Breach of Unsecured PHI Sample Clauses

Breach of Unsecured PHI. Business Associate shall, following the discovery of an actual or suspected Breach of Unsecured Protected Health Information, provide written notice of the Breach (“BA Notice”) to the applicable LIBERTY Entity(ies) within one (1) business day of discovering the Breach. A Breach shall be treated as discovered by Business Associate as of the first day on which such Breach is known to Business Associate or, by exercising reasonable due diligence, would have been known to Business Associate. Business Associate shall be deemed to have knowledge of a Breach if the Breach is known, or by exercising reasonable diligence would have been known, to any person, other than the person committing the Breach, who is a Representative of Business Associate. The BA Notice shall include the following information: (i) the identification of each individual whose Unsecured PHI has been, or is reasonably believed by Business Associate to have been, accessed, acquired, used or disclosed during the Breach, (ii) a brief description of what happened, including the date of the Breach and the date of the discovery of the Breach, who or what caused the Breach, and who received the PHI, (iii) a description of the types of Unsecured Protected Health Information involved in the Breach, (iv) a description of the action Business Associate took and/or will take to mitigate any deleterious effect of the Breach and a description of the corrective action Business Associate took and/or will take to prevent further Breaches; and (v) any other relevant information. Business Associate shall further provide to LIBERTY any other available information that LIBERTY requests. Upon providing the BA Notice to LIBERTY, Business Associate shall fully cooperate with LIBERTY to enable LIBERTY to confirm whether a Breach occurred and to conduct a risk assessment. If it is determined that a Breach occurred, Business Associate shall fully cooperate with LIBERTY with respect to providing any notification of the Breach as required by the HITECH Act and taking all additional actions as may be required to comply with the HITECH Act. Business Associate shall maintain any and all documentation related to the Breach including, without limitation, any documentation necessary to demonstrate that all notifications were made as required by 45 CFR § 164.410 or that the use or disclosure did not constitute a Breach.

Breach of Unsecured PHI. With the exception of law enforcement delays that satisfy the requirements under 45 C.F.R. § 164.412, Hill-Rom shall notify Covered Entity in writing without unreasonable delay and in no case later than thirty (30) calendar days upon discovery of a Breach of Unsecured PHI. Such notice must include, to the extent possible, the name of each Individual whose Unsecured PHI has been, or is reasonably believed by Hill-Rom to have been, accessed, acquired, or disclosed during such Breach. Hill-Rom shall also provide, to the extent possible, Covered Entity with any other available information that Covered Entity is required to include in its notifications to Individuals under 45 C.F.R. § 164.404(c) at the time of Hill-Rom’s notification to Covered Entity or promptly thereafter as such information becomes available.

Breach of Unsecured PHI. If Business Associate determines that a reportable Breach of Unsecured PHI has occurred, Business Associate shall provide a written report to Covered Entity without unreasonable delay but no later than thirty (30) calendar days after discovery of the Breach. To the extent that information is available to Business Associate, Business Associate’s written report to Covered Entity shall be in accordance with 45 C.F.R. §164.410(c). Business Associate shall cooperate with Covered Entity in meeting Covered Entity’s obligations under the HITECH Act with respect to such Breach. Covered Entity shall have sole control over the timing and method of providing notification of such Breach to the affected individual(s), the Secretary and, if applicable, the media, as required by the HITECH Act. Business Associate shall reimburse Covered Entity for its reasonable costs and expenses in providing the notification, including, but not limited to, any administrative costs associated with providing notice, printing and mailing costs, and costs of mitigating the harm (which may include the costs of obtaining credit monitoring services and identity theft insurance) for affected individuals whose PHI has or may have been compromised as a result of the Breach.

Breach of Unsecured PHI. Jotform will notify Customer of any Breach of Unsecured PHI in accordance with 45 C.F.R. §164.410. The notice required by this Section will be written in plain language and will include, to the extent possible or available, the following: 3.3.1. The identification of each individual whose Unsecured PHI has been, or is reasonably believed by Jotform to have been, accessed, acquired, used, or disclosed during the Breach; 3.3.2. A brief description of what happened, including the date of the Breach and the date of discovery of the Breach, if known; 3.3.3. A description of the types of Unsecured PHI that were involved in the Breach (such as whether full name, Social Security number, date of birth, home address, account number, diagnosis, disability code, or other types of information were involved); 3.3.4. Any steps Individuals should take to protect themselves from potential harm resulting from the Breach; 3.3.5. A brief description of what is being done to investigate the Breach, mitigate the harm, and protect against future Xxxxxxxx; and 3.3.6. Contact procedures for Individuals to ask questions or learn additional information which shall include a toll-free number, an e-mail address, Web site, or postal address, if Customer specifically requests Jotform to establish contact procedures.

