OBLIGATIONS AND ACTIVITIES OF CONTRACTOR AS BUSINESS ASSOCIATE 1. CONTRACTOR agrees not to use or further disclose PHI COUNTY discloses to CONTRACTOR other than as permitted or required by this Business Associate Contract or as required by law. 2. XXXXXXXXXX agrees to use appropriate safeguards, as provided for in this Business Associate Contract and the Agreement, to prevent use or disclosure of PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY other than as provided for by this Business Associate Contract. 3. XXXXXXXXXX agrees to comply with the HIPAA Security Rule at Subpart C of 45 CFR Part 164 with respect to electronic PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY. 4. CONTRACTOR agrees to mitigate, to the extent practicable, any harmful effect that is known to CONTRACTOR of a Use or Disclosure of PHI by CONTRACTOR in violation of the requirements of this Business Associate Contract. 5. XXXXXXXXXX agrees to report to COUNTY immediately any Use or Disclosure of PHI not provided for by this Business Associate Contract of which CONTRACTOR becomes aware. CONTRACTOR must report Breaches of Unsecured PHI in accordance with Paragraph E below and as required by 45 CFR § 164.410. 6. CONTRACTOR agrees to ensure that any Subcontractors that create, receive, maintain, or transmit PHI on behalf of CONTRACTOR agree to the same restrictions and conditions that apply through this Business Associate Contract to CONTRACTOR with respect to such information. 7. CONTRACTOR agrees to provide access, within fifteen (15) calendar days of receipt of a written request by COUNTY, to PHI in a Designated Record Set, to COUNTY or, as directed by COUNTY, to an Individual in order to meet the requirements under 45 CFR § 164.524. If CONTRACTOR maintains an Electronic Health Record with PHI, and an individual requests a copy of such information in an electronic format, CONTRACTOR shall provide such information in an electronic format. 8. CONTRACTOR agrees to make any amendment(s) to PHI in a Designated Record Set that COUNTY directs or agrees to pursuant to 45 CFR § 164.526 at the request of COUNTY or an Individual, within thirty (30) calendar days of receipt of said request by COUNTY. XXXXXXXXXX agrees to notify COUNTY in writing no later than ten (10) calendar days after said amendment is completed. 9. CONTRACTOR agrees to make internal practices, books, and records, including policies and procedures, relating to the use and disclosure of PHI received from, or created or received by CONTRACTOR on behalf of, COUNTY available to COUNTY and the Secretary in a time and manner as determined by COUNTY or as designated by the Secretary for purposes of the Secretary determining COUNTY’S compliance with the HIPAA Privacy Rule. 10. CONTRACTOR agrees to document any Disclosures of PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY, and to make information related to such Disclosures available as would be required for COUNTY to respond to a request by an Individual for an accounting of Disclosures of PHI in accordance with 45 CFR § 164.528. 11. CONTRACTOR agrees to provide COUNTY or an Individual, as directed by COUNTY, in a time and manner to be determined by COUNTY, that information collected in accordance with the Agreement, in order to permit COUNTY to respond to a request by an Individual for an accounting of Disclosures of PHI in accordance with 45 CFR § 164.528. 12. XXXXXXXXXX agrees that to the extent CONTRACTOR carries out COUNTY’s obligation under the HIPAA Privacy and/or Security rules CONTRACTOR will comply with the requirements of 45 CFR Part 164 that apply to COUNTY in the performance of such obligation. 13. If CONTRACTOR receives Social Security data from COUNTY provided to COUNTY by a state agency, upon request by COUNTY, CONTRACTOR shall provide COUNTY with a list of all employees, subcontractors and agents who have access to the Social Security data, including employees, agents, subcontractors and agents of its subcontractors. 14. CONTRACTOR will notify COUNTY if CONTRACTOR is named as a defendant in a criminal proceeding for a violation of HIPAA. COUNTY may terminate the Agreement, if CONTRACTOR is found guilty of a criminal violation in connection with HIPAA. COUNTY may terminate the Agreement, if a finding or stipulation that CONTRACTOR has violated any standard or requirement of the privacy or security provisions of HIPAA, or other security or privacy laws are made in any administrative or civil proceeding in which CONTRACTOR is a party or has been joined. COUNTY will consider the nature and seriousness of the violation in deciding whether or not to terminate the Agreement.
