Obligations and Activities of Business Associates Sample Clauses

Obligations and Activities of Business Associates. (1) Business Associate agrees not to use or disclose PHI other than as permitted or required by this Section of the Contract or as Required by Law. (2) Business Associate agrees to use and maintain appropriate safeguards and comply with applicable HIPAA Standards with respect to all PHI and to prevent use or disclosure of PHI other than as provided for in this Section of the Contract and in accordance with HIPAA Standards. (3) Business Associate agrees to use administrative, physical and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability of electronic Protected Health Information that it creates, receives, maintains, or transmits on behalf of the Covered Entity. (4) Business Associate agrees to mitigate, to the extent practicable, any harmful effect that is known to the Business Associate of a use or disclosure of PHI by Business Associate in violation of this Section of the Contract. (5) Business Associate agrees to report to Covered Entity any use or disclosure of PHI not provided for by this Section of the Contract or any Security Incident of which it becomes aware. (6) Business Associate agrees, in accordance with 45 C.F.R. 502(e)(1)(ii) and 164.308(d)(2), if applicable, to ensure that any subcontractors that create, receive, maintain or transmit PHI on behalf of the Business Associate, agree to the same restrictions, conditions, and requirements that apply to the business associate with respect to such information. (7) Business Associate agrees to provide access (including inspection, obtaining a copy or both), at the request of the Covered Entity, and in the time and manner designated by the Covered Entity, to PHI in a Designated Record Set, to Covered Entity or, as directed by Covered Entity, to an Individual in order to meet the requirements under 45 C.F.R. § 164.524. Business Associate shall not charge any fees greater than the lesser of the amount charged by the Covered Entity to an Individual for such records; the amount permitted by state law; or the Business Associate’s actual cost of postage, labor and supplies for complying with the request. (8) Business Associate agrees to make any amendments to PHI in a Designated Record Set that the Covered Entity directs or agrees to pursuant to 45 C.F.R. § 164.526 at the request of the Covered Entity, and in the time and manner designated by the Covered Entity. (9) Business Associate agrees to make internal practices, books, and records, inclu...
Sample 1Sample 2Sample 3See All (263)
AutoNDA by SimpleDocs
Obligations and Activities of Business Associates. Business Associate agrees to comply with the provisions applicable tobusiness associates” imposed by HIPAA Rules, including the following:
Sample 1Sample 2Sample 3See All (10)
Obligations and Activities of Business Associates. Business Associate agrees not to use or disclose PHI other than as permitted or required by this Section of the Contract or as Required by Law. Business Associate agrees to use and maintain appropriate safeguards and comply with applicable HIPAA Standards with respect to all PHI and to prevent use or disclosure of PHI other than as provided for in this Section of the Contract and in accordance with HIPAA Standards. Business Associate agrees to use administrative, physical and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability of electronic protected health information that it creates, receives, maintains, or transmits on behalf of the Covered Entity. Business Associate agrees to mitigate, to the extent practicable, any harmful effect that is known to the Business Associate of a use or disclosure of PHI by Business Associate in violation of this Section of the Contract. Business Associate agrees to report to Covered Entity any use or disclosure of PHI not provided for by this Section of the Contract or any security incident of which it becomes aware. Business Associate agrees in accordance with 45 C.F.R. § 502(e)(1)(ii) and § 164.308(d)(2), if applicable, to ensure that any subcontractor that creates, receives, maintains or transmits PHI on behalf of the Business Associate agrees to the same restrictions, conditions and requirements that apply to the Business Associate with respect to such information.
