Reporting Unsuccessful Security Incidents Sample Clauses

Reporting Unsuccessful Security Incidents. Business Associate shall provide Covered Entity upon written request a Report that: (a) identifies the categories of Unsuccessful Security Incidents; (b) indicates whether Business Associate believes its current defensive security measures are adequate to address all Unsuccessful Security Incidents, given the scope and nature of such attempts; and (c) if the security measures are not adequate, the measures Business Associate will implement to address the security inadequacies.
Sample 1Sample 2Sample 3See All (125)
AutoNDA by SimpleDocs
Reporting Unsuccessful Security Incidents. The Participant shall annually provide a report to HIO describing in summary form the nature and extent of Unsuccessful Security Incidents concerning Patient Data or the Participant’s access or use of the System or the Services experienced by the Participant during the period covered by that report, as more specifically described in the Policies and Procedures.
Sample 1Sample 2Sample 3See All (8)
Reporting Unsuccessful Security Incidents. The Parties acknowledge and agree that this Section constitutes notice by Business Associate to Covered Entity of the ongoing existence and occurrence of Unsuccessful Security Incidents. The foregoing notwithstanding, Business Associate shall, upon Covered Entity’s written request, report to Covered Entity Unsuccessful Security Incidents in accordance with the reporting requirements herein. For Unsuccessful Security Incidents, Business Associate shall provide Covered Entity, upon its written request, a report that: (a) identifies the categories of Unsuccessful Security Incidents; (b) indicates whether Business Associate believes its current defensive security measures are adequate to address all Unsuccessful Security Incidents, given the scope and nature of such attempts; and (c) if the security measures are not adequate, the measures Business Associate will implement to address the security inadequacies. Cooperation with Violations. Business Associate will cooperate with Covered Entity’s investigation and/or risk assessment with respect to any report made pursuant to Section 2.14, will abide by Covered Entity’s decision with respect to whether such acquisition, access, Use or Disclosure constitutes a Breach of PHI and will follow Covered Entity’s instructions with respect to any event reported to Covered Entity by Business Associate pursuant to Section 2.14. Business Associate shall maintain complete records regarding any event requiring reporting for the period required by 45 C.F.R. 164.530(j) or such longer period as may be required by state law and shall make such records available to Covered Entity promptly upon request but in no event later than within five (5) business days.
Sample 1Sample 2Sample 3See All (7)
Reporting Unsuccessful Security Incidents. The Participant shall annually provide a report to SJCHIE describing in summary form the nature and extent of Unsuccessful Security Incidents concerning Patient Data or the Participant’s access or use of the System or the Services experienced by the Participant during the period covered by that report, as more specifically described in the Policies and Procedures.
Sample 1
Reporting Unsuccessful Security Incidents. Business Associate shall provide Covered Entity upon written request a Report that: (a) identifies the categories of Unsuccessful Security Incidents; (b) indicates whether Business Associate believes its current defensive security measures are adequate to address all Unsuccessful Security Incidents, given the scope and nature of such attempts; and (c) if the security measures are not adequate, the measures Business Associate will implement to address the security inadequacies. Business Associate shall comply with any reasonable policies and procedures Covered Entity implements to obtain compliance under the Security Rule. Reporting and Documenting Breaches. Business Associate shall Report to Covered Entity any Breach of Unsecured PHI as soon as it, or any Person to whom PHI is disclosed under this Agreement, becomes aware of any such Breach, and in no event later than five (5) business days after such awareness, except when a law enforcement official determines that a notification would impede a criminal investigation or cause damage to national security. Such Report shall be timely made notwithstanding the fact that little information may be known at the time of the Report and need only include such information then available. Following the Report described in 6.1, Business Associate shall conduct a risk assessment and provide it to Covered Entity with a summary of the event. Business Associate shall provide Covered Entity with the names of any Individual whose Unsecured PHI has been, or is reasonably believed to have been, the subject of the Breach and any other available information that is required to be given to the affected Individual, as set forth in 45 CFR § 164.404(c). Upon request by Covered Entity, Business Associate shall provide information necessary for Covered Entity to investigate the impermissible Use or Disclosure. Business Associate shall continue to provide to Covered Entity information concerning the Breach as it becomes available. When Business Associate determines that an impermissible acquisition, Access, Use or Disclosure of PHI for which it is responsible is not a Breach, and therefore does not necessitate notice to the impacted Individual, it shall document its assessment of risk, conducted as set forth in 45 CFR § 402(2). Business Associate shall make its risk assessment available to Covered Entity upon request. It shall include 1) the name of the person making the assessment, 2) a brief summary of the facts, and 3) a brief stat...
Sample 1
Reporting Unsuccessful Security Incidents. The Parties acknowledge and agree that this Section constitutes notice by Business Associate to Covered Entity of the ongoing existence and occurrence of Unsuccessful Security Incidents. The foregoing notwithstanding, Business Associate shall, upon Covered Entity’s written request, report to Covered Entity Unsuccessful Security Incidents in accordance with the reporting requirements herein. For Unsuccessful Security Incidents, Business Associate shall provide Covered Entity, upon its written request, a report that: (1) identifies the categories of Unsuccessful Security Incidents; (2) indicates whether Business Associate believes its current defensive security measures are adequate to address all Unsuccessful Security Incidents, given the scope and nature of such attempts; and (3) if the security measures are not adequate, the measures Business Associate will implement to address the security inadequacies.
Sample 1

