Common use of Reporting of Impermissible Uses and Disclosures, Security Incidents, and Breaches Clause in Contracts

Reporting of Impermissible Uses and Disclosures, Security Incidents, and Breaches. Business Associate agrees to report to Covered Entity any use or disclosure of PHI not provided for by this Agreement or any Security Incident of which Business Associate becomes aware, except that this section shall hereby serve as notice, and no additional reporting shall be required, of the regular occurrence of unsuccessful attempts at unauthorized access, use, disclosure, modification, or destruction of ePHI or interference with system operations in an information system containing ePHI. After discovery of an impermissible Use, Disclosure or Security Incident, Business Associate shall report such incident to the Covered Entity promptly without unreasonable delay. In the event that such use or disclosure or Security Incident constitutes a Breach of Unsecured Protected Health Information, such notice shall include the identification of each individual whose Unsecured PHI has been or is reasonably believed by Business Associate to have been accessed, acquired, used, or disclosed in connection with such Breach and any additional information set forth at 45 CFR § 164.410, to the extent possible. In addition, Business Associate shall provide any additional information reasonably requested by Covered Entity for the purpose of investigating and responding to the Breach. Notification of Breach, or potential Breach, under this Agreement shall be made to Covered Entity as indicated in (X)(d).

Appears in 2 contracts

Samples: Business Associate Agreement, Business Associate Agreement

AutoNDA by SimpleDocs

Reporting of Impermissible Uses and Disclosures, Security Incidents, and Breaches. Business Associate agrees to report to Covered Entity any use or disclosure of PHI not provided for by this Agreement or any Security Incident of which Business Associate becomes aware, except that this section shall hereby serve as notice, and no additional reporting shall be required, of the regular occurrence of unsuccessful attempts at unauthorized access, use, disclosure, modification, or destruction of ePHI or interference with system operations in an information system containing ePHI. After discovery of an impermissible Use, Disclosure or Security Incident, Business Associate shall report such incident to the Covered Entity promptly without unreasonable delay. In the event that such use or disclosure or Security Incident constitutes a Breach of Unsecured Protected Health Information, such notice shall include the identification of each individual whose Unsecured PHI has been or is reasonably believed by Business Associate to have been accessed, acquired, used, or disclosed in connection with such Breach and any additional information set forth at 45 CFR § 164.410, to the extent possible. In addition, Business Associate shall provide any additional information reasonably requested by Covered Entity for the purpose of investigating and responding to the Breach. Notification of Breach, or potential Breach, under this Agreement shall be made to Covered Entity as indicated in Section (X)(d)X)(c) below.

Appears in 2 contracts

Samples: Business Associate Agreement, Business Associate Agreement

Reporting of Impermissible Uses and Disclosures, Security Incidents, and Breaches. Business Associate agrees to report to Covered Entity any use Use or disclosure Disclosure of PHI not provided for by this Agreement or any Security Incident of which Business Associate becomes aware, except that this section shall hereby serve as notice, and no additional reporting shall be required, of the regular occurrence of unsuccessful attempts at unauthorized access, useUse, disclosureDisclosure, modification, or destruction of ePHI or interference with system operations in an information system containing ePHI. After discovery Discovery of an impermissible Use, Disclosure or Security Incident, Business Associate shall report such incident to the Covered Entity promptly without unreasonable delaydelay and in no event more than thirty (30) days following Business Associate’s Discovery of the incident. In the event that such use Use or disclosure Disclosure or Security Incident constitutes a Breach of Unsecured Protected Health Information, such notice shall include the identification identity of each individual Individual whose Unsecured PHI has been or is reasonably believed by Business Associate to have been accessed, acquired, usedUsed, or disclosed Disclosed in connection with such Breach and any additional information set forth at 45 CFR § 164.410, to the extent possibleavailable. In addition, Business Associate shall provide any additional information reasonably requested by Covered Entity for the purpose of investigating and responding to the Breach. Notification of Breach, or potential Breach, under this Agreement shall be made to Covered Entity as indicated in (X)(d).

Appears in 1 contract

Samples: Business Associate Agreement

AutoNDA by SimpleDocs

Reporting of Impermissible Uses and Disclosures, Security Incidents, and Breaches. Business Associate agrees to report to Covered Entity any use or disclosure of PHI not provided for by this Agreement or any Security Incident of which Business Associate becomes aware, except that this section shall hereby serve as notice, and no additional reporting shall be required, of the regular occurrence of unsuccessful attempts at unauthorized access, use, disclosure, modificationmodification, or destruction of ePHI or interference with system operations in an information system containing ePHI. After discovery of an impermissible Use, Disclosure or Security Incident, Business Associate shall report such incident to the Covered Entity promptly without unreasonable delay. In the event that such use or disclosure or Security Incident constitutes a Breach of Unsecured Protected Health Information, such notice shall include the identification identification of each individual whose Unsecured PHI has been or is reasonably believed by Business Associate to have been accessed, acquired, used, or disclosed in connection with such Breach and any additional information set forth at 45 CFR § 164.410, to the extent possible. In addition, Business Associate shall provide any additional information reasonably requested by Covered Entity for the purpose of investigating and responding to the Breach. Notification Notification of Breach, or potential Breach, under this Agreement shall be made to Covered Entity as indicated in (X)(d).

Appears in 1 contract

Samples: Business Associate Agreement

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!