Sample 1Sample 2Sample 3See All (7)
Obligations and Activities of Business Associates a. Business Associate agrees not to use or disclose PHI other than as permitted or required by this Section of the Contract or as Required by Law. DocuSign Envelope ID: ECA2080F-F2BD-440A-B380-0243D9E67ACE b. Business Associate agrees to use and maintain appropriate safeguards and comply with applicable HIPAA Standards with respect to all PHI and to prevent use or disclosure of PHI other than as provided for in this Section of the Contract and in accordance with HIPAA Standards. c. Business Associate agrees to use administrative, physical and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability of electronic protected health information that it creates, receives, maintains, or transmits on behalf of the Covered Entity. d. Business Associate agrees to mitigate, to the extent practicable, any harmful effect that is known to the Business Associate of a use or disclosure of PHI by Business Associate in violation of this Section of the Contract. e. Business Associate agrees to report to Covered Entity any use or disclosure of PHI not provided for by this Section of the Contract or any security incident of which it becomes aware. f. Business Associate agrees in accordance with 45 C.F.R. § 502(e)(1)(ii) and § 164.308(d)(2), if applicable, to ensure that any subcontractor that creates, receives, maintains or transmits PHI on behalf of the Business Associate agrees to the same restrictions, conditions and requirements that apply to the Business Associate with respect to such information. g. Business Associate agrees to provide access (including inspection, obtaining a copy or both), at the request of the Covered Entity, and in the time and manner designated by the Covered Entity, to PHI in a Designated Record Set, to Covered Entity or, as directed by Covered Entity, to an Individual in order to meet the requirements under 45 C.F.R. § 164.524. Business Associate shall not charge any fees greater than the lesser of the amount charged by the Covered Entity to an Individual for such records; the amount permitted by state law; or the Business Associate’s actual cost of postage, labor and supplies for complying with the request. h. Business Associate agrees to make any amendments to PHI in a Designated Record Set that the Covered Entity directs or agrees to pursuant to 45 C.F.R. § 164.526 at the request of the Covered Entity, and in the time and manner designated by the Covered Entity. i. Business Associate agree...
Sample 1Sample 2See All (4)
Obligations and Activities of Business Associates. (a) Business Associate acknowledges and agrees that all Protected Health Information that is created or received by Covered Entity and disclosed or made available in any form, including paper record, oral communication, audio recording, and electronic display by Covered Entity or its operating units to Business Associate or is created or received by Business Associate on Covered Entity’s behalf shall be subject to this Agreement. (b) Business Associate agrees to not use or further disclose Protected Health Information other than as permitted or required by the Agreement or as required by law. (c) Business Associate agrees to use appropriate safeguards to prevent use or disclosure of the Protected Health Information other than as provided for by this Agreement. (d) Business Associate agrees to mitigate, to the extent practicable, any harmful effect that is know to Business Associate of a use or disclosure of Protected Health Information by Business Associate in violation of the requirements of this Agreement. (e) Business Associate agrees to report to Covered Entity any use or disclosure of the Protected Health Information not provided for by this Agreement. (f) Business Associate agrees to ensure that any agent, including a subcontractor, to whom it provides Protected Health Information received from, or created or received by Business Associate on behalf of Covered Entity, agrees to the same restrictions and conditions that apply through this Agreement to Business Associate with respect to such information. (g) Business Associate agrees to make available Protected Health Information to the extent and in the manner required by Section 164.524 of the HIPAA Security and Privacy Rules. (h) Business Associate agrees to make Protected Health Information available for amendment and incorporate any amendments to Protected Health Information in accordance with the requirements of Section 164.526 of the HIPAA Security and Privacy Rules. (i) Business Associate agrees to make internal practices, books, and records relating to the use and disclosure of Protected Health Information received from, or created or received by Business Associate on behalf of, Covered Entity available to the Covered Entity, or at the request of the Covered Entity to the Secretary of Health and Human Services. (j) Business Associate agrees to document any disclosures of and make Protected Health Information available for purposes of accounting of disclosures, as required by Section 164.528 of...
Sample 1
Obligations and Activities of Business Associates. Business Associate: Acknowledges and agrees that all PHI that is created or received by Covered Entity and disclosed or made available in any form, including paper record, oral communication, audio recording, and electronic display by Covered Entity or its operating units to Business Associate or is created or received by Business Associate on Covered Entity’s behalf shall be subject to this Agreement. In accordance with 45 CFR 164.308(b) and 164.502(e), will ensure that its agents, including a Subcontractor, to whom it provides PHI received from or created by Business Associate on behalf of Covered Entity, agrees to the same restrictions, conditions, and requirements that apply to Business Associate with respect to such information. In addition, Business Associate agrees to take reasonable steps to ensure that its employees’ or agents’ actions or omissions do not cause Business Associate to breach the terms of this Agreement. Will implement appropriate technical, physical, and administrative safeguards to (1) prevent the use or disclosure of PHI other than as permitted in this Agreement; (2) reasonably and appropriately protect the confidentiality, integrity, and availability of the ePHI that it creates, maintains or transmits on behalf of Covered Entity; and (3comply with the requirements set forth in 45 C.F.R. Sections 164.308, 164.310, 164.312, and 164.316, as may be amended from time to time. Agrees to report to covered entity as soon as practicable but no later than five (5) business days after any discovery of (1) any use or disclosure of PHI not permitted under this Agreement of which it becomes aware or reasonably should have been aware; and (2) any Security Incident of which Business Associate becomes aware or reasonably should have been aware. The parties acknowledge and agree that notice to the Covered Entity is not required for Unsuccessful Security Incidents. Unsuccessful Security Incident means, without limitation, pings and other broadcast attacks on Business Associate’s firewall, port scans, unsuccessful log-on attempts, denial of service attacks, and any combination of the above, so long as no such incident results in unauthorized access, use or disclosure of PHI. Agrees to mitigate, to the extent practicable, any harmful effect that is known to Business Associate of a use or disclosure of PHI by Business Associate in violation of the requirements of this Agreement. Agrees, within ten (10) business days of written request from Covered Ent...
