SUBCONTRACTS - ASSIGNMENT Contractor shall not subcontract or assign this Agreement, or any part thereof, or interest therein, directly or indirectly, voluntarily or involuntarily, to any person without obtaining the prior written consent by County. Contractor remains legally responsible for the performance of all contract terms including work performed by third parties under subcontracts. Any subcontracting will be subject to all applicable provisions of this Agreement. Contractor shall be held responsible by County for the performance of any subcontractor whether approved by County or not. Contractor hereby assigns to the County all rights, title, and interest in and to all causes of action it may have under Section 4 of the Xxxxxxx Act (15 U.S.C. Sec. 15) or under the Xxxxxxxxxx Act (Chapter 2 (commencing with Section 16700) of Part 2 of Division 7 of the Business and Professions Code), arising from the purchase if goods, materials, or services by the Contractor for sale to the County pursuant to this Agreement.
Employees on Long Term Supply Assignments Employees completing long term supply assignments may only access sick leave and short term disability leave in the fiscal year in which the allocation was provided. Any remaining allocation may be used in subsequent long term supply assignments, provided these occur within the same fiscal year. Employees employed in a Long Term Supply Assignment which is less than the ordinary period of employment for the position shall have their sick leave and short term disability allocations pro-rated accordingly. Where the length of the long term supply assignment is not known in advance, a projected length must be determined at the start of the assignment in order for the appropriate allocation of sick leave/short term disability leave to occur. If a change is made to the length of the assignment, an adjustment will be made to the allocation and applied retroactively.
OBLIGATIONS AND ACTIVITIES OF CONTRACTOR AS BUSINESS ASSOCIATE 1. CONTRACTOR agrees not to use or further disclose PHI COUNTY discloses to CONTRACTOR other than as permitted or required by this Business Associate Contract or as required by law.
2. XXXXXXXXXX agrees to use appropriate safeguards, as provided for in this Business Associate Contract and the Agreement, to prevent use or disclosure of PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY other than as provided for by this Business Associate Contract.
3. XXXXXXXXXX agrees to comply with the HIPAA Security Rule at Subpart C of 45 CFR Part 164 with respect to electronic PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY.
4. CONTRACTOR agrees to mitigate, to the extent practicable, any harmful effect that is known to CONTRACTOR of a Use or Disclosure of PHI by CONTRACTOR in violation of the requirements of this Business Associate Contract.
5. XXXXXXXXXX agrees to report to COUNTY immediately any Use or Disclosure of PHI not provided for by this Business Associate Contract of which CONTRACTOR becomes aware. CONTRACTOR must report Breaches of Unsecured PHI in accordance with Paragraph E below and as required by 45 CFR § 164.410.
6. CONTRACTOR agrees to ensure that any Subcontractors that create, receive, maintain, or transmit PHI on behalf of CONTRACTOR agree to the same restrictions and conditions that apply through this Business Associate Contract to CONTRACTOR with respect to such information.
7. CONTRACTOR agrees to provide access, within fifteen (15) calendar days of receipt of a written request by COUNTY, to PHI in a Designated Record Set, to COUNTY or, as directed by COUNTY, to an Individual in order to meet the requirements under 45 CFR § 164.524. If CONTRACTOR maintains an Electronic Health Record with PHI, and an individual requests a copy of such information in an electronic format, CONTRACTOR shall provide such information in an electronic format.
8. CONTRACTOR agrees to make any amendment(s) to PHI in a Designated Record Set that COUNTY directs or agrees to pursuant to 45 CFR § 164.526 at the request of COUNTY or an Individual, within thirty (30) calendar days of receipt of said request by COUNTY. XXXXXXXXXX agrees to notify COUNTY in writing no later than ten (10) calendar days after said amendment is completed.
9. CONTRACTOR agrees to make internal practices, books, and records, including policies and procedures, relating to the use and disclosure of PHI received from, or created or received by CONTRACTOR on behalf of, COUNTY available to COUNTY and the Secretary in a time and manner as determined by COUNTY or as designated by the Secretary for purposes of the Secretary determining COUNTY’S compliance with the HIPAA Privacy Rule.
