Reporting of Improper Use or Disclosure, Breach or Security Incident Sample Clauses

Reporting of Improper Use or Disclosure, Breach or Security Incident. Each Party shall report to the other Party any use or disclosure of PHI not provided for by the Agreement and this Addendum, including a Breach, within five (5) calendar days of becoming aware of such incident. Such notification shall include the identification of each individual whose Unsecured PHI has been, or is reasonably to have been, accessed, acquired or disclosed during the Breach. Each Party shall cooperate with the other Party in investigating the Breach so that each Party may meet its respective obligations under the HITECH Act., any other security breach notification law, or as required by contracts with other parties, including Covered Entities. Each Party shall report any Security Incident upon becoming aware of such incident; provided, however, that neither Party shall be required to report an immaterial incident consisting solely of trivial incidents that occur on a daily basis, such as scans, “pings,” or an unsuccessful attempt to improperly access Electronic PHI that is stored in an information system under its control.
Sample 1
AutoNDA by SimpleDocs
Reporting of Improper Use or Disclosure, Breach or Security Incident. Business Associate shall report to Covered Entity any use or disclosure of Protected Health Information not provided for by this Agreement (or any other agreement between the Parties in which Business Associate acts as a business associate) within five (5) days of discovery of such incident. Business Associate shall report to Covered Entity any Breach of Unsecured PHI within five (5) days of discovery of such incident. Business Associate’s notification to Covered Entity of a Breach shall include: (i) the identification of each individual whose Unsecured PHI has been, or is reasonably believed by Business Associate to have been, accessed, acquired or disclosed during the Breach; (ii) any particulars regarding the Breach that Covered Entity would need to include in its notification, as such particulars are identified in 42 U.S.C. § 17932 and 45 CFR § 164.404; and (iii) what steps, if any, have been taken by the Business Associate to mitigate the breach and/or prevent a similar breach from occurring in the future. Business Associate shall also cooperate with Covered Entity to conduct any risk assessment necessary to determine whether notification of breach is required. A Breach shall be treated as discovered by Business Associate as of the first day on which such Breach is known, or should reasonably have been known, to Business Associate. For purposes of this Section, the knowledge of any person, other than the individual committing the Breach, that is an employee, officer or other agent of Business Associate shall be imputed to Business Associate. Business Associate shall report to Covered Entity any Security Incident immediately if practicable but in any event within five (5) days of becoming aware of such Security Incident.
Sample 1
Reporting of Improper Use or Disclosure, Breach or Security Incident. Without unreasonable delay and, in any event, no more than forty-eight (48) hours after discovery, Receiving Party shall notify the Trustee and the Debtor/Covered Entity of any use or disclosure of PHI not provided for by the NDA of which it becomes aware, including Breaches of Unsecured PHI as required by 45 C.F.R. § 164.410, incidents that pose a risk of constituting Breaches and any Security Incident of which it becomes aware. Receiving Party shall deliver the initial notification of such Breach, in writing, which must include: a reasonably detailed description of the Breach and the steps Receiving Party is taking, and would propose, to mitigate or terminate the Breach. Furthermore, Receiving Party shall supplement the initial notification, no more than ten (10) days following discovery (or following the date additional information becomes reasonably available to Receiving Party), with information including: (i) the identification of each individual whose PHI was or is believed to have been involved; (ii) a reasonably detailed description of the types of PHI involved; (iii) all other information reasonably requested by the Trustee or Debtor/Covered Entity, including all information necessary to enable the Trustee or Debtor/Covered Entity to perform and document a risk assessment in accordance with 45 C.F.R. Part 164 subpart D; and (iv) all other information necessary for the Trustee or Debtor/Covered Entity to provide notice to individuals, the U.S. Department of Health and Human Services (“HHS”) or the media, if required, and (v) appoint a liaison to provide contact information for same so that Receiving Party may ask questions or learn additional information concerning the Breach. In the event of a Breach or Security Incident caused by Receiving Party, Receiving Party shall, upon the request of the Trustee or the Debtor/Covered Entity, assist the Trustee or Debtor/Covered Entity in notifying individuals pursuant to 45 C.F.R. §§ 164.404 and 164.406. Following a Breach, Receiving Party will have a continuing duty to inform the Trustee and the Debtor/Covered Entity of new information learned by Receiving Party regarding the Breach; including, but not limited to, the information described in items (i) through (v) above.
Sample 1
Reporting of Improper Use or Disclosure, Breach or Security Incident. Without unreasonable delay and, in any event, no more than twenty four (24) hours after discovery, Subcontractor shall notify Company of any use or disclosure of PHI not provided for by the Underlying Agreement of which it becomes aware, including Breaches of Unsecured PHI as required by 45 C.F.R. § 164.410, incidents that pose a risk of constituting Breaches and any Security Incident of which it becomes aware. Subcontractor shall deliver the initial notification of such Breach, in writing, which must include: a reasonably detailed description of the Breach and the steps Subcontractor is taking, and would propose, to mitigate or terminate the Breach. Furthermore, Subcontractor shall supplement the initial notification, no more than ten (10) days following discovery (or following the date additional information becomes reasonably available to Subcontractor), with information including: (i) the identification of each individual whose PHI was or is believed to have been involved; (ii) a reasonably detailed description of the types of PHI involved; (iii) all other information reasonably requested by Company, including all information necessary to enable Company to perform and document a risk assessment in accordance with 45 C.F.R. Part 164 subpart D; and (iv) all other information necessary for Company to provide notice to individuals, the U.S. Department of Health and Human Services (“HHS”) or the media, if required. Despite anything to the contrary in the preceding provisions, in Company’s sole and absolute discretion and in accordance with Company’s directions, Subcontractor shall conduct, or pay the costs of conducting, an investigation of any Breach and shall provide or pay the costs of providing, any notices required by 45 C.F.R. §§ 164.404 and 164.406.
Sample 1

