Report of Improper Use or Disclosure. Business Associate shall report to Covered Entity any information of which it becomes aware concerning any use or disclosure of PHI that is not provided for by this Agreement.
Report of Improper Use or Disclosure. Business Associate agrees to promptly report to a Covered Entity any use or disclosure of the Covered Entity’s PHI not provided for by this Agreement of which Business Associate becomes aware. Business Associate is also subject to the requirements in Section 7 of the General Terms and Conditions (Breach Notification).
Report of Improper Use or Disclosure. Recipient shall immediately report to Covered Entity any information of which it becomes aware concerning any use or disclosure of PHI or Limited Data Set information that is not permitted by this Agreement or under HIPAA. This report shall identify the nature of the violating use or disclosure, the PHI or Limited Data Set information used or disclosed, who made the violating use or received the disclosure, what corrective action Recipient has or will take to prevent further violations, including any mitigation, and provide any other information as Covered Entity may request.
Report of Improper Use or Disclosure. Business Associate agrees promptly to report to Covered Entity any use or disclosure of the PHI not provided for by this Agreement of which Business Associate becomes aware, including breaches of unsecured protected health information as required by 45 CFR § 164.410, and any security incident of which it becomes aware. Such report shall be in writing and shall be reported to Covered Entity as soon as practicable after the date Business Associate becomes aware of such use or disclosure, but in no event more than five (5) days following such date.
Report of Improper Use or Disclosure. Business Associate agrees to promptly report to Covered Entity any use or disclosure of the Protected Health Information not required to perform administrative duties related to prior authorization requests of commercial insurance plans of members receiving services from Covered Entity and/or this Agreement. Business Associate agrees to report to Covered Entity any Breach within two (2) business days of the first day the Breach is known, or reasonably should have been known, to the Business Associate, including for this purpose known to any employee, officer, or other agent of the Business Associate (other than the individual committing the Breach) (“Breach Notice”). The Breach Notice will include the date of the Breach and the date of discovery of the Breach and, to the extent known to Business Associate at the time in the exercise of reasonable diligence, identification of each Individual whose Unsecured PHI was, or is reasonably believed by the Business Associate to have been, subject to the Breach, and the nature of the PHI that was subject to the Breach and other information required for notification of Individuals of the Breach (collectively, “Breach Information”). Business Associate will notify Covered Entity in writing of any additional Breach Information not included in the Breach Notice or of the circumstances that prevent Business Associate from obtaining such information not later than ten (10) days after the Breach Notice was sent by Business Associate. Business Associate will cooperate with Covered Entity in the further investigation of the Breach, as reasonably required or as requested by Covered Entity. The steps required of Business Associate under this Section 10 shall be at Business Associate’s expense. If Business Associate believes that the facts related to a Breach justify the application of any statutory exceptions specified at Section 13400 of the HITECH Act and to the regulatory exclusions specified at 45 C.F.R. §164.402, Business Associate shall describe those facts in the Breach Notice and the parties shall thereafter discuss the possible application of an exception or an exclusion, provided that any final decision on the availability of an exclusion or exception will be that of the Covered Entity. The parties agree that this Section 10 satisfies any notices necessary by Business Associate to Covered Entity of the ongoing existence and occurrence of Unsuccessful Security Incidents for which no additional notice to Covered Entity ...
Report of Improper Use or Disclosure. Business Associate shall report, in writing, to Covered Entity within thirty (30) days of discovery any information of which it becomes aware concerning any security incident, use or disclosure of PHI that is not provided for by this Agreement. Business Associate agrees to mitigate, to the extent practicable, any harmful effect that is known to Business Associate of a Use or Disclosure of PHI by Business Associate in violation of the requirements of the Agreement.
Report of Improper Use or Disclosure. Business Associate agrees to report to a Covered Entity within ten (10) business days of discovery any use or disclosure of the Covered Entity’s PHI not provided for by this Agreement of which Business Associate becomes aware.
Report of Improper Use or Disclosure. Business Associate shall immediately report to Covered Entity any information of which it becomes aware concerning any use or disclosure of PHI that is not permitted by this Agreement. This report shall identify the nature of the violating use or disclosure, the PHI used or disclosed, who made the violating use or received the disclosure, what corrective action Business Associate has or will take to prevent further violations, including any mitigation, and provide any other information Covered Entity requests. Business Associate will also immediately report to Covered Entity any breaches of unsecured Protected Health Information identified by Business Associate, including the names of the individuals whose Protected Health Information has been breached, as well as any other information about the nature and date of the breach, the types of information involved, what individuals may do to protect themselves, and the steps the Business Associate is taking to mitigate the harm and protect against future breaches, as provided by 42 U.S.C. 17932(b) and 45 C.F.R. 164.410. Business Associate will mitigate, to the extent practicable, any harmful effect that is known to Business Associate of use or disclosure of Protected Health Information by Business Associate in violation of the requirements of this Agreement.
Report of Improper Use or Disclosure. Incident" means (i) any successful Security Incident, (ii) Breach of Unsecured PHI, or (iii) any loss, destruction, alteration or other event in which PHI cannot be accounted for. Successful Security Incidents shall not include pings and other broadcast attacks on Business Associate’s firewall, port scans, unsuccessful log-on attempts, denials of service and any combination of the above, so long as no such incident results in unauthorized access, use or disclosure of PHI. Business Associate agrees to notify Covered Entity, in writing immediately upon discovery, but not later than one business day from the day of discovery of any Incident (by Business Associate or by a Subcontractor) involving the acquisition, access, use or disclosure of the PHI not provided for by this Agreement of which Business Associate becomes aware. As soon as reasonably possible thereafter, in no case more than five
Report of Improper Use or Disclosure. Business Associate shall report to Covered Entity any information of which it becomes aware concerning any use or disclosure of PHI that is not permitted by this ASP Agreement and any security incident of which it becomes aware. Business Associate will, following the discovery of a breach of “unsecured protected health information,” as defined in 45 C.F.R. § 164.402, notify Covered Entity of such breach within 15 days. The notice shall include the identification of each individual whose unsecured protected health information has been or is reasonably believed by Business Associate to have been, accessed, acquired, or disclosed during such breach. Business Associate agrees to mitigate, to the extent practicable, any harmful effect that is known to Business Associate of a use or disclosure of PHI by Business Associate in violation of this ASP Agreement.
