Common use of Notify Covered Entity Clause in Contracts

Notify Covered Entity. upon acquiring actual knowledge of a Security Incident or breach of Unsecured PHI, or by the exercise of reasonable diligence should have acquired knowledge of a Security Incident or breach of Unsecured PHI, without undue delay. To the extent possible, Business Associate’s notification shall include at the time of the notice or promptly thereafter as the information becomes available, a brief description of what happened, the types of Unsecured PHI involved, and any remedial actions taken. Notwithstanding the foregoing, this Section constitutes notice by Business Associate to Covered Entity of the ongoing existence and occurrence of attempted but unsuccessful Security Incidents, for which no additional notice to Covered Entity shall be required, including but not limited to, pings and other broadcast attacks on Business Associate’s network security groups, port scans, unsuccessful log-in attempts, denial-of-service attacks, malware (e.g. worms, viruses) that is detected and neutralized by Business Associate’s defensive software and tools intended for such purposes, interception of encrypted information where the key is not comprised and any combination of the above, so long as no such incident results in unauthorized access, use or disclosure of Unsecured PHI. Notwithstanding the foregoing, Covered Entity acknowledges that because Business Associate personnel do not have visibility to the content of Customer Data, it will be unlikely that Business Associate can provide information as to the type of data that may be affected or the identities of Individuals whose data may be affected by a breach or Security Incident. Communications by or on behalf of Business Associate with Covered Entity in connection with this Section shall not be construed as an acknowledgment by Business Associate of any fault or liability with respect to the incident.

Notify Covered Entity. upon acquiring actual knowledge of a Security Incident or breach of Unsecured PHI, or by the exercise of reasonable diligence should have acquired knowledge of a Security Incident or breach of Unsecured PHI, without undue delay. To the extent possible, Business Associate’s notification shall include at the time of the notice or promptly thereafter as the information becomes available, a brief description of what happened, the types of Unsecured PHI involved, and any remedial actions taken. Notwithstanding the foregoing, this Section constitutes notice by Business Associate UiPath to Covered Entity Customer of the ongoing existence and occurrence of attempted but unsuccessful Security Incidents, for which no additional notice to Covered Entity Customer shall be required, including but not limited to, pings and other broadcast attacks on Business Associate’s network security groups, port scans, unsuccessful log-in attempts, denial-denial- of-service attacks, malware (e.g. worms, viruses) that is detected and neutralized by Business AssociateUiPath’s defensive software and tools intended for such purposes, interception of encrypted information where the key is not comprised and any combination of the above, so long as no such incident results in unauthorized access, use or disclosure of Unsecured PHI. Notwithstanding the foregoing, Covered Entity Customer acknowledges that because Business Associate personnel do not have visibility to the content of Customer Data, it will be unlikely that Business Associate UiPath can provide information as to the type of data that may be affected or the identities of Individuals whose data may be affected by a breach or Security Incident. Communications by or on behalf of Business Associate with Covered Entity Customer in connection with this Section shall not be construed as an acknowledgment by Business Associate UiPath of any fault or liability with respect to the incident.