Related to Reporting of Improper Use or Disclosure, Breach or Security Incident

  • Breach by Authorized User An Authorized User’s breach shall not be deemed a breach of the Centralized Contract; rather, it shall be deemed a breach of the Authorized User’s performance under the terms and conditions of the Centralized Contract.

  • Reporting of Abuse, Neglect, or Exploitation Consistent with provisions of 33 V.S.A. §4913(a) and §6903, Party and any of its agents or employees who, in the performance of services connected with this agreement, (a) is a caregiver or has any other contact with clients and (b) has reasonable cause to believe that a child or vulnerable adult has been abused or neglected as defined in Chapter 49 or abused, neglected, or exploited as defined in Chapter 69 of Title 33 V.S.A. shall: as to children, make a report containing the information required by 33 V.S.A. §4914 to the Commissioner of the Department for Children and Families within 24 hours; or, as to a vulnerable adult, make a report containing the information required by 33 V.S.A. §6904 to the Division of Licensing and Protection at the Department of Disabilities, Aging, and Independent Living within 48 hours. Party will ensure that its agents or employees receive training on the reporting of abuse or neglect to children and abuse, neglect or exploitation of vulnerable adults.

  • Company Creation and Use of Confidential Information The Executive understands and acknowledges that the Company has invested, and continues to invest, substantial time, money and specialized knowledge into developing its resources, creating a customer base, generating customer and potential customer lists, training its employees, and improving its product offerings in the field of financial services. The Executive understands and acknowledges that as a result of these efforts, the Company has created, and continues to use and create Confidential Information. This Confidential Information provides the Company with a competitive advantage over others in the marketplace.

  • Public Posting of Approved Users’ Research Use Statement The PI agrees that information about themselves and the approved research use will be posted publicly on the dbGaP website. The information includes the PI’s name and Requester, project name, Research Use Statement, and a Non-Technical Summary of the Research Use Statement. In addition, and if applicable, this information may include the Cloud Computing Use Statement and name of the CSP or PCS. Citations of publications resulting from the use of controlled-access datasets obtained through this DAR may also be posted on the dbGaP website.

