Limitations on the Collection, Use and Disclosure of PHI. PA eHealth will not itself affirmatively sell or Disclose PHI to any Third Party (except in relation to support of the P3N operations) for any activity not permitted by Applicable Law. PA eHealth will not be responsible for the Uses and Disclosures of PHI and other Data made by Authorized Users who permissibly access information from the P3N.
Limitations on the Collection, Use and Disclosure of PHI. If CP intends to Disclose PHI to a Third Party for financial benefit unrelated to Treatment, Payment or Operations (TPO), it must secure patient consent. Patient authorizations for sale of PHI must specifically state that the CP is receiving payment in exchange for PHI and whether the PHI can be further exchanged for payment by the recipient. The CP may not sell or disclose PHI derived from the P3N, except as defined by HIPAA and HITECH. PHI shall be collected, Used and/or Disclosed only to the extent necessary to accomplish specific purposes, in accordance with federal and state law and this Agreement. CP shall be required to comply with federal and state laws governing the Use of PHI for research. Notwithstanding these limitations, CP may retain, use and re-disclose PHI in accordance with Applicable Law, the terms of this Agreement, the terms of the CP-MO Agreement, and the CP’s record retention policies and procedures. If the CP has agreed to more stringent terms with its MOs, those will take precedence.
