Common use of COMPLIANCE WITH PRIVACY STANDARDS Clause in Contracts

COMPLIANCE WITH PRIVACY STANDARDS. Each party will develop, implement, maintain and use appropriate administrative, technical, and physical Data safeguards, in compliance with 42 U.S.C. § 1320d-2(d), 45 CFR § 164.530 and the patient confidentiality provisions of applicable state statutes or regulations, and shall comply with any applicable GLB Regulations, or any amendments to these statutes or regulations. Each party shall execute appropriate trading partner, and/or business associate agreements with those subcontractors or agents that provide services involving maintenance, use or disclosure of PHI, that contain requirements to protect PHI that are specifically applicable to the individual subcontractor or agent. Each party agrees that it will not maintain, use, make available or further disclose PHI other than as permitted or required by this Agreement or as required by law. If any activity under this Agreement would cause a party to become a “Business Associate” of another entity under 45 CFR. § 160.103, the Business Associate will: (i) Not use or further disclose PHI other than as permitted or required by this Agreement, or to comply with judicial process or any applicable statute or regulation; (ii) Notify the other party in advance of any disclosure of PHI that the Business Associate is required to make under any judicial or regulatory directive; (iii) Use appropriate safeguards to prevent use or disclosure of PHI other than for the purposes required in this Agreement; (iv) Report to the other party any use or disclosure of PHI not provided for in this Agreement of which the Business Associate becomes aware; (v) Ensure that any agents or subcontractors to whom the Business Associate discloses PHI received from another party, or created on behalf of another party, agrees to the same restrictions and conditions that apply to the protection of Data under this Agreement; (vi) If applicable, make PHI available to individuals as required by 45 CFR § 164.524; (vii) If applicable, make PHI available for amendment and incorporate any amendments to PHI in accordance with 45 CFR § 164.526; (viii) Make available the Data required to provide an accounting of disclosures in accordance with 45 CFR § 164.528; (ix) Make its internal practices, books, and records relating to the use and disclosure of PHI received from, or created or collected by the Business Associate on behalf of another party, available to the Secretary of HHS when called upon for purposes of determining the other party’s compliance with federal privacy standards; and (x) At termination of this Agreement, if feasible, return or destroy all PHI received from another party, or created or collected by the Business Associate on behalf of the other party, that the Business Associate maintains in any form and retain no copies of such Data; or, if return or destruction is not feasible, or the Data is still used to perform business functions, continue to treat all such Data as provided in this Agreement, and applicable law and regulation.

COMPLIANCE WITH PRIVACY STANDARDS. Each party will develop, implement, maintain and use appropriate administrative, technical, technical and physical Data safeguards, in compliance with 42 U.S.C. § 1320d-2(d), 45 CFR § 164.530 164.530(c) and the patient confidentiality provisions of applicable state statutes or regulations, and shall comply with any applicable GLB Regulations, or any amendments to any of these statutes or regulations. Each party shall execute appropriate trading partner, and/or business associate agreements with those subcontractors or agents that provide services involving maintenance, use or disclosure of PHI, ensuring that contain requirements any subcontractors or agents to protect whom it provides PHI agree in writing to those restrictions that, with respect to such PHI, apply to that are specifically applicable to the individual subcontractor or agent. Each party agrees that it will not maintain, use, make available or further disclose PHI other than as permitted or required by this Agreement or as required by law. If any activity under this Agreement would cause a party any Party to become be considered a “Business Associate” of another entity any other Party under 45 CFR. § 160.103, the following restrictions will apply to all uses and disclosures of PHI. The Business Associate will: (i) Not use or further disclose PHI other than as permitted or required by this Agreement, or to comply with judicial process or any applicable statute or regulation; (ii) Notify the other party Party in advance of any disclosure of PHI that the Business Associate is required to make under any judicial or regulatory directive; (iii) Use appropriate safeguards to prevent use or disclosure of PHI other than for the purposes required in this Agreement; (iv) Report to the other party parties any use or disclosure of PHI not provided for in this Agreement of which the Business Associate becomes aware; (v) Ensure that any agents or subcontractors to whom the Business Associate discloses PHI received from another party, or created on behalf of another party, agrees to the same restrictions and conditions that apply to the protection of Data information under this Agreement; (vi) If applicable, make Make PHI available to individuals as required by 45 CFR § 164.524; (vii) If applicable, make Make PHI available for amendment and incorporate any amendments to PHI in accordance with 45 CFR § 164.526; (viii) Make available the Data information required to provide an accounting of disclosures in accordance with 45 CFR § 164.528; (ix) Make its internal practices, books, and records relating to the use and disclosure of PHI received from, or created or collected by the Business Associate on behalf of another partyParty, available to the Secretary of HHS when called upon for purposes of determining the other partyParty’s compliance with federal privacy standards; and (x) At termination of this Agreement, if feasible, return or destroy all PHI received from another partyParty, or created or collected by the Business Associate on behalf of the other partyParty, that the Business Associate still maintains in any form and retain no copies of such Data; PHI or, if such return or destruction is not feasible, or if the Data PHI is still used to perform business functions, continue to treat all such Data as PHI in accordance with the limits provided in this Agreement, and applicable law and regulation.

