Common use of Business Associate Safeguards Clause in Contracts

Business Associate Safeguards. The Associate will use appropriate safeguards to prevent any unauthorized use or disclosure of PHI and shall implement the administrative, physical and technical safeguards that reasonably protect the confidentiality, integrity and availability of the PHI that it creates, receives, maintains or transmits on behalf of the Agency. The Associate will use all appropriate safeguards under 45 CFR 164 Subpart C including those identified as addressable. The Associate will comply with 74 FR 19006 Guidance Specifying the Technologies and Methodologies That Render PHI Unusable, Unreadable, or Indecipherable to Unauthorized Individuals for Purposes of the Breach Notification Requirements under Section 13402 of Title XIII. With regard to electronic PHI not covered by the Guidance published at 74 FR 19006, the Associate will protect electronic PHI at rest and in transit through encryption that complies with State of Ohio IT Standard, ITS-SEC-01 Data Encryption and Cryptography.

Business Associate Safeguards. The Associate will use appropriate safeguards to prevent any unauthorized use or disclosure of PHI and shall implement the administrative, physical and technical safeguards that reasonably protect the confidentiality, integrity and availability of the PHI that it creates, receives, maintains or transmits on behalf of the Agency. The Associate will use all appropriate safeguards under 45 CFR 164 Subpart C including those identified as addressable. The Associate will comply with 74 FR 19006 Guidance Specifying the Technologies and Methodologies That Render PHI Unusable, Unreadable, or Indecipherable to Unauthorized Individuals for Purposes of the Breach Notification Requirements under Section 13402 of Title XIII. With regard to electronic PHI not covered by the Guidance published at 74 FR 19006, the Associate will protect electronic PHI at rest and in transit through encryption that complies with State of Ohio IT Standard, ITS-ITS- SEC-01 Data Encryption and Cryptography.

Business Associate Safeguards. The Associate will use appropriate safeguards to prevent any unauthorized use or disclosure of PHI and shall implement the administrative, physical and technical safeguards that reasonably protect the confidentiality, integrity and availability of the PHI that it creates, receives, maintains or transmits on behalf of the Agency. The Associate will use all the security controls within NIST Special Publication 800-53 Rev. 4 that align with the appropriate safeguards under 45 CFR 164 Subpart C including those identified as addressable. The Associate will comply with 74 FR 19006 Guidance Specifying the Technologies and Methodologies That Render PHI Unusable, Unreadable, or Indecipherable to Unauthorized Individuals for Purposes of the Breach Notification Requirements under Section 13402 of Title XIII. With regard to electronic PHI not covered by the Guidance published at 74 FR 19006, the Associate will protect electronic PHI at rest and in transit through encryption that complies with State of Ohio IT Standard, ITS-SEC-01 Data Encryption and CryptographyCryptography 5. Unauthorized Disclosure and Incident Reporting and Remediation and Privacy and Security Breach Notification.

Business Associate Safeguards. The Associate will use appropriate safeguards to prevent any unauthorized use or disclosure of PHI and shall implement the administrative, physical and technical safeguards that reasonably protect the confidentiality, integrity and availability of the PHI that it creates, receives, maintains or transmits on behalf of the Agency. The Associate will use all the security controls within NIST Special Publication 800-53 Rev. 4 that align with the appropriate safeguards under 45 CFR 164 Subpart C including those identified as addressable. The Associate will comply with 74 FR 19006 Guidance Specifying the Technologies and Methodologies That Render PHI Unusable, Unreadable, or Indecipherable to Unauthorized Individuals for Purposes of the Breach Notification Requirements under Section 13402 of Title XIII. With regard to electronic PHI not covered by the Guidance published at 74 FR 19006, the Associate will protect electronic PHI at rest and in transit through encryption that complies with State of Ohio IT Standard, ITS-SEC-01 Data Encryption and CryptographyCryptography Unauthorized Disclosure and Incident Reporting and Remediation and Privacy and Security Breach Notification.