Business Associate Obligations Business Associate agrees to comply with applicable federal confidentiality and security laws, specifically the provisions of the HIPAA Rules and the HITECH Act applicable to business associates, including:
2.1 Use and Disclosure of PHI. Except as otherwise permitted by this Agreement, the HIPAA Rules, or applicable law, Business Associate shall not make any uses or disclosures of PHI except as necessary to provide services to, or on behalf of, Covered Entity as described in the Underlying Agreement, and shall not use or disclose PHI that would violate the HIPAA Rules or HITECH Act if used or disclosed by Covered Entity; provided, however, Business Associate may use and disclose PHI as necessary for the proper management and administration of Business Associate, or to carry out its legal responsibilities, consistent with Covered Entity’s minimum necessary policies and procedures. Business Associate may not use or disclose PHI which it creates, receives, maintains or transmits for or on behalf of the Covered Entity for any purpose except as otherwise provided by the Agreement and this BAA. Business Associate agrees to review and understand any state privacy and security laws to the extent that such laws are not preempted by HIPAA, as may be amended from time to time. Business Associate acknowledges that it shall comply specifically with the HIPAA Security Rule, and, to the extent that Business Associate is to carry out one or more of Covered Entity’s obligations under the Privacy Rule, it shall comply with the requirements of the Privacy Rule which apply to Covered Entity in the performance of such obligation(s). Business Associate shall in such cases:
2.1.1 provide information to members of its workforce using or disclosing PHI regarding the confidentiality requirements in the HIPAA Rules and this Agreement;
2.1.2 obtain reasonable assurances, in writing from the person or entity to whom the PHI is disclosed that: (i) the PHI will be held in confidence and further used and disclosed only as required by law or for the purpose for which it was disclosed to the person or entity; and (ii) the person or entity will notify Business Associate of any instances of which it is aware in which confidentiality of the PHI has been breached; and
2.1.3 agree to notify the Privacy Officer of Covered Entity of any instances of which it is aware in which the PHI is used or disclosed for a purpose that is not otherwise provided for in this Agreement or for a purpose not expressly permitted by the HIPAA Rules or HITECH Act.
2.2 Marketing; Sale of PHI. Business Associate may not use or disclose PHI for marketing purposes. Marketing includes any communication which would encourage the recipient to use or purchase a product or service. Business Associate may not use or disclose PHI where it has directly or indirectly received remuneration, financial or otherwise, from or on behalf of the recipient of the PHI in exchange for the PHI. “Sale” is not limited to circumstances where a transfer of ownership occurs, and would include access, license or lease agreements.
Certain Obligations Respecting Subsidiaries Except as permitted by Section 9.05 hereof, the Borrower shall, and shall cause each of its Restricted Subsidiaries to, take such action from time to time as shall be necessary to ensure that the Borrower and each of its Restricted Subsidiaries at all times own (subject only to the Lien of the Security Documents and Liens permitted by Section 9.06) at least the same percentage of the issued and outstanding shares of each class of stock of each of such Restricted Subsidiaries the stock of which is subject to the Lien of the Security Documents as is owned on the date of this Agreement or, in the case of New Wholly Owned Subsidiaries which are Restricted Subsidiaries created or acquired after the date of this Agreement (other than any Wholly Owned Subsidiaries of such Persons), the stock of which are required to be subject to the Lien of the Security Documents, 100% of each class of stock of each of such Subsidiaries (each of the Subsidiaries referred to above being herein called, a “Pledged Subsidiary”). Without limiting the generality of the foregoing and except as permitted by Section 9.05, none of the Borrower and its Restricted Subsidiaries shall sell, transfer or otherwise dispose of any shares of stock in any Pledged Subsidiary owned by it, nor permit any Pledged Subsidiary to issue any shares of stock of any class whatsoever to any Person (other than to the Borrower or another Obligor). In the event that any such additional shares of stock are issued by any Pledged Subsidiary, the respective Obligor agrees forthwith to deliver to the Administrative Agent pursuant to the Security Documents the certificates evidencing such shares of stock, accompanied by undated stock powers executed in blank and shall take such other action as the Administrative Agent shall request to perfect the security interest created therein pursuant to the Security Documents. Except as expressly permitted by this Agreement, the Borrower shall not and shall not permit any of its Restricted Subsidiaries to enter into any indenture, agreement, instrument or other arrangement (other than this Agreement and the other Loan Documents) that, directly or indirectly, prohibits or restrains, or has the effect of prohibiting or restraining, or imposes conditions upon the incurrence or payment of Indebtedness of the Borrower and its Restricted Subsidiaries, or the declaration or payment of dividends to the Borrower or any of its Restricted Subsidiaries.
