Permissible Use and Disclosure of PHI Sample Clauses

Permissible Use and Disclosure of PHI. Business Associate may use and disclose PHI as necessary to carry out its duties to a Covered Entity pursuant to the terms of the Agreement and as required by law. Business Associate may also use and disclose PHI (i) for its own proper management and administration, and (ii) to carry out its legal responsibilities. If Business Associate discloses Protected Health Information to a third party for either above reason, prior to making any such disclosure, Business Associate must obtain: (i) reasonable assurances from the receiving party that such PHI will be held confidential and be disclosed only as required by law or for the purposes for which it was disclosed to such receiving party; and (ii) an agreement from such receiving party to immediately notify Business Associate of any known breaches of the confidentiality of the PHI.
Sample 1Sample 2Sample 3See All (15)
Permissible Use and Disclosure of PHI. A. Except as otherwise limited in this Agreement, or by privilege, protection, or confidentiality under HIPAA, MCMRA, or other applicable law, Business Associate may use or disclose (including permitting acquisition or access to) PHI to perform applicable functions, activities, or services for, or on behalf of, Covered Entity as specified in the Underlying Agreement. Moreover, the provisions of HIPAA are expressly incorporated by reference into, and made a part of, this Agreement. B. Business Associate may use or disclose (including permitting acquisition or access to) PHI only as permitted or required by this Agreement or as Required By Law. C. Business Associate is directly responsible for full compliance with the relevant requirements of HIPAA. D. Business Associate must not use or disclose (including permitting acquisition or access to) PHI other than as permitted or required by this Agreement or HIPAA, and must use or disclose PHI only in a manner consistent with HIPAA. As part of this, Business Associate must use appropriate safeguards to prevent use or disclosure of PHI that is not permitted by this Agreement or HIPAA. Furthermore, Business Associate must take reasonable precautions to protect PHI from loss, misuse, and unauthorized access, disclosure, alteration, and destruction. E. Business Associate must implement and comply with administrative, physical, and technical safeguards governing the PHI, in a manner consistent with HIPAA, that reasonably and appropriately protect the confidentiality, integrity, and availability of the PHI that it creates, receives, maintains, or transmits on behalf of Covered Entity. F. Business Associate must immediately notify Covered Entity, in a manner consistent with HIPAA, of: (i) any use or disclosure of PHI not provided for by this Agreement, including a Breach of PHI of which it knows or by exercise of reasonable diligence would have known, as required at 45 CFR §164.410; and, (ii) any Security Incident of which it becomes aware as required at 45 CFR §164.314(a)(2)(i)(C). Business Associate’s notification to Covered Entity required by HIPAA and this Section III.F must: 1. Be made to Covered Entity without unreasonable delay and in no case later than 14 calendar days after Business Associate: a) knows, or by exercising reasonable diligence would have known, of a Breach, b) becomes aware of a Security Incident, or c) becomes aware of any use or disclosure of PHI not provided for by this Agreement; 2. Include the...
Sample 1Sample 2Sample 3See All (6)
Permissible Use and Disclosure of PHI. In addition to the uses and disclosures permitted by any base agreement(s) or this BAA, Business Associate may use and disclose PHI: a. For its own proper management and administration, b. To carry out its legal responsibilities, c. To aggregate PHI in its possession to provide data aggregation services to Covered Entity as described in 42 C.F.R. § 164.504(e)(2)(i)(B), d. To create De-Identified Data Sets and/or Limited Data Sets in compliance with the Privacy Rule; and to use or disclose information in such De-Identified Data Sets without further restriction; and to use or disclose information in such Limited Data Sets pursuant to a Data Use Agreement as permitted by the Privacy Rule; and e. To report violations of law to appropriate Federal and State authorities, consistent with 45 C.F.R. § 164.502(j)(1).
Sample 1Sample 2See All (5)
Permissible Use and Disclosure of PHI. In addition to the uses and disclosures permitted by the Base Agreement(s), Business Associate may use and disclose PHI: a. For its own proper management and administration, b. To carry out its legal responsibilities, and c. For data aggregation purposes as required or requested by Covered Entity.
Sample 1Sample 2

Related to Permissible Use and Disclosure of PHI

  • Permitted Uses and Disclosures by Business Associate Except as otherwise limited by this Agreement, Business Associate may make any uses and disclosures of Protected Health Information necessary to perform its services to Covered Entity and otherwise meet its obligations under this Agreement, if such use or disclosure would not violate the Privacy Rule if done by Covered Entity. All other uses or disclosures by Business Associate not authorized by this Agreement or by specific instruction of Covered Entity are prohibited.