COMPLIANCE WITH PRIVACY STANDARDS. Each party will develop, implement, maintain and use appropriate administrative, technical, technical and physical Data safeguards, in compliance with 42 U.S.C. § 1320d-2(d), 45 CFR § 164.530 164.530(c) and the patient confidentiality provisions of applicable state statutes or regulations, and shall comply with any applicable GLB Regulations, or any amendments to any of these statutes or regulations. Each party shall execute appropriate trading partnerTrading Partner, and/or business Business associate agreements Agreements with those subcontractors or agents that provide services involving maintenance, use or disclosure of PHI, ensuring that contain requirements any subcontractors or agents to protect whom it provides PHI agree in writing to those restrictions that, with respect to such PHI, apply to that are specifically applicable to the individual subcontractor or agent. Each party agrees that it will not maintain, use, make available or further disclose PHI other than as permitted or required by this Agreement or as required by law. If any activity under this Agreement would cause a party any Party to become be considered a “Business Associate” of another entity any other Party under 45 CFR. § 160.103, the following restrictions will apply to all uses and disclosures of PHI. The Business Associate will: (i) Not use or further disclose PHI other than as permitted or required by this Agreement, or to comply with judicial process or any applicable statute or regulation; (ii) Notify the other party Party in advance of any disclosure of PHI that the Business Associate is required to make under any judicial or regulatory directive; (iii) Use appropriate safeguards to prevent use or disclosure of PHI other than for the purposes required in this Agreement; (iv) Report to the other party parties any use or disclosure of PHI not provided for in this Agreement of which the Business Associate becomes aware; (v) Ensure that any agents or subcontractors to whom the Business Associate discloses PHI received from another party, or created on behalf of another party, agrees to the same restrictions and conditions that apply to the protection of Data information under this Agreement; (vi) If applicable, make Make PHI available to individuals as required by 45 CFR § 164.524; (vii) If applicable, make Make PHI available for amendment and incorporate any amendments to PHI in accordance with 45 CFR § 164.526; (viii) Make available the Data information required to provide an accounting of disclosures in accordance with 45 CFR § 164.528; (ix) Make its internal practices, books, and records relating to the use and disclosure of PHI received from, or created or collected by the Business Associate on behalf of another partyParty, available to the Secretary of HHS when called upon for purposes of determining the other partyParty’s compliance with federal privacy standards; and (x) At termination of this Agreement, if feasible, return or destroy all PHI received from another partyParty, or created or collected by the Business Associate on behalf of the other partyParty, that the Business Associate still maintains in any form and retain no copies of such Data; PHI or, if such return or destruction is not feasible, or if the Data PHI is still used to perform business functions, continue to treat all such Data as PHI in accordance with the limits provided in this Agreement, and applicable law and regulation.

COMPLIANCE WITH PRIVACY STANDARDS. Each party will develop, implement, maintain and use appropriate administrative, technical, technical and physical Data safeguards, in compliance with 42 U.S.C. § 1320d-2(d), 45 CFR § 164.530 164.530(c) and the patient confidentiality provisions of applicable state statutes or regulations, and shall comply with any applicable GLB Regulations, or any amendments to any of these statutes or regulations. Each party shall execute appropriate trading partnerTrading Partner, and/or business associate agreements Business Associate Agreements with those subcontractors or agents that provide services involving maintenance, use or disclosure of PHI, ensuring that contain requirements any subcontractors or agents to protect whom it provides PHI agree in writing to those restrictions that, with respect to such PHI, apply to that are specifically applicable to the individual subcontractor or agent. Each party agrees that it will not maintain, use, make available or further disclose PHI other than as permitted or required by this Agreement or as required by law. If any activity under this Agreement would cause a party any Party to become be considered a “Business Associate” of another entity any other Party under 45 CFR. § 160.103, the following restrictions will apply to all uses and disclosures of PHI. The Business Associate will: (i) Not use or further disclose PHI other than as permitted or required by this Agreement, or to comply with judicial process or any applicable statute or regulation; (ii) Notify the other party Party in advance of any disclosure of PHI that the Business Associate is required to make under any judicial or regulatory directive; (iii) Use appropriate safeguards to prevent use or disclosure of PHI other than for the purposes required in this Agreement; (iv) Report to the other party parties any use or disclosure of PHI not provided for in this Agreement of which the Business Associate becomes aware; (v) Ensure that any agents or subcontractors to whom the Business Associate discloses PHI received from another party, or created on behalf of another party, agrees to the same restrictions and conditions that apply to the protection of Data information under this Agreement; (vi) If applicable, make Make PHI available to individuals as required by 45 CFR § 164.524; (vii) If applicable, make Make PHI available for amendment and incorporate any amendments to PHI in accordance with 45 CFR § 164.526; (viii) Make available the Data information required to provide an accounting of disclosures in accordance with 45 CFR § 164.528; (ix) Make its internal practices, books, and records relating to the use and disclosure of PHI received from, or created or collected by the Business Associate on behalf of another partyParty, available to the Secretary of HHS when called upon for purposes of determining the other partyParty’s compliance with federal privacy standards; and (x) At termination of this Agreement, if feasible, return or destroy all PHI received from another partyParty, or created or collected by the Business Associate on behalf of the other partyParty, that the Business Associate still maintains in any form and retain no copies of such Data; PHI or, if such return or destruction is not feasible, or if the Data PHI is still used to perform business functions, continue to treat all such Data as PHI in accordance with the limits provided in this Agreement, and applicable law and regulation.

