Privacy Breach Sample Clauses

Privacy Breach. Business Associate will report to Covered Entity any use or disclosure of Covered Entity’s PHI that is not permitted by this Agreement or the Underlying Agreement. In addition, Business Associate will report to Covered Entity, following discovery and without reasonable delay, but in no event later than ten (10) days following discovery, any suspected or actual “Breach” of “Unsecured Protected Health Information” as these terms are defined by the HITECH Act and any implementing regulations. Business Associate shall cooperate with Covered Entity in investigating the potential or actual breach and in meeting Covered Entity’s obligations under the HITECH Act and any other state or federal privacy or security breach notification laws. Any such report shall contain at a minimum the information set forth on Attachment A attached hereto and incorporated by reference. Since time is of the essence under the HITECH Act, in addition to providing the report in accordance with the notice provisions contained in Section XI below, a copy of the report shall be faxed to the Privacy Officer at (000)000-0000 or to such other person as Covered Entity shall request in writing of Business Associate.

Privacy Breach. BUSINESS ASSOCIATE will report to COMPANY any use or disclosure of COMPANY’s Protected Health Information not permitted by this Addendum or in writing by COMPANY. In addition, BUSINESS ASSOCIATE will report, following discovery and without unreasonable delay, but in no event later than 10 days following discovery, any “Breach” of “Unsecured Protected Health Information” as these terms are defined by the HITECH Act and any implementing regulations. BUSINESS ASSOCIATE shall cooperate with COMPANY in investigating the breach and in meeting COMPANY’s obligations under the HITECH Act and any other security breach notification laws. Any such report shall include the identification (if known) of each individual whose Unsecured Protected Health Information has been, or is reasonably believed by BUSINESS ASSOCIATE to have been, accessed, acquired, or disclosed during such breach. BUSINESS ASSOCIATE’s report will at least: i. Identify the nature of the non-permitted access, use or disclosure, including date of the breach and the date of discovery of the breach: ii. Identify COMPANY’s Protected Health Information accessed, used or disclosed as part of the breach (e.g., full name, social security number, date of birth, etc.),; iii. Identify who made the non-permitted access, use or disclosure and who received the non-permitted disclosure; iv. Identify what corrective action BUSINESS ASSOCIATE took or will take to prevent further non-permitted access, uses or disclosures; v. Identify what BUSINESS ASSOCIATE did or will do to mitigate any deleterious effect of the non-permitted access, use or disclosure; and vi. Provide such other information, including a written report, as COMPANY may reasonably request.

Privacy Breach. The loss, copying or release, from one or more databases controlled by the “Named Insured” or the “outside organization”, of: a. personal health information, as defined in the Personal Information Protection and Electronic Documents Act of Canada, or as expanded by definitions contained in applicable provincial or territorial statutes, including but not limited to the Health Information Act of Alberta, the Personal Health Information Act of Manitoba, the Personal Health Information Privacy and Access Act of New Brunswick, the Personal Health Information Protection Act of Ontario and the Health Information Protection Act of Saskatchewan, as amended from time to time; or b. any piece of information, which could potentially be used to uniquely identify an individual and to facilitate identity fraud. This information includes, but is not limited to, the following: i. identification and contact information; ii. government issued identification numbers; or iii. financial information.

Privacy Breach. If either Party determines that it has suffered a Security Incident, such Party shall, at the expense of the Party who suffered any such Security Incident, (a) notify the other Party as promptly as reasonably practicable following such determination (and in any event within fifteen (15) calendar days), (b) promptly following such determination (and in any event within two (2) Business Days) begin diligently investigating such Security Incident, (c) promptly following such determination (and in any event within two (2) Business Days) begin diligently to take commercially reasonable steps to restore the security of the Personal Information subject to the Security Incident, notifying the other Party with respect to such measures, (d) deliver any required or reasonably requested notifications or other communications to third parties (including Contractholders and Governmental Authorities) with respect to such Security Incident in a timely manner, and (e) cooperate with the other Party and any Governmental Authority investigating such Security Incident. The Party who did not suffer the Security Incident shall reasonably cooperate with the other Party in satisfying such other Party’s requirements set forth in this Section 5.3. The Parties shall in good faith seek to resolve disputes arising under this Section 5.3 on an expedited basis. INSOLVENCY Insolvency of the Ceding Company. In the event the Ceding Company is declared insolvent by a court of competent jurisdiction and is unable to pay a loss under a Reinsured Contract, all reinsurance made, ceded, renewed or otherwise becoming effective under this Agreement shall be payable by the Reinsurer directly to the Contractholders, Insureds or other beneficiaries entitled to receive payment under the Reinsured Contracts (a “Payee”) on the basis of the liability of the Ceding Company under the Reinsured Contracts without diminution because of such insolvency of the Ceding Company regardless of the status of the Ceding Company. It is understood, however, that in the event of such an insolvency of the Ceding Company, the liquidator, receiver or statutory successor of the Ceding Company shall give written notice of the pendency of a claim against the Ceding Company on a Reinsured Contract within a reasonable period of time after such claim is filed in the applicable insolvency proceedings and that during the pendency of such claim the Reinsurer may investigate such claim and interpose, at its own expense, in the proceed...

