HIPAA Data Breach Notification and Mitigation Sample Clauses

HIPAA Data Breach Notification and Mitigation. Business Associate agrees to implement reasonable systems for the discovery and prompt reporting of any “breach” of “unsecured PHI” as those terms are defined by 45 C.F.R. §164.402 (hereinafter a “HIPAA Breach”). The parties acknowledge and agree that 45 C.F.R. §164.404, as described below in this Section 9.1, governs the determination of the date of a HIPAA Breach. In the event of any conflict between this Section 9.1 and the Confidentiality Requirements, the more stringent requirements shall govern. Business Associate will, following the discovery of a HIPAA Breach, notify Covered Entity immediately and in no event later than three (3) business days after Business Associate discovers such HIPAA Breach, unless Business Associate is prevented from doing so by 45 C.F.R. §164.412 concerning law enforcement investigations. For purposes of reporting a HIPAA Breach to Covered Entity, the discovery of a HIPAA Breach shall occur as of the first day on which such HIPAA Breach is known to the Business Associate or, by exercising reasonable diligence, would have been known to the Business Associate. Business Associate will be considered to have had knowledge of a HIPAA Breach if the HIPAA Breach is known, or by exercising reasonable diligence would have been known, to any person (other than the person committing the HIPAA Breach) who is an employee, officer or other agent of the Business Associate. No later than seven (7) business days following a HIPAA Breach, Business Associate shall provide Covered Entity with sufficient information to permit Covered Entity to comply with the HIPAA Breach notification requirements set forth at 45 C.F.R. §164.400 et seq. Specifically, if the following information is known to (or can be reasonably obtained by) the Business Associate, Business Associate will provide Covered Entity with: (i) contact information for individuals who were or who may have been impacted by the HIPAA Breach (e.g., first and last name, mailing address, street address, phone number, email address); (ii) a brief description of the circumstances of the HIPAA Breach, including the date of the HIPAA Breach and date of discovery; (iii) a description of the types of unsecured PHI involved in the HIPAA Breach (e.g., names, social security number, date of birth, address(es), account numbers of any type, disability codes, diagnostic and/or billing codes and similar information); (iv) a brief description of what the Business Associate has done or is doing to investiga...
Sample 1Sample 2Sample 3See All (9)
AutoNDA by SimpleDocs
HIPAA Data Breach Notification and Mitigation. Business Associate agrees to implement reasonable systems for the discovery and prompt reporting to Covered Entity of any “breach” of “unsecured PHI” as those terms are defined by 45 C.F.R. § 164.402. Specifically, a breach is an unauthorized acquisition, access, use or disclosure of unsecured PHI, including EPHI, which compromises the security or privacy of the PHI/EPHI. A breach compromises the security or privacy of PHI/EPHI if it poses a significant risk of financial, reputational, or other harm to the individual whose PHI/EPHI was compromised (hereinafter a “HIPAA Breach”). The parties acknowledge and agree that 45 C.F.R. § 164.404, as described below in this Section 8.1, governs the determination of the date of discovery of a HIPAA Breach. In the event of any conflict between this Section 8.1 and the Confidentiality Requirements, the more stringent requirements shall govern.
Sample 1Sample 2Sample 3See All (7)
HIPAA Data Breach Notification and Mitigation. Distributor agrees to implement reasonable systems for the discovery and prompt reporting of any "breach " of "unsecured PH1" as those term s are defined by 45 C.F.R. § J 64.402 (hereinafter a "HIPAA Breach "). The Parties acknowledge and agree that 45 C.F.R. § 164.404, as described below in this Section, governs the determination of the date of a HIPAA Breach. In the event of any conflict between this Section and the Confidentiality Requirements, the more stringent requirements shall govern. Distributor will, following the discovery of a HIPAA Breach, notify Atossa immediately within fifteen (15) Distributor discovers such HIPAA Breach, unless Distributor is prevented from doing so by 45 C.F.R. § 164.412 concerning law enforcement investigations. For purposes of reporting a HIPAA Breach to Atossa, the discovery of a HIPAA Breach shall occur as of the first day on which such HIPAA Breach is known to the Distributor or, by exercising reasonable diligence, would have been known to the Distributor. Distributor will be considered to have had knowledge of a HIPAA Breach if the HIPAA Breach is known, or by exercising reasonable diligence would have been known, to any person (other than the person committing the HIPAA Breach) who is an employee, officer or other agent of the Distributor. No later than three (3) business days following a HIPAA Breach, Distributor shall provide Atossa with sufficient information to permit Atossa to comply with the HlPAA Breach notification requirements set forth at 45 C.F.R. § 164.400 et seq. Specifically, if the following information is known to (or can be reasonably obtained by) the Distributor, Distributor will provide Atossa with: (i) contact information for individuals who were or who may have been impacted by the 1-0PAA Breach (e.g., first and last name, mailing address, street address, phone number, email address); (ii) a brief description of the circumstances of the HIPAA Breach, including the date of the HIPAA Breach and date of discovery: (iii) a description of the types of unsecured PHl involved in the HIPAA Breach (e.g., names, social security number, date of birth, addresses, account numbers of any type, disability codes, diagnostic and/or billing codes and similar information); (iv) a brief description of what the Distributor has done or is doing to investigate the HIPAA Breach, mitigate harm to the individual impacted by the HJPAA Breach, and protect against future HIPAA Breaches; and (v) appoint a liaison and provid...