Obligation to Keep Company Informed During the period of my employment and for six (6) months after termination of my employment with the Company, I will promptly disclose to the Company fully and in writing all Inventions authored, conceived or reduced to practice by me, either alone or jointly with others. In addition, I will promptly disclose to the Company all patent applications filed by me or on my behalf within a year after termination of employment. At the time of each such disclosure, I will advise the Company in writing of any Inventions that I believe fully qualify for protection under Section 2870; and I will at that time provide to the Company in writing all evidence necessary to substantiate that belief. The Company will keep in confidence and will not use for any purpose or disclose to third parties without my consent any confidential information disclosed in writing to the Company pursuant to this Agreement relating to Inventions that qualify fully for protection under the provisions of Section 2870. I will preserve the confidentiality of any Invention that does not fully qualify for protection under Section 2870.
Provider Employee Obligation Provider shall require all of Provider’s employees and agents who have access to Student Data to comply with all applicable provisions of this DPA with respect to the Student Data shared under the Service Agreement. Provider agrees to require and maintain an appropriate confidentiality agreement from each employee or agent with access to Student Data pursuant to the Service Agreement.
Nondisclosure Obligation All Information disclosed by one Party to the other Party hereunder shall be maintained in confidence by the receiving Party and shall not be disclosed to any Third Party or used for any purpose except as set forth herein without the prior written consent of the disclosing Party, except to the extent that such Information:
4.1.1 is known by the receiving Party at the time of its receipt, and not through a prior disclosure by the disclosing Party, as documented by the receiving Party’s business records;
4.1.2 is in the public domain by use and/or publication before its receipt from the disclosing Party, or thereafter enters the public domain through no fault of the receiving Party;
4.1.3 is subsequently disclosed to the receiving Party by a Third Party who may lawfully do so and is not under an obligation of confidentiality to the disclosing Party;
4.1.4 is developed by the receiving Party independently of Information received from the disclosing Party, as documented by the receiving Party’s business records;
4.1.5 is disclosed to governmental or other regulatory agencies in order to obtain patents on Inventions in accordance with Article 7 herein or to gain or maintain approval to conduct clinical trials on Compound or Product or to market Product, but such disclosure may be only to the extent reasonably necessary to obtain such patents or approvals;
4.1.6 is deemed necessary by Merck to be disclosed to Related Parties, agent(s), consultant(s), and/or other Third Parties for any and all purposes Merck and its Affiliates deem necessary or advisable in the ordinary course of business to achieve the objectives of this Agreement on the condition that such Third Parties agree to be bound by confidentiality and non-use obligations that substantially are no less stringent than those confidentiality and non-use provisions contained in this Agreement; provided, however, that the term of confidentiality for such Third Parties shall be no less than ten (10) years; or
4.1.7 is deemed necessary by counsel to the receiving Party to be disclosed to such Party’s attorneys, independent accountants or financial advisors for the sole purpose of enabling such attorneys, independent accountants or financial advisors to provide advice to the receiving Party, on the condition that such attorneys, independent accountants and financial advisors agree to be bound by the confidentiality and non-use obligations contained in this Agreement; provided, however, that the term of confidentiality for such attorneys, independent accountants and financial advisors shall be no less than ten (10) years.
