Notification of Possible Breach Sample Clauses

Notification of Possible Breach. BA shall notify CE within twenty-four (24) hours of any suspected or actual breach of Protected Information; any use or disclosure of Protected Information not permitted by the Contract or Addendum; any security incident (i.e., any attempted or successful unauthorized access, use, disclosure, modification, or destruction of information or interference with system operations in and information system) related to Protected Information, and any actual or suspected use or disclosure of data in violation of any applicable federal or state laws by BA or its agents or subcontractors. The notification shall include, to the extent possible, the identification of each individual whose unsecured Protected Information has been, or is reasonably believed by the BA to have been, accessed, acquired, used, or disclosed, as well as any other available information that CE is required to include in notification to the individual, the media, the Secretary, and any other entity under the Breach Notification Rule and any other applicable state or federal laws, including, but not limited to, 45 C.F.R. Section 164.404 through 45 C.F.R. Section 164.408, at the time of the notification required by this paragraph or promptly thereafter as information becomes available. BA shall take (i) prompt corrective action to cure any deficiencies and (ii) any action pertaining to unauthorized uses or disclosures required by applicable federal and state laws [42 U.S.C. Section 17921; 45 C.F.R. Section 164.504(e)(2)(ii)(c); 45 C.F.R. Section164.308(b)].
Sample 1Sample 2Sample 3See All (137)
AutoNDA by SimpleDocs
Notification of Possible Breach. BUSINESS ASSOCIATE shall notify COUNTY within twenty-four (24) hours of any suspected or actual breach of Protected Information; any use or disclosure of Protected Information not permitted by the Agreement; any security incident (i.e., any attempted or successful unauthorized access, use, disclosure, modification, or destruction of information or interference with system operations in an information system) related to Protected Information, and any actual or suspected use or disclosure of data in violation of any applicable federal or state laws by BUSINESS ASSOCIATE or its agents or subcontractors. The notification shall include, to the extent possible, the identification of each individual whose unsecured Protected Information has been, or is reasonably believed by the BUSINESS ASSOCIATE to have been accessed, acquired, used, or disclosed, as well as any other available information that COUNTY is required to include in notification to the individual, the media, the Secretary, and any other entity under the Breach Notification Rule and any other applicable state or federal laws, including, but not limited, to 45 C.F.R. Section 164.404 through 45 C.F.R. Section 164.l408, at the time of the notification required by this paragraph or promptly thereafter as information becomes available. BUSINESS ASSOCIATE shall take (i) prompt corrective action to cure any deficiencies and (ii) any action pertaining to unauthorized uses or disclosures required by applicable federal and state laws. [42 U.S.C. Section 17921; 45 C.F.R. Section 164.504(e)(2)(ii)(C); 45 C.F.R. Section 164.308(b)]. Any and all notices required pursuant to the terms and conditions of this provision shall be submitted to COUNTY at the following address: COUNTY: Humboldt County DHHS Compliance and Quality Assurance Office Attention: Compliance and Quality Assurance Administrator & Privacy Officer 000 X Xxxxxx Eureka, California 95501 (000) 000-0000
Sample 1Sample 2Sample 3See All (8)
Notification of Possible Breach. BUSINESS ASSOCIATE shall notify DHHS immediately upon discovery of breach or incident involving SSA data, or of any suspected or actual breach of Protected Information; any use or disclosure of Protected Information not permitted by the Agreement; any security incident (i.e., any attempted or successful unauthorized access, use, disclosure, modification, or destruction of information or interference with system operations in an information system) related to Protected Information, and any actual or suspected use or disclosure of data in violation of any applicable federal or state laws by BUSINESS ASSOCIATE or its agents or subcontractors. The notification shall include, to the extent possible, the identification of each individual whose unsecured Protected Information has been, or is reasonably believed by the BUSINESS ASSOCIATE to have been accessed, acquired, used, or disclosed, as well as any other available information that DHHS is required to include in notification to the individual, the media, the Secretary, and any other entity under the Breach Notification Rule and any other applicable state or federal laws, including, but not limited, to 45 C.F.R. Section 164.404 through 45 C.F.R. Section 164.l408, at the time of the notification required by this paragraph or promptly thereafter as information becomes available. BUSINESS ASSOCIATE shall take (i) prompt corrective action to cure any deficiencies and (ii) any action pertaining to unauthorized uses or disclosures required by applicable federal and state laws. [42 U.S.C. Section 17921; 45 C.F.R. Section 164.504(e)(2)(ii)(C); 45 C.F.R. Section 164.308(b)]. Any and all notices required pursuant to the terms and conditions of this provision shall be submitted to DHHS at the following address:
Sample 1Sample 2
