Common use of Complete Report Clause in Contracts

Complete Report. If all of the required information was not included in either the initial report or the investigation PIR submission, then a separate complete report shall be submitted within ten working days of the discovery. The Complete Report of the investigation shall include an assessment of all known factors relevant to the determination of whether a breach occurred under applicable provisions of the Health Insurance Portability and Accountability Act (HIPAA), the Health Information Technology for Economic and Clinical Health (HITECH) Act, the Information Protection Act, or other applicable law. The report shall also include a Corrective Action Plan (CAP) that shall include, at minimum, detailed information regarding the mitigation measures taken to halt and/or contain the improper use or disclosure. If DHCS requests additional information related to the incident, the County Department/Agency shall make reasonable efforts to provide DHCS with such information. If necessary, the County Department/Agency shall submit an updated PIR with revisions and/or additional information after the Completed Report has been provided. DHCS will review and determine whether a breach occurred and whether individual notification is required. DHCS will maintain the final decision making over a breach determination.

Complete Report. If all To provide a complete report of the required information was not included in either investigation to the initial report or DHCS Program Contract Manager, the investigation PIR submissionDHCS Privacy Officer, then a separate complete report shall be submitted and the DHCS Information Security Officer within ten working days of the discoverydiscovery of a breach, security incident, intrusion, or unauthorized access, use, or disclosure. The Complete Report of report shall be submitted on the investigation “DHCS Privacy Incident Report” form and shall include an assessment of all known factors relevant to the a determination of whether a breach occurred under applicable provisions of the Health Insurance Portability and Accountability Act (HIPAA), the Health Information Technology for Economic and Clinical Health (HITECH) HITECH Act, the Information Protection Act, or other applicable HIPAA regulations and/or state law. The report shall also include a Corrective Action Plan (CAP) that shall include, at minimumfull, detailed corrective action plan, including information regarding the mitigation on measures that were taken to halt and/or contain the improper use or disclosure. If DHCS requests additional information related in addition to that listed on the incident”DHCS Privacy Incident Report” form, the County Department/Agency Department shall make reasonable efforts to provide DHCS with such information. If necessary, the County Department/Agency shall a Supplemental Report may be used to submit an updated PIR with revisions and/or revised or additional information after the Completed Report has been providedcompleted report is submitted, by submitting the revised or additional information on an updated “DHCS Privacy Incident Report” form. DHCS will review and determine approve the determination of whether a breach occurred and whether individual notification is notifications are required. DHCS will maintain , and the final decision making over a breach determinationcorrective action plan.

Complete Report. If all of the required information was not included in either the initial report or the investigation PIR submission, then a separate complete report shall be submitted within ten working days of the discovery. The Complete Report Repo rt of the investigation shall include an assessment of all known factors facto rs relevant to the determination of whether a breach occurred under applicable provisions p rovisions of the Health Insurance Portability and Accountability Act (HIPAA), the Health Information Technology for Economic and Clinical Health (( HITECH) Act, the Information Protection Act, or other applicable law. The report shall also include a Corrective Action Plan (CAP) that shall include, at minimum, detailed information regarding the mitigation measures taken to halt and/or contain the improper use or disclosure. If DHCS requests additional information related to the incident, the County Department/Agency shall make reasonable efforts to provide DHCS with such information. If necessary, the County Department/Agency shall submit an updated PIR with revisions and/or additional information after the Completed Report has been provided. DHCS will review and determine whether a breach occurred and whether individual notification is required. DHCS will maintain the final decision making over a breach determination.

Complete Report. If all of the required information was not included in either the initial report or the investigation PIR submission, then a separate complete report shall be submitted within ten working days of the discovery. The Complete Report of the investigation shall include an assessment of all known factors relevant to the determination of whether a breach occurred under applicable provisions of the Health Insurance Portability and Accountability Act (HIPAA), the Health Information Technology for Economic and Clinical Health (HITECH) Act, the Information Protection Act, or other applicable law. The report shall also include a Corrective Action Plan (CAP) CAP that shall include, at minimum, detailed information regarding the mitigation measures taken to halt and/or contain the improper use or disclosure. If DHCS requests additional information related to the incident, the County Department/Agency CalSAWS Consortium shall make reasonable efforts to provide DHCS with such information. If necessary, the County Department/Agency CalSAWS Consortium shall submit an updated PIR with revisions and/or additional information after the Completed Report has been provided. DHCS will review and determine whether a breach occurred and whether individual notification is required. DHCS will maintain the final decision making over a breach determination.

Complete Report. If all To provide a complete report of the required information was not included in either investigation to the initial report or DHCS Program Contract Manager, the investigation PIR submissionDHCS Privacy Officer, then a separate complete report shall be submitted and the DHCS Information Security Officer within ten working days of the discoverydiscovery of a breach, security incident, intrusion, or unauthorized access, use, or disclosure. The Complete Report of report shall be submitted on the investigation "DHCS Privacy Incident Report" form and shall include an assessment of all known factors relevant to the a determination of whether a breach occurred under applicable provisions of the Health Insurance Portability and Accountability Act (HIPAA), the Health Information Technology for Economic and Clinical Health (HITECH) HITECH Act, the Information Protection Act, or other applicable HIPAA regulations and/or state law. The report shall also include a Corrective Action Plan (CAP) that shall include, at minimumfull, detailed corrective action plan, including information regarding the mitigation on measures that were taken to halt and/or contain the improper use or disclosure. If DHCS requests additional information related in addition to that listed on the incident"DHCS Privacy Incident Report" form, the County Department/Agency Department shall make reasonable efforts to provide DHCS with such information. If necessary, the County Department/Agency shall a Supplemental Report may be used to submit an updated PIR with revisions and/or revised or additional information after the Completed Report has been providedcompleted report is submitted, by submitting the revised or additional information on an updated "DHCS Privacy Incident Report" form. DHCS will review and determine approve the determination of whether a breach occurred and whether individual notification is notifications are required. DHCS will maintain , and the final decision making over a breach determinationcorrective action plan.

Complete Report. If all of the required information was not included in either the initial report or the investigation PIR submission, then a separate complete report shall be submitted within ten working days of the discovery. The Complete Report of the investigation shall include an assessment of all known factors relevant to the determination of whether a breach occurred under applicable provisions of the Health Insurance Portability and Accountability Act (HIPAA), the Health Information Technology for Economic and Clinical Health (HITECH) Act, the Information Protection Act, or other applicable law. The report shall also include a Corrective Action Plan (CAP) CAP that shall include, at minimum, detailed information regarding the mitigation measures taken to halt and/or contain the improper use or disclosure. If DHCS requests additional information related to the incident, the County Department/Agency shall make reasonable efforts to provide DHCS with such information. If necessary, the County Department/Agency shall submit an updated PIR with revisions and/or additional information after the Completed Report has been provided. DHCS will review and determine whether a breach occurred and whether individual notification is required. DHCS will maintain the final decision making over a breach determination.