BREACH NOTIFICATION TO INDIVIDUALS Sample Clauses

BREACH NOTIFICATION TO INDIVIDUALS. 13.1 Business Associate shall, to the extent Covered Entity determines that there has been a Breach of Unsecured Protected Health Information by Business Associate, its employees, representatives, agents or Subcontractors, provide breach notification to the Individual in a manner that permits Covered Entity to comply with its obligations under 45 C.F.R. § 164.404. 13.1.1 Business Associate shall notify, subject to the review and approval of Covered Entity, each Individual whose Unsecured Protected Health Information has been, or is reasonably believed to have been, accessed, acquired, Used, or Disclosed as a result of any such Breach. 13.1.2 The notification provided by Business Associate shall be written in plain language, shall be subject to review and approval by Covered Entity, and shall include, to the extent possible: (a) A brief description of what happened, including the date of the Breach and the date of the Discovery of the Breach, if known; (b) A description of the types of Unsecured Protected Health Information that were involved in the Breach (such as whether full name, social security number, date of birth, home address, account number, diagnosis, disability code, or other types of information were involved); (c) Any steps the Individual should take to protect him or herself from potential harm resulting from the Breach; (d) A brief description of what Business Associate is doing to investigate the Breach, to mitigate harm to Individual(s), and to protect against any further Breaches; and (e) Contact procedures for Individual(s) to ask questions or learn additional information, which shall include a toll-free telephone number, an e-mail address, Web site, or postal address. 13.2 Covered Entity, in its sole discretion, may elect to provide the notification required by Section 13.1 and/or to establish the contact procedures described in Section 13.1.2. 13.3 Business Associate shall reimburse Covered Entity any and all costs incurred by Covered Entity, in complying with Subpart D of 45 C.F.R. Part 164, including but not limited to costs of notification, internet posting, or media publication, as a result of Business Associate's Breach of Unsecured Protected Health Information; Covered Entity shall not be responsible for any costs incurred by Business Associate in providing the notification required by 13.1 or in establishing the contact procedures required by Section 13.1.2.
Sample 1Sample 2Sample 3See All (75)
AutoNDA by SimpleDocs
BREACH NOTIFICATION TO INDIVIDUALS and Reporting to Authorities. Tex. Bus. & Comm. Code §521.053; 45 CFR 164.404 (Individuals), 164.406 (Media); 164.408 (Authorities) (A) HHS may direct CONTRACTOR to provide Breach notification to Individuals, regulators or third-parties, as specified by HHS following a Breach. (B) CONTRACTOR must obtain HHS’s prior written approval of the time, manner and content of any notification to Individuals, regulators or third-parties, or any notice required by other state or federal authorities. Notice letters will be in CONTRACTOR's name and on CONTRACTOR's letterhead, unless otherwise directed by HHS, and will contain contact information, including the name and title of CONTRACTOR's representative, an email address and a toll-free telephone number, for the Individual to obtain additional information. (C) CONTRACTOR will provide HHS with copies of distributed and approved communications. (D) CONTRACTOR will have the burden of demonstrating to the satisfaction of HHS that any notification required by HHS was timely made. If there are delays outside of CONTRACTOR's control, CONTRACTOR will provide written documentation of the reasons for the delay. (E) If HHS delegates notice requirements to CONTRACTOR, HHS shall, in the time and manner reasonably requested by CONTRACTOR, cooperate and assist with CONTRACTOR’s information requests in order to make such notifications and reports.
Sample 1Sample 2Sample 3See All (20)
BREACH NOTIFICATION TO INDIVIDUALS. Business Associate’s duty to notify Covered Entity of any breach does not permit Business Associate to notify those individuals whose PHI has been breached by Business Associate without the express written permission of Covered Entity to do so. Any and all notification to those individuals whose PHI has been breached shall be made under the direction, review and control of Covered Entity. The Business Associate will notify the Privacy Officer via telephone with follow-up in writing to include; name of individuals whose PHI was breached, information breached, date of breach, form of breach, etc. The cost of the notification will be paid by the Business Associate.
Sample 1Sample 2Sample 3See All (16)
