Privacy Breaches. OSMI agrees to report to Provider any use or disclosure of PHI, which is inconsistent with the terms of this Addendum and of which OSMI, becomes aware, including, but not limited to, any discovery of an inconsistent use or disclosure by an agent or subcontractor of OSMI. OSMI agrees to mitigate, to the extent practicable, any harmful effect that is known to OSMI of a use or disclosure of PHI by OSMI in violation of this Agreement.
Privacy Breaches. 11.1 Provided that a disclosure of or a failure to disclose personal information is done in good faith and reasonable care has been taken to comply with the applicable federal or provincial legislation, the Parties shall not assume any liability whatsoever for any misuse of the personal information provided to the other under this Agreement.
11.2 The Parties will investigate all cases where they have reasonable grounds to believe that any of the conditions set out in this Agreement has been or are likely to be breached by them, their employees or agents. This includes any case where it is alleged, suspected, or there is evidence that there has been unauthorized access, use, disclosure or modification of the personal information exchanged under this Agreement, modification of a permitted use, misuse or breach of confidentiality, or any incident which might jeopardize or has jeopardized the security or integrity of their respective computer systems or networks used to access and transmit the personal information.
11.3 In the event of a Privacy Breach, the party with custody or control of the personal information to which the Privacy Breach relates shall:
(a) immediately take any necessary steps to contain or limit the Privacy Breach, including stopping any unauthorized practice or action, recovering the personal information, where possible, shutting down access to information systems, revoking or changing computer and other access codes or correcting weaknesses in physical or information technology security;
(b) promptly investigate the cause of the Privacy Breach;
(c) promptly notify the other party through the designated officials listed section 13.2 of the Privacy Breach including when it occurred and the circumstances under which it occurred;
(d) promptly consult the other party about notifying the Information and Privacy Commissioner for British Columbia or Privacy Commissioner of Canada, as required;
(e) promptly notify the appropriate law enforcement agency if the privacy breach involves theft or other suspected criminal activity;
(f) after completing the investigation described in paragraph (b), promptly report the results to the other party through the designated officials listed section 13.2;
(g) promptly comply with any reasonable recommendation made by the other party to improve the adequacy or effectiveness of the responsible party’s measures to safeguard or ensure the confidentiality of the personal information, to protect the privacy of any in...
Privacy Breaches. Company agrees to report to PC any use or disclosure of PHI which is inconsistent with the terms of this Addendum and of which Company becomes aware, including, but not limited to, any discovery of an inconsistent use or disclosure by an agent or subcontractor of Company. Company agrees to mitigate, to the extent practicable, any harmful effect that is known to Company of a use or disclosure of PHI by Company in violation of this Agreement.
Privacy Breaches. The efficacy of the data sharing ecosystem envisioned by the DSA depends on its credibility with the people it serves. We strongly value privacy and data protection, but the DSA and its supporting Policies and Procedures create a different regulatory structure than current state and federal law with thresholds that are impossible to meet. We recommend the DSA reference existing law without creating new and different standards.
Privacy Breaches. If a Privacy Breach occurs, or the Supplier has reasonable grounds to believe that a Privacy Breach has occurred or is likely to occur, the Supplier must:
(a) notify HBDHB immediately, and in any event within 24 hours;
(b) immediately commence performing a reasonable assessment of the Privacy Breach and (if relevant) prevent any further unauthorised use of or access to Personal Information and/or Health Information;
(c) provide (at the Supplier's cost) all information and assistance reasonably requested by HBDHB to comply with any applicable notification obligations of HBDHB; and
(d) not make any public statement regarding the Privacy Breach unless agreed by HBDHB in writing.
Privacy Breaches. With respect to any incident not subject to reporting under § 2.5.1 of this Agreement, the Business Associate shall promptly report to ABS any use or disclosure of Protected Health Information of which it becomes aware that is not permitted or required by this Agreement.
Privacy Breaches. If STW becomes aware of an incident affecting the controller's personal data (such as unauthorized access, loss, disclosure, or alteration of data), STW shall notify the customer without undue delay. The notification shall:
1. describe the nature of the incident,
2. describe the likely consequences of the incident,
3. where applicable, describe the measures taken or proposed to be taken by STW in response to the incident, and
4. provide STW's contact person.
Privacy Breaches. If the Customer becomes aware of a Privacy Breach, the Customer shall immediately notify Hydrafacial and provide Hydrafacial with reasonable information and cooperation to enable Hydrafacial to comply with any breach notification obligations it may have under applicable data protection law. The Customer shall also take such measures and actions as are reasonably necessary to mitigate the effects of the Data Breach and shall keep the Customer informed of all material developments in connection with the Data Breach. The same requirements shall apply to sub-processors.
Privacy Breaches. With respect to any incident not subject to reporting under § 2.5.1 of this Agreement, Business Associate shall promptly report to HEALTH NET CONNECT any use or disclosure of Protected Health Information of which it becomes aware that is not permitted or required by this Agreement.
Privacy Breaches. (a) If CAMH or an HR HSP becomes aware that PHI or PI has inadvertently included in the Data and has been stolen or lost, or a person has obtained unauthorized access to PHI, or that CAMH or an HR HSP has used, disclosed or disposed of the PHI other than as contemplated in this Agreement or in accordance with applicable law (collectively referred to in this sub-section as the “Breached PHI”), then the Party who became aware of the Breached PHI shall at the first reasonable opportunity (not to exceed two Business Days) notify the other relevant Party, and the HR HSP that provided the PHI or PI to CAMH will be responsible for addressing the Breached PHI by deleting (or instructing CAMH to delete, as applicable) the PHI from the Database and otherwise handling the breach in accordance with its internal policies.
(b) If an HR HSP receives a complaint regarding its collection, use, or disclosure of PHI or PI, or a complaint in regard to the privacy practices of the Ontario Harm Reduction Database Initiative, it shall deal with such complaint in accordance with its own procedures for dealing with privacy complaints, and shall immediately advise and consult with CAMH about the complaint and about the HR HSP’s plans to deal with the complaint.
(c) Without limiting the provisions of this SECTION 8, each Party agrees to cooperate with the other Parties in the event of a privacy breach, complaint or incident, including any complaints to the Information and Privacy Commissioner for Ontario, and take all necessary steps to deal with such breach, complaint or incident.
