Permitted Uses and Disclosures by the Business Associate Sample Clauses

Permitted Uses and Disclosures by the Business Associate a. Except as otherwise limited in this HIPAA Compliance Clause, the Business Associate may use or disclose PHI to perform functions, activities, or services for, or on behalf of, the Covered Entity as specified in the Contract, provided that such use or disclosure would not violate Subpart E of 45 CFR § 164 if the same activity were performed by the Covered Entity or would not violate the minimum necessary policies and procedures of the Covered Entity. b. Except as otherwise limited in this HIPAA Compliance Clause, the Business Associate may use PHI for the proper management and administration of the Business Associate or to carry out the legal responsibilities of the Business Associate. c. Except as otherwise limited in this HIPAA Compliance Clause, the Business Associate may disclose PHI for the proper management and administration of the Business Associate, provided that the disclosures are required by law, or the Business Associate obtains reasonable assurances from the person to whom the information is disclosed that it will remain confidential and used, or further disclosed, only as required by law, or for the purpose for which it was disclosed to the person, and the person notifies the Business Associate of any instances of which it has knowledge that the confidentiality of the information has been breached. d. Except as otherwise limited in this HIPAA Compliance Clause, the Business Associate may use PHI to provide Data Aggregation services to the Covered Entity as permitted by 45 C.F.R. § 164.504(e)(2)(i)(B). e. Business Associate may use PHI to report violations of the Law to the appropriate federal and District of Columbia authorities, consistent with 45 C.F.R. § 164.502(j)(1).

Permitted Uses and Disclosures by the Business Associate. (a) Except as otherwise limited in this Agreement, the Business Associate may use or disclose PHI on behalf of the Covered Entity for purposes of providing the services described hereinabove and described in any written agreement between the parties, provided that such use or disclosure shall not violate HIPAA, the HITECH Act, the Privacy Rule, the Security Rule, or the HIE Statute if done by the Covered Entity, including, but not limited to, the minimum necessary to accomplish the purpose of the use or disclosure. The Business Associate agrees to comply with the Secretary’s guidance issued pursuant to the HITECH Act as to what constitutes “minimum necessary.” (b) Except as otherwise limited in this Agreement, the Business Associate may use PHI for the proper management and administration of the Business Associate, or to carry out the legal responsibilities of the Business Associate. (c) Except as otherwise limited in this Agreement, the Business Associate may disclose PHI to a third person for the proper management and administration of the Business Associate, provided that such disclosures are Required By Law, or the Business Associate obtains reasonable assurances from the person to whom the information is disclosed that it will remain confidential and may only be used or further disclosed as Required By Law, or for the purpose for which it was disclosed to the person, and the person notifies the Business Associate of any instances of which it becomes aware in which the confidentiality of the information has been the subject of a Security Breach. (d) The Business Associate may use PHI to report violations of law to appropriate federal and state authorities in accordance with 45 C.F.R. § 164.502(j)(1). (e) The Business Associate may use and disclose PHI only if each such use and disclosure is in compliance with each applicable requirement of HIPAA, the HITECH Act, the Privacy Rule, the Security Rule, and the HIE Statute, including but not limited to 45 C.F.R. § 164.504(e). (f) The Business Associate may de-identify any and all PHI that it obtains from the Covered Entity, provided such de-identification is accomplished in accordance with the requirements of 45 C.F.R. § 164.514(a) and (b). (g) Except as otherwise limited in this Agreement, the Business Associate may use PHI to provide data aggregation services related to the Covered Entity’s health care operations. (h) Except as otherwise limited in this Agreement, the Business Associate may use PHI provid...

Permitted Uses and Disclosures by the Business Associate a. Except as otherwise limited in this HIPAA Compliance Clause, the Business Associate may use or disclose Protected Health Information to perform functions, activities, or services for, or on behalf of, the Covered Entity as specified in the Contract, provided that such use or disclosure would not violate Subpart E of 45 CFR Part 164 if the same activity were performed by the Covered Entity or would not violate the minimum necessary policies and procedures of the Covered Entity. b. Except as otherwise limited in this HIPAA Compliance Clause, the Business Associate may use Protected Health Information for the proper management and administration of the Business Associate or to carry out the legal responsibilities of the Business Associate. c. Except as otherwise limited in this HIPAA Compliance Clause, the Business Associate may disclose Protected Health Information for the proper management and administration of the Business Associate, provided that the disclosures are Required By Law, or the Business Associate obtains reasonable assurances from the person to whom the information is disclosed that it will remain confidential and used, or further disclosed, only as Required By Law, or for the purpose for which it was disclosed to the person, and the person notifies the Business Associate of any instances of which it has knowledge that the confidentiality of the information has been breached. d. Except as otherwise limited in this HIPAA Compliance Clause, the Business Associate may use Protected Health Information to provide Data Aggregation services to the Covered Entity as permitted by 45 C.F.R. § 164.504(e)(2)(i)(B). e. Business Associate may use Protected Health Information to report violations of the Law to the appropriate federal and District of Columbia authorities, consistent with 45 C.F.R. § 164.502(j)(1).

