Common use of To Individuals Clause in Contracts

To Individuals. In the case of a breach of PHI discovered by Business Associate, Business Associate shall first notify Department of the pertinent details of the breach and upon prior approval of Department shall notify each individual whose unsecured PHI has been, or is reasonably believed by Business Associate to have been, accessed, acquired, used or disclosed as a result of such breach. Such notification shall be in writing by first-class mail to the individual (or the next of kin if the individual is deceased) at the last known address of the individual or next of kin, respectively, or, if specified as a preference by the individual, by electronic mail. The notification may be provided in one or more mailings as information is available. Where there is insufficient, or out- of-date contact information (including a phone number, email address, or any other form of appropriate communication) that precludes direct written (or, if specifically requested, electronic) notification to the individual, a substitute form of notice shall be provided, including, if there are 10 (ten) or more individuals for which there is insufficient or out-of-date contact information, a conspicuous posting on the website of the Business Associate involved or notice in major print or broadcast media, including major media in geographic areas where the individuals affected by the breach likely reside. Such a notice in media or web posting will include a toll-free phone number where an individual can learn whether or not the individual’s unsecured protected health information is possibly included in the breach. In any case deemed by Business Associate to require urgency because of possible imminent misuse of unsecured PHI, Business Associate may also provide information to individuals by telephone or other means, as appropriate.

To Individuals. In the case of a breach of PHI Protected Health Information discovered by the Business Associate, the Business Associate shall first notify Department the Covered Entity of the pertinent details of the breach and upon prior approval of Department the Covered Entity shall notify each individual whose unsecured PHI Protected Health Information has been, or is reasonably believed by the Business Associate to have been, accessed, acquired, used acquired or disclosed as a result of such breach. Such notification shall be in writing by first-class mail to the individual (or the next of kin if the individual is deceased) at the last known address of the individual or next of kin, respectively, or, if specified as a preference by the individual, by electronic mail. The notification may be provided in one or more mailings as information is available. Where there is insufficient, or out- out-of-date contact contract information (including a phone number, email address, or any other form of appropriate communication) that precludes direct written (or, if specifically requested, electronic) notification to the individual, a substitute form of notice shall be provided, including, if in the case that there are 10 (ten) or more individuals for which there is insufficient or out-of-date contact information, a conspicuous posting on the website Web site of the Business Associate covered entity involved or notice in major print or of broadcast media, including major media in the geographic areas where the individuals affected by the breach likely reside. Such a notice in media or web posting will include a toll-free phone number where an individual can learn whether or not the individual’s unsecured protected health information is possibly included in the breach. In any case deemed by the Business Associate to require urgency because of possible imminent misuse of unsecured PHIProtected Health Information, the Business Associate may also provide information to individuals by telephone or other means, as appropriate.