10. CONTRACTOR agrees to document any Disclosures of PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY, and to make information related to such Disclosures available as would be required for COUNTY to respond to a request by an Individual for an accounting of Disclosures of PHI in accordance with 45 CFR § 164.528.
11. CONTRACTOR agrees to provide COUNTY or an Individual, as directed by COUNTY, in a time and manner to be determined by COUNTY, that information collected in accordance with the Agreement, in order to permit COUNTY to respond to a request by an Individual for an accounting of Disclosures of PHI in accordance with 45 CFR § 164.528.
12. XXXXXXXXXX agrees that to the extent CONTRACTOR carries out COUNTY’s obligation under the HIPAA Privacy and/or Security rules CONTRACTOR will comply with the requirements of 45 CFR Part 164 that apply to COUNTY in the performance of such obligation.
13. If CONTRACTOR receives Social Security data from COUNTY provided to COUNTY by a state agency, upon request by COUNTY, CONTRACTOR shall provide COUNTY with a list of all employees, subcontractors and agents who have access to the Social Security data, including employees, agents, subcontractors and agents of its subcontractors.
14. CONTRACTOR will notify COUNTY if CONTRACTOR is named as a defendant in a criminal proceeding for a violation of HIPAA. COUNTY may terminate the Agreement, if CONTRACTOR is found guilty of a criminal violation in connection with HIPAA. COUNTY may terminate the Agreement, if a finding or stipulation that CONTRACTOR has violated any standard or requirement of the privacy or security provisions of HIPAA, or other security or privacy laws are made in any administrative or civil proceeding in which CONTRACTOR is a party or has been joined. COUNTY will consider the nature and seriousness of the violation in deciding whether or not to terminate the Agreement.
Change of Control; Assignment and Subcontracting Except as set forth in this Section 7.5, neither party may assign any of its rights and obligations under this Agreement without the prior written approval of the other party, which approval will not be unreasonably withheld. For purposes of this Section 7.5, a direct or indirect change of control of Registry Operator or any subcontracting arrangement that relates to any Critical Function (as identified in Section 6 of Specification 10) for the TLD (a “Material Subcontracting Arrangement”) shall be deemed an assignment.
(a) Registry Operator must provide no less than thirty (30) calendar days advance notice to ICANN of any assignment or Material Subcontracting Arrangement, and any agreement to assign or subcontract any portion of the operations of the TLD (whether or not a Material Subcontracting Arrangement) must mandate compliance with all covenants, obligations and agreements by Registry Operator hereunder, and Registry Operator shall continue to be bound by such covenants, obligations and agreements. Registry Operator must also provide no less than thirty (30) calendar days advance notice to ICANN prior to the consummation of any transaction anticipated to result in a direct or indirect change of control of Registry Operator.
(b) Within thirty (30) calendar days of either such notification pursuant to Section 7.5(a), ICANN may request additional information from Registry Operator establishing (i) compliance with this Agreement and (ii) that the party acquiring such control or entering into such assignment or Material Subcontracting Arrangement (in any case, the “Contracting Party”) and the ultimate parent entity of the Contracting Party meets the ICANN-‐adopted specification or policy on registry operator criteria then in effect (including with respect to financial resources and operational and technical capabilities), in which case Registry Operator must supply the requested information within fifteen (15) calendar days.
(c) Registry Operator agrees that ICANN’s consent to any assignment, change of control or Material Subcontracting Arrangement will also be subject to background checks on any proposed Contracting Party (and such Contracting Party’s Affiliates).
(d) If ICANN fails to expressly provide or withhold its consent to any assignment, direct or indirect change of control of Registry Operator or any Material Subcontracting Arrangement within thirty (30) calendar days of ICANN’s receipt of notice of such transaction (or, if ICANN has requested additional information from Registry Operator as set forth above, thirty (30) calendar days of the receipt of all requested written information regarding such transaction) from Registry Operator, ICANN shall be deemed to have consented to such transaction.
(e) In connection with any such assignment, change of control or Material Subcontracting Arrangement, Registry Operator shall comply with the Registry Transition Process.