Notification of Possible Breach. CSMC shall notify Company promptly of any suspected or actual breach of Protected Information; any use or disclosure of Protected Information not permitted by the Services Agreement or this Agreement; any Security Incident (i.e., any attempted or successful unauthorized access, use, disclosure, modification, or destruction of information or interference with system operations in an information system) related to Protected Information, and any actual or suspected use or disclosure of data in violation of any applicable federal or state laws by CSMC or its agents or subcontractors. Notwithstanding the foregoing, the parties understand that pings and other broadcast attacks on CSMC’s firewall, port scans, unsuccessful log-on attempts, denial of service attacks and any combination of the above shall not be considered a Security Incident, so long as no such incident results in the defeat or circumvention of any security control, or in the unauthorized access, use or disclosure of PHI provided by Covered Entity. The notification shall include, to the extent possible, the identification of each individual whose unsecured Protected Information has been, or is reasonably believed by the business associate to have been, accessed, acquired, used, or disclosed, as well as any other available information that Company is required to include in notification to the individual, the media, the Secretary, and any other entity under the Breach Notification Rule and any other applicable state or federal laws, including, but not limited, to 45 C.F.R. Section 164.404 through 45 C.F.R. Section 164.408, at the time of the notification required by this paragraph or promptly thereafter as information becomes available. CSMC shall take (i) prompt corrective action to cure any deficiencies and (ii) any action pertaining to unauthorized uses or disclosures required by applicable federal and state laws. (This provision should be negotiated.) [42 U.S.C. Section 17921; 45 C.F.R. Section 164.504(e)(2)(ii)(C); 45 C.F.R. Section 164.308(b)].
Sample 1Sample 2
Notification of Possible Breach. AUTHORIZED ENTITY shall notify KAWEAH DELTA within twenty-four (24) hours of any suspected or actual breach or UNAUTHORIZED ACCESS of Protected Information. AUTHORIZED ENTITY shall take (i) prompt corrective action to cure any deficiencies and (ii) any action pertaining to unauthorized uses or disclosures required by applicable federal and state laws.
Sample 1
Notification of Possible Breach. BUSINESS ASSOCIATE shall notify COUNTY within twenty-four (24) hoursof any suspected or actual breach of Protected Information; any use or disclosure of Protected Information not permitted by the Agreement; any security incident (i.e., any attempted or successful unauthorized access, use, disclosure, modification, or destruction of information or interference with system operations in an information system) related to Protected Information, and any actual or suspected use or disclosure of data in violation of any applicable federal or state laws by BUSINESS ASSOCIATE or its agents or subcontractors. For purposes of this Agreement “Security Incident” does not include trivial incidents that occur on a daily basis, such as scans, “pings”, or unsuccessful attempts to penetrate computer networks or servers maintained by Business Associate. The notification shall include, to the extent possible, the identification of each individual whose unsecured Protected Information has been, or is reasonably believed by the BUSINESS ASSOCIATE to have been accessed, acquired, used, or disclosed, as well as any other available information that COUNTY is required to include in notification to the individual, the media, the Secretary, and any other entity under the Breach Notification Rule and any other applicable state or federal laws, including, but not limited, to 45 C.F.R. Section 164.404 through 45 C.F.R. Section 164.l408, at the time of the notification required by this paragraph or promptly thereafter as information becomes available. BUSINESS ASSOCIATE shall take (i) prompt corrective action to cure any deficiencies and (ii) any action pertaining to unauthorized uses or disclosures required by applicable federal and state laws. [42 U.S.C. Section 17921; 45 C.F.R. Section 164.504(e)(2)(ii)(C); 45 C.F.R. Section 164.308(b)]. Any and all notices required pursuant to the terms and conditions of this provision shall be submitted to COUNTY at the following address: COUNTY: Humboldt County DHHS Compliance and Quality Assurance Office Attention: Compliance and Quality Assurance Administrator & Privacy Officer 000 X Xxxxxx Eureka, California 95501 (000) 000-0000
Sample 1
Notification of Possible Breach. CHPSO shall, following the discovery of any Breach of Unsecured PHI, Security Incident, as defined in the Security Rule, and/or any actual or suspected access, use or disclosure of Protected Information not permitted by the Contract and Addendum or applicable law notify CE in writing of such Breach or disclosure without unreasonable delay and in no case later than three business days after discovery CHPSO shall take prompt corrective action and any action required by applicable state or federal laws and regulations relating to such disclosure. CHPSO agrees to pay the actual costs of CE to provide required notifications and any associated costs incurred by CE, such as credit monitoring for affected patients, and including any civil or criminal monetary penalties or fines levied by any federal or state authority having jurisdiction if CE reasonably determines that the nature of the Breach warrants such measures.
Sample 1
AutoNDA by SimpleDocs

