/Docs/G/MI-Business-Associate-Agt-CmA/0.md
  Source views: Source JSON(ish) on GitHub (VSCode)   Doc views: Document (&k=3.8.sec): Visual Print Technical: OpenParameters Xray

---

Business Associate's notification shall be supplemented as soon as practicable, and will include, as information becomes available: (i) a brief description of what happened, including the date of the Breach and the date of the discovery of the Breach, if known; (ii) to the extent possible, the identification of each individual whose Unsecured PHI has been, or is reasonably believed by Business Associate to have been, accessed, acquired or disclosed during the Breach; (iii) a description of the types of Unsecured PHI that were involved in the Breach, (iv) any steps individuals should take to protect themselves from potential harm resulting from the Breach; and (v) a brief description of what the Business Associate is doing to investigate the breach, mitigate harm to individuals, and protect against any further Breaches.