  • Suspension of Sales; Adverse Disclosure Upon receipt of written notice from the Company that a Registration Statement or Prospectus contains a Misstatement, each of the Holders shall forthwith discontinue disposition of Registrable Securities until he, she or it has received copies of a supplemented or amended Prospectus correcting the Misstatement (it being understood that the Company hereby covenants to prepare and file such supplement or amendment as soon as practicable after the time of such notice), or until he, she or it is advised in writing by the Company that the use of the Prospectus may be resumed. If the filing, initial effectiveness or continued use of a Registration Statement in respect of any Registration at any time would require the Company to make an Adverse Disclosure or would require the inclusion in such Registration Statement of financial statements that are unavailable to the Company for reasons beyond the Company’s control, the Company may, upon giving prompt written notice of such action to the Holders, delay the filing or initial effectiveness of, or suspend use of, such Registration Statement for the shortest period of time, but in no event more than thirty (30) days, determined in good faith by the Company to be necessary for such purpose. In the event the Company exercises its rights under the preceding sentence, the Holders agree to suspend, immediately upon their receipt of the notice referred to above, their use of the Prospectus relating to any Registration in connection with any sale or offer to sell Registrable Securities. The Company shall immediately notify the Holders of the expiration of any period during which it exercised its rights under this Section 3.4.

  • No Unauthorized Use or Disclosure Executive agrees that he will not, at any time during or after Executive’s employment by Company, make any unauthorized disclosure of, and will prevent the removal from Company premises of, Confidential Information or Work Product of Company (or its affiliates), or make any use thereof, except in the carrying out of Executive’s responsibilities during the course of Executive’s employment with Company. Executive shall use commercially reasonable efforts to cause all persons or entities to whom any Confidential Information shall be disclosed by him hereunder to observe the terms and conditions set forth herein as though each such person or entity was bound hereby. Executive shall have no obligation hereunder to keep confidential any Confidential Information if and to the extent disclosure thereof is specifically required by law; provided, however, that in the event disclosure is required by applicable law, Executive shall provide Company with prompt notice of such requirement prior to making any such disclosure, so that Company may seek an appropriate protective order. At the request of Company at any time, Executive agrees to deliver to Company all Confidential Information that he may possess or control. Executive agrees that all Confidential Information of Company (whether now or hereafter existing) conceived, discovered or made by him during the period of Executive’s employment by Company exclusively belongs to Company (and not to Executive), and Executive will promptly disclose such Confidential Information to Company and perform all actions reasonably requested by Company to establish and confirm such exclusive ownership. Affiliates of Company shall be third party beneficiaries of Executive’s obligations under this Article 6. As a result of Executive’s employment by Company, Executive may also from time to time have access to, or knowledge of, Confidential Information or Work Product of third parties, such as customers, suppliers, partners, joint venturers, and the like, of Company and its affiliates. Executive also agrees to preserve and protect the confidentiality of such third party Confidential Information and Work Product to the same extent, and on the same basis, as Company’s Confidential Information and Work Product.

  • Return or Destruction of Confidential Information If an Interconnection Party provides any Confidential Information to another Interconnection Party in the course of an audit or inspection, the providing Interconnection Party may request the other party to return or destroy such Confidential Information after the termination of the audit period and the resolution of all matters relating to that audit. Each Interconnection Party shall make Reasonable Efforts to comply with any such requests for return or destruction within ten days of receiving the request and shall certify in writing to the other Interconnection Party that it has complied with such request.

  • Data Disclosure Under Minnesota Statute § 270C.65, Subdivision 3 and other applicable law, the Contractor consents to disclosure of its social security number, federal employer tax identification number, and/or Minnesota tax identification number, already provided to the State, to federal and state agencies and state personnel involved in the payment of state obligations. These identification numbers may be used in the enforcement of federal and state laws which could result in action requiring the Contractor to file state tax returns, pay delinquent state tax liabilities, if any, or pay other state liabilities.

  • Reporting of Non-Force Majeure Events Each Party (the “Notifying Party”) shall notify the other Parties when the Notifying Party becomes aware of its inability to comply with the provisions of this Agreement for a reason other than a Force Majeure event. The Parties agree to cooperate with each other and provide necessary information regarding such inability to comply, including the date, duration, reason for the inability to comply, and corrective actions taken or planned to be taken with respect to such inability to comply. Notwithstanding the foregoing, notification, cooperation or information provided under this Article shall not entitle the Party receiving such notification to allege a cause for anticipatory breach of this Agreement.

  • Unauthorized Use or Disclosure The Contractor shall notify COMMERCE within five (5) working days of any unauthorized use or disclosure of any confidential information, and shall take necessary steps to mitigate the harmful effects of such use or disclosure.

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!