Access by the Department to the Business Associate’s Books and Records Sample Clauses

Access by the Department to the Business Associate’s Books and Records. The Business Associate shall make its internal practices, books and records relating to the use and disclosure of PHI received from, or created or received by the Business Associate on behalf of the Department available to the Department and the Secretary of the Department of Health and Human Services for purposes of determining the Department’s compliance with the HIPAA laws and regulations. Upon reasonable notice to the Business Associate and during the Business Associate’s normal business hours, the Business Associate shall make such internal practices, books and records available to the Department to inspect for purposes of determining compliance with this Agreement.

Related to Access by the Department to the Business Associate’s Books and Records

  • Access to Personnel Records Upon written request to the Chief of Police, an employee shall have access to that employee's records during normal office hours of the records custodian. Such access to personnel records shall be within a reasonable time of said request. Such request shall not interfere with the employee's regularly scheduled working hours. Review of the records shall be made in the presence of the Chief or the Chief's designated representative.

  • Access to Persons and Records The State Auditor shall have access to persons and records as a result of all contracts or grants entered into by State agencies or political subdivisions in accordance with General Statute 147-64.7. Additionally, as the State funding authority, the Department of Health and Human Services shall have access to persons and records as a result of all contracts or grants entered into by State agencies or political subdivisions.

  • Access to Personal Information by Subcontractors Supplier agrees to require any subcontractors or agents to which it discloses Personal Information under this Agreement or under any SOW to provide reasonable assurance, evidenced by written contract, that they will comply with the same or substantially similar confidentiality, privacy and security obligations with respect to such Personal Information as apply to Supplier under this Agreement or any SOW. Supplier shall confirm in writing to DXC that such contract is in place as a condition to DXC’s approval of use of a subcontractor in connection with any SOW. Upon request of DXC, Supplier will provide to DXC a copy of the subcontract or an extract of the relevant clauses. Supplier shall ensure that any failure on the part of any subcontractor or agent to comply with the Supplier obligations under this Agreement or any SOW shall be grounds to promptly terminate such subcontractor or agent. If during the term of this Agreement or any SOW, DXC determines, in its exclusive discretion, that any Supplier subcontractor or agent cannot comply with the Supplier obligations under this Agreement or with any SOW, then DXC may terminate this Agreement in whole or in part (with respect to any SOW for which such subcontractor or agent is providing services), if not cured by Supplier within the time prescribed in the notice of such deficiency.

