Reporting of Breaches of Privacy or Security Sample Clauses

Reporting of Breaches of Privacy or Security. (A) Following the discovery of (I) any access to, use or disclosure of PHI which is not permitted by the Participation Agreement (including any Breach of Privacy or Security) or
Sample 1
AutoNDA by SimpleDocs
Reporting of Breaches of Privacy or Security. (A) Following the discovery of (I) any access to, Use or Disclosure of PHI which is not permitted by the System Access License Agreement (including any Breach of Privacy or Security) or (II) any Security Incident, Business Associate shall notify Covered Entity by contacting Covered Entity’s designated privacy contact person without unreasonable delay, and in no case later than forty-eight (48) hours after discovery of the Breach of Privacy or Security of the Security Incident; provided, however, that the Parties acknowledge and agree that this Section constitutes notice by Business Associate to Covered Entity of the ongoing existence and occurrence of attempted but Unsuccessful Security Incidents (as defined below) for which notice to Covered Entity by Business Associate shall be required only upon request. “Unsuccessful Security Incidents” shall include, but not be limited to, pings and other broadcast attacks on Business Associate’s firewall, port scans, unsuccessful log-on attempts, denials of service and any combination of the above, so long as no such incident results in unauthorized access, Use or Disclosure of PHI. Covered Entity will advise Business Associate of any subsequent changes to the privacy contact person’s contact information.
Sample 1
Reporting of Breaches of Privacy or Security. Following the discovery of (I) any access to, use or disclosure of PHI which is not permitted by the Participation Agreement (including any Breach of Privacy or Security) or (II) any Security Incident, Business Associate shall notify Covered Entity by contacting Covered Entity’s designated privacy contact person without unreasonable delay, and in no case later than forty-eight (48) hours after discovery of the Breach of Privacy or Security of the Security Incident; provided, however, that the Parties acknowledge and agree that this Section constitutes notice by Business Associate to Covered Entity of the ongoing existence and occurrence of attempted but Unsuccessful Security Incidents (as defined below) for which notice to Covered Entity by Business Associate shall be required only upon request. “Unsuccessful Security Incidents” shall include, but not be limited to, pings and other broadcast attacks on Business Associate’s firewall, port scans, unsuccessful log-on attempts, denials of service and any combination of the above, so long as no such incident results in unauthorized access, use or disclosure of PHI. Covered Entity will advise Business Associate of any subsequent changes to the privacy contact person’s contact information. In the event of a Breach of Privacy or Security, Business Associate shall without unreasonable delay carry out an investigation and shall provide reasonably frequent updates to Covered Entity as to the results of the investigation, including, as soon as reasonably possible, the identification of each Patient whose PHI has been, or is reasonably believed to have been, accessed, acquired, or disclosed during any Breach of Privacy or Security. Business Associate shall cooperate with Covered Entity and shall provide that assistance as Covered Entity may reasonably request so that Covered Entity may comply with any obligations it may have to investigate, remediate, mitigate, report, and or otherwise notify third parties of that Breach of Privacy or Security.
Sample 1

Related to Reporting of Breaches of Privacy or Security

  • COMPLIANCE WITH BREACH NOTIFICATION AND DATA SECURITY LAWS Contractor shall comply with the provisions of the New York State Information Security Breach and Notification Act (General Business Law § 899-aa and State Technology Law § 208) and commencing March 21, 2020 shall also comply with General Business Law § 899-bb.

  • Liability for Failure to Stop Payment of Preauthorized Transfers If you order us to stop payment of a preauthorized transfer three (3) business days or more before the transfer is scheduled and we do not do so, we will be liable for your losses or damages.

  • Notice of Privacy Practices Business Associate shall abide by the limitations of Covered Entity’s Notice of which it has knowledge. Any use or disclosure permitted by this Agreement may be amended by changes to Covered Entity’s Notice; provided, however, that the amended Notice shall not affect permitted uses and disclosures on which Business Associate relied prior to receiving notice of such amended Notice.

  • Liability for Failure to Stop Payment of Preauthorized Transfer If you order us to stop one of these payments 3 business days or more before the transfer is scheduled, and we do not do so, we will be liable for your losses or damages.

  • Provisions for Covered Entity to Inform Business Associate of Privacy Practices and Restrictions (a) Covered Entity shall notify Business Associate of any limitation(s) in the notice of privacy practices of Covered Entity under 45 CFR 164.520, to the extent that such limitation may affect Business Associate’s use or disclosure of protected health information.

  • Reporting of Unauthorized Disclosure The Contractor shall immediately report to the State any unauthorized disclosure of confidential information.

  • Protection of Privacy Act You acknowledge that all or part of the information you are required to keep, may be information deemed to be under the control of the LDB and may be subject to the provisions of Freedom of Information and Protection of Privacy Act if a request is made to the LDB for such information.

  • Privacy Act Notice Section 6109 of the Internal Revenue Code requires you to provide your correct TIN to persons (including federal agencies) who are required to file information returns with the IRS to report interest, dividends, or certain other income paid to you; mortgage interest you paid; the acquisition or abandonment of secured property; the cancellation of debt; or contributions you made to an XXX, Xxxxxx MSA, or HSA. The person collecting this form uses the information on the form to file information returns with the IRS, reporting the above information. Routine uses of this information include giving it to the Department of Justice for civil and criminal litigation and to cities, states, the District of Columbia, and U.S. commonwealths and possessions for use in administering their laws. The information also may be disclosed to other countries under a treaty, to federal and state agencies to enforce civil and criminal laws, or to federal law enforcement and intelligence agencies to combat terrorism. You must provide your TIN whether or not you are required to file a tax return. Under section 3406, payers must generally withhold a percentage of taxable interest, dividend, and certain other payments to a payee who does not give a TIN to the payer. Certain penalties may also apply for providing false or fraudulent information.

  • Identification and Disclosure of Privacy and Security Offices Business Associate and Subcontractors shall provide, within ten (10) days of the execution of this agreement, written notice to the Covered Entity’s contract/grant manager the names and contact information of both the HIPAA Privacy Officer and HIPAA Security Officer. This information must be updated any time either of these contacts changes.

  • Reporting and Documenting Breaches 6.1 Business Associate shall Report to Covered Entity any Breach of Unsecured PHI as soon as it, or any Person to whom PHI is disclosed under this Agreement, becomes aware of any such Breach, and in no event later than five (5) business days after such awareness, except when a law enforcement official determines that a notification would impede a criminal investigation or cause damage to national security. Such Report shall be timely made notwithstanding the fact that little information may be known at the time of the Report and need only include such information then available.

Time is Money Join Law Insider Premium to draft better contracts faster.