Data Breach Notification and Mitigation Under Other Laws. In addition to the requirements of Section 9.1, Business Associate agrees to implement reasonable systems for the discovery and prompt reporting of any breach of individually identifiable information (including but not limited to PHI, and referred to hereinafter as “Individually Identifiable Information”) that, if misused, disclosed, lost or stolen, Covered Entity believes would trigger an obligation under one or more State data breach notification laws (each a “State Breach”) to notify the individuals who are the subject of the information. Business Associate agrees that in the event any Individually Identifiable Information is lost, stolen, used or disclosed in violation of one or more State data breach notification laws, Business Associate shall promptly: (i) cooperate and assist Covered Entity with any investigation into any State Breach or alleged State Breach; (ii) cooperate and assist Covered Entity with any investigation into any State Breach or alleged State Breach conducted by any State Attorney General or State Consumer Affairs Department (or their respective agents); (iii) comply with Covered Entity’s determinations regarding Covered Entity’s and Business Associate’s obligations to mitigate to the extent practicable any potential harm to the individuals impacted by the State Breach; and
Data Breach Notification and Mitigation Under Other Laws. In addition, Business Associate agrees to implement reasonable systems for the discovery and prompt reporting of any breach of individually identifiable information (including but not limited to PHI and referred to hereinafter as “Individually Identifiable Information”) and Sensitive Personal Information subject to Section 521.053 of the Texas Business and Commerce Code that, if misused, disclosed, lost or stolen, would trigger an obligation under one or more State data breach notification laws (each a “State Breach”) to notify the individuals who are the subject of the information. Business Associate agrees that in the event any Individually Identifiable Information and Sensitive Personal Information is lost, stolen, used or disclosed in violation of one or more State laws, Business Associate shall promptly: (i) notify the Covered Entity within 15 calendar days of such misuse, disclosure, loss or theft; (ii) cooperate and assist Covered Entity with any investigation into any State Breach or alleged State Breach; (iii) cooperate and assist Covered Entity with any investigation into any State Breach or alleged State Breach conducted by any State Attorney General or State Consumer Affairs Department (or their respective agents); (iv) cooperate with Covered Entity regarding the obligations of Covered Entity and Business Associate to mitigate to the extent practicable any potential harm to the individuals impacted by the State Breach; and (v) assist with the implementation of any decision by any State agency, including any State Attorney General or State Consumer Affairs Department (or their respective agents), to notify individuals impacted or potentially impacted by a State Breach. This requirement shall survive the expiration or termination of this Agreement and shall remain in effect for so long as Business Associate maintains PHI, Individually Identifiable Information, or Sensitive Personal Information.
Data Breach Notification and Mitigation Under Other Laws. In addition to the requirements of the foregoing Section, Distributor agrees that in the event any individually Identifiable Information is lost, stolen, used or disclosed in violation of one or more State data breach notification laws, Distributor shall promptly: (i) cooperate and assist Atossa with any investigation into any State Breach or alleged State Breach: (ii) cooperate and assist Atossa with any investigation into any State Breach or alleged State Breach conducted by any State Attorney General or State Consumer Affairs Department (or their respective agents); (iii) comply with Atossa 's determinations regarding Atossa's and Distributor 's obligations to mitigate to the extent practicable any potential harm to the individuals impacted by the State Breach: and (iv) assist with the implementation of any decision by Atossa or any State agency, including any State Attorney General or State Consumer Affairs Department (or their respective agents), to notify individuals impacted or potentially impacted by a State Breach.
Data Breach Notification and Mitigation Under Other Laws. In addition to the requirements of Section 11.1, Business Associate agrees to implement reasonable systems for the discovery and prompt reporting of any breach of individually identifiable information (including but not limited to PHI, and referred to hereinafter as “Individually Identifiable Information”) that, if misused, disclosed, lost or stolen, Covered Entity believes would trigger an obligation under one or more State data breach notification laws (each a “State Breach”) to notify the individuals who are the subject of the information. Business Associate agrees that in the event any Individually Identifiable Information is lost, stolen, used, or disclosed in violation of one or more State data breach notification laws, Business Associate will promptly:
Data Breach Notification and Mitigation Under Other Laws. In addition to the requirements above, Contractor agrees to implement reasonable systems for the discovery and prompt reporting of any breach of individually identifiable information (including but not limited to PHI, and referred to hereinafter as “Individually Identifiable Information”) that, if misused, disclosed, lost or stolen, Contractor believes would trigger an obligation under one or more State data breach notification laws (each a “State Breach”) to notify the individuals who are the subject of the information.
Data Breach Notification and Mitigation Under Other Laws. In addition to the requirements above, each Party agrees to implement reasonable systems for the discovery and prompt reporting of any breach of individually identifiable information (including but not limited to PHI, and referred to hereinafter as “Individually Identifiable Information”) that, if misused, disclosed, lost or stolen, the Party believes would trigger an obligation under one or more State data breach notification laws (each a “State Breach”) to notify the individuals who are the subject of the information.
Data Breach Notification and Mitigation Under Other Laws. In addition to the requirements of Section 9.1, Business Associate agrees to implement reasonable systems for the discovery and prompt reporting of any breach of individually identifiable information (including but not limited to PHI, and referred to hereinafter as “Individually Identifiable Information”) that, if misused, disclosed, lost or stolen, Facility believes would trigger an obligation under one or more State data breach notification laws (each a “State Breach”) to notify the individuals who are the subject of the information. Business Associate agrees that in the event any Individually Identifiable Information is lost, stolen, used or disclosed in violation of one or more State data breach notification laws, Business Associate shall promptly: (i) cooperate and assist Facility with any investigation into any State Breach or alleged State Breach; (ii) cooperate and assist Facility with any investigation into any State Breach or alleged State Breach conducted by any State Attorney General or State Consumer Affairs Department (or their respective agents); (iii) comply with Facility’s determinations regarding Facility’s and Business Associate’s obligations to mitigate to the extent practicable any potential harm to the individuals impacted by the State Breach; and (iv) assist with the implementation of any decision by Facility or any State agency, including any State Attorney General or State Consumer Affairs Department (or their respective agents), to notify individuals impacted or potentially impacted by a State Breach.
