Reporting of Unauthorized Uses or Disclosures. In compliance with HIPAA, Business Associate shall report to Client:
7.1 any use or disclosure of Client PHI of which Business Associate becomes aware that is not provided for or permitted under this Agreement.
7.2 any Security Incident of which Business Associate becomes aware; provided, however, that the Parties acknowledge and agree that this Section 7.2 constitutes notice by Business Associate to Client of the ongoing existence and occurrence of Unsuccessful Security Incidents for which no additional notice to Client shall be required. “Unsuccessful Security Incidents” means, without limitation, pings and other broadcast attacks on Business Associate’s firewall, port scans, unsuccessful log-on attempts, denial of service attacks, and any combination of the above, so long as no such incident results in unauthorized access, use, disclosure, modification or destruction of Client PHI or intentional interference with system operations in an information system that contains Client PHI.
Reporting of Unauthorized Uses or Disclosures. Contractor shall report to Xxxxx- Xxxxxxx M.D.'s any use or disclosure of the Protected Health Information not provided for by this Agreement, the Privacy Rule or the Security Rule, including breaches of unsecured Protected Health Information, as required at 45 C.F.R. § 164.410, and any security incident of which it becomes aware, as soon as possible, but no later than five (5) business days after discovery, stating (to the extent known by Contractor) the nature of such use or disclosure, the names and addresses of the individuals who are the subject of such Protected Health Information and the names of the individuals who made or engaged in such use or disclosure and any other available information that the Physician Practice is required to include in notifications to the affected individuals.
Reporting of Unauthorized Uses or Disclosures. Business Associate shall promptly report to the Company any use or disclosure of Protected Health Information by Business Associate or its subcontractors of which Business Associate becomes aware that is not provided for or permitted in the HIPAA Related Agreements (including this Addendum). Business Associate shall permit the Company reasonable access to Business Associate’s employees and records (including electronic records) as reasonably necessary to investigate any such report.
Reporting of Unauthorized Uses or Disclosures. In compliance with HIPAA (i) Business Associate shall report to Customer any use or disclosure of Protected Health Information of which Business Associate becomes aware that is not provided for or permitted in this Addendum, and (ii) Business Associate shall report to Customer any Security Incident and any Breach of Unsecured Protected Health Information of which it becomes aware without unreasonable delay following the discovery by Business Associate of such Security Incident or Breach. Business Associate shall provide Covered Entity with written notification of Breach in accordance with 45 C.F.R. § 164.410.
Reporting of Unauthorized Uses or Disclosures. Business Associate agrees to report to Covered Entity, in writing, without unreasonable delay from Business Associate's discovery, any use or disclosure, including Breach, of the Protected Health Information not provided for by this BAA and the Agreement.
Reporting of Unauthorized Uses or Disclosures. Business Associate shall report to Covered Entity any use or disclosure of Protected Health Information by Business Associate or its subcontractors of which Business Associate becomes aware that is not provided for or permitted in the Agreement.
Reporting of Unauthorized Uses or Disclosures. Without unreasonable delay and in any event no later than sixty (60) calendar days after discovery, and in compliance with HIPAA, (i) Business Associate shall report to Covered Entity any use or disclosure of Protected Health Information of which Business Associate becomes aware that is not provided for or permitted in the Agreement, including this Addendum, and (ii) Business Associate shall report to Covered Entity any Security Incident and any Breach of Unsecured Protected Health Information of which it becomes aware within a reasonable time following the discovery by Business Associate of such Security Incident or Breach as required by 45 CFR § 164.410, and any security incident of which it becomes aware. Notwithstanding the foregoing, the Parties understand that pings and other broadcast attacks on Business Associate’s firewall, port scans, unsuccessful log-on attempts, denial of service attacks and any combination of the above shall not be considered a security incident, so long as no such incident results in the defeat or circumvention of any security control, or in the unauthorized access, use or disclosure of PHI provided by Covered Entity.
Reporting of Unauthorized Uses or Disclosures. Vendor shall report to MSP any use or disclosure of the PHI not provided for by this Agreement, the Privacy Rule or the Security Rule, including breaches of unsecured PHI, as required at 45 C.F.R. § 164.410, and any security incident of which it becomes aware, as soon as possible, but no later than five (5) business days after discovery, stating (to the extent known by Vendor) the nature of such use or disclosure, the PHI that is the subject of such use or disclosure, and the names of the individuals who made or engaged in such use or disclosure, and other available information that the MSP may reasonably require as part of a notification to the Covered Entity.
Reporting of Unauthorized Uses or Disclosures. Business Associate shall report to Covered Entity any unauthorized use or disclosure of PHI immediately after discovery.
Reporting of Unauthorized Uses or Disclosures. Contractor shall report to Cascade Mental Health Care any use or disclosure of the Protected Health Information not provided for by this Agreement, the Privacy Rule or the Security Rule, including breaches of unsecured Protected Health Information, as required at 45 C.F.R. § 164.410, and any security incident of which it becomes aware, as soon as possible, but no later than five (5) business days after discovery, stating (to the extent known by Contractor) the nature of such use or disclosure, the names and addresses of the individuals who are the subject of such Protected Health Information and the names of the individuals who made or engaged in such use or disclosure and any other available information that the Cascade Mental Health Care is required to include in notifications to the affected individuals.
