Notification of Breach, Mitigation. In the event of a Breach of any Unsecured PHI that BA accesses, maintains, retains, modifies, records, stores, transmits, destroys, or otherwise holds or uses on behalf of CE, BA shall report such Breach to CE as soon as practicable, but in no event more than ten (10) days after the Breach is discovered by BA (as defined in 45 C.F.R. § 164.410(a)). BA shall, in consultation with CE, mitigate, to the extent practicable, any harmful effect of such Breach that is known to BA.
Notification of Breach, Mitigation. During the term of this LDU Agreement, Recipient shall notify Covered Entity within twenty-four (24) hours of any actual or suspected use and/or disclosure of LDS in violation of the Privacy Rules or this LDU Agreement. Recipient shall take prompt corrective action to mitigate and cure any harmful effect that is known to Recipient of an improper use and/or disclosure of LDS.
Notification of Breach, Mitigation. Any obligation of Mediware to notify Licensee following the discovery of a “breach” of “unsecured PHI” as those terms are defined by 45 C.F.R. §164.402 in connection with the Services, shall be timely if provided within sixty (60) calendar days after discovery of the same or such longer period if Mediware is prevented from providing notice by 45 C.F.R. §164.412 concerning law enforcement investigations.
