Breach Notification a. In the event of a Breach of unsecured PHI or disclosure that compromises the privacy or security of PHI obtained from DSHS or involving DSHS clients, Business Associate will take all measures required by state or federal law.
Breach Notification. 5.1. CONTRACTOR shall notify the COUNTY’s contract administrator concerning any breach of COUNTY data or any data incident involving CONTRACTOR’S data in which the security of COUNTY data systems may be compromised within 24 hours of the breach or incident.
Breach Notification. 5.1. CONTRACTOR shall notify the COUNTY’s contract administrator concerning any breach of COUNTY data or any data incident involving CONTRACTOR’s data in which the security of COUNTY data systems may be compromised within 24 hours of the breach or incident.
Breach Notification. 5.1. CONTRACTOR shall notify the COUNTY’s contract administrator concerning any breach of COUNTY data or any data incident involving CONTRACTOR’s data in which the security of COUNTY data systems may be compromised within 24 hours of the breach or incident. EXHIBIT I ASSURANCE OF COMPLIANCE AGREEMENT NONDISCRIMINATION IN STATE AND FEDERALLY-ASSISTED PROGRAMS (Per CDSS All County Information Notice No. I-44-00) In accordance with the California Department of Social Services (CDSS), all contractors providing services funded through CDSS are required to comply with the requirements of CDSS Manual of Policies and Procedures, Division 21. CONTRACTOR shall, concurrent with this Agreement, execute and comply with all requirements contained herein. CONTRACTOR and CONTRACT ADMINISTRATOR shall, with oversight from the COUNTY Civil Rights Coordinator, develop and implement a plan to allow COUNTY to monitor CONTRACTOR’S non-discrimination and civil rights policies and procedures, as required by CDSS. Monitoring shall include, but is not limited to: accommodation of individuals with hearing impairments, visual impairments and other disabilities; appropriate language services, including bilingual interpreters available to provide services and how written information is effectively communicated to non- English-speaking and limited-English-proficient individuals; adequate CONTRACTOR staff training in the civil rights and cultural awareness requirements of Division 21; and procedures on informing participants of their civil rights. CONTRACTOR hereby agrees that it will comply with Title VI of the Civil Rights Act of 1964, as amended; Section 504 of the Rehabilitation Act of 1973, as amended; the Age Discrimination Act of 1975, as amended; the Food Stamp Act of 1977, as amended, and in particular Section 272.6; Title II of the Americans with Disabilities Act of 1990; California Civil Code, Section 51 et seq., as amended; California Government Code, Section 11135-11139.5, as amended; California Government Code, Section 12940(c), (h)(1), (i), and (j); California Government Code, Section 4450; 2 CCR §11140 – 11200; the Xxxxxxx- Xxxxxxxx Bilingual Services Act; Section 1808 of the Removal of Barriers to Inter Ethnic Adoption Act of 1996, and other applicable federal and state laws, as well as their implementing regulations [including 45 Code of Federal Regulations (CFR) Parts 80, 84, and 91; 7 CFR Part 15; and 28 CFR Part 35], by ensuring that employment practices and the admin...
Breach Notification i. Contractor shall report to Covered California any Breach or Security Incident reasonably calculated to result in the Breach of PII or PHI created or received in connection with Contractor Covered California Functions in accordance with the provisions set forth herein. For purposes of this Paragraph (e), a “
Breach Notification a. Each Participant agrees that within one (1) hour of discovering information that leads the Participant to reasonably believe that a Breach may have occurred, it shall alert other Participants whose Message Content may have been Breached and the Coordinating Committee to such information. As soon as reasonably practicable, but no later than twenty-four (24) hours after determining that a Breach has occurred, the Participant shall provide a Notification to all Participants likely impacted by the Breach and the Coordinating Committee of such Breach. The Notification should include sufficient information for the Coordinating Committee to understand the nature of the Breach. For instance, such Notification could include, to the extent available at the time of the Notification, the following information: • One or two sentence description of the Breach • Description of the roles of the people involved in the Breach (e.g. employees, Participant Users, service providers, unauthorized persons, etc.) • The type of Message Content Breached • Participants likely impacted by the Breach • Number of individuals or records impacted/estimated to be impacted by the Breach • Actions taken by the Participant to mitigate the Breach • Current Status of the Breach (under investigation or resolved) • Corrective action taken and steps planned to be taken to prevent a similar Breach. The Participant shall supplement the information contained in the Notification as it becomes available and cooperate with other Participants and the Coordinating Committee in accordance with Section 20(e) of this Agreement. The Notification required by this Section 14.03 shall not include any PHI. If, on the basis of the Notification, a Participant desires to stop Transacting Message Content with the Participant that reported a Breach, it shall stop Transacting Message Content in accordance with Section 12.01(b) of this Agreement. If, on the basis of the notification, the Coordinating Committee determines that (i) the other Participants that have not been notified of the Breach would benefit from a summary of the Notification or (ii) a summary of the Notification to the other Participants would enhance the security of the Performance and Service Specifications, it may provide, in a timely manner, a summary to such Participants that does not identify any of the Participants or individuals involved in the Breach.
Breach Notification. After becoming aware of a Personal Data breach, Licensor will notify Buyer without undue delay of: (a) the nature of the data breach; (b) the number and categories of data subjects and data records affected; and (c) the name and contact details for the relevant contact person at Licensor.
Breach Notification. The following provisions apply to both a HIPAA Breach and a Security Breach as defined in Section 2 (Definitions). For this Section only, the term “Breach” refers to either a HIPAA Breach or a Security Breach, each to the extent they affect HIE Data submitted by Submitter hereunder.
Breach Notification. Business Associate agrees to implement response programs and record-keeping systems to enable Business Associate to comply with the requirements of this Section and 13402 of the HITECH Act and the regulations implementing such provisions, currently Subpart D of Part 164 of Title 45 of the Code of Federal Regulations, when Business Associate detects or becomes aware of unauthorized access to information systems or documents that contain PHI. Business Associate agrees to mitigate any effects of the inappropriate use or disclosure of PHI by Business Associate.
Breach Notification. Business Associate warrants that it has in place policies and procedures that are designed to detect inappropriate acquisition, access, use or disclosure of Protected Health Information and that it adequately trains its work force and agents on these procedures. Business Associate will notify Hybrid Entity within three (3) business days of discovering an acquisition, access, use or disclosure of Protected Health Information in a manner or for a purpose not permitted by the HIPAA Privacy Rule and within 30 calendar days of discovery will provide Hybrid Entity with the identification of each individual whose Protected Health Information has been or is reasonably believed by Business Associate to have been acquired, accessed, used or disclosed during such incident. Business Associate will assist Hybrid Entity in assessing whether the impermissible acquisition, access, use or disclosure of Protected Health Information compromises the security or privacy of such Protected Health Information. If Hybrid Entity determines that individuals whose data is affected by the impermissible acquisition, access, use or disclosure must be notified pursuant to the HIPAA Breach Notification Standards or other applicable law, Business Associate will reimburse Hybrid Entity’s reasonable notification costs, including legal fees and other costs associate with determining its notification duty, drafting its notification letter, mailing the notification letter and staffing its call center.