Sample 1Sample 2Sample 3See All (5)
HIPAA Data Breach Notification and Mitigation. Business Associate agrees to implement reasonable systems for the discovery and prompt reporting to Covered Entity of any “breach” of “unsecured PHI” as those terms are defined by 45 C.F.R. § 164.402. Specifically, a breach is an unauthorized acquisition, access, use or disclosure of unsecured PHI, including ePHI, which compromises the security or privacy of the PHI/ePHI. A breach is presumed to have occurred unless there is a low probability that the PHI has been compromised based on a risk assessment of at least the factors listed in 45 C.F.R. § 164.402(2)(i)-(iv) (hereinafter a “HIPAA Breach”). The parties acknowledge and agree that 45 C.F.R. § 164.404, as described below in this Section 8.1, governs the determination of the date of discovery of a HIPAA Breach. In addition to the foregoing and notwithstanding anything to the contrary herein, Business Associate will also comply with applicable state law, including without limitation, Section 521 Texas Business and Commerce Code, as amended by HB 300 (82nd Legislature), or such other laws or regulations as may later be amended or adopted. In the event of any conflict between this Section 8.1, the Confidentiality Requirements, Section 521 of the Texas Business and Commerce Code, and any other later amended or adopted laws or regulations, the most stringent requirements shall govern.
Sample 1Sample 2
HIPAA Data Breach Notification and Mitigation. A. Contractor agrees to implement reasonable systems for the discovery and prompt reporting of any “breach” of “unsecured PHI” as those terms are defined by 45 C.F.R. §164.402 (hereinafter a “HIPAA Breach”). The parties acknowledge and agree that 45 C.F.R. §164.404, as described below in this Section, governs the determination of the date of a HIPAA Breach. Contractor will, following the discovery of a HIPAA Breach, notify County immediately and in no event later than seven business days after Contractor discovers such HIPAA Breach, unless Contractor is prevented from doing so by 45 C.F.R. §164.412 concerning law enforcement investigations.
Sample 1
HIPAA Data Breach Notification and Mitigation. Business Associate agrees to implement reasonable systems for the discovery and prompt reporting of any suspected Breach of Unsecured PHI as those terms are defined by 45 CFR § 164.402 (hereinafter a “HIPAA Breach”). The Parties acknowledge and agree that 45 CFR § 164.404, as described below in this Section 11.1, governs the determination of the date of a HIPAA Breach. Business Associate will fully cooperate with Covered Entity to conduct a HIPAA Breach risk analysis in accordance with 45 CFR §164.400 et seq. In the event of any conflict between this Section 11.1 and the HIPAA Regulations, the more stringent requirements will govern.
Sample 1
HIPAA Data Breach Notification and Mitigation. BA agrees to implement reasonable systems for the discovery and prompt reporting to CE of any “Breach” of “Unsecured PHI” as those terms are defined by HIPAA. Specifically, a breach is an unauthorized acquisition, access, use or disclosure of Unsecured PHI, including ePHI, which compromises the security or privacy of the PHI/ePHI. A breach is presumed to have occurred unless there is a low probability that the PHI has been compromised based on a risk assessment of at least the factors listed in 45 C.F.R. § 164.402 (2)(i)- (iv) (a “HIPAA Breach”). The Parties acknowledge and agree that 45 C.F.R. § 164.404, as described below in this Section 8.1, governs the determination of the date of discovery of a HIPAA Breach. In addition to the foregoing and notwithstanding anything to the contrary herein, BA will also comply with all other Applicable Law regarding breaches of PHI-related information. In the event of any conflict between this Section 8.1, HIPAA, and any other Applicable Law, the most stringent requirements shall govern.
Sample 1
AutoNDA by SimpleDocs
HIPAA Data Breach Notification and Mitigation. A. Each Party agrees to implement reasonable systems for the discovery and prompt reporting of any “breach” of “unsecured PHI” as those terms are defined by 45 C.F.R. §164.402 (hereinafter a “HIPAA Breach”). The parties acknowledge and agree that 45 C.F.R. §164.404, as described below in this Section, governs the determination of the date of a HIPAA Breach. Each Party will, following the discovery of a HIPAA Breach, notify the other Party immediately and in no event later than seven business days after a Party discovers such HIPAA Breach, unless the discovering Party is prevented from doing so by 45 C.F.R. §164.412 concerning law enforcement investigations.
Sample 1
HIPAA Data Breach Notification and Mitigation. Business Associate agrees to implement reasonable systems for the discovery and prompt reporting to Covered Entity of any “breach” of “unsecured PHI” as those terms are defined by 45 C.F.R. § 164.402. Specifically, a breach is an unauthorized acquisition, access, use or disclosure of unsecured PHI, including ePHI, which compromises the security or privacy of the PHI/ePHI. A breach compromises the security or privacy of PHI/ePHI if it poses a significant risk of financial, reputational, or other harm to the individual whose PHI/ePHI was compromised (hereinafter a “HIPAA Breach”). The parties acknowledge and agree that 45 C.F.R. § 164.404, as described below in this Section 8.1, governs the determination of the date of discovery of a HIPAA Breach. In addition to the foregoing and notwithstanding anything to the contrary herein, Business Associate will also comply with applicable state law, including without limitation, Section 521 Texas Business and Commerce Code, as amended by HB 300 (82nd Legislature), or such other laws or regulations as may later be amended or adopted. In the event of any conflict between this Section 8.1, the Confidentiality Requirements, Section 521 of the Texas Business and Commerce Code, and any other later amended or adopted laws or regulations, the most stringent requirements shall govern.
Sample 1