Privacy Breach. If Administrator breaches the provisions of this Section 15.4, Administrator agrees to immediately notify Reinsureds and cooperate with Reinsureds in mitigating any potential damages by, at Administrator’s expense: (i) immediately endeavoring to recover all Personal Information from the unauthorized recipient, if known, and instructing the unauthorized recipient to cease and desist from any use of the improperly disclosed Personal Information; (ii) at the request of Reinsureds, returning within ten (10) Business Days all Personal Information provided by Reinsureds to Administrator pursuant to this Section 15.4; (iii) at the request of Reinsureds, deleting from Administrator electronic systems and physical records within ten (10) Business Days all Personal Information provided by Reinsureds and providing certification that such deletion has occurred; (iv) assisting and cooperating with any demand forwarded by Reinsureds to Administrator as a result of a court order imposed on Reinsureds or from a Governmental Authority having jurisdiction over Reinsureds; and (v) assisting with taking any other remedial steps reasonably required by Reinsureds.

Privacy Breach. If the Provider becomes aware of any Privacy Breach in relation to the Agreement it will notify Oranga Tamariki as soon as possible and take all reasonable steps: a. to identify the person or persons affected; b. required by Xxxxxx Xxxxxxxx to undertake its own investigation; and c. stop, and/or mitigate the impact of, any Privacy Breach and prevent its reoccurrence, and the Provider shall not notify any person of the Privacy Breach without the prior written approval of Oranga Tamariki.

Privacy Breach. BlueCross will report to GHP any use or disclosure of GHP’s Protected Health Information not permitted by the ASA and this HIPAA Agreement or in writing by GHP. In addition, BlueCross will report, following discovery and without unreasonable delay, but in no event later than ten (10) business days following discovery, any "Breach" of "Unsecured Protected Health Information" as these terms are defined by the Breach Notification Regulation. BlueCross shall cooperate with GHP in investigating the Breach and in meeting the GHP’s obligations under the Breach Notification Regulation and any other security breach notification laws.

Privacy Breach. Florida Blue will report to GHP any use or disclosure of Protected Health Information not permitted by this Addendum or in writing by GHP, including Breaches of Unsecured PHI, of which Florida Blue becomes aware in accordance with relevant legal requirements. Florida Blue will cooperate with GHP in GHP's performance of investigation or assessments necessary to determine whether a Breach of Unsecured PHI has occurred. GHP shall bear sole responsibility for determining the need for and implementing notification concerning any Breach of Unsecured PHI,

Privacy Breach. The acquisition, access, use, or disclosure of PHI in a m anner which compromises the security or privacy of the PHI as governed by t he provisions of HIPAA and other federal and state laws. For purposes of this definition, “compromises the security or privacy of the protected health information” means poses a significant risk of financial, reputational, or other harm to the individual. Privacy Rule – Standards for the Privacy of Individually Identifiable Health Information at 45 CFR Part 160 and Part 164. Protected Health Information (PHI) – Individually identifiable health information that is transmitted by electronic media, maintained in electronic media, or transmitted or maintained in any other form or medium. Provider – An institution, facility, agency, physician, health care practitioner, or other entity that is licensed or otherwise authorized to provide any of the covered services in the state in which they are furnished. Provider does not include consumer-directed workers (see Consumer-Directed Worker); nor does provider include the FEA (see Fiscal Employer Agent).

Privacy Breach. Business Associate will report to Organization any use or disclosure of Organization’s Protected Health Information not permitted by this Addendum or in writing by Organization. In addition, Business Associate will report, following discovery and without unreasonable delay, but in no event later than ten (10) business days following discovery, any “Breach” of “Unsecured Protected Health Information” as these terms are defined by the HITECH Act and any implementing regulations. Business Associate shall cooperate with Organization in investigating the Breach and in meeting the Organization’s obligations under the HITECH Act and any other security breach notification laws.