Reporting of Unauthorized Use or Disclosure of PHI Clause Samples

Reporting of Unauthorized Use or Disclosure of PHI. Entity shall, within one (1) business day after becoming aware of any potential or actual unauthorized access, use or disclosure of PHI by Entity, its Authorized Users, or any third party, report any such access, use or disclosure to the Jefferson Privacy Officer by either emailing ▇▇▇▇▇▇▇▇▇▇▇▇▇@▇▇▇▇▇▇▇▇▇.▇▇▇ or calling the main toll free number: ▇-▇▇▇-▇▇▇-▇▇▇▇.

Reporting of Unauthorized Use or Disclosure of PHI. Participant shall report to HSHS: (1) any use or disclosure of PHI not authorized by this Agreement; (2) any security incident of which it becomes aware; or (3) any allegation from any patient or other individual that a User has made an unauthorized use or disclosure of PHI or breached security of PHI. Participant shall make the report to HSHS’s Privacy Officer immediately if there are foreseeable patient care consequences, and in any event not more than one (1) business day after Participant confirms such use, disclosure, security incident or allegation. Participant’s report shall identify: (i) the nature of the unauthorized use or disclosure, security incident or allegation; (ii) the PHI at issue; (iii) names of workforce involved in the unauthorized use, disclosure, security incident or allegation and the recipient of any unauthorized disclosure;

Reporting of Unauthorized Use or Disclosure of PHI. Outside Entity shall, immediately & no later than within five (5) working days of becoming aware of an unauthorized use or disclosure of PHI by Outside Entity, its officers, directors, employees, contractors, agents or by a third party to which Outside Entity disclosed PHI, report any such disclosure to UW Medicine. Such notice shall be made to the following: UW Medicine Compliance Box 358049 ▇▇▇▇▇▇▇, ▇▇ ▇▇▇▇▇-▇▇▇▇ (▇▇▇) ▇▇▇-▇▇▇▇

Reporting of Unauthorized Use or Disclosure of PHI. A. Outside Practice shall, within one (1) working day of becoming aware of an unauthorized use or disclosure of PHI by Outside Practice, its officers, directors, employees, contractors, agents or by a third party to which Outside Practice disclosed PHI, report any such disclosure to HMH. Such notice shall be made to the following: B. Potential Data Security Breach C. HMH has the right, at Outside Practice’s sole cost and expense, at any time, to monitor, audit, and review activities and methods in implementing this Agreement in order to assure compliance therewith, within the limits of Outside Practice’s technical capabilities.

Reporting of Unauthorized Use or Disclosure of PHI. (a) Outside Entity shall, within one (1) working day of becoming aware of an unauthorized use or disclosure of PHI accessed or received from Baptist via EpicCare Link by Outside Entity, its officers, directors, employees, contractors, agents or by a third party to which Outside Entity disclosed PHI, report any such disclosure to Baptist. (b) If at any time Outside Entity has reason to believe that PHI accessed, disclosed, or transmitted pursuant to this Agreement may have been accessed, used, acquired, or disclosed without proper authorization or contrary to the terms of this Agreement, Outside Entity will immediately give Baptist notice and take actions to prevent recurrence and any other steps required by law. Outside Entity shall be responsible for any and all breach notification obligations in response to such notification consistent with HIPAA and other applicable law. The parties agree that Baptist shall have no responsibility for any such notification obligations unless, in its sole discretion, Baptist determines that notification from Baptist is appropriate or required under the circumstances. To the extent Baptist deems warranted, in its sole discretion, Baptist will provide notice or require Outside Entity to provide notice to individuals whose PHI may have been improperly used, acquired, accessed or disclosed.

Reporting of Unauthorized Use or Disclosure of PHI. COUNTY shall notify MEMBER by telephone call and email upon the discovery of, and no later than five (5) business days after the discovery of, a breach of unsecured County PHI in electronic media or in any other media if County PHI was, or is reasonably believed to have been, accessed or acquired by an unauthorized person, or upon the discovery of a suspected security incident that involves data provided to County by OCHIN. All such notices shall be made by phone or email using the contact information contained in Section 21 below.

Reporting of Unauthorized Use or Disclosure of PHI. Within one (1) business day after Entity’s awareness of any potential or actual unauthorized access, use or disclosure of PHI by Entity, it’s Authorized Users, or any third party, E n t i t y s h a l l report any such access, use or disclosure to the MLH Privacy Officer.

Reporting of Unauthorized Use or Disclosure of PHI. A. Outside Entity shall, within one (1) working day of becoming aware of an unauthorized use or disclosure of PHI by Outside Entity, its officers, directors, employees, contractors, agents or by a third party to which Outside Entity disclosed PHI, report any such disclosure to Connecticut Children’s. Such notice shall be made to the following:

Reporting of Unauthorized Use or Disclosure of PHI. A. Outside Entity shall, within one (1) working day of becoming aware of an unauthorized use or disclosure of PHI by Outside Entity, its officers, directors, employees, contractors, agents or by a third party to which Outside Entity disclosed PHI, report any such disclosure to ESSENTIA HEALTH. Such notice shall be made to the following: B. Potential Data Security Breach C. ESSENTIA HEALTH has the right, at Outside Entity’s sole cost and expense, at any time, to monitor, audit, and review activities and methods in implementing this Agreement in order to assure compliance herewith, within the limits of Outside Entity’s technical capabilities.