4.1.8 is deemed necessary by the receiving Party to be disclosed to such Party’s executives, management and other advisors, including but not limited to members of the Board of Directors and/or Scientific Advisory Board, consultants, bankers, lenders, existing and prospective bona fide investors, and prospective merger and/or acquisition partners (“Representatives”) on the following conditions: [***]. Any combination of features or disclosures shall not be deemed to fall within the foregoing exclusions merely because individual features are published or available to the general public or in the rightful possession of the receiving Party unless the combination itself and principle of operation are published or available to the general public or in the rightful possession of the receiving Party. If a Party is required by judicial or administrative process (including a request for discovery received in an arbitration or litigation proceeding), or by a statute, regulation or rule of law (e.g., securities laws, rules and regulations), to disclose information that is subject to the non-disclosure provisions of this Section 4.1 or Section 4.2, such Party shall promptly inform the other Party of the disclosure that is being sought in order to provide the other Party an opportunity to challenge or limit the disclosure obligations. Information that is disclosed by judicial or administrative process shall remain otherwise subject to the confidentiality and non-use provisions of this Section 4.1 and Section 4.2, and the Party disclosing information pursuant to law or court order shall take all steps reasonably necessary, including without limitation obtaining an order of confidentiality, to ensure the continued confidential treatment of such information. The Parties will consult and cooperate fully with each other on the provisions of this Agreement to be redacted in any filings made by the Parties with the Securities and Exchange Commission or similar governmental agency in the U.S. or abroad, or as otherwise required by law.
Obligations of Business Associate Upon Termination Upon termination of this Agreement for any reason, business associate shall return to covered entity or, if agreed to by covered entity, destroy all protected health information received from covered entity, or created, maintained, or received by business associate on behalf of covered entity, that the business associate still maintains in any form. Business associate shall retain no copies of the protected health information.
Non-Disclosure Obligation Except as required by court order, subpoena, or Applicable Law, neither Party shall disclose to third parties any confidential or proprietary information regarding the other Party’s business affairs, finances, technology, processes, plans or installations, product information, know-how, or other information that is received from the other Party pursuant to this Agreement or the Parties’ relationship prior thereto or is developed pursuant to this Agreement, without the express written consent of the other Party, which consent shall not be unreasonably withheld. The Parties shall at all times use their respective reasonable efforts to keep all information regarding the terms and conditions of this Agreement confidential and shall disclose such information to third Persons only as reasonably required for the permitting of the Project; financing the development, construction, ownership, operation and maintenance of the Plant; or as reasonably required by either Party for performing its obligations hereunder and if prior to such disclosure, the disclosing Party informs such third Persons of the existence of this confidentiality obligation and only if such third Persons agree to maintain the confidentiality of any information received. This Article 13 shall not apply to information that was already in the possession of one Party prior to receipt from the other, that is now or hereafter becomes a part of the public domain through no fault of the Party wishing to disclose, or that corresponds in substance to information heretofore or hereafter furnished by third parties without restriction on disclosure.
OBLIGATIONS AND ACTIVITIES OF CONTRACTOR AS BUSINESS ASSOCIATE 1. CONTRACTOR agrees not to use or further disclose PHI COUNTY discloses to CONTRACTOR other than as permitted or required by this Business Associate Contract or as required by law.
2. XXXXXXXXXX agrees to use appropriate safeguards, as provided for in this Business Associate Contract and the Agreement, to prevent use or disclosure of PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY other than as provided for by this Business Associate Contract.
3. XXXXXXXXXX agrees to comply with the HIPAA Security Rule at Subpart C of 45 CFR Part 164 with respect to electronic PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY.
4. CONTRACTOR agrees to mitigate, to the extent practicable, any harmful effect that is known to CONTRACTOR of a Use or Disclosure of PHI by CONTRACTOR in violation of the requirements of this Business Associate Contract.
5. XXXXXXXXXX agrees to report to COUNTY immediately any Use or Disclosure of PHI not provided for by this Business Associate Contract of which CONTRACTOR becomes aware. CONTRACTOR must report Breaches of Unsecured PHI in accordance with Paragraph E below and as required by 45 CFR § 164.410.
6. CONTRACTOR agrees to ensure that any Subcontractors that create, receive, maintain, or transmit PHI on behalf of CONTRACTOR agree to the same restrictions and conditions that apply through this Business Associate Contract to CONTRACTOR with respect to such information.
7. CONTRACTOR agrees to provide access, within fifteen (15) calendar days of receipt of a written request by COUNTY, to PHI in a Designated Record Set, to COUNTY or, as directed by COUNTY, to an Individual in order to meet the requirements under 45 CFR § 164.524. If CONTRACTOR maintains an Electronic Health Record with PHI, and an individual requests a copy of such information in an electronic format, CONTRACTOR shall provide such information in an electronic format.
