Permitted Uses and Disclosures of Phi by Business Associate Except as otherwise indicated in this Agreement, Business Associate may use or disclose PHI, inclusive of de-identified data derived from such PHI, only to perform functions, activities or services specified in this Agreement on behalf of DHCS, provided that such use or disclosure would not violate HIPAA or other applicable laws if done by DHCS.
Permitted Uses and Disclosures by Business Associate Except as otherwise limited by this Agreement, Business Associate may make any uses and disclosures of Protected Health Information necessary to perform its services to Covered Entity and otherwise meet its obligations under this Agreement, if such use or disclosure would not violate the Privacy Rule if done by Covered Entity. All other uses or disclosures by Business Associate not authorized by this Agreement or by specific instruction of Covered Entity are prohibited.
Permitted Uses and Disclosure by Business Associate (1) General Use and Disclosure Provisions Except as otherwise limited in this Section of the Contract, Business Associate may use or disclose PHI to perform functions, activities, or services for, or on behalf of, Covered Entity as specified in this Contract, provided that such use or disclosure would not violate the HIPAA Standards if done by Covered Entity or the minimum necessary policies and procedures of the Covered Entity.
UPDATING AND DISCLOSING FINANCIAL INFORMATION You will provide facts
Use and Disclosure of Confidential Information (a) The Executive acknowledges and agrees that (i) by virtue of his employment with the Company and the Bank, he will be given access to, and will help analyze, formulate or otherwise use, Confidential Information, (ii) the Company and the Bank have devoted (and will devote) substantial time, money, and effort to develop Confidential Information and maintain the proprietary and confidential nature thereof, and (iii) Confidential Information is proprietary and confidential and, if any Confidential Information were disclosed or became known by persons engaging in a business in any way competitive with the Company’s Business, such disclosure would result in hardship, loss, irreparable injury, and damage to the Company or the Bank, the measurement of which would be difficult, if not impossible, to determine. Accordingly, the Executive agrees that (i) the preservation and protection of Confidential Information is an essential part of his duties of employment and that, as a result of his employment with the Company and the Bank, he has a duty of fidelity, loyalty, and trust to the Company and the Bank in safeguarding Confidential Information. The Executive further agrees that he will use his best efforts, exercise utmost diligence, and take all reasonable steps to protect and safeguard Confidential Information, whether such information derives from the Executive, other employees of the Company or the Bank, Customers, Prospective Customers, or vendors or suppliers of the Company of the Bank, and that he will not, directly or indirectly, use, disclose, distribute, or disseminate to any other person or entity or otherwise employ Confidential Information, either for his own benefit or for the benefit of another, except as required in the ordinary course of his employment by the Company and the Bank. The Executive shall follow all Company and Bank policies and procedures to protect all Confidential Information and shall take all reasonable precautions necessary under the circumstances to preserve and protect against the prohibited use or disclosure of any Confidential Information.
(b) For purposes of this Agreement, “Confidential Information” means the following:
Permitted Uses and Disclosures of PHI and the third party notifies the Business Associate of any instances of which it is aware in which the confidentiality of the information has been breached.
OBLIGATIONS AND ACTIVITIES OF CONTRACTOR AS BUSINESS ASSOCIATE 1. CONTRACTOR agrees not to use or further disclose PHI COUNTY discloses to CONTRACTOR other than as permitted or required by this Business Associate Contract or as required by law.
2. XXXXXXXXXX agrees to use appropriate safeguards, as provided for in this Business Associate Contract and the Agreement, to prevent use or disclosure of PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY other than as provided for by this Business Associate Contract.
3. XXXXXXXXXX agrees to comply with the HIPAA Security Rule at Subpart C of 45 CFR Part 164 with respect to electronic PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY.
4. CONTRACTOR agrees to mitigate, to the extent practicable, any harmful effect that is known to CONTRACTOR of a Use or Disclosure of PHI by CONTRACTOR in violation of the requirements of this Business Associate Contract.
5. XXXXXXXXXX agrees to report to COUNTY immediately any Use or Disclosure of PHI not provided for by this Business Associate Contract of which CONTRACTOR becomes aware. CONTRACTOR must report Breaches of Unsecured PHI in accordance with Paragraph E below and as required by 45 CFR § 164.410.
6. CONTRACTOR agrees to ensure that any Subcontractors that create, receive, maintain, or transmit PHI on behalf of CONTRACTOR agree to the same restrictions and conditions that apply through this Business Associate Contract to CONTRACTOR with respect to such information.
7. CONTRACTOR agrees to provide access, within fifteen (15) calendar days of receipt of a written request by COUNTY, to PHI in a Designated Record Set, to COUNTY or, as directed by COUNTY, to an Individual in order to meet the requirements under 45 CFR § 164.524. If CONTRACTOR maintains an Electronic Health Record with PHI, and an individual requests a copy of such information in an electronic format, CONTRACTOR shall provide such information in an electronic format.