Related to Notification of Possible Breach

  • Data Breach Notification Seller will promptly notify Buyer of any actual or potential exposure or misappropriation of Buyer data ("breach") that comes to Seller's attention. Seller will cooperate with Xxxxx and in investigating any such breach, at Xxxxxx's expense. Seller will likewise cooperate with Buyer and, as applicable, with law enforcement agencies in any effort to notify injured or potentially injured parties, and such cooperation will be at Seller's expense, except to the extent that the breach was caused by Xxxxx. The remedies and obligations set forth in this subsection are in addition to any others Buyer may have, including, but not limited to, any requirements in the “Privacy, Confidentiality, and Security” provisions of this Agreement.

  • Notification of Breach During the term of this Agreement:

  • Security Breach Notification In addition to the information enumerated in Article V, Section 4(1) of the DPA Standard Clauses, any Security Breach notification provided by the Provider to the LEA shall include:

  • Notification of personal data breach 1. In case of any personal data breach, the data processor shall, without undue delay after having become aware of it, notify the data controller of the personal data breach.

  • Security Breach Notifications Notice must be given by the Subrecipient to anyone whose PSCI could have been breached in accordance with HIPAA, the Information Practices Act of 1977, and State policy.

  • Notification of Force Majeure Event 11.5.1 The Affected Party shall give notice to the other Party of any event of Force Majeure as soon as reasonably practicable, but not later than seven (7) days after the date on which such Party knew or should reasonably have known of the commencement of the event of Force Majeure. If an event of Force Majeure results in a breakdown of communications rendering it unreasonable to give notice within the applicable time limit specified herein, then the Party claiming Force Majeure shall give such notice as soon as reasonably practicable after reinstatement of communications, but not later than one (1) day after such reinstatement. Provided that, such notice shall be a pre-condition to the Affected Party’s entitlement to claim relief under this Agreement. Such notice shall include full particulars of the event of Force Majeure, its effects on the Party claiming relief and the remedial measures proposed. The Affected Party shall give the other Party regular reports on the progress of those remedial measures and such other information as the other Party may reasonably request about the Force Majeure.

  • Reportable Events Involving the Xxxxx Law Notwithstanding the reporting requirements outlined above, any Reportable Event that involves solely a probable violation of section 1877 of the Social Security Act, 42 U.S.C. §1395nn (the Xxxxx Law) should be submitted by Practitioner to CMS through the self-referral disclosure protocol (SRDP), with a copy to the OIG. If Practitioner identifies a probable violation of the Xxxxx Law and repays the applicable Overpayment directly to the CMS contractor, then Practitioner is not required by this Section III.G to submit the Reportable Event to CMS through the SRDP.

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!