Breach of Unsecured PHI. In the case of breach of unsecured PHI, Contractor shall comply with the applicable provisions of 42 USC §17932 and 45 CFR Part 164, Subpart D, including but not limited to 45 CFR §164.410.

Breach of Unsecured PHI. Jotform will notify Customer of any Breach of Unsecured PHI in accordance with 45 C.F.R. §164.410. The notice required by this Section will be written in plain language and will include, to the extent possible or available, the following: 3.3.1. The identification of each individual whose Unsecured PHI has been, or is reasonably believed by Jotform to have been, accessed, acquired, used, or disclosed during the Breach; JOTFORM BAA v2.0 4 3.3.2. A brief description of what happened, including the date of the Breach and the date of discovery of the Breach, if known; 3.3.3. A description of the types of Unsecured PHI that were involved in the Breach (such as whether full name, Social Security number, date of birth, home address, account number, diagnosis, disability code, or other types of information were involved); 3.3.4. Any steps Individuals should take to protect themselves from potential harm resulting from the Breach; 3.3.5. A brief description of what is being done to investigate the Breach, mitigate the harm, and protect against future Breaches; and 3.3.6. Contact procedures for Individuals to ask questions or learn additional information which shall include a toll-free number, an e-mail address, Web site, or postal address, if Customer specifically requests Jotform to establish contact procedures.

Breach of Unsecured PHI. Business Associate shall, following the discovery of an actual or suspected Breach of Unsecured Protected Health Information, provide written notice of the Breach (“BA Notice”) to the applicable LIBERTY ENTITY(IES) within one (1) business day of discovering the Breach. A Breach shall be treated as discovered by Business Associate as of the first day on which such Breach is known to Business Associate or, by exercising reasonable due diligence, would have been known to Business Associate. Business Associate shall be deemed to have knowledge of a Breach if the Breach is known, or by exercising reasonable diligence would have been known, to any person, other than the person committing the Breach, who is a Representative of Business Associate. The BA Notice shall include the following information: (i) the identification of each individual whose Unsecured PHI has been, or is reasonably believed by Business Associate to have been, accessed, acquired, used or disclosed during the Breach, (ii) a brief description of what happened, including the date of the Breach and the date of the discovery of the Breach, who or what caused the Breach, and who received the PHI,

Breach of Unsecured PHI. To the extent that a Security Incident described in this Section

Breach of Unsecured PHI. In the event that Business Associate discovers, as determined in accordance with 45 C.F.R. § 164.410, that a Breach of Unsecured Protected Health Information of Covered Entity has occurred, Business Associate shall promptly notify the Covered Entity of the identification of each individual who has been or is reasonably believed to have been affected by the Breach, along with any other information that the Covered Entity will be required to include in its notification of the individual under the HITECH Act, including, without limitation, a description of the breach, the date of the breach and its discovery, types of Unsecured PHI involved and description of the Business Associate’s investigation, and mitigation and prevention efforts, to the extent such information is known by the Business Associate at the time of notification or promptly thereafter as information becomes available. Notwithstanding any indemnity provision that may be contained in the Loan Agreement or any other Loan Document (as defined therein), no Covered Entity shall have any obligation to indemnify any Business Associate for Claims (as defined in the Loan Agreement) arising out of a Breach by such Business Associate. In any litigation between the Covered Entities and any Business Associate relating to a Breach, the prevailing party in such litigation shall be entitled to be reimbursed by the non-prevailing party for its reasonable costs, fees and expenses (including reasonable attorney’s fees) incurred in connection with such litigation.

Breach of Unsecured PHI. Business Associate shall report to Covered Entity without unreasonable delay, and within the timeframe required by applicable laws and regulations, any acquisition, access, use or disclosure of Unsecured Protected Health Information not permitted by this BAA. Such notification shall include an assessment of whether the incident constitutes a "Breach" under 45 CFR §‌ 164.402. To the extent such assessment concludes that a Breach has occurred, or as requested by Covered Entity, such notification shall also include, to the extent possible, the identification of each Individual whose PHI has been or is reasonably believed to have been accessed, acquired, used or disclosed during the incident, along with any other information that the Covered Entity will be required to include in its notification to the Individual, the media and/or the Secretary, as applicable, including, without limitation, (a) a description of the incident, (b) the date of the incident and the date of its discovery, (c) the types of Unsecured Protected Health Information involved, and (d) a description of Business Associate's investigation, mitigation, and prevention efforts. In the event that a Breach occurs that is properly attributable to the acts or omissions of Business Associate, Business Associate shall cooperate and assist Covered Entity in preparing and, if so directed by Covered Entity, shall send any legally required written notifications. Breach Notification Rule.