Laserfiche WebLink
6.E. - Page 15 of 73 <br />Aareement for TrucPoint Services City of Redwood Cit <br />6.5 Breach Responsibilities. This section only applies when a. Data Breach occurs with respect to <br />Customer Data within the possession or control of Consultant. <br />6.5.1 Consultant, unless stipulated otherwise, shall immediately notify the Contract Officer <br />by telephone in accordance with the agreed upon security plan or security procedures <br />If it reasonably believes there has been a'Security Incident, <br />6:5.2 Consultant, unless stipulated otherwise, shall promptly notify the Contract Officer <br />within 24 hours or sooner by telephone, unless, shorter time is required by applicable <br />law, If it confirms that there Is, or reasonably believes that there has been a. Data <br />Breach. Consultant shall (1) cooperate with the City as reasonably requested by the <br />City to investigate and resolve the Data Breach, (2) promptly implement necessary <br />remedial measures, if necessary, and (3) document responsive actions taken related to <br />the Data Breach, including any post -incident review of events and actions taken to <br />make changes in business practices in providing the Services, if necessary, <br />6.5.3 Unless otherwise stipulated, If a Data Breach is a direct result of Consultant's breach of <br />Its contractual obligation to encrypt Customer Data or otherwise prevent its release, <br />Consultant shall bear the costs associated with (1) the investigation and resolution of <br />the Data Breach; (2) notifications to individuals, regulators or others required by state <br />(or federal) law.; (3) a credit monitoring service required by state (or federal) law; (4) a <br />website or a toll-free number and call center for affected individuals required by state <br />law ---ail not to exceed the average per record per person cost calculated for data <br />breaches in the United States (currently $225 per record/person) in the most recent <br />Cost of Data Breach Study Global Analysis published by the Ponemon Institute at the <br />time of the Data Breach; and (5) complete all corrective actions as reasonably <br />determined by Consultant based on root cause. <br />7.0 INSURANCE. Consultant shall obtain and maintain for the duration of the Agreement and any and all <br />amendments, insurance against claims for injuries to personsor damage to property which may arise <br />out of or in connection with performance of the Services' by Consultant or Consultant's agents, <br />representatives, employees or subcontractors: The Insurance carrier is required to ma€ntaln an A.M. <br />Best rating of not less than "A-;VIi". <br />7A Coverages and Limits. Consultant, at Its sole expense, shall maintain the types of coverages <br />and minimum limits indicated below, unless otherwise approved by City In writing. These <br />minimum amounts of coverage will not constitute any limitations or cap on Consultant's <br />indemnification obligations under this Agreement. <br />7.1.1 Commercial General Liability Insurance. Consultant shall maintain occurrence based <br />coverage with limits not less than $2,000,000 per occurrence. If the submitted policies <br />contain aggregate limits, such limits will apply separately to the Services, project, or <br />location. that is the subject of this Agreement or the aggregate will be twice the <br />required per occurrence limit, The Commercial General Liability insurance policy shall <br />be endorsed to name the City, its officers, agents, employees and volunteers as <br />additional Insureds, and to state that the insurance will be primary and not contribute <br />with any insurance or self-insurance maintained by the City. <br />RSV; 04-23-19 PR <br />ATTY/AGR.2b19.1061TrueP6nt TrueBill Utility Billing System <br />113 <br />