Editing Breach

== Definitions ==

=== Contract law ===

''See'' [[Breach of contract]]

=== General ===

A '''breach''' is

{{Quote|[the e]ffect of or deteriorating resulting from an act of aggression or [[attack]] whose impact may be: tangible (physical or material alteration, logic malfunction, disorganization of procedures, etc.); [[logical]] (non-availability, loss of [[integrity]], [[breach of confidentiality]]); strategic (in particular as concerns finance, additional costs for [[hosting]], transportation, [[telecommunications]], expertise, purchase/rental of [[hardware]] and [[software]], personnel, [[outsourcing]], operating losses ([[profit]] margin, [[cash flow]], customer losses), loss of funds or goods, etc.).<ref>[[Cybersecurity Guide for Developing Countries]], at 104.</ref>}}

{{Quote|[a] loss of control, [[compromise]], [[unauthorized disclosure]], unauthorized acquisition, [[unauthorized access]], or any similar term referring to situations where persons other than [[authorized user]]s and for an other than authorized purpose have [[access]] or potential [[access]] to [[PII]], whether [[physical access|physical]] or [[electronic access| electronic]].<ref>[[DoDD 5400.11]], at 15-16.</ref>}}

=== HITECH Act ===

A '''breach''' is the 

{{Quote|unauthorized acquisition, access, use, or disclosure of protected health information which compromises the security or privacy of such information, except where an unauthorized person to whom such information is disclosed would not reasonably have been able to retain such information.<ref>Pub. L. No. 111-5, §13400(1). Not included in the definition of breach are any [[unintentional]] acquisition, use, or [[access]] of [[PHI]] by an [[employee]] or other [[authorized]] individual of a [[covered entity]] or a business associate done in [[good faith]] and within the scope of [[employment]] or the relationship where such [[information]] is not breached any further; or [[inadvertent disclosure]]s by authorized persons of [[PHI]] within the same facility; and [[information]] received as a result of such [[disclosure]] is not further [[disclose]]d without [[authorization]].</ref>}}

=== Privacy law ===

A '''breach''' is

{{Quote|The loss of control, [[compromise]], [[unauthorized disclosure]], [[unauthorized acquisition]], [[unauthorized access]], or any similar term referring to situations in which persons other than [[authorized user]]s or [[authorized]] persons for an other than [[authorized]] purpose, have [[access]] or potential [[access]] to [[PII]], whether non-cyber or [[cyber]].<ref>5 FAM 463 ([https://fam.state.gov/fam/05fam/05fam0460.html#M463 full-text]).</ref>}}

''See also'' [[data breach]]; [[data security breach]]

=== Security ===

A '''breach''' is

{{Quote|[a]ny illegal [[penetration]] or [[unauthorized access]] to a [[computer system]] that causes [[damage]] or has the potential to cause [[damage]].<ref>[[DM3595-001]]. at 3.</ref>}}

''See also'' [[security breach]].

== References ==
<references />
[[Category:contract]]
[[Category:privacy]]
[[Category:security]]
[[Category:Definition]]
[[Category:Medical]]
[[Category:Data]]