Breach Reporting. Business Associate shall report to Covered Entity any use or disclosure of PHI not permitted under this BAA, Breach of Unsecured PHI or Security Incident, without unreasonable delay, and in any event no more than thirty (30) days following discovery; provided, however, that the Parties acknowledge and agree that this Section constitutes notice by Business Associate to Covered Entity of the ongoing existence and occurrence of attempted but Unsuccessful Security Incidents (as defined below) for which notice to Covered Entity by Business Associate shall be required only upon request. "Unsuccessful Security Incidents" shall include, but not be limited to, pings and other broadcast attacks on Business Associate's firewall, port scans, unsuccessful log-on attempts, denials of service and any combination of the above, so long as no such incident results in unauthorized access, use or disclosure of PHI. Business Associate's notification to Covered Entity of a Breach shall include: (i) the identification of each individual whose Unsecured PHI has been, or is reasonably believed by Business Associate to have been, accessed, acquired or disclosed during the Breach; and (ii) any particulars regarding the Breach that Covered Entity would need to include in its notification, as such particulars are identified in 45 C.F.R. § 164.404.
Breach Reporting. Contractor shall report breaches and suspected security incidents to County, to include:
Breach Reporting. If SSA or VA suspects or confirms a breach, as defined by OMB M-17-12 or suspects or experiences an incident involving the loss or breach of PII provided by SSA or VA under the terms of this Agreement, they will follow the breach reporting guidelines issued by OMB and agency policy. In the event of a reportable breach under OMB guidance involving PII, the agency experiencing the breach is responsible for following its established procedures, including notification to the proper organizations (e.g., United States Computer Emergency Readiness Team, the agency’s privacy office). In addition, the agency experiencing the breach (e.g., electronic or paper) will notify the other agency’s Systems Security Contact named in this Agreement. If VA is unable to speak with the SSA Systems Security Contact within one hour or if for some other reason notifying the SSA Systems Security Contact is not practicable (e.g., it is outside of the normal business hours), VA will call SSA’s National Network Service Center toll free at 0-000-000-0000. SSA must also notify VA’s Systems Security Contact and the VA Network and Security Operations Center (1-800- 877-4328) within one hour.
Breach Reporting. Contractor will report, in writing, any breach of protected health information to State within five (5) business days of discovery, in accordance with 45 C.F.R § 164.410. Content of report to State. Reports to the authorized representative regarding breaches of protected health information will include:
Breach Reporting. Report in writing to Covered Entity within ten (10) business days after discovery, any suspected or actual: (a) access, use or disclosure of PHI not permitted by this Agreement; (b) breach of unsecured PHI in accordance with 45 CFR 164.410; (c) security breach or intrusion; (d) use or disclosure of PHI in violation of any applicable federal or state laws or regulations. Business Associate will implement a reasonable system for discovery of Breaches.
Breach Reporting. 10.1 We shall promptly inform You if any of Your Data is lost or destroyed or becomes damaged, corrupted, or unusable, or if there is any accidental, unauthorised or unlawful disclosure of or access to any of Your Data. In such case, We will use Our reasonable endeavours to restore Your Data at Your expense (save where the incident was caused by Our negligent act or omission, in which case it will be at Our expense), and will comply with all of Our obligations under Data Protection Legislation in this regard.
Breach Reporting. 13.10.1 The Supplier shall promptly inform the EPA if any EPA Data is copied, modified, lost or destroyed or becomes damaged, corrupted, or unusable, or if there is any accidental, unauthorised or unlawful disclosure of or access to the EPA Data. In such case, the Supplier will restore such EPA Data at its own expense, and will comply will all of its obligations under Data Protection Legislation in this regard.
Breach Reporting. 3.2.1 In the event of a Breach of any Unsecured PHI (as defined in 45 C.F.R. 402) or sensitive personal information that Business Associate accesses, maintains, retains, modifies, records, stores, destroys, or otherwise holds or uses on behalf of Covered Entity, Business Associate will provide notice of the Breach to Covered Entity immediately, but in no event more than three (3) days after discovering the Breach.
Breach Reporting. 4.11.1 The Contractor shall promptly inform the Client if any Client Data is copied, modified, lost or destroyed or becomes damaged, corrupted, or unusable, or if there is any accidental, unauthorised or unlawful disclosure of or access to the Client Data. In such case, the Contractor will restore such Client Data at its own expense and will comply will all of its obligations under Data Protection Legislation in this regard.
Breach Reporting. 40.1 We shall promptly inform You if any of User Uploaded Data is lost or destroyed or becomes damaged, corrupted, or unusable, or if there is any accidental, unauthorised or unlawful disclosure of or access to any of User Uploaded Data. In such case, We will use Our reasonable endeavours to restore User Uploaded Data at Your expense (save where the incident was caused by Our negligent act or omission, in which case it will be at Our expense), and will comply with all of Our obligations under Data Protection Legislation in this regard.
