Potential Data Security Breach Clause Samples

Potential Data Security Breach. If Outside Entity at any time has reason to believe that PHI transmitted pursuant to this Agreement may have been accessed or disclosed without proper authorization and contrary to the terms of this Agreement, Outside Entity shall immediately notify YNHHS and take actions to eliminate the cause of the breach. To the extent YNHHS deems warranted, in its sole discretion, YNHHS will provide notice, or require Outside Entity to provide notice, to individuals whose PHI may have been improperly accessed or disclosed.
View SourceView Similar (3)
Potential Data Security Breach. If Outside Entity at any time has reason to believe that PHI transmitted pursuant to this Agreement may have been accessed or disclosed without proper authorization and contrary to the terms of this Agreement, Outside Entity shall immediately notify HRH's Privacy Officer and take actions to eliminate the cause of the breach. To the extent HRH deems warranted, in its sole discretion, HRH will provide notice, or require Outside Entity to provide notice, to individuals whose PHI may have been improperly accessed or disclosed.
View Source
Potential Data Security Breach. If at any time Outside Practice has reason to believe that PHI transmitted pursuant to this Agreement may have been accessed or disclosed without proper authorization and contrary to the terms of this Agreement, Outside Practice shall, within one (1) working day of becoming aware of an a potential unauthorized use or disclosure of PHI give HMH notice at ▇▇▇▇▇▇▇@▇▇▇▇.▇▇▇ and take all necessary actions to eliminate the cause of the breach. To the extent HMH deems warranted, in its sole discretion, HMH will provide notice or require Outside Practice to provide notice to individuals whose PHI may have been improperly accessed or disclosed.
View Source
Potential Data Security Breach. Outside Entity shall report to UC Health any security incident as defined in the HIPAA Security Rule related to the System of which it becomes aware within twenty-four (24) hours of its knowledge of the incident. Any active or ongoing security incident must be reported immediately upon discovery. Security incident is the attempted or successful unauthorized access, use, disclosure, modification or destruction of information or interference in an information system.
View Source
Potential Data Security Breach. If at any time Outside Entity has reason to believe that PHI transmitted pursuant to this Agreement may have been accessed or disclosed without proper authorization and contrary to the terms of this Agreement, Outside Entity will promptly give Connecticut Children’s notice, but in no event longer than three business days, and take actions to eliminate the cause of the breach. To the extent Connecticut Children’s deems reasonably warranted, in its sole discretion, Connecticut Children’s will provide notice (at Outside Entity’s expense) or require Outside Entity (at its own expense) to provide notice to individuals whose PHI may have been improperly accessed or disclosed. In the event credit monitoring is necessary for affected individuals as a result of an improper access or disclosure judicially determined to be attributable to Outside Entity, it shall be provided at Outside Entity’s sole cost and expense. Notwithstanding the foregoing, Outside Entity will not be responsible for notice or credit monitoring costs and expenses in the event that the improper access or disclosure is not attributable to an act or omission of Outside Entity or its employees, officers, directors, or agents.
View Source
Potential Data Security Breach. If at any time Outside Entity has reason to believe that PHI transmitted pursuant to this Agreement may have been accessed or disclosed without proper authorization and contrary to the terms of this Agreement, Outside Entity will immediately give Connecticut Children’s notice and take actions to eliminate the cause of the breach. To the extent Connecticut Children’s deems warranted, in its sole discretion, Connecticut Children’s will provide notice (at Outside Entity’s expense) or require Outside Entity (at its own expense) to provide notice to individuals whose PHI may have been improperly accessed or disclosed. In the event credit monitoring is necessary for affected individuals, it shall be provided at Outside Entity’s sole cost and expense.
View Source

Related to Potential Data Security Breach

  • Security Breach In the event that Seller discovers or is notified of a breach, potential breach of security, or security incident at Seller's Facility or of Seller's systems, Seller shall immediately (i) notify Company of such potential, suspected or actual security breach, whether or not such breach has compromised any of Company's confidential information; (ii) investigate and promptly remediate the effects of the breach, whether or not the breach was caused by Seller; (iii) cooperate with Company with respect to any such breach or unauthorized access or use; (iv) comply with all applicable privacy and data protection laws governing Company's or any other individual's or entity's data; and (v) to the extent such breach was caused by Seller, provide Company with reasonable assurances satisfactory to Company that such breach, potential breach, or security incident shall not recur. Seller shall provide documentation to Company evidencing the length and impact of the breach. Any remediation of any such breach will be at Seller's sole expense.

  • Personal Information security breach a) Each Party shall notify the other party in writing as soon as possible after it becomes aware of or suspects any loss, unauthorised access or unlawful use of any personal information and shall, at its own cost, take all necessary remedial steps to mitigate the extent of the loss or compromise of personal information and to restore the integrity of the affected personal information as quickly as is possible. The Parties shall also be required to provide each other with details of the persons affected by the compromise and the nature and extent of the compromise, including details of the identity of the unauthorised person who may have accessed or acquired the personal information. b) The Parties shall provide on-going updates on the progress in resolving the compromise at reasonable intervals until such time as the compromise is resolved. c) Where required, the Parties must notify the South African Police Service; and/or the State Security Agency and the Information Regulator and the affected persons of the security breach. Any such notification shall always include sufficient information to allow the persons to take protective measures against the potential consequences of the compromise. d) The Parties undertake to co‑operate in any investigations relating to security which is carried out by or on behalf of the other including providing any information or material in its possession or control and implementing new security measures.

  • Security Breach Notification In addition to the information enumerated in Article V, Section 4(1) of the DPA Standard Clauses, any Security Breach notification provided by the Provider to the LEA shall include: a. A list of the students whose Student Data was involved in or is reasonably believed to have been involved in the breach, if known; and b. The name and contact information for an employee of the Provider whom parents may contact to inquire about the breach.

  • Data Breach In the event of an unauthorized release, disclosure or acquisition of Student Data that compromises the security, confidentiality or integrity of the Student Data maintained by the Provider the Provider shall provide notification to LEA within seventy-two (72) hours of confirmation of the incident, unless notification within this time limit would disrupt investigation of the incident by law enforcement. In such an event, notification shall be made within a reasonable time after the incident. Provider shall follow the following process: (1) The security breach notification described above shall include, at a minimum, the following information to the extent known by the Provider and as it becomes available: i. The name and contact information of the reporting LEA subject to this section. ii. A list of the types of personal information that were or are reasonably believed to have been the subject of a breach. iii. If the information is possible to determine at the time the notice is provided, then either (1) the date of the breach, (2) the estimated date of the breach, or (3) the date range within which the breach occurred. The notification shall also include the date of the notice. iv. Whether the notification was delayed as a result of a law enforcement investigation, if that information is possible to determine at the time the notice is provided; and v. A general description of the breach incident, if that information is possible to determine at the time the notice is provided. (2) Provider agrees to adhere to all federal and state requirements with respect to a data breach related to the Student Data, including, when appropriate or required, the required responsibilities and procedures for notification and mitigation of any such data breach. (3) Provider further acknowledges and agrees to have a written incident response plan that reflects best practices and is consistent with industry standards and federal and state law for responding to a data breach, breach of security, privacy incident or unauthorized acquisition or use of Student Data or any portion thereof, including personally identifiable information and agrees to provide ▇▇▇, upon request, with a summary of said written incident response plan. (4) LEA shall provide notice and facts surrounding the breach to the affected students, parents or guardians. (5) In the event of a breach originating from ▇▇▇’s use of the Service, Provider shall cooperate with ▇▇▇ to the extent necessary to expeditiously secure Student Data.