Privacy Breach Notification Sample Clauses

Privacy Breach Notification. The Business Associate will report to Covered Entity any use or disclosure of PHI not permitted by this BA Contract or in writing by Covered Entity. The Business Associate will investigate and make the report to Covered Entity not more than 10 days after TECHNOLOGY TOOL(S) learns of such non-permitted use or disclosure.
Sample 1Sample 2Sample 3
AutoNDA by SimpleDocs
Privacy Breach Notification. Business Associate will report to Physician any use or disclosure of PHI not permitted by this BA Contract or in writing by Physician that is not a Security Breach reportable under Section 7(a) above. Business Associate will make the report to Physician not later than 10 days after Business Associate learns of such non-permitted use or disclosure.
Sample 1Sample 2
Privacy Breach Notification. (a) Without limiting the generality of Section 12.10(k), upon becoming aware of the occurrence of any security breach or privacy breach, the CPA will do the following, subject to Applicable Law: (i) immediately, but in any event not later than two (2) Business Days from the date the CPA becomes aware of the occurrence of such security breach or privacy breach, notify the Trustee and Guarantor by telephone and in writing; (ii) take all steps necessary to enforce against any Person that is or may be engaging in such unauthorized handling any rights that the CPA has to require such person to comply with any obligation of confidence to the CPA and to cease such unauthorized activities; (iii) do all things, execute all documents and give all assistance reasonably required by the Trustee and the Guarantor to enable the Trust to enforce against any Person that is or may be engaging in such unauthorized handling any rights that the Trust has to require such person to comply with any obligation of confidence to the Trust and to cease such unauthorized activities; and (iv) if the security breach involves Personal Information, then, if requested by the Trustee or Guarantor, reasonably cooperate with and assist the Trustee or Guarantor in any communication with the media, any affected persons (by press release, telephone, letter, call centre, website or any other method of communication) and any Governmental Authorities to explain the occurrence of the security breach and the remedial efforts being undertaken. The content and method of any such communications will be determined by the Trustee and the Guarantor. To the extent such communications refer to the CPA, the content and method of such communications will also be determined by CPA. (b) Additionally, the CPA shall assist the Trustee or Guarantor in mitigating any potential damage and take such steps as are directed by the Trustee and Guarantor to assist in the investigation, mitigation and remediation of each such security breach. (c) As soon as reasonably practicable after any such security breach, the CPA shall conduct a root cause analysis and, upon request, will share summaries of the results of its analysis and its remediation plan with the Trust. The CPA shall provide updated information to the Trust should additional details be discovered regarding the cause, nature, consequences, or extent of the security breach.
Sample 1
Privacy Breach Notification. Vendor will report to CCH any use or disclosure of PHI not permitted or required by this BAA or in writing by CCH that is not a Security Breach reportable under Section 7(a). Vendor will make the report to CCH not later than 5 days after Vendor lxxxxx of such unauthorized use or disclosure.
Sample 1
Privacy Breach Notification. The Insurer will reimburse, or pay on behalf of, the Insured for Privacy Breach Notification Costs resulting from an actual or suspected Privacy Breach that is Discovered during the Policy Period, or any applicable extended reporting period. The Insurer will reimburse, or pay on behalf of, the Insured for Computer And Legal Expert Costs Specimen resulting from an actual or suspected:
Sample 1
Privacy Breach Notification. Who is responsible for giving notice to Individuals affected by a notifiable privacy breach? By default, the General Terms make the Recipient responsible. However, the parties can agree to change this below by changing Recipient to Discloser below. The Discloser is responsible for giving notice to Individuals affected by a notifiable privacy breach When transferred information is no longer required for any of the permitted uses, the Recipient must promptly and securely destroy or delete that transferred information, as required by clause 1.5 of the General Terms. In addition, if a particular event or date is specified in the table below, then when that event occurs or that date arrives, the Recipient will promptly destroy or delete the relevant transferred information as specified in the table. Deletion Event / Date Transferred information to be deleted What data protection laws apply in the Recipient’s home country? Name the country and list the laws. The Personal Data Protection Act 1998 (South Savanna)
Sample 1
Privacy Breach Notification. (a) Without limiting the generality of Section 5.1(f), upon becoming aware of the occurrence of any security breach or privacy breach, the CPTA will do the following, subject to Applicable Law: (i) immediately, but in any event not later than two (2) business days from the date the CPTA becomes aware of the occurrence of such security breach or privacy breach, notify the Corporation by telephone and in writing; (ii) take all steps necessary to enforce against any Person that is or may be engaging in such unauthorized handling any rights that the CPTA has to require such person to comply with any obligation of confidence to the CPTA and to cease such unauthorized activities; (iii) do all things, execute all documents and give all assistance reasonably required by the Corporation to enable the Corporation to enforce against any Person that is or may be engaging in such unauthorized handling any rights that the Corporation has to require such person to comply with any obligation of confidence to the Corporation and to cease such unauthorized activities; and (iv) if the security breach involves Personal Information, then, if requested by the Corporation, reasonably cooperate with and assist the Corporation in any communication with the media, any affected persons (by press release, telephone, letter, call centre, website or any other method of communication) and any governmental or regulatory authorities to explain the occurrence of the security breach and the remedial efforts being undertaken. The content and method of any such communications will be determined by the Corporation. To the extent such communications refer to the CPTA, the content and method of such communications will also be determined by CPTA. (a) Additionally, the CPTA shall assist the Corporation in mitigating any potential damage and take such steps as are directed by the Corporation to assist in the investigation, mitigation and remediation of each such security breach. (b) As soon as reasonably practicable after any such security breach, the CPTA shall conduct a root cause analysis and, upon request, will share summaries of the results of its analysis and its remediation plan with the Corporation. The CPTA shall provide updated information to the Corporation should additional details be discovered regarding the cause, nature, consequences, or extent of the security breach.
Sample 1
AutoNDA by SimpleDocs
Privacy Breach Notification. Should Client experience a Privacy Breach with respect to the ONE Mail Direct Services, including ONE Pages, the Authorized Representative (or his or her designate) will immediately notify eHealth Ontario Service Desk at 0-000-000-0000 or xxxxxxxxxxx@xxxxxxxxxxxxxx.xx.xx and provide all information that Client is reasonably able to provide with respect to that Privacy Breach. In addition, Client will provide such assistance as eHealth Ontario may reasonably request to enable eHealth Ontario to verify and resolve that Privacy Breach. Should eHealth Ontario experience a Privacy Breach it will immediately notify Client via the contact information provided by Client.
Sample 1

