Reporting of Breach. Brightree shall report to Client any Security Incident, Breach of Unsecured Protected Health Information, or any other use or disclosure of Protected Health Information other than as provided for by the Agreement, including this Addendum, within five (5) business days of learning of such use or disclosure. Notifications related to the breach of Unsecured Protected Health Information shall be in writing and shall include: (i) the identification of each individual whose Unsecured Protected Health Information was or is reasonably believed by Brightree to have been accessed, acquired, used or disclosed during the Breach; and (ii) any other available information that Client is required to include in notification to the individual under 45 CFR 164.404(c), such as a brief description of the incident and the nature of the information disclosed, and the status of Brightree’s investigation of the matter and mitigation efforts. Brightree shall take prompt corrective action to cure any deficiencies in its systems as required by applicable federal and state laws and regulations.
Reporting of Breach. Report to the Covered Entity any use or disclosure of protected health information not provided for by this Agreement of which the Company becomes aware, including breaches of unsecured PHI as required by 45 CFR 164.410 and/or other applicable law.
Reporting of Breach. Supplier will report any confirmed or suspected Breach to UC immediately upon discovery, both orally and in writing, but in no event more than two (2) business days after Supplier reasonably believes a Breach has or may have occurred. Supplier’s report will identify: (i) the nature of the unauthorized access, use or disclosure, (ii) the Non-public Information accessed, used or disclosed, (iii) the person(s) who accessed, used, disclosed and/or received Non-public Information (if known), (iv) what Supplier has done or will do to mitigate any deleterious effect of the unauthorized access, use or disclosure, and (v) what corrective action Supplier has taken or will take to prevent future unauthorized access, use or disclosure. Supplier will provide such other information, including a written report, as reasonably requested by UC. In the event of a suspected Breach, Supplier will keep UC informed regularly of the progress of its investigation until the uncertainty is resolved.
Reporting of Breach. Supplier will report any confirmed or suspected Breach to UC immediately upon discovery, both orally and in writing, but in no event more than two (2) business days after Supplier reasonably believes a Breach has or may have occurred. Supplier’s report will identify: (i) the nature of the unauthorized access, use or disclosure, (ii) the Non-public Information accessed, used or disclosed,
Reporting of Breach. Contractor shall report any confirmed or suspected Breach to University immediately upon discovery, both orally and in writing, but in no event more than three (3) business days after Contractor reasonably believes a Breach has or may have Contractor’s report shall identify: (i) the nature of the unauthorized access, use or disclosure, (ii) the Protected Information accessed, used or disclosed, (iii) the person(s) who accessed, used and disclosed and/or received Protected Information (if known), (iv) what Contractor has done or will do to mitigate any deleterious effect of the unauthorized access, use or disclosure, and (v) what corrective action Contractor has taken or will take to prevent future unauthorized access, use or disclosure. Contractor shall provide such other information, including a written report, as reasonably requested by University. In the event of a suspected Breach, Contractor shall keep the University informed regularly of the progress of its investigation until the uncertainty is resolved. Coordination of Breach Response Activities: In the event of a Breach, Contractor will: Immediately preserve any potential forensic evidence relating to the breach, and remedy the breach as quickly as circumstances permit; Promptly (within 3 business days) designate a contact person to whom the University will direct inquiries, and who will communicate Contractor responses to University inquiries; As rapidly as circumstances permit, apply appropriate resources to remedy the breach condition, investigate, document, restore University service(s) as directed by the University, and undertake appropriate response activities; Provide status reports to the University on Breach response activities, either on a daily basis or a frequency approved by the University; Coordinate all media, law enforcement, or other Breach notifications with the University in advance of such notification(s), unless expressly prohibited by law; Make all reasonable efforts to assist and cooperate with the University in its Breach response efforts; and Ensure that knowledgeable Contractor staff are available on short notice, if needed, to participate in University-initiated meetings and/or conference calls regarding the
Reporting of Breach. Contractor shall report any confirmed or suspected Breach to University immediately upon discovery, both orally and in writing, but in no event more than three (3) business days after Contractor reasonably believes a Breach has or may have occurred. Contractor’s report shall identify: (i) the nature of the unauthorized access, use or disclosure, (ii) the Protected Information accessed, used or disclosed, (iii) the person(s) who accessed, used and disclosed and/or received Protected Information (if known), (iv) what Contractor has done or will do to mitigate any deleterious effect of the unauthorized access, use or disclosure, and (v) what corrective action Contractor has taken or will take to prevent future unauthorized access, use or disclosure. Contractor shall provide such other information, including a written report, as reasonably requested by University. In the event of a suspected Breach, Contractor shall keep the University informed regularly of the progress of its investigation until the uncertainty is resolved.
Reporting of Breach. HRTec shall report any confirmed or suspected Breach to [Customer/Agency] immediately upon discovery, both orally and in writing, but in no event more than two (2) business days after HRTec reasonably believes a Breach has or may have occurred. HRTec’s report shall identify: (i) the nature of the unauthorized access, use or disclosure, (ii) the Protected Information accessed, used or disclosed, (iii) the person(s) who accessed, used and disclosed and/or received Protected Information (if known), (iv) what HRTec has done or will do to mitigate any deleterious effect of the unauthorized access, use or disclosure, and (v) what corrective action HRTec has taken or will take to prevent future unauthorized access, use or disclosure. HRTec will provide such other information, including a written report, as reasonably requested by the [Customer/Agency]. In the event of a suspected Breach, HRTec shall keep the [Customer/Agency] informed regularly of the progress of its investigation until the uncertainty is resolved.
Reporting of Breach. Company shall report to Client any Security Incident, Breach of Unsecured Protected Health Information, or any other use or disclosure of Protected Health Information other than as provided for by the Agreement, including this Addendum, within five (5) business days of learning of such use or disclosure. Notifications related to the breach of Unsecured Protected Health Information shall be in writing and shall include: (i) the identification of each individual whose Unsecured Protected Health Information was or is reasonably believed by Company to have been accessed, acquired, used or disclosed during the Breach; and (ii) any other available information that Client is required to include in notification to the individual under 45 CFR 164.404(c), such as a brief description of the incident and the nature of the information disclosed, and the status of Company’s investigation of the matter and mitigation efforts. Company shall take prompt corrective action to cure any deficiencies in its systems as required by applicable federal and state laws andregulations.
Reporting of Breach. Contractor shall report to Agency within fifteen (15) days of Contractor becoming aware of the Breach any unauthorized acquisition, access, use, or disclosure of PHI that compromises the security or privacy of the PHI (a “Breach”), unless an unauthorized person to whom the PHI is disclosed would not reasonably have been able to retain the PHI or unless the PHI is secured.
Reporting of Breach. 1) Xxxxx-Xxxxx‐Xxxxxx Act (GLB) (15 U.S.C. §§ 6801(b) and 6805(b)(2)) (Select Student Aid Data)-Contractor must report any "suspected" data breach on the day it is detected;