  • Obligations and Activities of Business Associates (1) Business Associate agrees not to use or disclose PHI other than as permitted or required by this Section of the Contract or as Required by Law. (2) Business Associate agrees to use and maintain appropriate safeguards and comply with applicable HIPAA Standards with respect to all PHI and to prevent use or disclosure of PHI other than as provided for in this Section of the Contract and in accordance with HIPAA Standards. (3) Business Associate agrees to use administrative, physical and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability of electronic Protected Health Information that it creates, receives, maintains, or transmits on behalf of the Covered Entity. (4) Business Associate agrees to mitigate, to the extent practicable, any harmful effect that is known to the Business Associate of a use or disclosure of PHI by Business Associate in violation of this Section of the Contract. (5) Business Associate agrees to report to Covered Entity any use or disclosure of PHI not provided for by this Section of the Contract or any Security Incident of which it becomes aware. (6) Business Associate agrees, in accordance with 45 C.F.R. 502(e)(1)(ii) and 164.308(d)(2), if applicable, to ensure that any subcontractors that create, receive, maintain or transmit PHI on behalf of the Business Associate, agree to the same restrictions, conditions, and requirements that apply to the business associate with respect to such information. (7) Business Associate agrees to provide access (including inspection, obtaining a copy or both), at the request of the Covered Entity, and in the time and manner designated by the Covered Entity, to PHI in a Designated Record Set, to Covered Entity or, as directed by Covered Entity, to an Individual in order to meet the requirements under 45 C.F.R. § 164.524. Business Associate shall not charge any fees greater than the lesser of the amount charged by the Covered Entity to an Individual for such records; the amount permitted by state law; or the Business Associate’s actual cost of postage, labor and supplies for complying with the request. (8) Business Associate agrees to make any amendments to PHI in a Designated Record Set that the Covered Entity directs or agrees to pursuant to 45 C.F.R. § 164.526 at the request of the Covered Entity, and in the time and manner designated by the Covered Entity. (9) Business Associate agrees to make internal practices, books, and records, including policies and procedures and PHI, relating to the use and disclosure of PHI received from, or created, maintained, transmitted or received by, Business Associate on behalf of Covered Entity, available to Covered Entity or to the Secretary in a time and manner agreed to by the parties or designated by the Secretary, for purposes of the Secretary investigating or determining Covered Entity’s compliance with the HIPAA Standards. (10) Business Associate agrees to document such disclosures of PHI and information related to such disclosures as would be required for Covered Entity to respond to a request by an Individual for an accounting of disclosures of PHI in accordance with 45 C.F.R. § 164.528 and section 13405 of the HITECH Act (42 U.S.C. § 17935) and any regulations promulgated thereunder. (11) Business Associate agrees to provide to Covered Entity, in a time and manner designated by the Covered Entity, information collected in accordance with subsection (g)(10) of this Section of the Contract, to permit Covered Entity to respond to a request by an Individual for an accounting of disclosures of PHI in accordance with 45 C.F.R. § 164.528 and section 13405 of the HITECH Act (42 U.S.C. § 17935) and any regulations promulgated thereunder. Business Associate agrees at the Covered Entity’s direction to provide an accounting of disclosures of PHI directly to an individual in accordance with 45 C.F.R. § 164.528 and section 13405 of the HITECH Act (42 U.S.C. § 17935) and any regulations promulgated thereunder. (12) Business Associate agrees to comply with any State or federal law that is more stringent than the Privacy Rule. (13) Business Associate agrees to comply with the requirements of the HITECH Act relating to privacy and security that are applicable to the Covered Entity and with the requirements of 45 C.F.R. §§ 164.504(e), 164.308, 164.310, 164.312, and 164.316. (14) In the event that an Individual requests that the Business Associate (A) restrict disclosures of PHI; (B) provide an accounting of disclosures of the Individual’s PHI; (C) provide a copy of the Individual’s PHI in an Electronic Health Record; or (D) amend PHI in the Individual’s Designated Record Set the Business Associate agrees to notify the Covered Entity, in writing, within five Days of the request. (15) Business Associate agrees that it shall not, and shall ensure that its subcontractors do not, directly or indirectly, receive any remuneration in exchange for PHI of an Individual without (A) the written approval of the Covered Entity, unless receipt of remuneration in exchange for PHI is expressly authorized by this Contract and (B) the valid authorization of the Individual, except for the purposes provided under section 13405(d)(2) of the HITECH Act, (42 U.S.C. § 17935(d)(2)) and in any accompanying regulations. (16) Obligations in the Event of a Breach. (A) The Business Associate agrees that, following the discovery by the Business Associate or by a subcontractor of the Business Associate of any use or disclosure not provided for by this section of the Contract, any breach of Unsecured protected health information, or any Security Incident, it shall notify the Covered Entity of such Breach in accordance with Subpart D of Part 164 of Title 45 of the Code of Federal Regulations and this Section of the Contract. (B) Such notification shall be provided by the Business Associate to the Covered Entity without unreasonable delay, and in no case later than 30 days after the Breach is discovered by the Business Associate, or a subcontractor of the Business Associate, except as otherwise instructed in writing by a law enforcement official pursuant to 45 C.F.R. 164.412. A Breach is considered discovered as of the first day on which it is, or reasonably should have been, known to the Business Associate or its subcontractor. The notification shall include the identification and last known address, phone number and email address of each Individual (or the next of kin of the individual if the Individual is deceased) whose Unsecured protected health information has been, or is reasonably believed by the Business Associate to have been, accessed, acquired, or disclosed during such Breach. (C) The Business Associate agrees to include in the notification to the Covered Entity at least the following information: 1. A description of what happened, including the date of the Breach; the date of the discovery of the Breach; the unauthorized person, if known, who used the PHI or to whom it was disclosed; and whether the PHI was actually acquired or viewed. 2. A description of the types of Unsecured protected health information that were involved in the Breach (such as full name, Social Security number, date of birth, home address, account number, or disability code). 3. The steps the Business Associate recommends that Individual(s) take to protect themselves from potential harm resulting from the Breach. 4. A detailed description of what the Business Associate is doing or has done to investigate the Breach, to mitigate losses, and to protect against any further Breaches. 5. Whether a law enforcement official has advised the Business Associate, either verbally or in writing, that he or she has determined that notification or notice to Individuals or the posting required under 45 C.F.R.

