Reporting of Unauthorized Use or Disclosure. Medical Group shall promptly report to PacifiCare any use or disclosure of Protected Health Information received from PacifiCare relating to any Member of which Medical Group becomes aware that is not provided for or permitted in this Agreement or by HIPAA. Medical Group shall permit PacifiCare to investigate any such report in accordance with the provisions of Section 8.7.6.
Reporting of Unauthorized Use or Disclosure. Company shall promptly report to Client any use or disclosure of Protected Health Information of which Company becomes aware that is not provided for or permitted in the Agreement or the HIPAA Regulations. Company shall permit Client to investigate any such report in accordance with Section 8 of this Addendum.
Reporting of Unauthorized Use or Disclosure. As soon as practicable, but in no event later than ten (10) days, Business Associate agrees to report to Covered Entity in writing any use or disclosure of PHI not provided for by the Services Agreement or this Agreement of which it becomes aware, including breaches of unsecured protected health information as required at 45 CFR 164.410, and any security incident of which it becomes aware. Such report shall contain:
(a) A brief description of what happened, including the date of the unauthorized access or use of PHI and the date of the discovery of the unauthorized access or use of PHI;
(b) A description of the type of unsecured PHI that was involved in the unauthorized access or use;
(c) Any recommended steps the individual whose PHI was inappropriately disclosed should take to protect themselves from the potential harm; and
(d) A brief description of what the Business Associate is doing to investigate the unauthorized access or use of PHI. Business Associate will report such incidents to the Covered Entity's Privacy Officer. Business Associate will, subject to the approval of the Covered Entity, provide breach notifications to affected individuals, the HHS Office for Civil Rights (OCR), and potentially the media, on behalf of the Covered Entity. If the Covered Entity elects to be responsible for all required notifications, the Business Associate shall reimburse the Covered Entity for the costs associated with the notifications. Such costs will be paid to Covered Entity by Business Associate within thirty (30) days of receipt of an itemized invoice from the Covered Entity.
Reporting of Unauthorized Use or Disclosure. Vendor shall promptly report to Hospital any use or disclosure of Protected Health Information of which Vendor becomes aware that is not provided for or permitted in the Agreement. Vendor shall permit Hospital to investigate any such report and to examine Vendor’s premises, records and practices.
Reporting of Unauthorized Use or Disclosure. General Agent shall report to Company any unauthorized use or disclosure of CSO Nonpublic Personal Information.
Reporting of Unauthorized Use or Disclosure. Representative shall immediately report to Censtat any unauthorized use or disclosure of NPI.
Reporting of Unauthorized Use or Disclosure. The Responsible Party shall promptly notify XXXX of any unauthorized use or disclosure of the data of which it becomes aware. Notification should be directed to XXXX Privacy Officer by calling 000-000-0000. XXXX, in its sole discretion, may require the Responsible Party to: (a) investigate and respond to OPHA’s concerns regarding any alleged misuse or unauthorized disclosure; (b) mitigate any effects identified in the investigation; (c) take reasonable steps to prevent any future unauthorized use or disclosure of the data; and (d) return or destroy the data. The Responsible Party understands that as a result of OPHA’s determination or reasonable belief that unauthorized uses or disclosures have taken place XXXX may refuse to release further data to the Responsible Party for a period of time to be determined by XXXX.
Reporting of Unauthorized Use or Disclosure. Contractor shall report to Agency any use or disclosure of Protected Health Information of which Contractor becomes aware that is not provided for or permitted pursuant to this Addendum. Such report shall be made by Contractor to Agency within fifteen (15) days of Contractor becoming aware of the use or disclosure.
Reporting of Unauthorized Use or Disclosure. Business Associate shall promptly report to Covered Entity any use or disclosure of PHI of which Business Associate becomes aware that is not provided for or permitted in the Agreement. Business Associate shall permit Covered Entity to investigate any such report and to examine Business Associate’s premises, records and practices.
Reporting of Unauthorized Use or Disclosure. Business Associate agrees to immediately report to Hospital in writing any use or disclosure of the Protected Health Information not provided for by this Agreement. Such report shall contain: ▪ A brief description of what happened, including the date of the unauthorized access or use of Protected Health Information, the identities of the persons whose PHI was accessed, acquired, used or disclosed, and the date of the discovery of the unauthorized access or use of PHI; ▪ A description of the types of unsecured Protected Health Information that were involved in the unauthorized access or use of Protected Health Information; ▪ Any recommended steps the individual whose Protected Health Information was inappropriately disclosed should take to protect themselves from the potential harm; and ▪ A brief description of what the Business Associate is doing to investigate the unauthorized access or use of Protected Health Information.
