Breach of Unsecured Protected Health Information. 1. In the case of a breach of unsecured Protected Health Information, Contractor shall comply with the applicable provisions of 42 U.S.C. § 17932 and 45 C.F.R. part 164, subpart D, including but not limited to 45 C.F.R. § 164.410.
Breach of Unsecured Protected Health Information. As required by the Breach Notification Rule, Business Associate shall, and shall require its Subcontractor(s) to, maintain systems to monitor and detect a Breach of Unsecured PHI, whether in paper or electronic form.
Breach of Unsecured Protected Health Information. A Breach of Unsecured Protected Health Information includes any Breach as defined in the HITECH act or regulations adopted pursuant thereto.
Breach of Unsecured Protected Health Information. We shall provide you notice of a Breach of Unsecured PHI within five (5) business days of the first day the Breach is known, or reasonably should have been known, to us, including for this purpose any employee, officer, or other agent of ours (other than the individual committing the Breach). The notice shall include, to the extent possible, the identification of each Individual whose Unsecured PHI was, or is reasonably believed to have been, subject to the Breach and the circumstances of the Breach, as both are known to us at that time. To the extent possible, the description of the circumstances of the Breach shall include:
Breach of Unsecured Protected Health Information. 3.4.1 A Breach of Unsecured PHI by Business Associate shall be determined to be discovered on the first date that Business Associate knows of such Breach or, by exercising reasonable diligence, would have known of such Breach.
Breach of Unsecured Protected Health Information. In the case of a breach of unsecured Protected Health Information, Contractor shall comply with the applicable provisions of 42 U.S.C. § 17932 and 45 C.F.R. part 164, subpart D, including but not limited to 45 C.F.R. § 164.410. Contractor agrees to notify County of any access, use or disclosure of Protected Health Information not permitted or provided for by this Agreement of which it becomes aware, including any breach as required in 45 45 C.F.R. § 164.410. or security incident immediately upon discovery by telephone at 000-000-0000 and Xxxxxxxxxxxxxx@xxxxxxxxxxxx.xxx or 000-000-0000 and will include, to the extent possible, the identification of each Individual whose unsecured Protect Health Information has been, or is reasonably believed by the Contractor to have been accessed, acquired, used, or disclosed, a description of the Protected Health Information involved, the nature of the unauthorized access, use or disclosure, the date of the occurrence, and a description of any remedial action taken or proposed to be taken by Contractor. Contractor will also provide to County any other available information that the Covered entity requests. A breach or unauthorized access, use or disclosure shall be treated as discovered by the Contractor on the first day on which such unauthorized access, use, or disclosure is known, or should reasonably have been known, to the Contractor or to any person, other than the individual committing the unauthorized disclosure, that is an employee, officer, subcontractor, agent or other representative of the Contractor. Contractor shall mitigate, to the extent practicable, any harmful effect that results from a breach, security incident, or unauthorized access, use or disclosure of unsecured Protected Health Information by Contractor or its employees, officers, subcontractors, agents or representatives. Following a breach, security incident, or any unauthorized access, use or disclosure of unsecured Protected Health Information, Contractor agrees to take any and all corrective action necessary to prevent recurrence, to document any such action, and to make all documentation available to the County. Except as provided by law, Contractor agrees that it will not inform any third party of a breach or unauthorized access, use or disclosure of Unsecured Projected Health Information without obtaining the County’s prior written consent. County hereby reserves the sole right to determine whether and how such notice is to be provided to a...
Breach of Unsecured Protected Health Information. As required by the Breach Notification Rule, BA shall maintain systems to monitor and detect a Breach of Unsecured PHI, whether in paper or electronic form. BA shall provide to Provider notice of a Breach of Unsecured PHI as soon as possible but not later than ten Business days after the first day the Breach is known. BA shall cooperate with Provider to determine whether the Breach “poses a significant risk of financial, reputational, or other harm to the individual,” thereby requiring notice to individuals, and will cooperate with Provider as may be necessary to allow Provider to provide notification of the Breach to individuals as required by the Breach Notification Rule. Provider is responsible for the provision of notice to Individuals in a timely manner, provided that Provider shall consult with BA as needed regarding the details of the notice.
Breach of Unsecured Protected Health Information. Business Associate will report to Covered Entity any potential Breach of Unsecured Protected Health Information not more than ten (10) calendar days after discovery of such potential Breach. Business Associate will treat a potential Breach as being discovered in accordance with 45 CFR §164.410. Business Associate will make the report to Covered Entity’s Privacy Officer. If a delay is requested by a law-enforcement official in accordance with 45 CFR §164.412, Business Associate may delay notifying Covered Entity for the applicable time period. Business Associate’s report will include at least the following, provided that absence of any information will not be cause for Business Associate to delay the report:
Breach of Unsecured Protected Health Information. Business Associate will report to the Plan any potential Breach of Unsecured Protected Health Information not later than 60 calendar days after discovery of such potential Breach. If the Business Associate is treated as the legal agent of the Plan, the number of days the Business Associate takes to report counts against the Covered Entity's 60-day deadline to provide required notifications to individuals and, in appropriate cases, to the media and HHS. Business Associate will treat a potential Breach as being discovered in accordance with 45 CFR § 164.410. Business Associate will make the report to the Plan's Privacy Officer. If a delay is requested by a law-enforcement official in accordance with 45 CFR § 164.412, Business Associate may delay notifying the Plan for the applicable time period. Business Associate's report will include at least the following, provided that absence of any information will not be cause for Business Associate to delay the report:
Breach of Unsecured Protected Health Information. We shall provide you notice of a Breach of Unsecured PHI within five (5) business days of the first day the Breach is known, or reasonably should have been known, to us, including for this purpose any employee, officer, or other agent of ours (other than the individual committing the Breach). The notice shall include, to the extent possible, the identification of each Individual whose Unsecured PHI was, or is reasonably believed to have been, subject to the Breach and the circumstances of the Breach, as both are known to us at that time. To the extent possible, the description of the circumstances of the Breach shall include: (1) a brief description of what happened, including the date of the Breach and the date of the discovery of the Breach; (2) a description of the types of Unsecured PHI that were involved in the Breach; and (3) a brief description of what we are doing to investigate the Breach, to mitigate harm to Individuals, and to protect against any further Breaches. Following the notice to you, we shall conduct such further investigation and analysis as is reasonably required and shall promptly supplement the information provided pursuant to (1) – (3) herein, previously provided.