(f) Notwithstanding the foregoing, (i) any consummated change of control shall not be voidable by ICANN; provided, however, that, if ICANN reasonably determines to withhold its consent to such transaction, ICANN may terminate this Agreement pursuant to Section 4.3(g), (ii) ICANN may assign this Agreement without the consent of Registry Operator upon approval of the ICANN Board of Directors in conjunction with a reorganization, reconstitution or re-‐incorporation of ICANN upon such assignee’s express assumption of the terms and conditions of this Agreement, (iii) Registry Operator may assign this Agreement without the consent of ICANN directly to a wholly-‐owned subsidiary of Registry Operator, or, if Registry Operator is a wholly-‐owned subsidiary, to its direct parent or to another wholly-‐owned subsidiary of its direct parent, upon such subsidiary’s or parent’s, as applicable, express assumption of the terms and conditions of this Agreement, and (iv) ICANN shall be deemed to have consented to any assignment, Material Subcontracting Arrangement or change of control transaction in which the Contracting Party is an existing operator of a generic top-‐level domain pursuant to a registry agreement between such Contracting Party and ICANN (provided that such Contracting Party is then in compliance with the terms and conditions of such registry agreement in all material respects), unless ICANN provides to Registry Operator a written objection to such transaction within ten (10) calendar days of ICANN’s receipt of notice of such transaction pursuant to this Section 7.5. Notwithstanding Section 7.5(a), in the event an assignment is made pursuant to clauses (ii) or (iii) of this Section 7.5(f), the assigning party will provide the other party with prompt notice following any such assignment.
Inventions Assigned to the United States I agree to assign to the United States government all my right, title, and interest in and to any and all Inventions whenever such full title is required to be in the United States by a contract between the Company and the United States or any of its agencies.
Obligations and Activities of Business Associate Business Associate agrees to:
a. Not use or disclose Protected Health Information other than as permitted or required by this BAA, the Agreement, or as required by law;
b. Use appropriate safeguards, and comply with Subpart C of 45 CFR Part 164 with respect to electronic Protected Health Information, to prevent Use or Disclosure of Protected Health Information other than as provided for by this BAA;
c. Report to Covered Entity any Use or Disclosure of Protected Health Information not provided for by this BAA of which it becomes aware, including breaches of Unsecured Protected Health Information as required at 45 CFR 164.410, and any Security Incident of which it becomes aware;
d. In accordance with 45 CFR 164.502(e)(1)(ii) and 164.308(b)(2), if applicable, ensure that any Subcontractors that create, receive, maintain, or transmit Protected Health Information on behalf of the Business Associate agree to the same restrictions, conditions, and requirements that apply to Business Associate with respect to such information;
e. Make available Protected Health Information in a Designated Record Set to Covered Entity or to an individual whose Protected Health Information is maintained by Business Associate, or the individual’s designee, and document and retain the documentation required by 45 CFR 164.530(j), as necessary to satisfy Covered Entity’s obligations under 45 CFR 164.524;
f. Make any amendment(s) to Protected Health Information in a Designated Record Set as directed or agreed to by the Covered Entity pursuant to 45 CFR 164.526, or take other measures as necessary to satisfy Covered Entity’s obligations under 45 CFR 164.526;
g. Maintain and make available the information required to provide an accounting of Disclosures to the Covered Entity as necessary to satisfy Covered Entity’s obligations under 45 CFR 164.528;
h. To the extent the Business Associate is to carry out one or more of Covered Entity's obligation(s) under Subpart E of 45 CFR Part 164, comply with the requirements of Subpart E that apply to the Covered Entity in the performance of such obligation(s); and
i. Make its internal practices, books, and records available to the Secretary for purposes of determining Business Associate’s or Covered Entity’s compliance with HIPAA and HIPAA Regulations.
DELEGATION, ASSIGNMENT AND SUBCONTRACTS CONTRACTOR may not delegate the obligations hereunder, either in whole or in part, without 29 prior written consent of COUNTY. CONTRACTOR shall provide written notification of 30 CONTRACTOR’s intent to delegate the obligations hereunder, either in whole or part, to 31 ADMINISTRATOR not less than sixty (60) calendar days prior to the effective date of the delegation. 32 Any attempted assignment or delegation in derogation of this paragraph shall be void.