8. CONTRACTOR agrees to make any amendment(s) to PHI in a Designated Record Set that COUNTY directs or agrees to pursuant to 45 CFR § 164.526 at the request of COUNTY or an Individual, within thirty (30) calendar days of receipt of said request by COUNTY. XXXXXXXXXX agrees to notify COUNTY in writing no later than ten (10) calendar days after said amendment is completed.
9. CONTRACTOR agrees to make internal practices, books, and records, including policies and procedures, relating to the use and disclosure of PHI received from, or created or received by CONTRACTOR on behalf of, COUNTY available to COUNTY and the Secretary in a time and manner as determined by COUNTY or as designated by the Secretary for purposes of the Secretary determining COUNTY’S compliance with the HIPAA Privacy Rule.
10. CONTRACTOR agrees to document any Disclosures of PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY, and to make information related to such Disclosures available as would be required for COUNTY to respond to a request by an Individual for an accounting of Disclosures of PHI in accordance with 45 CFR § 164.528.
11. CONTRACTOR agrees to provide COUNTY or an Individual, as directed by COUNTY, in a time and manner to be determined by COUNTY, that information collected in accordance with the Agreement, in order to permit COUNTY to respond to a request by an Individual for an accounting of Disclosures of PHI in accordance with 45 CFR § 164.528.
12. XXXXXXXXXX agrees that to the extent CONTRACTOR carries out COUNTY’s obligation under the HIPAA Privacy and/or Security rules CONTRACTOR will comply with the requirements of 45 CFR Part 164 that apply to COUNTY in the performance of such obligation.
13. If CONTRACTOR receives Social Security data from COUNTY provided to COUNTY by a state agency, upon request by COUNTY, CONTRACTOR shall provide COUNTY with a list of all employees, subcontractors and agents who have access to the Social Security data, including employees, agents, subcontractors and agents of its subcontractors.
14. CONTRACTOR will notify COUNTY if CONTRACTOR is named as a defendant in a criminal proceeding for a violation of HIPAA. COUNTY may terminate the Agreement, if CONTRACTOR is found guilty of a criminal violation in connection with HIPAA. COUNTY may terminate the Agreement, if a finding or stipulation that CONTRACTOR has violated any standard or requirement of the privacy or security provisions of HIPAA, or other security or privacy laws are made in any administrative or civil proceeding in which CONTRACTOR is a party or has been joined. COUNTY will consider the nature and seriousness of the violation in deciding whether or not to terminate the Agreement.
PERMITTED USES AND DISCLOSURES BY CONTRACTOR Except as otherwise limited in this Schedule, Contractor may use or disclose Protected Health Information to perform functions, activities, or services for, or on behalf of, County as specified in the Agreement; provided that such use or disclosure would not violate the Privacy Rule if done by County.
Permitted Uses and Disclosures i. Business Associate shall use and disclose PHI only to accomplish Business Associate’s obligations under the Contract.
i. To the extent Business Associate carries out one or more of Covered Entity’s obligations under Subpart E of 45 C.F.R. Part 164, Business Associate shall comply with any and all requirements of Subpart E that apply to Covered Entity in the performance of such obligation.
ii. Business Associate may disclose PHI to carry out the legal responsibilities of Business Associate, provided, that the disclosure is Required by Law or Business Associate obtains reasonable assurances from the person to whom the information is disclosed that:
A. the information will remain confidential and will be used or disclosed only as Required by Law or for the purpose for which Business Associate originally disclosed the information to that person, and;
B. the person notifies Business Associate of any Breach involving PHI of which it is aware.
iii. Business Associate may provide Data Aggregation services relating to the Health Care Operations of Covered Entity. Business Associate may de-identify any or all PHI created or received by Business Associate under this Agreement, provided the de-identification conforms to the requirements of the HIPAA Rules.
Proprietary Information of Third Parties No third party has claimed or has reason to claim that any person employed by or affiliated with the Company has (a) violated or may be violating to any material extent any of the terms or conditions of his employment, non-competition or non-disclosure agreement with such third party, (b) disclosed or may be disclosing or utilized or may be utilizing any trade secret or proprietary information or documentation of such third party, or (c) interfered or may be interfering in the employment relationship between such third party and any of its present or former employees, or has requested information from the Company that suggests that such a claim might be contemplated. To the best of the Company’s knowledge, no person employed by or affiliated with the Company has improperly utilized or proposes to improperly utilize any trade secret or any information or documentation proprietary to any former employer, and to the best of the Company’s knowledge, no person employed by or affiliated with the Company has violated any confidential relationship which such person may have had with any third party, in connection with the development, manufacture or sale of any product or proposed product or the development or sale of any service or proposed service of the Company, and the Company has no reason to believe there will be any such employment or violation. To the best of the Company’s knowledge, none of the execution or delivery of this Agreement and the other related agreements and documents executed in connection herewith, or the carrying on of the business of the Company as officers, employees or agents by any officer, director or key employee of the Company, or the conduct or proposed conduct of the business of the Company, will materially conflict with or result in a material breach of the terms, conditions or provisions of or constitute a material default under any contract, covenant or instrument under which any such person is obligated.