Related to Privacy Breach Notification

  • Personal Data Breach Notification SAP will notify Customer without undue delay after becoming aware of any Personal Data Breach and provide reasonable information in its possession to assist Customer to meet Customer’s obligations to report a Personal Data Breach as required under Data Protection Law. SAP may provide such information in phases as it becomes available. Such notification shall not be interpreted or construed as an admission of fault or liability by SAP.

  • Security Breach Notification In addition to the information enumerated in Article V, Section 4(1) of the DPA Standard Clauses, any Security Breach notification provided by the Provider to the LEA shall include: a. A list of the students whose Student Data was involved in or is reasonably believed to have been involved in the breach, if known; and b. The name and contact information for an employee of the Provider whom parents may contact to inquire about the breach.

  • Breach Notification a. In the event of a Breach of unsecured PHI or disclosure that compromises the privacy or security of PHI obtained from DSHS or involving DSHS clients, Business Associate will take all measures required by state or federal law. b. Business Associate will notify DSHS within one (1) business day by telephone and in writing of any acquisition, access, Use or disclosure of PHI not allowed by the provisions of this Contract or not authorized by HIPAA Rules or required by law of which it becomes aware which potentially compromises the security or privacy of the Protected Health Information as defined in 45 CFR 164.402 (Definitions). c. Business Associate will notify the DSHS Contact shown on the cover page of this Contract within one (1) business day by telephone or e-mail of any potential Breach of security or privacy of PHI by the Business Associate or its Subcontractors or agents. Business Associate will follow telephone or e-mail notification with a faxed or other written explanation of the Breach, to include the following: date and time of the Breach, date Breach was discovered, location and nature of the PHI, type of Breach, origination and destination of PHI, Business Associate unit and personnel associated with the Breach, detailed description of the Breach, anticipated mitigation steps, and the name, address, telephone number, fax number, and e-mail of the individual who is responsible as the primary point of contact. Business Associate will address communications to the DSHS Contact. Business Associate will coordinate and cooperate with DSHS to provide a copy of its investigation and other information requested by DSHS, including advance copies of any notifications required for DSHS review before disseminating and verification of the dates notifications were sent. d. If DSHS determines that Business Associate or its Subcontractor(s) or agent(s) is responsible for a Breach of unsecured PHI: (1) requiring notification of Individuals under 45 CFR § 164.404 (Notification to Individuals), Business Associate bears the responsibility and costs for notifying the affected Individuals and receiving and responding to those Individuals’ questions or requests for additional information; (2) requiring notification of the media under 45 CFR § 164.406 (Notification to the media), Business Associate bears the responsibility and costs for notifying the media and receiving and responding to media questions or requests for additional information; (3) requiring notification of the U.S. Department of Health and Human Services Secretary under 45 CFR § 164.408 (Notification to the Secretary), Business Associate bears the responsibility and costs for notifying the Secretary and receiving and responding to the Secretary’s questions or requests for additional information; and (4) DSHS will take appropriate remedial measures up to termination of this Contract.