COMPLIANCE WITH PRIVACY STANDARDS. Each party will develop, implement, maintain and use appropriate administrative, technical, technical and physical Data safeguards, in compliance with 42 U.S.C. § 1320d-2(d), 45 CFR § 164.530 164.530(c) and the patient confidentiality provisions of applicable state statutes or regulations, and shall comply with any applicable GLB Regulations, or any amendments to any of these statutes or regulations. Each party shall execute appropriate trading partner, and/or business associate agreements with those subcontractors or agents that provide services involving maintenance, use or disclosure of PHI, ensuring that contain requirements any subcontractors or agents to protect whom it provides PHI agree in writing to those restrictions that, with respect to such PHI, apply to that are specifically applicable to the individual subcontractor or agent. Each party agrees that it will not maintain, use, make available or further disclose PHI other than as permitted or required by this Agreement or as required by law. If any activity under this Agreement would cause a party any Party to become be considered a “Business Associate” of another entity any other Party under 45 CFR. § 160.103, the following restrictions will apply to all uses and disclosures of PHI. The Business Associate will: : (i) Not use or further disclose PHI other than as permitted or required by this Agreement, or to comply with judicial process or any applicable statute or regulation; ; (ii) Notify the other party Party in advance of any disclosure of PHI that the Business Associate is required to make under any judicial or regulatory directive; (iii) Use appropriate safeguards to prevent use or disclosure of PHI other than for the purposes required in this Agreement; (iv) Report to the other party parties any use or disclosure of PHI not provided for in this Agreement of which the Business Associate becomes aware; (v) Ensure that any agents or subcontractors to whom the Business Associate discloses PHI received from another party, or created on behalf of another party, agrees to the same restrictions and conditions that apply to the protection of Data information under this Agreement; (vi) If applicable, make Make PHI available to individuals as required by 45 CFR § 164.524; (vii) If applicable, make Make PHI available for amendment and incorporate any amendments to PHI in accordance with 45 CFR § 164.526; (viii) Make available the Data information required to provide an accounting of disclosures in accordance with 45 CFR § 164.528; (ix) Make its internal practices, books, and records relating to the use and disclosure of PHI received from, or created or collected by the Business Associate on behalf of another partyParty, available to the Secretary of HHS when called upon for purposes of determining the other partyParty’s compliance with federal privacy standards; and (x) At termination of this Agreement, if feasible, return or destroy all PHI received from another partyParty, or created or collected by the Business Associate on behalf of the other partyParty, that the Business Associate still maintains in any form and retain no copies of such Data; PHI or, if such return or destruction is not feasible, or if the Data PHI is still used to perform business functions, continue to treat all such Data as PHI in accordance with the limits provided in this Agreement, and applicable law and regulation.

