HIPAA Data Breach Notification and Mitigation. Business Associate agrees to implement reasonable systems for the discovery and prompt reporting to Covered Entity of any “breach” of “unsecured PHI” as those terms are defined by 45 C.F.R. § 164.402. Specifically, a breach is an unauthorized acquisition, access, use or disclosure of unsecured PHI, including EPHI, which compromises the security or privacy of the PHI/EPHI. A breach compromises the security or privacy of PHI/EPHI if it poses a significant risk of financial, reputational, or other harm to the individual whose PHI/EPHI was compromised (hereinafter a “HIPAA Breach”). The parties acknowledge and agree that 45 C.F.R. § 164.404, as described below in this Section 8.1, governs the determination of the date of discovery of a HIPAA Breach. In the event of any conflict between this Section 8.1 and the Confidentiality Requirements, the more stringent requirements shall govern.
Appears in 4 contracts
Samples: Hipaa Business Associate Agreement, Hipaa Business Associate Agreement, Interlocal Agreement
HIPAA Data Breach Notification and Mitigation. Business Associate agrees to implement reasonable systems for the discovery and prompt reporting to Covered Entity of any “breach” of “unsecured PHI” as those terms are defined by 45 C.F.R. § 164.402. Specifically, a breach is an unauthorized acquisition, access, use or disclosure of unsecured PHI, including EPHIePHI, which compromises the security or privacy of the PHI/EPHIePHI. A breach compromises the security or privacy of PHI/EPHI ePHI if it poses a significant risk of financial, reputational, or other harm to the individual whose PHI/EPHI ePHI was compromised (hereinafter a “HIPAA Breach”). The parties acknowledge and agree that 45 C.F.R. § 164.404, as described below in this Section 8.1, governs the determination of the date of discovery of a HIPAA Breach. In the event of any conflict between this Section 8.1 and the Confidentiality Requirements, the more stringent requirements shall govern.
Appears in 2 contracts
Samples: Collaboration Icare Participation Agreement, Business Associate Agreement
HIPAA Data Breach Notification and Mitigation. Business Associate agrees to implement reasonable systems for the discovery and prompt reporting to Covered Entity of any “breach” of “unsecured PHI” as those terms are defined by 45 C.F.R. § 164.402. Specifically, a breach is an unauthorized acquisition, access, use or disclosure of unsecured PHI, including EPHIePHI, which compromises the security or privacy of the PHI/EPHIePHI. A breach compromises the security or privacy of PHI/EPHI ePHI if it poses a significant risk of financial, reputational, or other harm to the individual whose PHI/EPHI ePHI was compromised (hereinafter a “HIPAA Breach”). The parties acknowledge and agree that 45 C.F.R. § 164.404, as described below in this Section 8.1, governs the determination of the date of discovery of a HIPAA Breach. In addition to the event of any conflict between this Section 8.1 foregoing and notwithstanding anything to the Confidentiality Requirementscontrary herein, the more stringent requirements shall governBusiness Associate will also comply with applicable state law.
Appears in 1 contract
Samples: Business Associate Agreement