Permitted Uses and Disclosures by the Business Associate a. The Business Associate may Use or Disclose Protected Health Information received in relation to the Underlying Agreement as necessary to perform the services set forth in the Underlying Agreement. b. The Business Associate is not authorized to de-identify Protected Health Information in accordance with 45 C.F.R. § 164.514(a)-(c) unless expressly authorized to do so in writing by the Covered Entity’s

Permitted Uses and Disclosures by the Business Associate a. The Business Associate may Use or Disclose Protected Health Information received in relation to the Underlying Agreement as necessary to perform the services set forth in the Underlying Agreement. b. The Business Associate is not authorized to de-identify Protected Health Information in accordance with 45 C.F.R. § 164.514(a)-(c) unless expressly authorized to do so in writing by the Covered Entity’s Security and Privacy Officer. c. The Business Associate agrees to make Uses and Disclosures and Requests for Protected Health Information consistent with the Covered Entity’s Minimum Necessary policies and procedures. d. The Business Associate may not Use or Disclose Protected Health Information in a manner that would violate Subpart E of 45 C.F.R. Part 164 if done by the Covered Entity. e. The Business Associate may Use or Disclose the Protected Health Information for the proper management and administration of the Business Associate or to carry out the legal responsibilities of the Business Associate, provided the Disclosures are Required By Law, or the Business Associate obtains reasonable assurances from the person to who the information is Disclosed that the information will remain confidential and used or further Disclosed only as Required By Law or for the purposes for which it was Disclosed to the person, and the person notifies the Business Associate of any instances of which it is aware in which the confidentiality of the Protected Health Information has been Breached.

Permitted Uses and Disclosures by the Business Associate a. Business Associate may use or disclose PHI: (i) for the proper management and administration of the Business Associate or to carry out the legal responsibilities of the Business Associate; provided, however, either (A) the disclosures are required by law, or (B) the Business Associate obtains reasonable assurances from the person to whom the information is disclosed that the information will remain confidential and used or further disclosed only as required by law or for the purposes for which it was disclosed to the person, and the person notifies the Business Associate of any instances of which it is aware in which the confidentiality of the information has been breached; (ii) as required by law; (iii) for Data Aggregation services relating to the health care operations of the Covered Entity; (iv) to de-identify, consistent with 45 CFR 164.514(a) – (c), PHI it receives from the Covered Entity. If the Business Associates de-identifies the PHI it receives from the Covered Entity, the Business Associate may use the de-identified information for any purpose not prohibited by the HIPAA Rules; and (v) for any other purpose listed here: carrying out the Business Associate’s duties under the Contract. b. Business Associate agrees to make uses and disclosures and requests for PHI consistent with the Covered Entity’s minimum necessary policies and procedures. c. Business Associate may not use or disclose PHI in a manner that would violate Subpart E of 45 CFR Part 164 if done by the Covered Entity except for the specific uses and disclosures described above in 3(a)(i) and (iii).

Permitted Uses and Disclosures by the Business Associate a. The Business Associate may Use or Disclose Protected Health Information received in relation to the Underlying Agreement as necessary to perform the services set forth in the Underlying Agreement. b. The Business Associate may use or disclose Protected Health Information as is required by law. c. The Business Associate is not authorized to de-identify Protected Health Information in accordance with 45 C.F.R. § 164.514(a)-(c) unless expressly authorized to do so in writing by the Covered Entity’s Security and Privacy Officer. d. The Business Associate agrees to make Uses and Disclosures and Requests for Protected Health Information consistent with the Covered Entity’s Minimum Necessary policies and procedures. e. The Business Associate may not Use or Disclose Protected Health Information in a manner that would violate Subpart E of 45 C.F.R. Part 164 if done by the Covered Entity. f. The Business Associate may Use or Disclose the Protected Health Information for the proper management and administration of the Business Associate or to carry out the legal responsibilities of the Business Associate, provided the Disclosures are Required By Law, or the Business Associate obtains reasonable assurances from the person to who the information is Disclosed that the information will remain confidential and used or further Disclosed only as Required By Law or for the purposes for which it was Disclosed to the person, and the person notifies the Business Associate of any instances of which it is aware in which the confidentiality of the Protected Health Information has been Breached.

Permitted Uses and Disclosures by the Business Associate. Business Associate agrees to make uses and disclosures and requests for PHI consistent with the Covered Entity’s minimum necessary policies and procedures.

Permitted Uses and Disclosures by the Business Associate. General Use and Disclosure Provisions: Except as otherwise limited in this Agreement, HEALTH may use or disclose Protected Health Information in accordance with the provisions outlined in Attachment B on behalf of, or to provide services to, EOHHS for the purposes defined by this Agreement, if such use or disclosure of Protected Health Information would not violate the provisions of the Health Insurance Portability and Accountability Act Privacy Rule (45 CFR part 160 and part164, subparts A and E) if done by EOHHS or the minimum necessary policies and procedures established by EOHHS. Except as otherwise limited in this Agreement, the Business Associate may use or disclose Protected Health Information to perform functions, activities, or services for, or on behalf of, the Covered Entity as specified in this Interagency Agreement, provided that such use or disclosure would not violate the Privacy Rule if done by the Covered Entity or the minimum necessary policies and procedures of the Covered Entity.

Permitted Uses and Disclosures by the Business Associate. Except as otherwise limited by this Addendum, the Business Associate may use or disclose Protected Health Information to perform the functions, activities, or services set forth in the Services Agreement, provided that such use or disclosure would not violate HIPAA if done by the Client. Business Associate is permitted to disclose Protected Health Information to its subcontractors, agents, and/or related and affiliated entities in relation to Business Associate’s performance of the functions, activities, or services set forth in the Services Agreement, provided that such use or disclosure would not violate HIPAA if done by the Client.