Internal Practices. To make Business Associate’s internal practices, books and records relating to the use and disclosure of PHI received from County, or created or received by Business Associate on behalf of County, available to County or to the Secretary of the U.S. Department of Health and Human Services in a time and manner designated by County or by the Secretary, for purposes of determining County compliance with the HIPAA regulations.
Internal Practices. BA shall make its internal practices, books and records relating to the use and disclosure of CE's PHI available to CE and all appropriate federal agencies to determine CE's and BA's compliance with HIPAA, the HITECH Act and the Privacy and Security Rule.
Internal Practices. Subject to any applicable legal privilege, and, if required by law, to the extent consistent with ethical obligations, Business Associate shall make its internal practices, books and records relating to the use and disclosure of PHI received from Covered Entity (or created or received by Business Associate on behalf of Covered Entity) available, within 15 business days, to the Secretary for purposes of the Secretary determining the Covered Entity’s compliance with HIPAA and the Privacy Rule.
Internal Practices. To make Contractor’s internal practices, books and records relating to the use and disclosure of Department PHI available to the Department or to the Secretary, for purposes of determining the Department’s compliance with the HIPAA regulations. If any information needed for this purpose is in the exclusive possession of any other entity or person and the other entity or person fails or refuses to furnish the information to Contractor, Contractor shall provide written notification to the Department and shall set forth the efforts it made to obtain the information.
Internal Practices. The Provider shall make its internal practices, books and records relating to the use and disclosure of DHSS’s protected health information available to DHSS and all appropriate federal agencies to determine DHSS’s and the Provider’s compliance with HIPAA, the HITECH Act and the Privacy and Security Rule.
Internal Practices. To make Business Associate’s internal practices, books and records relating to the use and disclosure of PHI received from DHCS, or created or received by Business Associate on behalf of DHCS, available to DHCS or to the Secretary of the U.S. Department of Health and Human Services in a time and manner designated by DHCS or by the Secretary, for purposes of determining DHCS’ compliance with the HIPAA regulations. If any information needed for this purpose is in the exclusive possession of any other entity or person and the other entity or person fails or refuses to furnish the information to Business Associate, Business Associate shall so certify to DHCS and shall set forth the efforts it made to obtain the information.
Internal Practices. Business Associate agrees to make internal practices, books, and records relating to the use and disclosure of PHI received from, or created or received by Business Associate on behalf of, Covered Entity available to the Secretary for purposes of the Secretary determining Covered Entity's compliance with the Privacy Rule and Security Rule.
Internal Practices. Business Associate agrees to make internal practices, books and records, including policies, procedures and PHI, relating to the use and disclosure of PHI, available to the Department or to the Secretary within seven (7) days of receiving a request from the Department or receiving notice of a request from the Secretary, for purposes of the Secretary’s determining the Department’s compliance with the Privacy Rule.
Internal Practices. The Business Associate agrees to make its internal practices, books, and records relating to the use and disclosure of Protected Health Information available to the federal Secretary of Health and Human Services (HHS) in a time and manner determined by the HHS Secretary, or designee, for purposes of determining compliance with the requirements of HIPAA.
Internal Practices. The Business Associate agrees to make its internal practices, books, subcontracts, records and policies and procedures, relating to the use and disclosure of PHI available to the Covered Entity, or to the federal Secretary of Health and Human Services (HHS), the Office for Civil Rights (“OCR”) or their agents, in a time and manner determined the HHS Secretary or designee, for purposes of determining compliance with the requirements of the HIPAA Rule.