Officers as Agents The Officers, to the extent of their powers set forth in this Agreement or otherwise vested in them by action of the Board not inconsistent with this Agreement, are agents of the Company for the purpose of the Company’s business and, subject to Section 9(j), the actions of the Officers taken in accordance with such powers shall bind the Company.
Obligations and Activities of Business Associates (1) Business Associate agrees not to use or disclose PHI other than as permitted or required by this Section of the Contract or as Required by Law.
(2) Business Associate agrees to use and maintain appropriate safeguards and comply with applicable HIPAA Standards with respect to all PHI and to prevent use or disclosure of PHI other than as provided for in this Section of the Contract and in accordance with HIPAA Standards.
(3) Business Associate agrees to use administrative, physical and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability of electronic Protected Health Information that it creates, receives, maintains, or transmits on behalf of the Covered Entity.
(4) Business Associate agrees to mitigate, to the extent practicable, any harmful effect that is known to the Business Associate of a use or disclosure of PHI by Business Associate in violation of this Section of the Contract.
(5) Business Associate agrees to report to Covered Entity any use or disclosure of PHI not provided for by this Section of the Contract or any Security Incident of which it becomes aware.
(6) Business Associate agrees, in accordance with 45 C.F.R. 502(e)(1)(ii) and 164.308(d)(2), if applicable, to ensure that any subcontractors that create, receive, maintain or transmit PHI on behalf of the Business Associate, agree to the same restrictions, conditions, and requirements that apply to the business associate with respect to such information.
(7) Business Associate agrees to provide access (including inspection, obtaining a copy or both), at the request of the Covered Entity, and in the time and manner designated by the Covered Entity, to PHI in a Designated Record Set, to Covered Entity or, as directed by Covered Entity, to an Individual in order to meet the requirements under 45 C.F.R. § 164.524. Business Associate shall not charge any fees greater than the lesser of the amount charged by the Covered Entity to an Individual for such records; the amount permitted by state law; or the Business Associate’s actual cost of postage, labor and supplies for complying with the request.
(8) Business Associate agrees to make any amendments to PHI in a Designated Record Set that the Covered Entity directs or agrees to pursuant to 45 C.F.R. § 164.526 at the request of the Covered Entity, and in the time and manner designated by the Covered Entity.
(9) Business Associate agrees to make internal practices, books, and records, including policies and procedures and PHI, relating to the use and disclosure of PHI received from, or created, maintained, transmitted or received by, Business Associate on behalf of Covered Entity, available to Covered Entity or to the Secretary in a time and manner agreed to by the parties or designated by the Secretary, for purposes of the Secretary investigating or determining Covered Entity’s compliance with the HIPAA Standards.
(10) Business Associate agrees to document such disclosures of PHI and information related to such disclosures as would be required for Covered Entity to respond to a request by an Individual for an accounting of disclosures of PHI in accordance with 45 C.F.R. § 164.528 and section 13405 of the HITECH Act (42 U.S.C. § 17935) and any regulations promulgated thereunder.
(11) Business Associate agrees to provide to Covered Entity, in a time and manner designated by the Covered Entity, information collected in accordance with subsection (g)(10) of this Section of the Contract, to permit Covered Entity to respond to a request by an Individual for an accounting of disclosures of PHI in accordance with 45 C.F.R. § 164.528 and section 13405 of the HITECH Act (42 U.S.C. § 17935) and any regulations promulgated thereunder. Business Associate agrees at the Covered Entity’s direction to provide an accounting of disclosures of PHI directly to an individual in accordance with 45 C.F.R. § 164.528 and section 13405 of the HITECH Act (42 U.S.C. § 17935) and any regulations promulgated thereunder.
(12) Business Associate agrees to comply with any State or federal law that is more stringent than the Privacy Rule.
(13) Business Associate agrees to comply with the requirements of the HITECH Act relating to privacy and security that are applicable to the Covered Entity and with the requirements of 45 C.F.R. §§ 164.504(e), 164.308, 164.310, 164.312, and 164.316.