Notice and Procedures If any suit, action, proceeding (including any governmental or regulatory investigation), claim or demand shall be brought or asserted against any person in respect of which indemnification may be sought pursuant to either paragraph (a) or (b) above, such person (the “Indemnified Person”) shall promptly notify the person against whom such indemnification may be sought (the “Indemnifying Person”) in writing; provided that the failure to notify the Indemnifying Person shall not relieve it from any liability that it may have under paragraph (a) or (b) above except to the extent that it has been materially prejudiced (through the forfeiture of substantive rights or defenses) by such failure; and provided, further, that the failure to notify the Indemnifying Person shall not relieve it from any liability that it may have to an Indemnified Person otherwise than under paragraph (a) or (b) above. If any such proceeding shall be brought or asserted against an Indemnified Person and it shall have notified the Indemnifying Person thereof, the Indemnifying Person shall retain counsel reasonably satisfactory to the Indemnified Person (who shall not, without the consent of the Indemnified Person, be counsel to the Indemnifying Person) to represent the Indemnified Person in such proceeding and shall pay the fees and expenses of such counsel related to such proceeding, as incurred. In any such proceeding, any Indemnified Person shall have the right to retain its own counsel, but the fees and expenses of such counsel shall be at the expense of such Indemnified Person unless (i) the Indemnifying Person and the Indemnified Person shall have mutually agreed to the contrary; (ii) the Indemnifying Person has failed within a reasonable time to retain counsel reasonably satisfactory to the Indemnified Person; (iii) the Indemnified Person shall have reasonably concluded that there may be legal defenses available to it that are different from or in addition to those available to the Indemnifying Person; or (iv) the named parties in any such proceeding (including any impleaded parties) include both the Indemnifying Person and the Indemnified Person and representation of both parties by the same counsel would be inappropriate due to actual or potential differing interest between them. It is understood and agreed that the Indemnifying Person shall not, in connection with any proceeding or related proceedings in the same jurisdiction, be liable for the fees and expenses of more than one separate firm (in addition to any local counsel) for all Indemnified Persons, and that all such fees and expenses shall be paid or reimbursed as they are incurred. Any such separate firm for any Underwriter, its affiliates, directors and officers and any control persons of such Underwriter shall be designated in writing by the Representatives and any such separate firm for the Company, its directors, its officers who signed the Registration Statement and any control persons of the Company shall be designated in writing by the Company. The Indemnifying Person shall not be liable for any settlement of any proceeding effected without its written consent, but if settled with such consent or if there be a final judgment for the plaintiff, the Indemnifying Person agrees to indemnify each Indemnified Person from and against any loss or liability by reason of such settlement or judgment. Notwithstanding the foregoing sentence, if at any time an Indemnified Person shall have requested that an Indemnifying Person reimburse the Indemnified Person for fees and expenses of counsel as contemplated by this paragraph, the Indemnifying Person shall be liable for any settlement of any proceeding effected without its written consent if (i) such settlement is entered into more than 30 days after receipt by the Indemnifying Person of such request and (ii) the Indemnifying Person shall not have reimbursed the Indemnified Person in accordance with such request prior to the date of such settlement. No Indemnifying Person shall, without the written consent of the Indemnified Person, effect any settlement of any pending or threatened proceeding in respect of which any Indemnified Person is or could have been a party and indemnification could have been sought hereunder by such Indemnified Person, unless such settlement (x) includes an unconditional release of such Indemnified Person, in form and substance reasonably satisfactory to such Indemnified Person, from all liability on claims that are the subject matter of such proceeding and (y) does not include any statement as to or any admission of fault, culpability or a failure to act by or on behalf of any Indemnified Person.
Safeguarding requirements and procedures (1) The Contractor shall apply the following basic safeguarding requirements and procedures to protect covered contractor information systems. Requirements and procedures for basic safeguarding of covered contractor information systems shall include, at a minimum, the following security controls: (i) Limit information system access to authorized users, processes acting on behalf of authorized users, or devices (including other information systems). (ii) Limit information system access to the types of transactions and functions that authorized users are permitted to execute. (iii) Verify and control/limit connections to and use of external information systems. (iv) Control information posted or processed on publicly accessible information systems. (v) Identify information system users, processes acting on behalf of users, or devices. (vi) Authenticate (or verify) the identities of those users, processes, or devices, as a prerequisite to allowing access to organizational information systems. (vii) Sanitize or destroy information system media containing Federal Contract Information before disposal or release for reuse. (viii) Limit physical access to organizational information systems, equipment, and the respective operating environments to authorized individuals. (ix) Escort visitors and monitor visitor activity; maintain audit logs of physical access; and control and manage physical access devices. (x) Monitor, control, and protect organizational communications (i.e., information transmitted or received by organizational information systems) at the external boundaries and key internal boundaries of the information systems. (xi) Implement subnetworks for publicly accessible system components that are physically or logically separated from internal networks. (xii) Identify, report, and correct information and information system flaws in a timely manner. (xiii) Provide protection from malicious code at appropriate locations within organizational information systems. (xiv) Update malicious code protection mechanisms when new releases are available. (xv) Perform periodic scans of the information system and real-time scans of files from external sources as files are downloaded, opened, or executed.
