ACCESS TO SECURITY LOGS AND REPORTS Upon request, the Contractor shall provide access to security logs and reports to the State or Authorized User in a format as specified in the Authorized User Agreement.
Geographic Area and Sector Specific Allowances, Conditions and Exceptions The following allowances and conditions shall apply where relevant. Where the Employer does work which falls under the following headings, the Employer agrees to pay and observe the relevant respective conditions and/or exceptions set out below in each case.
Funding Restrictions and Order Quantities The Agency reserves the right to reduce or increase estimated or actual quantities in whatever amount necessary without prejudice or liability to the Agency, if:
12.3.1 Funding is not available;
12.3.2 Legal restrictions are placed upon the expenditure of monies for this category of service or supplies; or,
12.3.3 The Agency’s requirements in good faith change after award of the contract.
Minimum Condition and Warranty Requirements for TIPS Sales All goods quoted or sold through a TIPS Sale shall be new unless clearly stated otherwise in writing. All new goods and services shall include the applicable manufacturers minimum standard warranty unless otherwise agreed to in the Supplemental Agreement.
Audit and Inspection of Plants, Places of Business and Records (a) The State and its agents, including, but not limited to, the Connecticut Auditors of Public Accounts, Attorney General and State’s Attorney and their respective agents, may, at reasonable hours, inspect and examine all of the parts of the Contractor’s and Contractor Parties’ plants and places of business which, in any way, are related to, or involved in, the performance of this Contract.
(b) The Contractor shall maintain, and shall require each of the Contractor Parties to maintain, accurate and complete Records. The Contractor shall make all of its and the Contractor Parties’ Records available at all reasonable hours for audit and inspection by the State and its agents.
(c) The State shall make all requests for any audit or inspection in writing and shall provide the Contractor with at least twenty-four (24) hours’ notice prior to the requested audit and inspection date. If the State suspects fraud or other abuse, or in the event of an emergency, the State is not obligated to provide any prior notice.
(d) The Contractor will pay for all costs and expenses of any audit or inspection which reveals information that, in the sole determination of the State, is sufficient to constitute a breach by the Contractor under this Contract. The Contractor will remit full payment to the State for such audit or inspection no later than 30 days after receiving an invoice from the State. If the State does not receive payment within such time, the State may setoff the amount from any moneys which the State would otherwise be obligated to pay the Contractor in accordance with this Contract's Setoff provision.
(e) The Contractor shall keep and preserve or cause to be kept and preserved all of its and Contractor Parties’ Records until three (3) years after the latter of (i) final payment under this Contract, or (ii) the expiration or earlier termination of this Contract, as the same may be modified for any reason. The State may request an audit or inspection at any time during this period. If any Claim or audit is started before the expiration of this period, the Contractor shall retain or cause to be retained all Records until all Claims or audit findings have been resolved.
(f) The Contractor shall cooperate fully with the State and its agents in connection with an audit or inspection. Following any audit or inspection, the State may conduct and the Contractor shall cooperate with an exit conference.
(g) The Contractor shall incorporate this entire Section verbatim into any contract or other agreement that it enters into with any Contractor Party.
RIGHT OF ALLOTTEE TO USE COMMON AREAS AND FACILITIES SUBJECT TO PAYMENT OF TOTAL MAINTENANCE CHARGES The Allottee hereby agrees to purchase the [Apartment/Plot] on the specific understanding that is/her right to the use of Common Areas shall be subject to timely payment of total maintenance charges, as determined and thereafter billed by the maintenance agency appointed or the association of allottees (or the maintenance agency appointed by it) and performance by the Allottee of all his/her obligations in respect of the terms and conditions specified by the maintenance agency or the association of allottees from time to time.
Records Maintenance; Access Contractor shall maintain all financial records relating to this Contract in accordance with generally accepted accounting principles. In addition, Contractor shall maintain any other records, books, documents, papers, plans, records of shipments and payments and writings of Contractor, whether in paper, electronic or other form, that are pertinent to this Contract (“Records”) in such a manner as to clearly document Contractor's performance. Contractor acknowledges and agrees that Agency and the Oregon Secretary of State's Office and the federal government and their duly authorized representatives will have access to such financial records and other Records that are pertinent to this Contract, whether in paper, electronic or other form, to perform examinations and audits and make excerpts and transcripts. Contractor shall retain and keep accessible all such financial records and other Records for a minimum of 6 years, or such longer period as may be required by applicable law, following final payment and termination of this Contract, or until the conclusion of any audit, controversy or litigation arising out of or related to this Contract, whichever date is later.