BREACH NOTIFICATION TO INDIVIDUALS. 13.1 Business Associate shall, to the extent Covered Entity determines that there has been a Breach of Unsecured Protected Health Information by Business Associate, its employees, representatives, agents or Subcontractors, provide breach notification to the Individual in a manner that permits Covered Entity to comply with its obligations under 45 C.F.R. § 164.404. 13.1.1 Business Associate shall notify, subject to the review and approval of Covered Entity, each Individual whose Unsecured Protected Health 13.1.2 The notification provided by Business Associate shall be written in plain language, shall be subject to review and approval by Covered Entity, and shall include, to the extent possible: (a) A brief description of what happened, including the date of the Breach and the date of the Discovery of the Breach, if known; (b) A description of the types of Unsecured Protected Health Information that were involved in the Breach (such as whether full name, social security number, date of birth, home address, account number, diagnosis, disability code, or other types of information were involved); (c) Any steps the Individual should take to protect him or herself from potential harm resulting from the Breach; (d) A brief description of what Business Associate is doing to investigate the Breach, to mitigate harm to Individual(s), and to protect against any further Breaches; and (e) Contact procedures for Individual(s) to ask questions or learn additional information, which shall include a toll-free telephone number, an e-mail address, Web site, or postal address. 13.2 Covered Entity, in its sole discretion, may elect to provide the notification required by Section 13.1 and/or to establish the contact procedures described in Section 13.1.2. 13.3 Business Associate shall reimburse Covered Entity any and all costs incurred by Covered Entity, in complying with Subpart D of 45 C.F.R. Part 164, including but not limited to costs of notification, internet posting, or media publication, as a result of Business Associate's Breach of Unsecured Protected Health Information; Covered Entity shall not be responsible for any costs incurred by Business Associate in providing the notification required by 13.1 or in establishing the contact procedures required by Section 13.1.2.
Sample 1Sample 2Sample 3See All (5)
BREACH NOTIFICATION TO INDIVIDUALS. 13.1 Business Associate shall, to the extent Covered Entity determines that there has been a Breach of Unsecured Protected Health Information by Business Associate, its employees, representatives, agents or Subcontractors, provide breach notification to the Individual in a manner that permits Covered Entity to comply with its obligations under 45 C.F.R. § 164.404. 13.1.1 Business Associate shall notify, subject to the review and approval of Covered Entity, each Individual whose Unsecured Protected Health Information has been, or is reasonably believed to have been, accessed, acquired, Used, or Disclosed as a result of any such Breach. 13.1.2 The notification provided by Business Associate shall be written in plain language, shall be subject to review and approval by Covered Entity, and shall include, to the extent possible:
Sample 1Sample 2Sample 3
BREACH NOTIFICATION TO INDIVIDUALS. Business Associate’s duty to notify Covered Entity of any breach does not permit Business Associate to notify those individua ls whose PHI has been breached by Business Associate without the express written
Sample 1Sample 2
BREACH NOTIFICATION TO INDIVIDUALS. Business Associate’s duty to notify Covered Entity of any breach does not permit Business Associate to notify those individuals whose PHI has been breached by Business Associate without the express written permission of Covered Entity to do so. Any and all notification to those individuals whose PHI has been breached shall be made under the direction, review and control of Covered Entity. The Business Associate will notify the Privacy Officer via telephone with follow-up in writing to include; name of individuals whose PHI was breached, information breached, date of breach, form of breach, etc. The cost of the notification will be paid by the Business Associate. Business Associate shall be liable for all costs associated with any breach caused by Business Associate’s negligent or willful acts or omissions, or those negligent or willful acts or omissions of Business Associate’s agents, officers, employees or subcontractors.
Sample 1Sample 2
AutoNDA by SimpleDocs
BREACH NOTIFICATION TO INDIVIDUALS. Business Associate must, to the extent Covered Entity determines that there has been a Breach of Unsecured Protected Health Information by Business Associate, its employees, representatives, agents or Subcontractors, provide breach notification to the Individual in a manner that permits Covered Entity to comply with its obligations under 45 C.F.R. § 164.404.
Sample 1
BREACH NOTIFICATION TO INDIVIDUALS and Reporting to Authorities. Tex. Bus. & Comm. Code §521.053; 45 CFR 164.404 (Individuals), 164.406 (Media); 164.408 (Authorities) (A) HHS may direct CONTRACTOR to provide Breach notification to Individuals, regulators or third-parties, as specified by HHS following a Breach. (B) of any notification to Individuals, regulators or third-parties, or any notice required by other state or federal authorities, including without limitation, notifications required by Texas Business and Commerce Code, Chapter 521.053(b) and HIPAA. Notice letters will be in CONTRACTOR's name and on CONTRACTOR's letterhead, unless otherwise directed by HHS, and will contain contact information, including the name and title of CONTRACTOR's representative, an email address and a toll-free telephone number, for the Individual to obtain additional information. (C) CONTRACTOR will provide HHS with copies of distributed and approved communications. (D) CONTRACTOR will have the burden of demonstrating to the satisfaction of HHS that any notification required by HHS was timely made. If there are delays outside of CONTRACTOR's control, CONTRACTOR will provide written documentation of the reasons for the delay. (E) If HHS delegates notice requirements to CONTRACTOR, HHS shall, in the time and manner reasonably requested by CONTRACTOR, cooperate and assist with CONTRACT requests in order to make such notifications and reports.
Sample 1

