <br />unreasonable delay and in no event later than fifteen (15) calendar days the Contractor <br />have such information and/or report. <br />c. Complete Report. The complete report of the investigation shall include an assessment <br />of all known factors relevant to the determination of whether a breach occurred under <br />applicable provisions of the Health Insurance Portability and Accountability Act (HIPAA), <br />the Health Information Technology for Economic and Clinical Health (HITECH) Act, the <br />Information Protection Act, or other applicable law. The report shall include a Corrective <br />Action Plan (CAP) which includes, at a minimum, detailed information regarding the <br />mitigation measures taken to halt and/or contain the improper use or disclosure. <br />If County requests additional information related to the incident, the Contractor shall <br />make reasonable efforts to provide County with such information. County will review <br />report and determine whether a breach occurred and whether individual notification is <br />required. County will maintain the final decision making over a breach determination. <br />d. Notifications of Individuals. When applicable state or federal law requires notification to <br />individuals of a breach or unauthorized disclosure of their P11, the County will make the <br />decision to either notify clients or have the Contractor give notice. If the Contractor shall <br />give the notice, it would be subject to the following provisions: <br />i. If the cause of the breach is attributable to the Contractor or its subcontractors, <br />agents or vendors, the Contractor shall pay any costs of such notifications, as well <br />as any and all costs associated with the breach. If there are any questions as to <br />whether the County or the Contractor is responsible for the breach, the County <br />and the Contractor shall jointly determine responsibility for purposes of allocating <br />the costs; <br />ii. All notifications (regardless of breach status) regarding the beneficiaries' PII shall <br />comply with the requirements set forth in Section 1798.29 of the California Civil <br />Code and Section 17932 of Title 42 of the United States Code, inclusive of its <br />implementing regulations, including but not limited to the requirement that the <br />notifications be made without reasonable delay and in no event, later than sixty <br />(60) calendar days from discovery; <br />12 <br />City Council 7 — 128 7/15/2025 <br />
The URL can be used to link to this page
Your browser does not support the video tag.