Health Insurance Portability and Accountability Act Grantee certifies that it is in compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA), Public Law Xx. 000-000, 00 XXX Parts 160, 162 and 164, and the Social Security Act, 42 USC 1320d-2 through 1320d-7, in that it may not use or disclose protected health information other than as permitted or required by law and agrees to use appropriate safeguards to prevent use or disclosure of the protected health information. Grantee shall maintain, for a minimum of six (6) years, all protected health information.
Health Insurance Portability and Accountability Act of 1996 (a) If the Contactor is a Business Associate under the requirements of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), as noted in this Contract, the Contractor must comply with all terms and conditions of this Section of the Contract. If the Contractor is not a Business Associate under HIPAA, this Section of the Contract does not apply to the Contractor for this Contract.
Data Protection and Privacy: Protected Health Information Party shall maintain the privacy and security of all individually identifiable health information acquired by or provided to it as a part of the performance of this Agreement. Party shall follow federal and state law relating to privacy and security of individually identifiable health information as applicable, including the Health Insurance Portability and Accountability Act (HIPAA) and its federal regulations.
Electronic Protected Health Information “Electronic Protected Health Information” means individually identifiable health information that is transmitted by or maintained in electronic media.
Amendment of Protected Health Information 8.1 To the extent Covered Entity determines that any Protected Health Information is maintained by Business Associate or its agents or Subcontractors in a Designated Record Set, Business Associate shall, within ten (10) business days after receipt of a written request from Covered Entity, make any amendments to such Protected Health Information that are requested by Covered Entity, in order for Covered Entity to meet the requirements of 45 C.F.R. § 164.526.
Health Information System i. As required by 42 CFR 438.242(a), the MCP shall maintain a health information system that collects, analyzes, integrates, and reports data. The system shall provide information on areas including, but not limited to, utilization, grievances and appeals, and MCP membership terminations for other than loss of Medicaid eligibility.
Access to Protected Health Information 7.1 To the extent Covered Entity determines that Protected Health Information is maintained by Business Associate or its agents or Subcontractors in a Designated Record Set, Business Associate shall, within two (2) business days after receipt of a request from Covered Entity, make the Protected Health Information specified by Covered Entity available to the Individual(s) identified by Covered Entity as being entitled to access and shall provide such Individuals(s) or other person(s) designated by Covered Entity with a copy the specified Protected Health Information, in order for Covered Entity to meet the requirements of 45 C.F.R. § 164.524.
Privacy Act If performance involves design, development or operation of a system of records on individuals, this Agreement incorporates by reference FAR 52.224-1 Privacy Act Notification (Apr 1984) and FAR 52.224-2 Privacy Act (Apr 1984).
Protected Health Information “Protected Health Information” shall have the same meaning as the term “protected health information” in Section 160.103 and is limited to the information created or received by Contractor from or on behalf of County.
Unsecured Protected Health Information “Unsecured Protected Health Information” shall have the same meaning as the term “unsecured protected health information” in 45 CFR § 164.402.