Obligations and Activities of Business Associates (1) Business Associate agrees not to use or disclose PHI other than as permitted or required by this Section of the Contract or as Required by Law.
(2) Business Associate agrees to use and maintain appropriate safeguards and comply with applicable HIPAA Standards with respect to all PHI and to prevent use or disclosure of PHI other than as provided for in this Section of the Contract and in accordance with HIPAA Standards.
(3) Business Associate agrees to use administrative, physical and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability of electronic Protected Health Information that it creates, receives, maintains, or transmits on behalf of the Covered Entity.
(4) Business Associate agrees to mitigate, to the extent practicable, any harmful effect that is known to the Business Associate of a use or disclosure of PHI by Business Associate in violation of this Section of the Contract.
(5) Business Associate agrees to report to Covered Entity any use or disclosure of PHI not provided for by this Section of the Contract or any Security Incident of which it becomes aware.
(6) Business Associate agrees, in accordance with 45 C.F.R. 502(e)(1)(ii) and 164.308(d)(2), if applicable, to ensure that any subcontractors that create, receive, maintain or transmit PHI on behalf of the Business Associate, agree to the same restrictions, conditions, and requirements that apply to the business associate with respect to such information.
(7) Business Associate agrees to provide access (including inspection, obtaining a copy or both), at the request of the Covered Entity, and in the time and manner designated by the Covered Entity, to PHI in a Designated Record Set, to Covered Entity or, as directed by Covered Entity, to an Individual in order to meet the requirements under 45 C.F.R. § 164.524. Business Associate shall not charge any fees greater than the lesser of the amount charged by the Covered Entity to an Individual for such records; the amount permitted by state law; or the Business Associate’s actual cost of postage, labor and supplies for complying with the request.
(8) Business Associate agrees to make any amendments to PHI in a Designated Record Set that the Covered Entity directs or agrees to pursuant to 45 C.F.R. § 164.526 at the request of the Covered Entity, and in the time and manner designated by the Covered Entity.
(9) Business Associate agrees to make internal practices, books, and records, including policies and procedures and PHI, relating to the use and disclosure of PHI received from, or created, maintained, transmitted or received by, Business Associate on behalf of Covered Entity, available to Covered Entity or to the Secretary in a time and manner agreed to by the parties or designated by the Secretary, for purposes of the Secretary investigating or determining Covered Entity’s compliance with the HIPAA Standards.
(10) Business Associate agrees to document such disclosures of PHI and information related to such disclosures as would be required for Covered Entity to respond to a request by an Individual for an accounting of disclosures of PHI in accordance with 45 C.F.R. § 164.528 and section 13405 of the HITECH Act (42 U.S.C. § 17935) and any regulations promulgated thereunder.
(11) Business Associate agrees to provide to Covered Entity, in a time and manner designated by the Covered Entity, information collected in accordance with subsection (g)(10) of this Section of the Contract, to permit Covered Entity to respond to a request by an Individual for an accounting of disclosures of PHI in accordance with 45 C.F.R. § 164.528 and section 13405 of the HITECH Act (42 U.S.C. § 17935) and any regulations promulgated thereunder. Business Associate agrees at the Covered Entity’s direction to provide an accounting of disclosures of PHI directly to an individual in accordance with 45 C.F.R. § 164.528 and section 13405 of the HITECH Act (42 U.S.C. § 17935) and any regulations promulgated thereunder.
(12) Business Associate agrees to comply with any State or federal law that is more stringent than the Privacy Rule.
(13) Business Associate agrees to comply with the requirements of the HITECH Act relating to privacy and security that are applicable to the Covered Entity and with the requirements of 45 C.F.R. §§ 164.504(e), 164.308, 164.310, 164.312, and 164.316.
(14) In the event that an Individual requests that the Business Associate
(A) restrict disclosures of PHI;
(B) provide an accounting of disclosures of the Individual’s PHI;
(C) provide a copy of the Individual’s PHI in an Electronic Health Record; or
(D) amend PHI in the Individual’s Designated Record Set the Business Associate agrees to notify the Covered Entity, in writing, within five Days of the request.