8. CONTRACTOR agrees to make any amendment(s) to PHI in a Designated Record Set that COUNTY directs or agrees to pursuant to 45 CFR § 164.526 at the request of COUNTY or an Individual, within thirty (30) calendar days of receipt of said request by COUNTY. XXXXXXXXXX agrees to notify COUNTY in writing no later than ten (10) calendar days after said amendment is completed.
9. CONTRACTOR agrees to make internal practices, books, and records, including policies and procedures, relating to the use and disclosure of PHI received from, or created or received by CONTRACTOR on behalf of, COUNTY available to COUNTY and the Secretary in a time and manner as determined by COUNTY or as designated by the Secretary for purposes of the Secretary determining COUNTY’S compliance with the HIPAA Privacy Rule.
10. CONTRACTOR agrees to document any Disclosures of PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY, and to make information related to such Disclosures available as would be required for COUNTY to respond to a request by an Individual for an accounting of Disclosures of PHI in accordance with 45 CFR § 164.528.
11. CONTRACTOR agrees to provide COUNTY or an Individual, as directed by COUNTY, in a time and manner to be determined by COUNTY, that information collected in accordance with the Agreement, in order to permit COUNTY to respond to a request by an Individual for an accounting of Disclosures of PHI in accordance with 45 CFR § 164.528.
12. XXXXXXXXXX agrees that to the extent CONTRACTOR carries out COUNTY’s obligation under the HIPAA Privacy and/or Security rules CONTRACTOR will comply with the requirements of 45 CFR Part 164 that apply to COUNTY in the performance of such obligation.
13. If CONTRACTOR receives Social Security data from COUNTY provided to COUNTY by a state agency, upon request by COUNTY, CONTRACTOR shall provide COUNTY with a list of all employees, subcontractors and agents who have access to the Social Security data, including employees, agents, subcontractors and agents of its subcontractors.
14. CONTRACTOR will notify COUNTY if CONTRACTOR is named as a defendant in a criminal proceeding for a violation of HIPAA. COUNTY may terminate the Agreement, if CONTRACTOR is found guilty of a criminal violation in connection with HIPAA. COUNTY may terminate the Agreement, if a finding or stipulation that CONTRACTOR has violated any standard or requirement of the privacy or security provisions of HIPAA, or other security or privacy laws are made in any administrative or civil proceeding in which CONTRACTOR is a party or has been joined. COUNTY will consider the nature and seriousness of the violation in deciding whether or not to terminate the Agreement.
Disclosure Obligations LAUSD expects Contractors and their Representatives to satisfy the following public disclosure obligations:
Nondisclosure Obligations 2.1 Confidential Information of Disclosing Party shall be used by the Receiving Party solely for the purpose of evaluating whether or not the Receiving Party wishes to enter into an agreement for purchase of assets of the Disclosing Party and shall not be used for any other purpose. Receiving Party shall hold the Disclosing Party’s Confidential Information in strictest confidence at all times in perpetuity and shall not disclose Confidential Information without the prior written consent of Disclosing Party. Receiving party may disclose Disclosing Party’s Confidential Information to Receiving Party’s employees, representatives, agents and consultants on a need-to-know basis provided that such employees and consultants shall have executed appropriate written agreements with such party to ensure compliance with all the provisions of this Agreement. Receiving Party agrees to take all reasonable measures to protect the Confidential Information from falling into the public domain or the possession of persons other than those persons authorized to have any such Confidential Information, which measures shall include the highest degree of care that such party utilizes to protect its own information of a similar nature, but in no event less than a reasonable degree of care.
2.2 Nothing in this Agreement shall prohibit Receiving Party from disclosing Confidential Information if legally required to do so by judicial or governmental order or in a judicial or governmental proceeding (“Required Disclosure”); provided that the disclosing party shall (i) give the other party prompt notice of such Required Disclosure prior to disclosure; (ii) cooperate with the other party in the event that it elects to contest such disclosure or seek a protective order with respect thereto, and/or (iii) in any event only disclose the exact Confidential Information, or portion thereof, specifically requested by the Required Disclosure.