COMPLIANCE WITH PRIVACY STANDARDS. Each party will develop, implement, maintain and use appropriate administrative, technical, technical and physical Data safeguards, in compliance with 42 U.S.C. § 1320d-2(d), 45 CFR § 164.530 164.530(c) and the patient confidentiality provisions of applicable state statutes or regulations, and shall comply with any applicable GLB Regulations, or any amendments to any of these statutes or regulations. Each party shall execute appropriate trading partner, and/or business associate agreements with those subcontractors or agents that provide services involving maintenance, use or disclosure of PHI, ensuring that contain requirements any subcontractors or agents to protect whom it provides PHI agree in writing to those restrictions that, with respect to such PHI, apply to that are specifically applicable to the individual subcontractor or agent. Each party agrees that it will not maintain, use, make available or further disclose PHI other than as permitted or required by this Agreement or as required by law. If any activity under this Agreement would cause a party any Party to become be considered a “Business Associate” of another entity any other Party under 45 CFR. § 160.103, the following restrictions will apply to all uses and disclosures of PHI. The Business Associate will: (i) Not use or further disclose PHI other than as permitted or required by this Agreement, or to comply with judicial process or any applicable statute or regulation; (ii) Notify the other party Party in advance of any disclosure of PHI that the Business Associate is required to make under any judicial or regulatory directive; (iii) Use appropriate safeguards to prevent use or disclosure of PHI other than for the purposes required in this Agreement; (iv) Report to the other party parties any use or disclosure of PHI not provided for in this Agreement agreement of which the Business Associate becomes aware; (v) Ensure that any agents or subcontractors to whom the Business Associate discloses PHI received from another party, or created on behalf of another party, agrees to the same restrictions and conditions that apply to the protection of Data information under this Agreement; (vi) If applicable, make Make PHI available to individuals as required by 45 CFR § 164.524; (vii) If applicable, make Make PHI available for amendment and incorporate any amendments to PHI in accordance with 45 CFR § 164.526; (viii) Make available the Data information required to provide an accounting of disclosures in accordance with 45 CFR § 164.528; (ix) Make its internal practices, books, and records relating to the use and disclosure of PHI received from, or created or collected by the Business Associate on behalf of another partyParty, available to the Secretary of HHS when called upon for purposes of determining the other partyParty’s compliance with federal privacy standards; and (x) At termination of this Agreement, if feasible, return or destroy all PHI received from another partyParty, or created or collected by the Business Associate on behalf of the other partyParty, that the Business Associate still maintains in any form and retain no copies of such Data; PHI or, if such return or destruction is not feasible, or if the Data PHI is still used to perform business functions, continue to treat all such Data as PHI in accordance with the limits provided in this Agreement, and applicable law and regulation.

COMPLIANCE WITH PRIVACY STANDARDS. Each party will develop, implement, maintain and use appropriate administrative, technical, technical and physical Data safeguards, in compliance with 42 U.S.C. § 1320d-2(d), 45 CFR § 164.530 164.530(c) and the patient confidentiality provisions of applicable state statutes or regulationsstatutes, and shall comply with any applicable GLB Regulations, or any amendments to any of these statutes or regulations. Each party shall execute appropriate trading partner, and/or business associate agreements with those subcontractors or agents that provide services involving maintenance, use or disclosure of PHI, ensuring that contain requirements any subcontractors or agents to protect whom it provides PHI agree in writing to those restrictions that, with respect to such PHI, apply to that are specifically applicable to the individual subcontractor or agent. Each party agrees that it will not maintain, use, make available or further disclose PHI other than as permitted or required by this Agreement or as required by law. If any activity under this Agreement would cause a party any Party to become be considered a “Business Associate” of another entity any other Party under 45 CFR. § 160.103, the following restrictions will apply to all uses and disclosures of PHI. The Business Associate will: (i) Not use or further disclose PHI other than as permitted or required by this Agreement, or to comply with judicial process or any applicable statute or regulation; (ii) Notify the other party Party in advance of any disclosure of PHI that the Business Associate is required to make under any judicial or regulatory directive; (iii) Use appropriate safeguards to prevent use or disclosure of PHI other than for the purposes required in this Agreement; (iv) Report to the other party parties any use or disclosure of PHI not provided for in this Agreement of which the Business Associate becomes aware; (v) Ensure that any agents or subcontractors to whom the Business Associate discloses PHI received from another party, or created on behalf of another party, agrees to the same restrictions and conditions that apply to the protection of Data information under this Agreement; (vi) If applicable, make Make PHI available to individuals as required by 45 CFR § 164.524; (vii) If applicable, make PHI available for amendment and incorporate any amendments to PHI in accordance with 45 CFR § 164.526; (viii) Make available the Data required to provide an accounting of disclosures in accordance with 45 CFR § 164.528; (ix) Make its internal practices, books, and records relating to the use and disclosure of PHI received from, or created or collected by the Business Associate on behalf of another party, available to the Secretary of HHS when called upon for purposes of determining the other party’s compliance with federal privacy standards; and (x) At termination of this Agreement, if feasible, return or destroy all PHI received from another party, or created or collected by the Business Associate on behalf of the other party, that the Business Associate maintains in any form and retain no copies of such Data; or, if return or destruction is not feasible, or the Data is still used to perform business functions, continue to treat all such Data as provided in this Agreement, and applicable law and regulation.;