Sample 1Sample 2
Obligations and Activities of Business Associates. Each Business Associate agrees to: (a) Not use or disclose PHI other than as permitted or required by this Agreement, or as required by law. (b) Use appropriate safeguards to prevent use or disclosure of the PHI other than as provided for by this Agreement. (c) Report to Covered Entity any use or disclosure of PHI or EPHI not permitted by this Agreement of which it becomes aware or should have known, including any Security Incidents in which there is a successful unauthorized access, use, disclosure, modification, or destruction of unsecured EPHI. Business Associate will make the report to the Covered Entity’s Privacy Official and Security Officer or to an authorized person in the Covered Entity’s legal department as soon as reasonably practicable. This report will include at least the following information: (a) the nature of the non-permitted or violating use or disclosure; and (b) the PHI and EPHI used or disclosed. (d) Notice is hereby deemed provided by Business Associates to Covered Entity for all unsuccessful attempts of an unauthorized access, disclosure, use, modification or destruction of EPHI. No further notice shall be required by Business Associates for any such unsuccessful attempts. (e) Develop, implement, maintain, and use appropriate safeguards to prevent any use or disclosure of the PHI or EPHI other than as provided by this Agreement, and to implement administrative, physical, and technical safeguards as required by sections 164.308, 164.310, 164.312 and 164.316 of title 45, Code of Federal Regulations and HITECH to protect the confidentiality, integrity, and availability of EPHI or PHI that Business Associate creates, receives, maintains, or transmits, in the same manner that such sections apply to the Covered Entity. See HITECH § 13401. (f) Comply with any additional requirements of Title XIII of HITECH that relate to privacy and security and that are made applicable with respect to covered entities. See HITECH § 13401. (g) Adopt the technology and methodology standards required in any guidance issued by the Secretary pursuant to HITECH §§ 13401-13402. (h) Mitigate any harmful effect that is known to Business Associate of a use or disclosure of PHI by Business Associate in violation of the requirements of this Agreement and notify Covered Entity of any breach of Unsecured PHI, as required under HITECH § 13402. (i) In the case of a breach of Unsecured PHI, following the discovery of a breach of such information, notify Covered Entity of ...
Sample 1
AutoNDA by SimpleDocs
Obligations and Activities of Business Associates 
Sample 1Sample 2Sample 3

Related to Obligations and Activities of Business Associates

  • OBLIGATIONS AND ACTIVITIES OF CONTRACTOR AS BUSINESS ASSOCIATE 1. CONTRACTOR agrees not to use or further disclose PHI COUNTY discloses to CONTRACTOR other than as permitted or required by this Business Associate Contract or as required by law. 2. XXXXXXXXXX agrees to use appropriate safeguards, as provided for in this Business Associate Contract and the Agreement, to prevent use or disclosure of PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY other than as provided for by this Business Associate Contract. 3. XXXXXXXXXX agrees to comply with the HIPAA Security Rule at Subpart C of 45 CFR Part 164 with respect to electronic PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY. 4. CONTRACTOR agrees to mitigate, to the extent practicable, any harmful effect that is known to CONTRACTOR of a Use or Disclosure of PHI by CONTRACTOR in violation of the requirements of this Business Associate Contract. 5. XXXXXXXXXX agrees to report to COUNTY immediately any Use or Disclosure of PHI not provided for by this Business Associate Contract of which CONTRACTOR becomes aware. CONTRACTOR must report Breaches of Unsecured PHI in accordance with Paragraph E below and as required by 45 CFR § 164.410. 6. CONTRACTOR agrees to ensure that any Subcontractors that create, receive, maintain, or transmit PHI on behalf of CONTRACTOR agree to the same restrictions and conditions that apply through this Business Associate Contract to CONTRACTOR with respect to such information. 7. CONTRACTOR agrees to provide access, within fifteen (15) calendar days of receipt of a written request by COUNTY, to PHI in a Designated Record Set, to COUNTY or, as directed by COUNTY, to an Individual in order to meet the requirements under 45 CFR § 164.524. If CONTRACTOR maintains an Electronic Health Record with PHI, and an individual requests a copy of such information in an electronic format, CONTRACTOR shall provide such information in an electronic format. 