Privacy or Security Breach Sample Clauses

Privacy or Security Breach. The Business Associate will report to the Covered Entity any use or disclosure of the Covered Entity’s Protected Health Information not permitted by this Agreement along with any Breach of the Covered Entity’s Unsecured Protected Health Information. The Business Associate will treat the Breach as being discovered in accordance with 45 CFR §164.410. The Business Associate will make the report to the Covered Entity’s Privacy Official not more than fifty (50) calendar days after the Business Associate learns of such non-permitted use or disclosure. If a delay is requested by a law-enforcement official in accordance with 45 CFR §164.412, the Business Associate may delay notifying the Covered Entity for the applicable time period. The Business Associate’s report will at least: (A) Identify the nature of the Breach or other non-permitted use or disclosure, which will include a brief description of what happened, including the date of any Breach and the date of the discovery of the Breach; (B) Identify the Covered Entity’s Protected Health Information that was subject to the non-permitted use or disclosure or Breach (such as whether full name, social security number, date of birth, home address, account number or other information were involved) on an individual basis; (C) Identify who made the non-permitted use or disclosure and who received the non-permitted use or disclosure; (D) Identify what corrective or investigational action the Business Associate took or will take to prevent further non-permitted uses or disclosures, to mitigate harmful effects and to protect against any further Breaches; (E) Identify what steps the individuals who were subject to a Breach should take to protect themselves; and (F) Provide such other information, including a written report, as the Covered Entity may reasonably request.
Sample 1Sample 2See All (20)
AutoNDA by SimpleDocs
Privacy or Security Breach. 2.11.1 In accordance with applicable law, Contractor agrees to give written notice (an “Incident Notice”) to Covered Entity and RCEB of any (a) use or disclosure of PHI that is not in compliance with the terms of this Agreement, of which it becomes aware (“Breach”) and (b) attempted or actual Security Incident (collectively with a Breach, an “Incident”). An Incident Notice shall be made without unreasonable delay and, in no event, later than twenty four (24) hours after discovery of such Incident, except where a law enforcement official determines that a notification would impede a criminal investigation or cause damage to national security as described in 45 C.F.R. § 164.412. In addition, an Incident Notice shall include (to the extent possible) the following information: (a) identification of each Consumer whose Unsecured PHI has been, or is reasonably believed to have been, accessed, acquired, or disclosed during the Incident; (b) the circumstances constituting and, to the extent relevant, surrounding the Incident (including, without limitation, the individual(s) causing the Incident and the person(s) receiving or accessing the PHI), the date of the Incident and date of discovery; (c) the PHI affected or disclosed by the Incident on an individual Consumer-by-individual Consumer basis; (d) the steps Contractor is taking to investigate and correct the Incident, mitigate harm or loss to affected Consumers, and protect against future similar Incidences, (e) the actions which Consumers affected by the Incident should take to protect their interests; and (f) a contact person for additional information. 2.11.2 Contractor shall cooperate with Covered Entity and RCEB in the investigation of the Incident, and in conducting any risk assessment necessary to determine whether notification of the Incident is required, and shall maintain, and provide at the direction of RCEB or Covered Entity, all reasonable and appropriate documents, files, records, or logs related to the Incident. For purposes of discovery and reporting of an Incident, Contractor agrees that it shall not be the agent of RCEB. 2.11.3 To the extent that any Incident involves a Breach of Unsecured PHI, and upon the request of RCEB or Covered Entity, Contractor shall provide notice to impacted Consumers, the media and the Secretary in the time and manner required by 42 U.S.C. § 17932 and 45 C.F.R. §§ 164.404, 164.406 and 164.408. Prior to providing any such notice, Contractor shall provide RCEB and Cove...
Sample 1Sample 2Sample 3See All (4)
Privacy or Security Breach. Both Parties shall promptly report any actual or potential breach of Data to the other party if that information has been exchanged via the HIE and/or exists in the cloud repository. All affected parties will cooperate to ensure that prompt mitigation measures are taken and timely breach notification is issued as outlined in state (10 L.P.R.A.
Sample 1Sample 2
