To report a security incident that poses a threat to the security of Protected Health Information (“PHI”), Personally Identifiable Information (“PII”), sensitive information, resources, a consumer or patient’s information, and/or BHDD operations, promptly make a report to the BHDD Privacy Officer and BHDD Chief Information Security Officer (CISO).