Report Security Incidents. Business Associate shall report to Covered Entity any Security Incident of which it becomes aware. For purposes of this Addendum, “Security Incident” means the successful unauthorized access, Use, Disclosure, modification, or destruction of Electronic Protected Health Information or interference with system operations in an information system, excluding: (a) “pings” on an information system firewall; (b) port scans; (c) attempts to log on to an information system or enter a database with an invalid password or user name; (d) denial-of-service attacks that do not result in a server being taken offline; or (e) malware (e.g., a worm or virus) that does not result in unauthorized access, Use, Disclosure, modification, or destruction of Electronic Protected Health Information. Business Associate agrees to mitigate, to the extent practicable, any harmful effect resulting from such Security Incident.
Report Security Incidents. ○ Immediately inform the Data Controller if security breaches that compromise personal data are detected. ○ Provide details about the incident, measures taken to contain it, and corrective actions to prevent recurrences. These responsibilities are designed to ensure ethical and secure handling of personal data at all times. More information: For additional details on our data protection policies and how privacy is ensured, please see our Data Protection Policy here.
Report Security Incidents. Business Associate shall report to Customer any Security Incident within five (5) business days after such Security Incident is discovered by Business Associate.
Report Security Incidents. The business associate must report to the covered entity any security incident of which it becomes aware. ______________ _________________ _________________
