Risk Assessment and Investigation Sample Clauses

Risk Assessment and Investigation. Business Associate shall perform an appropriate risk assessment immediately following the discovery of any unauthorized access, use or disclosure of PHI to determine whether use, access, or disclosure is one that “poses a significant risk of financial, reputation or other harm to the individual.” In performing the Risk Assessment, Business Associate should consider a combination of factors such as: (a) who impermissibly used the PHI or to whom the PHI was impermissibly disclosed; (b) was the impermissibly disclosed PHI returned prior to it being accessed for an improper purpose; and (c) the type and amount of PHI involved in the impermissible use or disclosure. Upon the Covered Entity’s request, Business Associate shall permit a Covered Entity staff member to participate in the investigation. i The results, including all documentation and reports produced during such Risk Assessment and Investigation, shall be provided to Covered Entity in writing, without unreasonable delay and in no event later than thirty (30) days from the date of discovery of the unauthorized access, use or disclosure. In addition to the Risk Assessment conducted by the Business Associate, Covered Entity reserves the right to conduct its own investigation of any unauthorized access, use or disclosure of PHI occurring at any facility, site or location of Business Associate, its agents or subcontractors or through any systems under the control of the Business Associate, its agents or subcontractors. Business Associate shall cooperate with Covered Entity to conduct such investigation. Covered Entity agrees to provide advance notice of such investigation, to protect the confidentiality of and not disclose any confidential and proprietary information of Business Associate to which Covered Entity has access during the course of such investigation.
Sample 1
AutoNDA by SimpleDocs
Risk Assessment and Investigation. Business Associate shall perform an appropriate risk assessment immediately following the discovery of any unauthorized access, use or disclosure of PHI to determine whether use, access, or disclosure is one that “poses a significant risk of financial, reputational, or other harm to the individual.” In performing the Risk Assessment, Business Associate should consider a combination of factors such as: (a) who impermissibly used the PHI or to whom the PHI was impermissibly disclosed; (b) was the impermissibly disclosed PHI returned prior to it being accessed for improper purpose; and (c) the type and amount of PHI involved in the impermissible use or disclosure. The results of such Risk Assessment shall be provided to Covered Entity in writing without unreasonable delay and in no case later than 15 days from the date of discovery of the unauthorized access, use or disclosure. In addition to the Risk Assessment conducted by Business Associate, Covered Entity reserves the right to conduct its own investigation of any unauthorized access, use or disclosure of PHI occurring at any facility, site or location of Business Associate, its agents or subcontractors or through any systems under the control of the Business Associate, its agents or subcontractors. Business Associate shall cooperate with Covered Entity to conduct such investigation. Covered Entity agrees to provide advance notice of such investigation and to protect the confidentiality of all confidential and proprietary information of Business Associate to which Covered entity has access during the course of such investigation.
Sample 1
Risk Assessment and Investigation. Business Associate shall perform an appropriate risk assessment immediately following the discovery of any unauthorized access, use or disclosure of PHI to determine whether use, access, or disclosure is one “that compromises the security or privacy” of the PHI. In performing the Risk Assessment, Business Associate should consider a combination of factors such as: (a) who impermissibly used the PHI or to whom the PHI was impermissibly disclosed; (b) was the impermissibly disclosed PHI returned prior to it being accessed for improper purpose; (c) the type and amount of PHI involved in the impermissible use or disclosure; and (d) the extent to which the risk to the PHI has been mitigated. The results of such Risk Assessment shall be provided to Covered Entity in writing without unreasonable delay and in no case later than ten (10) days from the date of discovery of the unauthorized access, use or disclosure, unless the Parties mutually agree to extend such ten (10) day deadline or if a law enforcement official determines that a notification would impede investigation or cause damage to national security.
Sample 1

Related to Risk Assessment and Investigation

  • Environmental Assessment and Mitigation Development of a transportation project must comply with applicable environmental laws. The party named in article 1, Responsible Parties, under AGREEMENT is responsible for the following:

  • COMPLAINTS AND INVESTIGATIONS 1. This article applies to complaints or allegations made externally and not from normal supervisory activities.

