Common use of Business Associate’s Insurance and Notification Costs Clause in Contracts

Business Associate’s Insurance and Notification Costs. i. Business Associate shall bear all costs of a Breach response including, without limitation, notifications, and shall maintain insurance to cover: A. loss of PHI data; B. Breach notification requirements specified in HIPAA Rules and in §00-00-000, C.R.S.; and C. claims based upon alleged violations of privacy rights through improper use or disclosure of PHI. ii. All such policies shall meet or exceed the minimum insurance requirements of the Contract or otherwise as may be approved by Covered Entity (e.g., occurrence basis, combined single dollar limits, annual aggregate dollar limits, additional insured status, and notice of cancellation). iii. Business Associate shall provide Covered Entity a point of contact who possesses relevant Information Security knowledge and is accessible 24 hours per day, 7 days per week to assist with incident handling. iv. Business Associate, to the extent practicable, shall mitigate any harmful effect known to Business Associate of a Use or Disclosure of PHI by Business Associate in violation of this Agreement.

Business Associate’s Insurance and Notification Costs. i. Business Associate shall bear all costs of a Breach response including, without limitation, notifications, and shall maintain insurance to cover: A. (1) loss of PHI data; B. (2) Breach notification requirements specified in HIPAA Rules and in §00-00-000, C.R.S.; and C. (3) claims based upon alleged violations of privacy rights through improper use or disclosure of PHI. ii. All such policies shall meet or exceed the minimum insurance requirements of the Contract or otherwise as may be approved by Covered Entity (e.g., occurrence basis, combined single dollar limits, annual aggregate dollar limits, additional insured status, and notice of cancellation). iii. Business Associate shall provide Covered Entity a point of contact who possesses relevant Information Security knowledge and is accessible 24 hours per day, 7 days per week to assist with incident handling. iv. Business Associate, to the extent practicable, shall mitigate any harmful effect known to Business Associate of a Use or Disclosure of PHI by Business Associate in violation of this Agreement.

Business Associate’s Insurance and Notification Costs. i. Business Associate shall bear all costs of a Breach response including, without limitation, notifications, and shall maintain insurance to cover: A. loss of PHI data; B. Breach notification requirements specified in HIPAA Rules and in §0024-00-00073- 103, C.R.S.; and C. claims based upon alleged violations of privacy rights through improper use or disclosure of PHI. ii. All such policies shall meet or exceed the minimum insurance requirements of the Contract or otherwise as may be approved by Covered Entity (e.g., occurrence basis, combined single dollar limits, annual aggregate dollar limits, additional insured status, and notice of cancellation). iii. Business Associate shall provide Covered Entity a point of contact who possesses relevant Information Security knowledge and is accessible 24 hours per day, 7 days per week to assist with incident handling. iv. Business Associate, to the extent practicable, shall mitigate any harmful effect known to Business Associate of a Use or Disclosure of PHI by Business Associate in violation of this Agreement.

Business Associate’s Insurance and Notification Costs. i. Business Associate shall bear all costs of a Breach response including, without limitation, notifications, and shall maintain insurance to cover: A. loss of PHI data; B. Breach notification requirements specified in HIPAA Rules and in §00-00-000, C.R.S.; and C. claims based upon alleged violations of privacy rights through improper use or disclosure of PHI. ii. All such policies shall meet or exceed the minimum insurance requirements of the Contract Program Service Agreement or otherwise as may be approved by Covered Entity (e.g., occurrence basis, combined single dollar limits, annual aggregate dollar limits, additional insured status, and notice of cancellation). iii. Business Associate shall provide Covered Entity a point of contact who possesses relevant Information Security knowledge and is accessible 24 hours per day, 7 days per week to assist with incident handling. . iv. Business Associate, to the extent practicable, shall mitigate any harmful effect known to Business Associate of a Use or Disclosure of PHI by Business Associate in violation of this Agreement.