Related to Reporting Unsuccessful Security Incidents

  • Breaches and Security Incidents During the term of the Agreement, CONTRACTOR 27 agrees to implement reasonable systems for the discovery of any Breach of unsecured DHCS PI and PII 28 or security incident. CONTRACTOR agrees to give notification of any beach of unsecured DHCS PI 29 and PII or security incident in accordance with subparagraph F, of the Business Associate Contract, 30 Exhibit B to the Agreement.

  • Security Incidents 11.1 Includes identification, managing and agreed reporting procedures for actual or suspected security breaches.

  • Security Incident “Security Incident” means the attempted or successful unauthorized access, use, disclosure, modification, or destruction of information or interference with system operations in an information system.

  • Security Incident Reporting A security incident occurs when CDA information assets are or reasonably believed to have been accessed, modified, destroyed, or disclosed without proper authorization, or are lost, or stolen. Subrecipient must comply with CDA’s security incident reporting procedures located at xxxxx://xxx.xxxxx.xx.xxx/ProgramsProviders/#Resources.

  • Security Incident Notification The Transfer Agent shall promptly notify the Trust but in no event later than 72 hours following discovery of any Security Incident(s). Such notification shall include the extent and nature of such intrusion, disclosure, or unauthorized access, the identity of the compromised Customer Confidential Information (to the extent it can be ascertained), how the Transfer Agent was affected by the Security Incident, and its response to such Security Incident. The Transfer Agent shall use continuous and diligent efforts to remedy the cause and the effects of such Security Incident in an expeditious manner and deliver to the Trust a root cause analysis and future incident Mitigation plan with regard to any such incident. The Transfer Agent shall reasonably cooperate with the Trust’s investigation and response to each Security Incident. If the Trust determines in its sole discretion that it may need or be required to notify any individual(s) as a result of a Security Incident, the Trust shall have the right to control all such notifications and the Transfer Agent shall bear all direct costs associated with the notification, to the extent the notification and corresponding actions are required by U.S. law, and subject to the limitation of liability set forth in the Agreement. Without limiting the foregoing, unless otherwise required by U.S. law, no such notifications shall be made by the Transfer Agent without the Trust’s prior written consent and the Trust shall, together with the Transfer Agent, determine the content and delivery of all such notifications. For the avoidance of doubt, the Transfer Agent shall be solely responsible for all costs and expenses, subject to the limitations of liability under the Agreement that the Trust and/or the Transfer Agent may incur to the extent that they are attributable to or arise from the Transfer Agent’s breach of its confidentiality obligations under the Agreement.

  • Data Incidents Merchant must report all instances of a Data Incident (as defined in the American Express Merchant Operating Guide) immediately to ISO after discovery of the incident. Merchant must ensure data quality and that Transaction Data and customer information is processed promptly, accurately, and completely, and complies with the American Express Technical Specifications. THE FOLLOWING SERVICES ARE PROVIDED BY ISO ONLY. Bank shall not have any obligation or liability of any nature in connection with such services. PART THREE

  • Reports of unusual occurrence The Contractor shall, during the Maintenance Period, prior to the close of each day, send to the Authority and the Authority’s Engineer, by facsimile or e- mail, a report stating accidents and unusual occurrences on the Project Highway relating to the safety and security of the Users and Project Highway. A monthly summary of such reports shall also be sent within 3 (three) business days of the closing of month. For the purposes of this Clause 15.4, accidents and unusual occurrences on the Project Highway shall include:

  • Notification to Unsuccessful Job Applicants The parties agree that any unsuccessful candidate for an ONA job posting will be notified, in writing, within one (1) week of the decision being made and prior to the posting of the name of the successful candidate. The parties further agree that the above notification will be copied to the ONA Bargaining Unit President.

Time is Money Join Law Insider Premium to draft better contracts faster.