Related to BREACH NOTIFICATION TO INDIVIDUALS

  • Breach Notification a. In the event of a Breach of unsecured PHI or disclosure that compromises the privacy or security of PHI obtained from DSHS or involving DSHS clients, Business Associate will take all measures required by state or federal law. b. Business Associate will notify DSHS within one (1) business day by telephone and in writing of any acquisition, access, Use or disclosure of PHI not allowed by the provisions of this Contract or not authorized by HIPAA Rules or required by law of which it becomes aware which potentially compromises the security or privacy of the Protected Health Information as defined in 45 CFR 164.402 (Definitions). c. Business Associate will notify the DSHS Contact shown on the cover page of this Contract within one (1) business day by telephone or e-mail of any potential Breach of security or privacy of PHI by the Business Associate or its Subcontractors or agents. Business Associate will follow telephone or e-mail notification with a faxed or other written explanation of the Breach, to include the following: date and time of the Breach, date Breach was discovered, location and nature of the PHI, type of Breach, origination and destination of PHI, Business Associate unit and personnel associated with the Breach, detailed description of the Breach, anticipated mitigation steps, and the name, address, telephone number, fax number, and e-mail of the individual who is responsible as the primary point of contact. Business Associate will address communications to the DSHS Contact. Business Associate will coordinate and cooperate with DSHS to provide a copy of its investigation and other information requested by DSHS, including advance copies of any notifications required for DSHS review before disseminating and verification of the dates notifications were sent. d. If DSHS determines that Business Associate or its Subcontractor(s) or agent(s) is responsible for a Breach of unsecured PHI: (1) requiring notification of Individuals under 45 CFR § 164.404 (Notification to Individuals), Business Associate bears the responsibility and costs for notifying the affected Individuals and receiving and responding to those Individuals’ questions or requests for additional information; (2) requiring notification of the media under 45 CFR § 164.406 (Notification to the media), Business Associate bears the responsibility and costs for notifying the media and receiving and responding to media questions or requests for additional information; (3) requiring notification of the U.S. Department of Health and Human Services Secretary under 45 CFR § 164.408 (Notification to the Secretary), Business Associate bears the responsibility and costs for notifying the Secretary and receiving and responding to the Secretary’s questions or requests for additional information; and (4) DSHS will take appropriate remedial measures up to termination of this Contract.

  • Notification to Employer The Union shall notify the Employer of the names of the Employees, including the department wherein the Employee is employed, who are members of the Board of Directors, the Union Executive and Council Committees.

  • Security Breach Notification In addition to the information enumerated in Article V, Section 4(1) of the DPA Standard Clauses, any Security Breach notification provided by the Provider to the LEA shall include: a. A list of the students whose Student Data was involved in or is reasonably believed to have been involved in the breach, if known; and b. The name and contact information for an employee of the Provider whom parents may contact to inquire about the breach.

  • Certification Regarding Prohibition of Boycotting Israel (Tex Gov. Code 2271)

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!