(14) In the event that an Individual requests that the Business Associate
(A) restrict disclosures of PHI;
(B) provide an accounting of disclosures of the Individual’s PHI;
(C) provide a copy of the Individual’s PHI in an Electronic Health Record; or
(D) amend PHI in the Individual’s Designated Record Set the Business Associate agrees to notify the Covered Entity, in writing, within five Days of the request.
(15) Business Associate agrees that it shall not, and shall ensure that its subcontractors do not, directly or indirectly, receive any remuneration in exchange for PHI of an Individual without
(A) the written approval of the Covered Entity, unless receipt of remuneration in exchange for PHI is expressly authorized by this Contract and
(B) the valid authorization of the Individual, except for the purposes provided under section 13405(d)(2) of the HITECH Act, (42 U.S.C. § 17935(d)(2)) and in any accompanying regulations.
(16) Obligations in the Event of a Breach.
(A) The Business Associate agrees that, following the discovery by the Business Associate or by a subcontractor of the Business Associate of any use or disclosure not provided for by this section of the Contract, any breach of Unsecured protected health information, or any Security Incident, it shall notify the Covered Entity of such Breach in accordance with Subpart D of Part 164 of Title 45 of the Code of Federal Regulations and this Section of the Contract.
(B) Such notification shall be provided by the Business Associate to the Covered Entity without unreasonable delay, and in no case later than 30 days after the Breach is discovered by the Business Associate, or a subcontractor of the Business Associate, except as otherwise instructed in writing by a law enforcement official pursuant to 45 C.F.R. 164.412. A Breach is considered discovered as of the first day on which it is, or reasonably should have been, known to the Business Associate or its subcontractor. The notification shall include the identification and last known address, phone number and email address of each Individual (or the next of kin of the individual if the Individual is deceased) whose Unsecured protected health information has been, or is reasonably believed by the Business Associate to have been, accessed, acquired, or disclosed during such Breach.
(C) The Business Associate agrees to include in the notification to the Covered Entity at least the following information:
1. A description of what happened, including the date of the Breach; the date of the discovery of the Breach; the unauthorized person, if known, who used the PHI or to whom it was disclosed; and whether the PHI was actually acquired or viewed.
2. A description of the types of Unsecured protected health information that were involved in the Breach (such as full name, Social Security number, date of birth, home address, account number, or disability code).
3. The steps the Business Associate recommends that Individual(s) take to protect themselves from potential harm resulting from the Breach.
4. A detailed description of what the Business Associate is doing or has done to investigate the Breach, to mitigate losses, and to protect against any further Breaches.
5. Whether a law enforcement official has advised the Business Associate, either verbally or in writing, that he or she has determined that notification or notice to Individuals or the posting required under 45 C.F.R.
PROPRIETARY RIGHTS; ASSIGNMENT All Employee Developments shall be made for hire by the Employee for the Company or any of its subsidiaries or affiliates. “Employee Developments” means any idea, discovery, invention, design, method, technique, improvement, enhancement, development, computer program, machine, algorithm or other work or authorship that (i) relates to the business or operations of the Company or any of its subsidiaries or affiliates, or (ii) results from or is suggested by any undertaking assigned to the Employee or work performed by the Employee for or on behalf of the Company or any of its subsidiaries or affiliates, whether created alone or with others, during or after working hours. All Confidential Information and all Employee Developments shall remain the sole property of the Company or any of its subsidiaries or affiliates. The Employee shall acquire no proprietary interest in any Confidential Information or Employee Developments developed or acquired during the Term. To the extent the Employee may, by operation of law or otherwise, acquire any right, title or interest in or to any Confidential Information or Employee Development, the Employee hereby assigns to the Company all such proprietary rights. The Employee shall, both during and after the Term, upon the Company’s request, promptly execute and deliver to the Company all such assignments, certificates and instruments, and shall promptly perform such other acts, as the Company may from time to time in its discretion deem necessary or desirable to evidence, establish, maintain, perfect, enforce or defend the Company’s rights in Confidential Information and Employee Developments.
