Obligations of the Business Associate Sample Clauses

Obligations of the Business Associate. (a) The Business Associate agrees not to use or disclose PHI other than as permitted or required by this Agreement or as Required by Law. (b) The Business Associate agrees to use appropriate safeguards to prevent disclosure of the PHI other than as provided for by this Agreement, and to implement administrative, physical, and technical safeguards as required by 45 C.F.R. §§ 164.306, 164.308, 164.310, 164.312, 164.314, and 164.316, as applicable to business associates, in order to protect the confidentiality, integrity, and availability of PHI that the Business Associate receives, maintains or transmits. The Business Associate shall undertake such actions in a manner that is consistent with any guidance issued by the Secretary pursuant to the HITECH Act. (c) The Business Associate agrees to report to the Covered Entity within three (3) business days any use or disclosure of PHI not provided for by this Agreement of which it becomes aware. In addition, the Business Associate shall notify the Covered Entity of any Security Incident or Security Breach involving Unsecured PHI within three (3) business days of becoming aware of the Security Incident or Security Breach. This notice shall include the identification of each Individual whose Unsecured PHI has been, or is reasonably believed by the Business Associate to have been accessed, acquired, or disclosed during the Security Breach. The Business Associate agrees to cooperate with the Covered Entity in mitigating any harmful effect that is known to exist as a result of such unauthorized use or disclosure of PHI, such Security Incident, or Security Breach. The Business Associate further agrees to cooperate with the Covered Entity in complying with all state and federal public notification requirements arising therefrom. (d) The Business Associate agrees to ensure that any agent, including a subcontractor, to whom it provides PHI received from or received by the Business Associate on behalf of the Covered Entity, agrees to the same restrictions and conditions that apply in this Agreement to the Business Associate with respect to such information, including but not limited to the requirement that such agent or subcontractor implement reasonable and appropriate safeguards to protect such information. (e) The Business Associate agrees to make its internal practices, books, and records relating to the use and disclosure of PHI received from or received by the Business Associate on behalf of the Covered Entity availab...
Sample 1Sample 2Sample 3See All (10)
AutoNDA by SimpleDocs
Obligations of the Business Associate. Business Associate shall not and shall ensure that its directors, officers, employees, contractors, subcontractors and agents do not use or further use or disclose Protected Health Information in any manner that would constitute a violation of HIPAA Rules other than as permitted or required by this Agreement or as Required By Law. Business Associate acknowledges Business Associate is required by law to use appropriate safeguards and comply with the HIPAA Security Rule at 45 CFR 164 Subpart C. When applicable, Business Associate shall comply with the Business and Academic Partner Network Access Technical Requirements as detailed in Exhibit B if Business Associate has access to Covered Entity network. Business Associate agrees to mitigate, to the extent practicable, any potential business pattern, practice or effect that is known to the Business Associate of a use or disclosure of Protected Health Information by Business Associate in violation of the requirements of this Agreement. Business Associate agrees, within ten (10) calendar days of becoming aware of any use or disclosure of Protected Health Information not specifically allowed for by this Agreement and in violation of the HIPAA Rules, including Breaches of Unsecured Protected Health Information as required at 45 CFR 164.410, that it will report in writing to Covered Entity any such use or disclosure. In the event that Covered Entity determines a Breach of Unsecured Protected Health Information has occurred, Business Associate agrees to provide Covered Entity a report including patient name, contact information, nature/cause of the breach, Protected Health Information breached and the date or period of time during which the breach occurred, within five (5) business days from the date the Covered Entity determines a Breach of Unsecured Protected Health Information has occurred. Business Associate shall be responsible for any and all costs incurred by Covered Entity related to notification of individuals or next of kin (if the individual is deceased) of any breach of Unsecured Protected Health Information reported by Business Associate to Covered Entity. Business Associate agrees to immediately report to the Covered Entity any security incident of which it becomes aware. Business Associate agrees to ensure that any employee, agent or third party, including but not limited to a subcontractor, to whom the Business Associate provides Protected Health Information received from, created by, or received by B...
Sample 1Sample 2See All (4)
Obligations of the Business Associate. To the extent that a Party is acting as a Business Associate of the PHI Source and is in possession of or has access to PHI, the Business Associate agrees as follows: 2.1 The Business Associate agrees to not use or disclose PHI other than as permitted or required to perform the services (“Services”) described in the Portal Access Agreement and/or this Agreement, as requested by the PHI Source, or as required by law. 2.2 The Business Associate agrees to use appropriate safeguards to comply with Subpart C of 45 CFR Part 164 with respect to electronic PHI to prevent use or disclosure of PHI other than as provided for by this Agreement and/or the Portal Access Agreement and shall develop, implement, maintain, and use administrative, physical, and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability of electronic PHI that it creates, receives, maintains, or transmits on behalf of the PHI Source. 2.3 The Business Associate agrees to report to the PHI Source any use or disclosure of PHI not provided for by this Agreement within five (5) days of becoming aware of such use or disclosure, including breaches of unsecured PHI as required by 45 CFR 164.410. 2.4 The Business Associate agrees to report to the PHI Source any Breach of Unsecured Protected Health Information, as defined in 45 CFR 164.402. Following the initial notification of any such Breach, the Business Associate shall provide a report to the PHI Source that includes, to the extent possible: (a) a brief description of what happened, including the date of occurrence and the date of the discovery by the Business Associate; (b) a description of the PHI affected, including the names of any Individuals whose PHI has been or is reasonably believed to have been accessed, acquired or disclosed and the types of PHI involved (such as full name, social security number, date of birth, home address, account numbers, etc.); and (c) a brief description of what the Business Associate has done to investigate the Breach, to mitigate harm to Individuals, and to protect against any further Breaches. The Business Associate also shall provide to the PHI Source any other available information the PHI Source is required to include in its notification to affected Individual(s). 2.5 The Business Associate agrees to mitigate, to the extent possible, any and all harm resulting from a use or disclosure of PHI not provided for by this Agreement, Breach of Unsecured Protected H...