Administrative Claims Requirements and Procedures No suit or arbitration shall be brought arising out of this Agreement against City unless a claim has first been presented in writing and filed with City and acted upon by City in accordance with the procedures set forth in Chapter 1.34 of the Chula Vista Municipal Code, as same may be amended, the provisions of which, including such policies and procedures used by City in the implementation of same, are incorporated herein by this reference. Upon request by City, Consultant shall meet and confer in good faith with City for the purpose of resolving any dispute over the terms of this Agreement.
COMPLIANCE WITH POLICIES AND PROCEDURES During the period that Executive is employed with the Company hereunder, Executive shall adhere to the policies and standards of professionalism set forth in the policies and procedures of the Company and IAC as they may exist from time to time.
COMPLIANCE WITH LEGAL OBLIGATIONS Contractor shall procure and maintain for the duration of this Contract any state, county, city or federal license, authorization, waiver, permit, qualification or certification required by statute, ordinance, law, or regulation to be held by Contractor to provide the goods or services required by this Contract. Contractor will be responsible to pay all taxes, assessments, fees, premiums, permits, and licenses required by law. Real property and personal property taxes are the responsibility of Contractor in accordance with NRS 361.157 and 361.159. Contractor agrees to be responsible for payment of any such government obligations not paid by its subcontractors during performance of this Contract.
Indemnification Procedures If any third-‐party claim is commenced that is indemnified under Section 7.1 above, ICANN shall provide notice thereof to Registry Operator as promptly as practicable. Registry Operator shall be entitled, if it so elects, in a notice promptly delivered to ICANN, to immediately take control of the defense and investigation of such claim and to employ and engage attorneys reasonably acceptable to ICANN to handle and defend the same, at Registry Operator’s sole cost and expense, provided that in all events ICANN will be entitled to control at its sole cost and expense the litigation of issues concerning the validity or interpretation of ICANN’s policies, Bylaws or conduct. ICANN shall cooperate, at Registry Operator’s cost and expense, in all reasonable respects with Registry Operator and its attorneys in the investigation, trial, and defense of such claim and any appeal arising therefrom, and may, at its own cost and expense, participate, through its attorneys or otherwise, in such investigation, trial and defense of such claim and any appeal arising therefrom. No settlement of a claim that involves a remedy affecting ICANN other than the payment of money in an amount that is fully indemnified by Registry Operator will be entered into without the consent of ICANN. If Registry Operator does not assume full control over the defense of a claim subject to such defense in accordance with this Section 7.2, ICANN will have the right to defend the claim in such manner as it may deem appropriate, at the cost and expense of Registry Operator and Registry Operator shall cooperate in such defense. [Note: This Section 7.2 is inapplicable to intergovernmental organizations or governmental entities.]
Compliance Policies and Procedures To assist the Fund in complying with Rule 38a-1 of the 1940 Act, BBH&Co. represents that it has adopted written policies and procedures reasonably designed to prevent violation of the federal securities laws in fulfilling its obligations under the Agreement and that it has in place a compliance program to monitor its compliance with those policies and procedures. BBH&Co will upon request provide the Fund with information about our compliance program as mutually agreed.
Performance and Compliance with Contracts and Credit and Collection Policy The Seller shall (and shall cause the Servicer to), at its expense, timely and fully perform and comply with all material provisions, covenants and other promises required to be observed by it under the Contracts related to the Receivables, and timely and fully comply in all material respects with the applicable Credit and Collection Policies with regard to each Receivable and the related Contract.
Obligations of Business Associate Upon Termination Upon termination of this Agreement for any reason, business associate shall return to covered entity or, if agreed to by covered entity, destroy all protected health information received from covered entity, or created, maintained, or received by business associate on behalf of covered entity, that the business associate still maintains in any form. Business associate shall retain no copies of the protected health information.