Related to HIPAA Data Breach Notification and Mitigation

  • Due Diligence; Adequate Disclosure Prior to offering the Offered Shares for sale, Selected Dealer shall have conducted an inquiry (the “Diligence Review”) such that Selected Dealer has reasonable grounds to believe, based on information made available to Selected Dealer by the Corporation or the Dealer Manager through the Prospectus or other materials, that all material facts are adequately and accurately disclosed and provide a basis for evaluating a purchase of Offered Shares. In determining the adequacy of disclosed facts pursuant to the foregoing, Selected Dealer may obtain, upon request, information on material facts relating at a minimum to the following: (i) items of compensation; (ii) tax aspects; (iii) financial stability and experience of the Corporation and its Adviser; (iv) conflicts and risk factors; and (v) other pertinent reports. Notwithstanding the foregoing, Selected Dealer may rely upon the results of an inquiry conducted by an independent third party retained for that purpose or another Selected Dealer, provided that: (i) such Selected Dealer has reasonable grounds to believe that such inquiry was conducted with due care by said independent third party or such other Selected Dealer; (ii) the results of the inquiry were provided to Selected Dealer with the consent of the other Selected Dealer conducting or directing the inquiry; and (iii) no Selected Dealer that participated in the inquiry is an affiliate of the Corporation or its Adviser. Prior to the sale of the Offered Shares, Selected Dealer shall inform each prospective purchaser of Offered Shares of pertinent facts relating to the Offered Shares including specifically the lack of liquidity and lack of marketability of the Offered Shares during the term of the investment but shall not, in any event, make any representation on behalf of the Corporation or the Adviser except as set forth in the Prospectus and any Authorized Sales Materials.