Privacy or Security Breach. Business Associate will report to Covered Entity any use or disclosure of Covered Entity’s Protected Health Information not permitted by this Agreement along with any Breach of Covered Entity’s Unsecured Protected Health Information. Business Associate will treat the Breach as being discovered in accordance with 45 CFR § 164.410. Business Associate will make the report to Covered Entity’s Privacy Official not more than 20 calendar days after Business Associate learns of such non permitted use or disclosure. If a delay is requested by a law-enforcement official in accordance with 45 CFR § 164.412, Business Associate may delay notifying Covered Entity for the applicable time period. Business Associate’s report will at least: (A) Identify the nature of the Breach or other non-permitted use or disclosure, which will include a brief description of what happened, including the date of any Breach and the date of the discovery of any Breach; (B) Identify Covered Entity’s Protected Health Information that was subject to the non- permitted use or disclosure or Breach (such as whether full name, social security number, date of birth, home address, account number or other information were involved) on an individual basis; (C) Identify who made the non-permitted use or disclosure and who received the non- permitted disclosure; (D) Identify what corrective or investigational action Business Associate took or will take to prevent further non-permitted uses or disclosures, to mitigate harmful effects and to protect against any further Breaches; (E) Identify what steps the individuals who were subject to a Breach should take to protect themselves; (F) Provide such other information, including a written report and risk assessment under 45 CFR § 164.402, as Covered Entity may reasonably request.
Sample 1
Privacy or Security Breach. Business Associate will report to Covered Entity any use or disclosure of Covered Entity’s Protected Health Information not permitted by this Agreement or in writing by Covered Entity, along with any Breach as defined by the Privacy Rule (or possible Breach) of Covered Entity’s Unsecured Protected Health Information. In connection with this report to Covered Entity, Business Associate will prepare a written risk assessment for each Breach or possible Breach and shall provide a copy of such risk assessment to Covered Entity. Business Associate will make the report to Covered Entity’s Privacy Official not more than 30 calendar days after Business Associate learns of such non-permitted use or disclosure. If a delay is requested by a law enforcement official in accordance with 45 C.F.R. §164-412, Business Associate may delay notifying Covered Entity as outlined in such regulation. Business Associate’s report will at least: (a) Identify the nature of the Breach or other non-permitted use or disclosure, which will include a brief description of what happened, including the date of any Breach and the date of the discovery of any Breach; (b) Identify Covered Entity’s Protected Health Information that was subject to the non-permitted use or disclosure or Breach (such as whether full name, social security number, date of birth, home address, account number or other information were involved) on an individual-by-individual basis; (c) Identify who made the non-permitted use or disclosure and who received the non-permitted disclosure; (d) Identify what corrective or investigational action Business Associate took or will take to prevent further non-permitted uses or disclosures, to mitigate harmful effects and to protect against any further Breaches; (e) Identify what steps the individuals who were subject to a Breach should take to protect themselves; (f) Provide such other information, including a written report, as Covered Entity may reasonably request.
Sample 1
Privacy or Security Breach. 2.11.1 In accordance with applicable law, Owner agrees to give written notice (an “Incident Notice”) to Covered Entity and RCEB of any (a) use or disclosure of PHI that is not in compliance with the terms of this Agreement, of which it becomes aware (“Breach”) and (b) attempted or actual Security Incident (collectively with a Breach, an “Incident”). An Incident Notice shall be made without unreasonable delay and, in no event, later than twenty four
Sample 1
Privacy or Security Breach. Business Associate will report to Covered Entity any use or disclosure of Covered Entity’s PHI not permitted by this Agreement along with any Breach of Covered Entity’s Unsecure PHI. Business Associate will treat the Breach as being discovered in accordance with 45 CFR § 164.410. Business Associate will make the report to Covered Entity’s Privacy Official or other corporate contact within ten (10) calendar days after Business Associate learns of such non-permitted use or disclosure. If a delay is requested by a law-enforcement official in accordance with 45 CFR
Sample 1
AutoNDA by SimpleDocs
Privacy or Security Breach. The Contractor shall report by telephone or e-mail to DH any unauthorized access or disclosure of the data as soon as possible upon its discovery, and will take such steps as necessary to prevent further unauthorized use or disclosure. The Contractor shall assist DH as requested in the conduct or resolution of any privacy investigation conducted by the DH or the Integrity Commissioner in respect of the DH Data provided to the Contractor.
Sample 1

