Notification to Individuals. Where a Breach of PII occurs that is attributable to Contractor, Contractor shall pay for or promptly reimburse the EA for the full cost of the EA’s notification to Parents, Eligible Students, teachers, and/or principals, in accordance with Education Law Section 2-d and 8 NYCRR Part 121.
Notification to Individuals. In the case of a Breach regarding unsecured PHI, Business Associate shall first notify Covered Entity of the details of the breach. Upon approval by Covered Entity, Business Associate shall notify each Individual whose unsecured PHI was breached in accordance with 45 C.F.R. § 164.404. Notification shall be in writing and delivered by first-class mail to the Individual, the Individual’s personal representative, or the Individual’s next of kin (if the individual is deceased) at the last known address of the Individual, next of kin, or personal representative, as applicable. The notification may be delivered by e-mail if requested by the recipient. When there is insufficient or out-of-date contact information (including a phone number, email address, or any other form of appropriate communication) that precludes written or electronic notification, a substitute form of notice shall be provided. When there are ten (10) or more Individuals for whom there is insufficient or outdated contact information, Business Associate shall place a conspicuous posting on its web site or run the notice in major print or broadcast media, including major media in the geographic areas where the Individuals likely reside. In any case deemed by Business Associate to require urgency due to possible imminent misuse of unsecured PHI, Business Associate may also provide information to Individuals by telephone or other means, as appropriate.
Notification to Individuals. If notification to individuals whose information was breached is required under state or federal law, and regardless of whether Contractor is considered only a custodian and/or non-owner of the CDPH PCI, Contractor shall, at its sole expense, and at the sole election of CDPH, either:
Notification to Individuals. If notification to individuals whose information was breached is required under state or federal law, and regardless of whether Contractor is considered only a custodian and/or non-owner of the DSH PCI, Contractor shall, at its sole expense, and at the sole election of DSH, either:
Notification to Individuals. The Vendor shall notify individuals of the breach or unauthorized use or disclosure of Confidential Information when notification is required under state or federal law and shall pay any costs of such notifications, as well as any costs associated with the breach. Any notification provided must first be approved by the OIT Chief Information Security Officer, who shall approve the time, manner and content of any such notifications prior to their release.
Notification to Individuals. If notification to individuals whose information was breached is required under state or federal law, and regardless of whether Data Recipient is considered only a custodian and/or non-owner of the Protected Data, Data Recipient shall, at its sole expense, and at the sole election of CDPH, either:
Notification to Individuals. If notification to individuals whose information was breached is required under state or federal law, and regardless of whether Participant is considered only a custodian and/or non-owner of the Cal-IVRS Data, Participant shall, at its sole expense, and at the sole election of CDPH, either:
Notification to Individuals. If notification to individuals whose information was breached is 31 required under state or federal law, and regardless of whether CONTRACTOR is considered only a 32 custodian and/or non-owner of the COUNTY PCI, CONTRACTOR shall, at its sole expense, and at the 33 sole election of COUNTY, either:
Notification to Individuals. If notification to individuals whose information was breached is required under state or federal law, and regardless of whether Agency is considered only a custodian and/or non-owner of the City Data, Agency shall, at its sole expense, and at the sole election of City, either:
Notification to Individuals the Secretary and/or the Media. In the event of an ARRA Breach caused by Business Associate, its agents and/or subcontractors, Business Associate shall provide assistance to Covered Entity in making all ARRA Breach notifications. To the extent Covered Entity incurs expenses and costs to comply with its notification obligations with respect to an ARRA Breach by Business Associate, its agents and/or subcontractors, in addition to any other remedies that may be available to Covered Entity under this Agreement or any applicable law, Business Associate shall reimburse Covered Entity for all costs and expenses (including attorneys’ fees) incurred by Covered Entity related to providing the notifications required under 45 C.F.R. §§ 164.404, 406 and 408. Notwithstanding the foregoing, if the parties agree that Business Associate will, on behalf of Covered Entity, and within the applicable time frames required by law under 45 C.F.R. §§ 164.404, 406 and 408, prepare and send out any and all required ARRA Breach notifications to Individuals, the Secretary and/or to the media, Business Associate shall prepare and send such ARRA Breach notifications at Business Associate’s sole expense and in compliance with the requirements of 45 C.F.R. 164.404, 406 and 408, as applicable. However, any ARRA Breach notifications Business Associate would prepare and send on behalf of Covered Entity shall be subject to Covered Entity’s review and pre-approval before the notifications are sent. Additionally, in the event of an ARRA Breach, Business Associate agrees to pay for the credit monitoring fees for affected Individuals for a period of at least two (2) years of credit monitoring.