  • Notification of Breach / Compliance Reports The Adviser shall notify the Trust immediately upon detection of (i) any material failure to manage any Fund in accordance with its investment objectives and policies or any applicable law; or (ii) any material breach of any of the Funds’ or the Adviser’s policies, guidelines or procedures. In addition, the Adviser shall provide a quarterly report regarding each Fund’s compliance with its investment objectives and policies, applicable law, including, but not limited to the 1940 Act and Subchapter M of the Code, as applicable, and the Fund’s policies, guidelines or procedures as applicable to the Adviser’s obligations under this Agreement. The Adviser agrees to correct any such failure promptly and to take any action that the Board may reasonably request in connection with any such breach. Upon request, the Adviser shall also provide the officers of the Trust with supporting certifications in connection with such certifications of Fund financial statements and disclosure controls pursuant to the Xxxxxxxx-Xxxxx Act. The Adviser will promptly notify the Trust in the event (i) the Adviser is served or otherwise receives notice of any action, suit, proceeding, inquiry or investigation, at law or in equity, before or by any court, public board, or body, involving the affairs of the Trust (excluding class action suits in which a Fund is a member of the plaintiff class by reason of the Fund’s ownership of shares in the defendant) or the compliance by the Adviser with the federal or state securities laws or (ii) an actual change in control of the Adviser resulting in an “assignment” (as defined in the 0000 Xxx) has occurred or is otherwise proposed to occur.

  • Confidentiality/Protection of Customer Information The Company shall keep confidential and shall not divulge to any party, without the Purchaser's prior written consent, the price paid by the Purchaser for the Mortgage Loans, except to the extent that it is reasonable and necessary for the Company to do so in working with legal counsel, auditors, taxing authorities or other governmental agencies. Each party agrees that it shall comply with all applicable laws and regulations regarding the privacy or security of Customer Information and shall maintain appropriate administrative, technical and physical safeguards to protect the security, confidentiality and integrity of Customer Information, including maintaining security measures designed to meet the objectives of the Interagency Guidelines Establishing Standards for Safeguarding Customer Information, 66 Fed. Reg. 8616 (the "Interagency Guidelines"). For purposes of this Section, the term "Customer Information" shall have the meaning assigned to it in the Interagency Guidelines.

  • Third-Party Information; Privacy or Data Protection Laws Each Party acknowledges that it and members of its Group may presently have and, following the Effective Time, may gain access to or possession of confidential or proprietary information of, or personal information relating to, Third Parties (i) that was received under confidentiality or non-disclosure agreements entered into between such Third Parties, on the one hand, and the other Party or members of such Party’s Group, on the other hand, prior to the Effective Time; or (ii) that, as between the two Parties, was originally collected by the other Party or members of such Party’s Group and that may be subject to and protected by privacy, data protection or other applicable Laws. Each Party agrees that it shall hold, protect and use, and shall cause the members of its Group and its and their respective Representatives to hold, protect and use, in strict confidence the confidential and proprietary information of, or personal information relating to, Third Parties in accordance with privacy, data protection or other applicable Laws and the terms of any agreements that were either entered into before the Effective Time or affirmative commitments or representations that were made before the Effective Time by, between or among the other Party or members of the other Party’s Group, on the one hand, and such Third Parties, on the other hand.

  • Investigation and Prevention Transfer Agent shall reasonably assist Fund in investigating of any such unauthorized access and shall use commercially reasonable efforts to:

  • Notification of Breach During the term of this Agreement:

  • Confidential Information Noncompetition and Cooperation The terms of the Employee Non-Competition, Non-Solicitation, Confidentiality and Assignment Agreement (the “Restrictive Covenant Agreement”), between the Company and the Employee, attached hereto as Exhibit A, shall continue to be in full force and effect and are incorporated by reference in this Agreement. The Employee hereby reaffirms the terms of the Restrictive Covenant Agreement as material terms of this Agreement.

Time is Money Join Law Insider Premium to draft better contracts faster.