Related to Privacy or Security Breach

  • Security Breach In the event that Seller discovers or is notified of a breach, potential breach of security, or security incident at Seller's Facility or of Seller's systems, Seller shall immediately (i) notify Company of such potential, suspected or actual security breach, whether or not such breach has compromised any of Company's confidential information; (ii) investigate and promptly remediate the effects of the breach, whether or not the breach was caused by Seller; (iii) cooperate with Company with respect to any such breach or unauthorized access or use; (iv) comply with all applicable privacy and data protection laws governing Company's or any other individual's or entity's data; and (v) to the extent such breach was caused by Seller, provide Company with reasonable assurances satisfactory to Company that such breach, potential breach, or security incident shall not recur. Seller shall provide documentation to Company evidencing the length and impact of the breach. Any remediation of any such breach will be at Seller's sole expense.

  • Security Breaches In order to protect your security, it is your sole responsibility to ensure that all usernames and passwords used to access the Website are kept secure and confidential. You must immediately notify us of any unauthorized use of your account, including the unauthorized use of your password, or any other breach of security. We will investigate any breach of security on the Website that we determine in our sole discretion to be serious in nature, but we will not be held responsible or liable in any manner for breaches of security or any unauthorized access to your account however arising.

  • Security Breach Notification In addition to the information enumerated in Article V, Section 4(1) of the DPA Standard Clauses, any Security Breach notification provided by the Provider to the LEA shall include: a. A list of the students whose Student Data was involved in or is reasonably believed to have been involved in the breach, if known; and b. The name and contact information for an employee of the Provider whom parents may contact to inquire about the breach.

  • Security Breach Notice and Reporting The Contractor shall have policies and procedures in place for the effective management of Security Breaches, as defined below, which shall be made available to the State upon request.

  • Contractor Security Clearance Customers may designate certain duties and/or positions as positions of “special trust” because they involve special trust responsibilities, are located in sensitive locations, or have key capabilities with access to sensitive or confidential information. The designation of a special trust position or duties is at the sole discretion of the Customer. Contractor or Contractor’s employees and Staff who, in the performance of this Contract, will be assigned to work in positions determined by the Customer to be positions of special trust, may be required to submit to background screening and be approved by the Customer to work on this Contract.

  • Personal Data Breach Notification SAP will notify Customer without undue delay after becoming aware of any Personal Data Breach and provide reasonable information in its possession to assist Customer to meet Customer’s obligations to report a Personal Data Breach as required under Data Protection Law. SAP may provide such information in phases as it becomes available. Such notification shall not be interpreted or construed as an admission of fault or liability by SAP.

  • Breach by Authorized User An Authorized User’s breach shall not be deemed a breach of the Centralized Contract; rather, it shall be deemed a breach of the Authorized User’s performance under the terms and conditions of the Centralized Contract.

  • Personal Information security breach Supplier/Service Provider’s Obligations a) The Supplier/Service Provider shall notify the Information Officer of Transnet, in writing as soon as possible after it becomes aware of or suspects any loss, unauthorised access or unlawful use of any personal data and shall, at its own cost, take all necessary remedial steps to mitigate the extent of the loss or compromise of personal data and to restore the integrity of the affected Goods/Services as quickly as is possible. The Supplier/Service Provider shall also be required to provide Transnet with details of the persons affected by the compromise and the nature and extent of the compromise, including details of the identity of the unauthorised person who may have accessed or acquired the personal data. b) The Supplier/Service Provider shall provide on-going updates on its progress in resolving the compromise at reasonable intervals until such time as the compromise is resolved. c) Where required, the Supplier/Service Provider may be required to notify the South African Police Service; and/or the State Security Agency and where applicable, the relevant regulator and/or the affected persons of the security breach. Any such notification shall always include sufficient information to allow the persons to take protective measures against the potential consequences of the compromise. d) The Supplier/Service Provider undertakes to co‑operate in any investigation relating to security which is carried out by or on behalf of Transnet including providing any information or material in its possession or control and implementing new security measures.

  • Predecessor Security The term “

  • Notification of Anticipatory Breach Vendor agrees that should it, for any reason, not be able to provide or maintain appropriate safeguards to fulfill its obligations under this Section, it will immediately inform Citizens in writing of such inability and such inability on Vendor’s part will serve as justification for Citizens’ termination of this Agreement, at Citizens’ sole election, at any time after the inability becomes known to Citizens.

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!