  • Information and Records (a) Lessee shall promptly furnish to Lessor all such information as Lessor may from time to time reasonably request regarding the Aircraft or any part thereof, its use, registration, location and condition. In addition, Lessee shall, on each Maintenance Payments Date and the Termination Date, furnish to Lessor a monthly maintenance status report substantially in the form of Schedule 5. (b) Lessee shall keep, or procure that there are kept, (i) the Aircraft Documents and shall keep as part thereof accurate, complete and current records of all flights made by the Aircraft during the Term, including all Flight Hours and Cycles of the Airframe, each Engine and the Parts, and of all maintenance and repairs carried out on the Aircraft and each Engine and every Part and (ii) historical records for condition monitored, hard time and life-limited Parts (including tags from the manufacturer of such Part or a repair facility which evidence that such Part is new or overhauled and establish authenticity, total time in service and time since overhaul for such Part). Such Aircraft Documents and historical records referred to in subclause (ii) shall be kept for the duration of the Term and maintained in English and in such manner, form and location as the Aviation Authority and any applicable law may from time to time require and the Aircraft Documents shall disclose the location of all Engines and Parts not installed on the Aircraft. In addition, the Aircraft Manuals shall be kept in such manner, form and location as the FAA may require to the extent that the requirements of the FAA do not conflict with the requirements of the Aviation Authority. Except as required by applicable law, the Aircraft Documents and historical records referred to in subclause (ii) shall be the property of Lessor. Lessee may maintain all Aircraft Documents (or any subset thereof) in electronic format, provided, that Lessee shall send to Lessor all hard copies of all such Aircraft Documents. (c) Lessee shall promptly on becoming aware of the same notify Lessor of: (i) any Total Loss with respect to the Aircraft, the Airframe or any Engine; (ii) any loss, theft, damage or destruction to the Aircraft or any part thereof if (A) the potential cost of repairs or replacement may exceed the Damage Notification Threshold or its equivalent in any other currency, or (B) Lessee is required to report the same to the Aviation Authority; (iii) any loss, arrest, hijacking, confiscation, seizure, requisition, impound, taking in execution, detention or forfeiture of the Aircraft or any part thereof; and (iv) any event, accident or incident in respect of the Aircraft that might reasonably be expected to involve Lessor or Lessee in loss or liability in excess of the Damage Notification Threshold or its equivalent in any other currency, or which is required to be reported to the Aviation Authority. (d) Lessee shall provide Lessor with prior written notice of each 6Y/4C-Check, 12Y/8C-Check, Engine Performance Restoration, APU Heavy Repair and Landing Gear Overhaul, provided that if any such maintenance event is to occur less than thirty days after the scheduling thereof, Lessee shall provide written notice of such maintenance event promptly upon the scheduling thereof.

  • Access to Personnel Files All employees shall be allowed access to their personnel files during normal working hours for inspection and/or copies of documents which will be provided by the Employer. Such inspection shall be made subject to prior arrangement with the Employer.

