Complete Report. To provide a complete report of the investigation to the DHCS contacts within ten (10) working days of the discovery of the security incident or breach. This “Final PIR” must include any applicable additional information not included in the Initial Form. The Final PIR Form shall include an assessment of all known factors relevant to a determination of whether a breach occurred under HIPAA and other applicable federal and state laws. The report shall also include a full, detailed corrective action plan, including its implementation date and information on mitigation measures taken to halt and/or contain the improper use or disclosure. If DHCS requests information in addition to that requested through the PIR form, Business Associate shall make reasonable efforts to provide DHCS with such information. A “Supplemental PIR” may be used to submit revised or additional information after the Final PIR is submitted. DHCS will review and approve or disapprove Business Associate’s determination of whether a breach occurred, whether the security incident or breach is reportable to the appropriate entities, if individual notifications are required, and Business Associate’s corrective action plan.
Appears in 10 contracts
Samples: web2.co.merced.ca.us, web2.co.merced.ca.us, Special Terms and Conditions
Complete Report. To provide a complete report of the investigation to the DHCS contacts within ten (10) working days of the discovery of the security incident or breach. This “Final PIR” Final PIR must include any applicable additional information not included in the Initial Form. The Final PIR Form shall include an assessment of all known factors relevant to a determination of whether a breach occurred under HIPAA and other applicable federal and state laws. The report shall also include a full, detailed corrective action plan, including its implementation date and information on mitigation measures taken to halt and/or contain the improper use or disclosure. If DHCS requests information in addition to that requested through the PIR form, Business Associate shall make reasonable efforts to provide DHCS with such information. A “Supplemental PIR” Supplemental PIR may be used to submit revised or additional information after the Final PIR is submitted. DHCS will review and approve or disapprove Business Associate’s Associates determination of whether a breach occurred, whether the security incident or breach is reportable to the appropriate entities, if individual notifications are required, and Business Associate’s Associates corrective action plan.
Appears in 1 contract
Samples: web2.co.merced.ca.us
Complete Report. To provide a complete report of the investigation to the DHCS contacts within ten (10) working days Working Days of the discovery of the security incident or breach. This “Final PIR” must include any applicable additional information not included in the Initial Form. The Final PIR Form shall include an assessment of all known factors relevant to a determination of whether a breach occurred under HIPAA and other applicable federal and state State laws. The report shall also include a full, detailed corrective action plan, including its implementation date and information on mitigation measures taken to halt and/or contain the improper use or disclosure. If DHCS requests information in addition to that requested through the PIR form, Business Associate shall make reasonable efforts to provide DHCS with such information. A “Supplemental PIR” may be used to submit revised or additional information after the Final PIR is submitted. DHCS will review and approve or disapprove Business Associate’s determination of whether a breach occurred, whether the security incident or breach is reportable to the appropriate entities, if individual notifications are required, and Business Associate’s corrective action plan.
Appears in 1 contract
Samples: www.bidnet.com
