Potential Data Security Breach Clause Samples

Potential Data Security Breach. If Outside Entity at any time has reason to believe that PHI transmitted pursuant to this Agreement may have been accessed or disclosed without proper authorization and contrary to the terms of this Agreement, Outside Entity shall immediately notify HRH's Privacy Officer and take actions to eliminate the cause of the breach. To the extent HRH deems warranted, in its sole discretion, HRH will provide notice, or require Outside Entity to provide notice, to individuals whose PHI may have been improperly accessed or disclosed.

Potential Data Security Breach. If at any time Outside Practice has reason to believe that PHI transmitted pursuant to this Agreement may have been accessed or disclosed without proper authorization and contrary to the terms of this Agreement, Outside Practice shall, within one (1) working day of becoming aware of an a potential unauthorized use or disclosure of PHI give HMH notice at ▇▇▇▇▇▇▇@▇▇▇▇.▇▇▇ and take all necessary actions to eliminate the cause of the breach. To the extent HMH deems warranted, in its sole discretion, HMH will provide notice or require Outside Practice to provide notice to individuals whose PHI may have been improperly accessed or disclosed.

Potential Data Security Breach. Outside Entity shall report to UC Health any security incident as defined in the HIPAA Security Rule related to the System of which it becomes aware within twenty-four (24) hours of its knowledge of the incident. Any active or ongoing security incident must be reported immediately upon discovery. Security incident is the attempted or successful unauthorized access, use, disclosure, modification or destruction of information or interference in an information system.

Potential Data Security Breach. If at any time Outside Entity has reason to believe that PHI transmitted pursuant to this Agreement may have been accessed or disclosed without proper authorization and contrary to the terms of this Agreement, Outside Entity will promptly give Connecticut Children’s notice, but in no event longer than three business days, and take actions to eliminate the cause of the breach. To the extent Connecticut Children’s deems reasonably warranted, in its sole discretion, Connecticut Children’s will provide notice (at Outside Entity’s expense) or require Outside Entity (at its own expense) to provide notice to individuals whose PHI may have been improperly accessed or disclosed. In the event credit monitoring is necessary for affected individuals as a result of an improper access or disclosure judicially determined to be attributable to Outside Entity, it shall be provided at Outside Entity’s sole cost and expense. Notwithstanding the foregoing, Outside Entity will not be responsible for notice or credit monitoring costs and expenses in the event that the improper access or disclosure is not attributable to an act or omission of Outside Entity or its employees, officers, directors, or agents.

Potential Data Security Breach. If at any time Outside Entity has reason to believe that PHI transmitted pursuant to this Agreement may have been accessed or disclosed without proper authorization and contrary to the terms of this Agreement, Outside Entity will immediately give Connecticut Children’s notice and take actions to eliminate the cause of the breach. To the extent Connecticut Children’s deems warranted, in its sole discretion, Connecticut Children’s will provide notice (at Outside Entity’s expense) or require Outside Entity (at its own expense) to provide notice to individuals whose PHI may have been improperly accessed or disclosed. In the event credit monitoring is necessary for affected individuals, it shall be provided at Outside Entity’s sole cost and expense.