Reporting of Unauthorized Disclosures and Breaches Sample Clauses

Reporting of Unauthorized Disclosures and Breaches. The Provider that creates, receives, maintains, or transmits protected health information in its role as a service provider under this agreement shall notify DHSS within 24 hours of any suspected or actual breach of security; intrusion; or unauthorized acquisition, access, use or disclosure of protected health information in violation of any applicable federal or state law. The Provider shall use a Notification of Suspected Breach Form (attached as Exhibit 2 to this Privacy and Security Procedures) to the contact person named in the Provider Agreement and to the Privacy and Security Officers of DHSS. The Provider shall identify for DHSS the individuals whose unsecured protected health information has been, or is reasonably believed to have been, breached so that DHSS can comply with any notification requirements if necessary. The Provider shall also indicate whether the protected health information subject to the suspected or actual breach; intrusion; or unauthorized acquisition, access, use or disclosure was encrypted or destroyed at the time. The Provider will be responsible for complying with any notification requirements under HIPAA, the HITECH Act, the Privacy and Security Rule or other law. The Provider will take prompt corrective action to cure any deficiencies that result in breaches of security; intrusion; or unauthorized acquisition, access, use, and disclosure. The Provider shall indemnify and hold harmless DHSS for any civil monetary penalty imposed, monetary settlement with, or award of damages against, DHSS for acts or omissions in violation of HIPAA, the HITECH Act, or the Privacy and Security Rule that are committed by the Provider or a member of its workforce. Provider shall also reimburse DHSS fro all costs incurred by DHSS that are associated with any mitigation, investigation, or notice of breach DHSS undertakes or provides under HIPAA, the HITECH Act, the Privacy and Security Rule, or other applicable law as a result of a breach of DHSS’s protected health information caused by the Provider or Provider’s agent or subcontractor. The Provider is not an agent of DHSS.
Sample 1Sample 2Sample 3See All (13)
AutoNDA by SimpleDocs

Related to Reporting of Unauthorized Disclosures and Breaches

  • CONFIDENTIALITY/SAFEGUARDING OF INFORMATION The CONTRACTOR shall not use or disclose any information concerning the AGENCY, or information that may be classified as confidential, for any purpose not directly connected with the administration of this contract, except with prior written consent of the AGENCY, or as may be required by law.

  • Confidentiality of Client Information ENP providers shall ensure that information about, or obtained from a participant’s records, shall be maintained in a confidential manner.

  • NEPOTISM DISCLOSURE A. In this section the term “relative” means:

  • Reporting of Disclosures The MCP agrees to promptly report to ODM any inappropriate use or disclosure of PHI not in accordance with this Agreement or applicable law, including a breach of unsecured PHI as required at 45 CFR 164.410 and any security incident the MCP has knowledge of or reasonably should have knowledge of under the circumstances.

Time is Money Join Law Insider Premium to draft better contracts faster.