Sample 1Sample 2See All (4)
Obligations of the Business Associate. The Business Associate shall comply with, and shall cooperate and assist in compliance with, all requirements of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and any and all future regulations, requirements, and writings promulgated there under, including but not limited to, the following: 1. The Business Associate agrees to not use or disclose Protected Health Information other than to perform the services set forth and attached hereto and incorporated herein (the “Services”) in accordance with this Agreement. The Business Associate agrees that it will not further disclose the Protected Health Information other than as permitted or required by this Agreement or as required by law. Protected Health Information, except as otherwise set forth in 45 C.F.R. § 164.501, includes any information collected from an individual, whether oral or recorded, maintained or transmitted, in any form or medium that (i) is created or received by one or both parties to this agreement; and (ii) relates to the past, present, or future physical or mental health or condition of an individual; the provision of health care to an individual; or the past, present, or future payment for the provision of health care to an individual that identifies the individual or with respect to which there is a reasonable basis to believe the information can be used to identify the individual. 2. The Business Associate shall maintain the integrity of the Protected Health Information and maintain safeguards as necessary to ensure that all Protected Health Information is used and disclosed only as authorized under HIPAA and this Agreement. The Business Associate agrees to assess potential risks and vulnerabilities to the individual health data in its possession and develop, implement, and maintain appropriate security measures. These measures must be documented and kept current and must include, at a minimum, those requirements outlined in HIPAA and the regulations promulgated there under. 3. The Business Associate shall immediately report to the Covered Entity any unauthorized use or disclosure of any Protected Health Information of which it becomes aware not provided for by this Agreement, but in no event shall the notice be given later than five (5) business days after the Business Associate becomes aware of such use or disclosure. Notice shall be provided in writing to: Privacy Officer 4. The Business Associate agrees to ensure that any agent, including a subcontractor...
Sample 1See All (4)
Obligations of the Business Associate. Business Associate shall not and shall ensure that its directors, officers, employees, contractors, subcontractors and agents do not use or further use or disclose Protected Health Information in any manner that would constitute a violation of HIPAA Rules other than as permitted or required by this Addendum or as Required By Law. Business Associate acknowledges Business Associate is required by law to use appropriate safeguards and comply with the HIPAA Security Rule at 45 CFR 164 Subpart C.
Sample 1Sample 2
Obligations of the Business Associate. (a) The Business Associate agrees not to use or disclose PHI other than as permitted or required by this Agreement or as required by law. (b) The Business Associate agrees to use appropriate safeguards to prevent use or disclosure of the PHI other than as provided for by this Agreement. The Business Associate shall implement the administrative, physical, and technical safeguards required for Business Associates by the HIPAA Security Rule in order to protect the confidentiality, integrity, and availability of ePHI that the Business Associate receives, creates, maintains, or transmits. (c) The Business Associate agrees to notify the PO within thirty (30) days of becoming aware of any use or disclosure of PHI not provided for by this Agreement. In addition, the Business Associate shall notify the PO of any Breach involving Unsecured PHI within thirty
Sample 1
Obligations of the Business Associate. 2.1 Use and Disclosure of Protected Health Information. Business Associate may Use or Disclose PHI or request PHI on Covered Entity’s behalf only as follows:
Sample 1
AutoNDA by SimpleDocs
Obligations of the Business Associate. The Business Associate agrees to:
Sample 1
Obligations of the Business Associate. The Business Associate shall notify the Subcontractor of: a. any limitation(s) in its Notice of Privacy Practices required by 45 C.F.R. 164.520, to the extent that such limitation(s) may affect the Subcontractor's use or disclosure of the Protected Health Information; b. any changes in, or revocation of, permission by an Individual to use or disclose Protected Health Information, to the extent that such change or revocation may affect the Subcontractor's use or disclosure of Protected Health Information; and c. any restriction(s) on the use or disclosure of Protected Health Information that the Business Associate has agreed to in accordance with 45 C.F.R. 164.522, to the extent that such restriction(s) may affect the Subcontractor's use or disclosure of Protected Health Information.
Sample 1
Obligations of the Business Associate 
Sample 1Sample 2Sample 3See All (21)
Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!