  • Handling Sensitive Personal Information and Breach Notification A. As part of its contract with HHSC Contractor may receive or create sensitive personal information, as section 521.002 of the Business and Commerce Code defines that phrase. Contractor must use appropriate safeguards to protect this sensitive personal information. These safeguards must include maintaining the sensitive personal information in a form that is unusable, unreadable, or indecipherable to unauthorized persons. Contractor may consult the “Guidance to Render Unsecured Protected Health Information Unusable, Unreadable, or Indecipherable to Unauthorized Individuals” issued by the U.S. Department of Health and Human Services to determine ways to meet this standard. B. Contractor must notify HHSC of any confirmed or suspected unauthorized acquisition, access, use or disclosure of sensitive personal information related to this Contract, including any breach of system security, as section 521.053 of the Business and Commerce Code defines that phrase. Contractor must submit a written report to HHSC as soon as possible but no later than 10 business days after discovering the unauthorized acquisition, access, use or disclosure. The written report must identify everyone whose sensitive personal information has been or is reasonably believed to have been compromised. C. Contractor must either disclose the unauthorized acquisition, access, use or disclosure to everyone whose sensitive personal information has been or is reasonably believed to have been compromised or pay the expenses associated with HHSC doing the disclosure if: 1. Contractor experiences a breach of system security involving information owned by HHSC for which disclosure or notification is required under section 521.053 of the Business and Commerce Code; or 2. Contractor experiences a breach of unsecured protected health information, as 45 C.F.R. §164.402 defines that phrase, and HHSC becomes responsible for doing the notification required by 45 C.F.R. §164.404. HHSC may, at its discretion, waive Contractor's payment of expenses associated with HHSC doing the disclosure.

  • Security Breach Notice and Reporting The Contractor shall have policies and procedures in place for the effective management of Security Breaches, as defined below, which shall be made available to the State upon request.

  • Notification of personal data breach 1. In case of any personal data breach, the data processor shall, without undue delay after having become aware of it, notify the data controller of the personal data breach. 2. The data processor’s notification to the data controller shall, if possible, take place within 24 hours after the data processor has become aware of the personal data breach to enable the data controller to comply with the data controller’s obligation to notify the personal data breach to the competent supervisory authority, cf. Article 33

  • Privacy Notification (1) The authority to request the above personal information from a seller of goods or services or a lessor of real or personal property, and the authority to maintain such information, is found in Section 5 of the State Tax Law. Disclosure of this information by the seller or lessor to the State is mandatory. The principal purpose for which the information is collected is to enable the State to identify individuals, businesses and others who have been delinquent in filing tax returns or may have understated their tax liabilities and to generally identify persons affected by the taxes administered by the Commissioner of Taxation and Finance. The information will be used for tax administration purposes and for any other purpose authorized by law. (2) The personal information is requested by the purchasing unit of the agency contracting to purchase the goods or services or lease the real or personal property covered by this contract or lease. The information is maintained in the Statewide Financial System by the Vendor Management Unit within the Bureau of State Expenditures, Office of the State Comptroller, 000 Xxxxx Xxxxxx, Xxxxxx, Xxx Xxxx 00000.

  • Data Breach In the event of an unauthorized release, disclosure or acquisition of Student Data that compromises the security, confidentiality or integrity of the Student Data maintained by the Provider the Provider shall provide notification to LEA within seventy-two (72) hours of confirmation of the incident, unless notification within this time limit would disrupt investigation of the incident by law enforcement. In such an event, notification shall be made within a reasonable time after the incident. Provider shall follow the following process: (1) The security breach notification described above shall include, at a minimum, the following information to the extent known by the Provider and as it becomes available: i. The name and contact information of the reporting LEA subject to this section. ii. A list of the types of personal information that were or are reasonably believed to have been the subject of a breach. iii. If the information is possible to determine at the time the notice is provided, then either (1) the date of the breach, (2) the estimated date of the breach, or (3) the date range within which the breach occurred. The notification shall also include the date of the notice. iv. Whether the notification was delayed as a result of a law enforcement investigation, if that information is possible to determine at the time the notice is provided; and v. A general description of the breach incident, if that information is possible to determine at the time the notice is provided. (2) Provider agrees to adhere to all federal and state requirements with respect to a data breach related to the Student Data, including, when appropriate or required, the required responsibilities and procedures for notification and mitigation of any such data breach. (3) Provider further acknowledges and agrees to have a written incident response plan that reflects best practices and is consistent with industry standards and federal and state law for responding to a data breach, breach of security, privacy incident or unauthorized acquisition or use of Student Data or any portion thereof, including personally identifiable information and agrees to provide XXX, upon request, with a summary of said written incident response plan. (4) LEA shall provide notice and facts surrounding the breach to the affected students, parents or guardians. (5) In the event of a breach originating from XXX’s use of the Service, Provider shall cooperate with XXX to the extent necessary to expeditiously secure Student Data.

  • COMPLIANCE WITH BREACH NOTIFICATION AND DATA SECURITY LAWS Contractor shall comply with the provisions of the New York State Information Security Breach and Notification Act (General Business Law § 899-aa and State Technology Law § 208) and commencing March 21, 2020 shall also comply with General Business Law § 899-bb.

  • Data Breaches 4.1 The Data Processor does not guarantee that its security measures will be effective under all conditions. If the Data Processor discovers a data breach within the meaning of Article

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!