(15) Business Associate agrees that it shall not, and shall ensure that its subcontractors do not, directly or indirectly, receive any remuneration in exchange for PHI of an Individual without
(A) the written approval of the Covered Entity, unless receipt of remuneration in exchange for PHI is expressly authorized by this Contract and
(B) the valid authorization of the Individual, except for the purposes provided under section 13405(d)(2) of the HITECH Act, (42 U.S.C. § 17935(d)(2)) and in any accompanying regulations.
(16) Obligations in the Event of a Breach.
(A) The Business Associate agrees that, following the discovery by the Business Associate or by a subcontractor of the Business Associate of any use or disclosure not provided for by this section of the Contract, any breach of Unsecured protected health information, or any Security Incident, it shall notify the Covered Entity of such Breach in accordance with Subpart D of Part 164 of Title 45 of the Code of Federal Regulations and this Section of the Contract.
(B) Such notification shall be provided by the Business Associate to the Covered Entity without unreasonable delay, and in no case later than 30 days after the Breach is discovered by the Business Associate, or a subcontractor of the Business Associate, except as otherwise instructed in writing by a law enforcement official pursuant to 45 C.F.R. 164.412. A Breach is considered discovered as of the first day on which it is, or reasonably should have been, known to the Business Associate or its subcontractor. The notification shall include the identification and last known address, phone number and email address of each Individual (or the next of kin of the individual if the Individual is deceased) whose Unsecured protected health information has been, or is reasonably believed by the Business Associate to have been, accessed, acquired, or disclosed during such Breach.
(C) The Business Associate agrees to include in the notification to the Covered Entity at least the following information:
1. A description of what happened, including the date of the Breach; the date of the discovery of the Breach; the unauthorized person, if known, who used the PHI or to whom it was disclosed; and whether the PHI was actually acquired or viewed.
2. A description of the types of Unsecured protected health information that were involved in the Breach (such as full name, Social Security number, date of birth, home address, account number, or disability code).
3. The steps the Business Associate recommends that Individual(s) take to protect themselves from potential harm resulting from the Breach.
4. A detailed description of what the Business Associate is doing or has done to investigate the Breach, to mitigate losses, and to protect against any further Breaches.
5. Whether a law enforcement official has advised the Business Associate, either verbally or in writing, that he or she has determined that notification or notice to Individuals or the posting required under 45 C.F.R.
Permitted and Required Uses/Disclosures of PHI 3.1 Except as limited in this Agreement, Business Associate may use or disclose PHI to perform Services, as specified in the underlying grant or contract with Covered Entity. The uses and disclosures of Business Associate are limited to the minimum necessary, to complete the tasks or to provide the services associated with the terms of the underlying agreement. Business Associate shall not use or disclose PHI in any manner that would constitute a violation of the Privacy Rule if used or disclosed by Covered Entity in that manner. Business Associate may not use or disclose PHI other than as permitted or required by this Agreement or as Required by Law.
3.2 Business Associate may make PHI available to its employees who need access to perform Services provided that Business Associate makes such employees aware of the use and disclosure restrictions in this Agreement and binds them to comply with such restrictions. Business Associate may only disclose PHI for the purposes authorized by this Agreement: (a) to its agents and Subcontractors in accordance with Sections 9 and 17 or, (b) as otherwise permitted by Section 3.
3.3 Business Associate shall be directly liable under HIPAA for impermissible uses and disclosures of the PHI it handles on behalf of Covered Entity, and for impermissible uses and disclosures, by Business Associate’s Subcontractor(s), of the PHI that Business Associate handles on behalf of Covered Entity and that it passes on to Subcontractors.
Title to and Condition of Properties Except as would not have a Material Adverse Effect, the Company owns (with good and marketable title in the case of real property) or holds under valid leases or other rights to use all real property, plants, machinery and equipment necessary for the conduct of the business of the Company as presently conducted, free and clear of all Liens, except Permitted Liens. The material buildings, plants, machinery and equipment necessary for the conduct of the business of the Company as presently conducted are structurally sound, are in good operating condition and repair and are adequate for the uses to which they are being put, in each case, taken as a whole, and none of such buildings, plants, machinery or equipment is in need of maintenance or repairs, except for ordinary, routine maintenance and repairs that are not material in nature or cost.