  • Access to Books and Records (a) Maintain or cause to be maintained at all times true and complete books and records in all material respects in a manner consistent with GAAP in all material respects of the financial operations of the Borrower and the Guarantors and provide the Administrative Agent, the Collateral Agent and their respective representatives and advisors reasonable access to all such books and records (subject to requirements under any confidentiality agreements, if applicable), as well as any appraisals of the Collateral, during regular business hours, in order that the Administrative Agent and the Collateral Agent may upon reasonable prior notice and with reasonable frequency, but in any event, so long as no Event of Default has occurred and is continuing, no more than one time per year, examine and make abstracts from such books, accounts, records, appraisals and other papers, and permit the Administrative Agent, the Collateral Agent and their respective representatives and advisors to confer with the officers of the Borrower and the Guarantors and representatives (provided that the Borrower shall be given the right to participate in such discussions with such representatives) of the Borrower and the Guarantors, all for the purpose of verifying the accuracy of the various reports delivered by the Borrower or the Guarantors to the Administrative Agent or the Lenders pursuant to this Agreement or for otherwise ascertaining compliance with this Agreement; and at any reasonable time and from time to time during regular business hours, upon reasonable notice to the Borrower, permit the Administrative Agent, the Collateral Agent, and any agents or representatives (including, without limitation, appraisers) thereof to visit the properties of the Borrower and the Guarantors and to conduct examinations of and to monitor the Collateral held by the Collateral Agent, in each case at the expense of the Borrower (provided, that the Borrower shall not be required to pay the expenses of more than one such visit a year unless an Event of Default has occurred and is continuing). (b) Grant access to and the right to inspect all final reports, final audits (and draft reports and audits where no final reports or audits are available) and other similar internal information of the Borrower relating to the Real Property Assets with respect to environmental matters upon reasonable notice, and obtain any third party verification of matters relating to the Release or alleged Release of Hazardous Materials at the Real Property Assets and compliance with Environmental Laws and requirements of Airport Authorities with respect to environmental matters (for matters that would impact the value of the Real Property Assets) reasonably requested by the Administrative Agent at any time and from time to time.

  • Contractor’s Books and Records Contractor shall maintain any and all ledgers, books of account, invoices, vouchers, canceled checks, and other records or documents evidencing or relating to charges for services or expenditures and disbursements charged to the County for a minimum of five (5) years, or for any longer period required by law, from the date of final payment to the Contractor under this Contract. Any records or documents required to be maintained shall be made available for inspection, audit and/or copying at any time during regular business hours, upon oral or written request of the County.

  • Access to Personnel File Each employee shall have reasonable access to his/her personnel file for the purpose of reviewing any evaluations or formal disciplinary notations contained therein, in the presence of the Director of Personnel or designate. An employee has the right to request copies of any evaluations in this file.

  • Obligations and Activities of Business Associate Business Associate agrees to: a. Not use or disclose Protected Health Information other than as permitted or required by this BAA, the Agreement, or as required by law; b. Use appropriate safeguards, and comply with Subpart C of 45 CFR Part 164 with respect to electronic Protected Health Information, to prevent Use or Disclosure of Protected Health Information other than as provided for by this BAA; c. Report to Covered Entity any Use or Disclosure of Protected Health Information not provided for by this BAA of which it becomes aware, including breaches of Unsecured Protected Health Information as required at 45 CFR 164.410, and any Security Incident of which it becomes aware; d. In accordance with 45 CFR 164.502(e)(1)(ii) and 164.308(b)(2), if applicable, ensure that any Subcontractors that create, receive, maintain, or transmit Protected Health Information on behalf of the Business Associate agree to the same restrictions, conditions, and requirements that apply to Business Associate with respect to such information; e. Make available Protected Health Information in a Designated Record Set to Covered Entity or to an individual whose Protected Health Information is maintained by Business Associate, or the individual’s designee, and document and retain the documentation required by 45 CFR 164.530(j), as necessary to satisfy Covered Entity’s obligations under 45 CFR 164.524; f. Make any amendment(s) to Protected Health Information in a Designated Record Set as directed or agreed to by the Covered Entity pursuant to 45 CFR 164.526, or take other measures as necessary to satisfy Covered Entity’s obligations under 45 CFR 164.526; g. Maintain and make available the information required to provide an accounting of Disclosures to the Covered Entity as necessary to satisfy Covered Entity’s obligations under 45 CFR 164.528; h. To the extent the Business Associate is to carry out one or more of Covered Entity's obligation(s) under Subpart E of 45 CFR Part 164, comply with the requirements of Subpart E that apply to the Covered Entity in the performance of such obligation(s); and i. Make its internal practices, books, and records available to the Secretary for purposes of determining Business Associate’s or Covered Entity’s compliance with HIPAA and HIPAA Regulations.