  • Risk Assessment An assessment of any risks inherent in the work requirements and actions to mitigate these risks.

  • AUDITS AND INVESTIGATIONS 27.1 Each invoice paid by UNDP shall be subject to a post-payment audit by auditors, whether internal or external, of UNDP or by other authorized and qualified agents of UNDP at any time during the term of the Contract and for a period of three (3) years following the expiration or prior termination of the Contract.

  • Periodic Risk Assessment Provider further acknowledges and agrees to conduct periodic risk assessments and remediate any identified security and privacy vulnerabilities in a timely manner.

  • Environmental Assessment Buyer shall have the right for a period commencing upon execution of this Agreement by both parties and ending on November 28, 2012, to conduct an environmental assessment of the Assets, at Buyer’s sole risk, liability and expense. Seller shall make available to Buyer, during the environmental assessment period described above, Seller’s historical files regarding prior operations on the Assets, and provide Buyer and its representatives with reasonable access to the Assets to conduct the environmental assessment. Buyer shall provide Seller three (3) days prior written notice of a desired date(s) for such assessment and Seller shall have the right to be present during any assessment and, if any testing is conducted pursuant to Seller’s express prior written consent, Seller may require splitting of all samples. Notwithstanding any other provision of this Agreement to the contrary, Buyer shall not have the right to drill any test, monitor or other xxxxx or to extract samples of any air, soil, water or other substance from the Assets without Seller’s express prior written consent. If Buyer proposes a reasonable request to drill a test well or extract a sample pursuant to a systematic and customary procedure for the assessment of the environmental condition of the Assets and Seller refuses to grant its consent to such a well or sampling, then Buyer shall have the right, for a period of seventy-two (72) hours following notification of Seller’s refusal to consent, to deliver written notice to Seller of Buyer’s election to exclude from this transaction the portion of the Assets affected by such proposed test well or sample, and the Purchase Price shall be adjusted accordingly by the Allocated Value of such portion of the Assets so excluded. Under no circumstances whatsoever shall Seller ever be obligated to grant its consent to any such test xxxxx or sampling proposed by Buyer, and Buyer’s sole and exclusive remedy for any refusal by Seller to grant its consent shall be the limited right contained in the preceding sentence to exclude the affected Assets from the transactions contemplated by this Agreement. If Buyer fails to exercise the right to exclude such Assets by written notice to Seller delivered prior to the expiration of the seventy-two hour period described above, then Buyer shall be conclusively deemed to have waived such right and shall be obligated to purchase the affected Assets without conducting such testing or sampling or any adjustment of the Purchase Price unless otherwise provided in this Agreement.

  • Complaints Investigation ‌ An employee who complains of harassment under the provisions of the Human Rights Code of British Columbia may refer the complaint to either one or other of the following processes:

  • Risk Assessments a. Risk Assessment - Transfer Agent shall, at least annually, perform risk assessments that are designed to identify material threats (both internal and external) against Fund Data, the likelihood of those threats occurring and the impact of those threats upon the Transfer Agent organization to evaluate and analyze the appropriate level of information security safeguards (“Risk Assessments”).

  • Grievance Investigation The Employer agrees to supply to the Union the names of all applicants for a vacancy, or new position in the course of a grievance investigation.

  • Search, Enquiry, Investigation, Examination And Verification a. The Property is sold on an “as is where is basis” subject to all the necessary inspection, search (including but not limited to the status of title), enquiry (including but not limited to the terms of consent to transfer and/or assignment and outstanding charges), investigation, examination and verification of which the Purchaser is already advised to conduct prior to the auction and which the Purchaser warrants to the Assignee has been conducted by the Purchaser’s independent legal advisors at the time of execution of the Memorandum.

Time is Money Join Law Insider Premium to draft better contracts faster.