Reporting of Unauthorized Uses or Disclosures. In compliance with HIPAA, Business Associate shall report to Client:
Reporting of Unauthorized Uses or Disclosures. Contractor shall report to Xxxxx- Xxxxxxx M.D.'s any use or disclosure of the Protected Health Information not provided for by this Agreement, the Privacy Rule or the Security Rule, including breaches of unsecured Protected Health Information, as required at 45 C.F.R. § 164.410, and any security incident of which it becomes aware, as soon as possible, but no later than five (5) business days after discovery, stating (to the extent known by Contractor) the nature of such use or disclosure, the names and addresses of the individuals who are the subject of such Protected Health Information and the names of the individuals who made or engaged in such use or disclosure and any other available information that the Physician Practice is required to include in notifications to the affected individuals.
Reporting of Unauthorized Uses or Disclosures. Business Associate shall report to Covered Entity any use or disclosure of Protected Health Information by Business Associate or its subcontractors of which Business Associate becomes aware that is not provided for or permitted in the Agreement.
Reporting of Unauthorized Uses or Disclosures. In compliance with HIPAA (i) Business Associate shall report to Customer any use or disclosure of Protected Health Information of which Business Associate becomes aware that is not provided for or permitted in this Addendum, and (ii) Business Associate shall report to Customer any Security Incident and any Breach of Unsecured Protected Health Information of which it becomes aware without unreasonable delay following the discovery by Business Associate of such Security Incident or Breach. Business Associate shall provide Covered Entity with written notification of Breach in accordance with 45 C.F.R. § 164.410.
Reporting of Unauthorized Uses or Disclosures. Business Associate shall promptly report to Tufts and Alere any use or disclosure of Protected Health Information by Business Associate or its subcontractors of which Business Associate becomes aware that is not provided for or permitted in the HIPAA Related Agreements (including this Addendum). Business Associate shall permit Alere and Tufts reasonable access to Business Associate's employees and records (including electronic records) as reasonably necessary to investigate any such report.
Reporting of Unauthorized Uses or Disclosures. Vendor shall report to MSP any use or disclosure of the PHI not provided for by this Agreement, the Privacy Rule or the Security Rule, including breaches of unsecured PHI, as required at 45 C.F.R. § 164.410, and any security incident of which it becomes aware, as soon as possible, but no later than five (5) business days after discovery, stating (to the extent known by Vendor) the nature of such use or disclosure, the PHI that is the subject of such use or disclosure, and the names of the individuals who made or engaged in such use or disclosure, and other available information that the MSP may reasonably require as part of a notification to the Covered Entity.
Reporting of Unauthorized Uses or Disclosures. Business Associate agrees to report to Covered Entity, in writing, without unreasonable delay from Business Associate's discovery, any use or disclosure, including Breach, of the Protected Health Information not provided for by this BAA and the Agreement.
Reporting of Unauthorized Uses or Disclosures. Without unreasonable delay and in any event no later than sixty (60) calendar days after discovery, and in compliance with HIPAA, (i) Business Associate shall report to Covered Entity any use or disclosure of Protected Health Information of which Business Associate becomes aware that is not provided for or permitted in the Agreement, including this Addendum, and (ii) Business Associate shall report to Covered Entity any Security Incident and any Breach of Unsecured Protected Health Information of which it becomes aware within a reasonable time following the discovery by Business Associate of such Security Incident or Breach as required by 45 CFR § 164.410, and any security incident of which it becomes aware. Notwithstanding the foregoing, the Parties understand that pings and other broadcast attacks on Business Associate’s firewall, port scans, unsuccessful log-on attempts, denial of service attacks and any combination of the above shall not be considered a security incident, so long as no such incident results in the defeat or circumvention of any security control, or in the unauthorized access, use or disclosure of PHI provided by Covered Entity.
Reporting of Unauthorized Uses or Disclosures. Contractor shall report to Cascade Mental Health Care any use or disclosure of the Protected Health Information not provided for by this Agreement, the Privacy Rule or the Security Rule, including breaches of unsecured Protected Health Information, as required at 45 C.F.R. § 164.410, and any security incident of which it becomes aware, as soon as possible, but no later than five (5) business days after discovery, stating (to the extent known by Contractor) the nature of such use or disclosure, the names and addresses of the individuals who are the subject of such Protected Health Information and the names of the individuals who made or engaged in such use or disclosure and any other available information that the Cascade Mental Health Care is required to include in notifications to the affected individuals.
Reporting of Unauthorized Uses or Disclosures. Contractor shall report to Physician Practice any use or disclosure of the Protected Health Information not provided for by this Agreement, the Privacy Rule or the Security Rule, including breaches of unsecured Protected Health Information, as required at 45 C.F.R. § 164.410, and any security incident of which it becomes aware, as soon as possible, but no later than five (5) business days after discovery, stating (to the extent known by Contractor) the nature of such use or disclosure, the names and addresses of the individuals who are the subject of such Protected Health Information and the names of the individuals who made or engaged in such use or disclosure and any other available information that the Physician Practice is required to include in notifications to the affected individuals. Subcontractors, Consultants, Agents and Other Third Parties. Contractor shall in accordance with 45 C.F.R. §§ 164.502(e)(1)(ii) and 164.308(b)(2) ensure that any subcontractor, consultant, agent, or other third party that creates, receives, maintains, or transmits Protected Health Information on behalf of Contractor agrees to the same restrictions, conditions, and requirements that apply to Contractor with regard to its creation, use, and disclosure of Protected Health Information. Contractor shall, upon request from Physician Practice, provide Physician Practice with a list of all such third parties. Contractor shall ensure that any subcontractor, consultant, agent, or other third party to whom it provides Electronic Protected Health Information agrees to implement reasonable and appropriate safeguards to protect such information. Contractor must terminate its agreement with any subcontractor, consultant, agent or other third party, and obtain all Protected Health Information provided to such subcontractor, consultant, agent or other third party, if Contractor becomes aware that the subcontractor, consultant, agent or other third party has breached its contractual duties relating to HIPAA or this agreement. If any subcontractor, consultant, agent, or other third party of Contractor are not subject to the jurisdiction or laws of the United States, or if any use or disclosure of Protected Health Information in performing services under the Agreement will be outside of the jurisdiction of the United States, such entities must agree by written contract with the Contractor to be subject to the jurisdiction of the Secretary, the laws and the courts of the United States, and...