8. CONTRACTOR agrees to make any amendment(s) to PHI in a Designated Record Set that COUNTY directs or agrees to pursuant to 45 CFR § 164.526 at the request of COUNTY or an Individual, within thirty (30) calendar days of receipt of said request by COUNTY. XXXXXXXXXX agrees to notify COUNTY in writing no later than ten (10) calendar days after said amendment is completed. 9. CONTRACTOR agrees to make internal practices, books, and records, including policies and procedures, relating to the use and disclosure of PHI received from, or created or received by CONTRACTOR on behalf of, COUNTY available to COUNTY and the Secretary in a time and manner as determined by COUNTY or as designated by the Secretary for purposes of the Secretary determining COUNTY’S compliance with the HIPAA Privacy Rule. 10. CONTRACTOR agrees to document any Disclosures of PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY, and to make information related to such Disclosures available as would be required for COUNTY to respond to a request by an Individual for an accounting of Disclosures of PHI in accordance with 45 CFR § 164.528. 11. CONTRACTOR agrees to provide COUNTY or an Individual, as directed by COUNTY, in a time and manner to be determined by COUNTY, that information collected in accordance with the Agreement, in order to permit COUNTY to respond to a request by an Individual for an accounting of Disclosures of PHI in accordance with 45 CFR § 164.528. 12. XXXXXXXXXX agrees that to the extent CONTRACTOR carries out COUNTY’s obligation under the HIPAA Privacy and/or Security rules CONTRACTOR will comply with the requirements of 45 CFR Part 164 that apply to COUNTY in the performance of such obligation. 13. If CONTRACTOR receives Social Security data from COUNTY provided to COUNTY by a state agency, upon request by COUNTY, CONTRACTOR shall provide COUNTY with a list of all employees, subcontractors and agents who have access to the Social Security data, including employees, agents, subcontractors and agents of its subcontractors. 14. CONTRACTOR will notify COUNTY if CONTRACTOR is named as a defendant in a criminal proceeding for a violation of HIPAA. COUNTY may terminate the Agreement, if CONTRACTOR is found guilty of a criminal violation in connection with HIPAA. COUNTY may terminate the Agreement, if a finding or stipulation that CONTRACTOR has violated any standard or requirement of the privacy or security provisions of HIPAA, or other security or privacy laws are made in any administrative or civil proceeding in which CONTRACTOR is a party or has been joined. COUNTY will consider the nature and seriousness of the violation in deciding whether or not to terminate the Agreement.

  • Permitted Uses and Disclosure by Business Associate (1) General Use and Disclosure Provisions Except as otherwise limited in this Section of the Contract, Business Associate may use or disclose PHI to perform functions, activities, or services for, or on behalf of, Covered Entity as specified in this Contract, provided that such use or disclosure would not violate the HIPAA Standards if done by Covered Entity or the minimum necessary policies and procedures of the Covered Entity.

  • Responsibilities of Client a. Client shall exclusively retain the services of Consultant to perform the Scope of Work, in accordance with, and subject to, the other provisions of this Agreement. b. Client shall provide access for Consultant and its subcontractors to the Site, and shall enter into access agreements with other third party property owners, as necessary for Consultant to complete the performance of the Scope of Work. c. Client shall, as necessary to complete the Scope of Work: (i) cooperate and assist Consultant with the preparation and submittal, to PADEP, PAUSTIF, local governing authorities and others, of all information and documents including, without limitation, correspondence, notices, reports, data submittals, restrictive covenants, engineering and institutional controls, and the like; and (ii) implement and maintain any engineering or institutional controls. d. Client shall transmit to Consultant copies of all documentation, correspondence, reports, and the like, sent or received by Client, regarding the Scope of Work at the Site. e. Client shall make a good faith effort to minimize any and all interference with the progress of the Scope of Work if the Site is remodeled or otherwise modified. Client shall also make a good faith effort to place this condition on third parties that are not a party to this Agreement including, but not limited to, current owners, future owners, current operators, future operators, current lessees and future lessees.

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!