Permitted Uses and Disclosures by BA. BA may only Use or Disclose the Minimum Necessary PHI to perform the services set forth in the Underlying Agreement.
Permitted Uses and Disclosures by BA. (1) Except as otherwise limited in this Agreement, BA may use or disclose PHI to perform functions, activities, or services for, or on behalf of, Covered Entity as specified in the Service Contract, provided that such use or disclosure would not violate the Privacy Rule if done by Covered Entity.
Permitted Uses and Disclosures by BA. (a) Except as otherwise limited in this Agreement, BA may use or disclose PHI on behalf of, or to provide services to, CE for purposes specified in Section C (“Description specifications work statement”) of CMS TrOOP Statement of Work (“TrOOP Services”), provided that such use or disclosure of PHI would not violate the HIPAA Privacy or Security Rules if done by CE. These uses and disclosures include, but are not limited to, uses and disclosures needed:
Permitted Uses and Disclosures by BA. BA may use or disclose Protected Health Information to perform functions, activities, or services for, or on behalf of, Company as specified in paragraph 7(c)(1) of this Agreement, provided that such use or disclosure would not violate the Privacy rule if done by CE or the Minimum Necessary policies and procedures of CE and/or Limited Data Set requirements of the Privacy Rule and HITECH.
Permitted Uses and Disclosures by BA. Specific Use and Disclosure Provisions
Permitted Uses and Disclosures by BA. BA may use or disclose PHI to perform functions, activities, or services for, or on behalf of, CE as specified in paragraph C(1) of this Addendum, provided that such Use or Disclosure would not violate the Privacy Rule if done by CE or the Minimum Necessary policies and procedures of the CE and/or Limited Data Set requirements of the Privacy Rule and HITECH.
Permitted Uses and Disclosures by BA. BA may use or disclose PHI on behalf of, or to provide services to, RMFMC for the following purposes:
Permitted Uses and Disclosures by BA. (1) Except as otherwise limited in this Agreement, BA may use or disclose PHI to perform functions, activities, or services for, or on behalf of, Covered Entity as specified in the Service Contract, provided that such use or disclosure would not violate the Privacy Rule if done by Covered Entity. Except as otherwise limited in this Agreement, BA may disclose PHI for the proper management and administration of the BA, provided that disclosures are Required By Law, or BA obtains reasonable assurances from the person to whom the information is disclosed that it will remain confidential and used or further disclosed only as Required By Law or for the purpose for which it was disclosed to the person, and the person notifies the BA of any instances of which it is aware in which the confidentiality of the information has been breached.
Permitted Uses and Disclosures by BA. 4.1. BA may only use or disclose PHI as necessary to perform the services set forth in the Underlying Agreement, including for reporting on and evaluating the network or as required by law.
Permitted Uses and Disclosures by BA. SPECIFIC USE AND DISCLOSURE PROVISIONS Third Party Disclosure Confidentiality Except as otherwise limited in the Contract or this Agreement, BA may disclose PHI for the proper management and administration of the BA, provided that disclosures are required by law, or, if permitted by law, this Agreement, the Contract and any Ancillary Agreements, provided that, if BA discloses any PHI to a third party for such a purpose, BA shall enter into a written agreement with such third party requiring the third party to: (a) maintain the confidentiality, integrity, and availability of PHI and not to use or further disclose such information except as Required By Law or for the purpose for which it was disclosed, and (b) notify BA of any instances in which it becomes aware in which the confidentiality, integrity, and/or availability of the PHI is breached in a preliminary report within two (2) business days with a full report of the incident not less than five (5) business days from the time it became aware of the incident.
