Permitted Uses and Disclosures of Protected Health Information Sample Clauses

Permitted Uses and Disclosures of Protected Health Information. Business Associate: (a) shall Use and Disclose Protected Health Information only as necessary to perform the Services, and as provided in Sections 2.4, 2.5, 2.6, 2.7, 2.8, 2.9, 2.10, 4.3 and 5.2 of this Agreement; (b) shall Disclose Protected Health Information to Covered Entity upon request; (c) may, as necessary for the proper management and administration of its business or to carry out its legal responsibilities: (i) Use Protected Health Information; and (ii) Disclose Protected Health Information if the Disclosure is Required by Law. Business Associate shall not Use or Disclose Protected Health Information for any other purpose or in any manner that would constitute a violation of the Privacy Regulations or the HITECH Act if so Used or Disclosed by Covered Entity.

Permitted Uses and Disclosures of Protected Health Information. Business Associate shall not Use or Disclose PHI other than as permitted or required by the Underlying Agreement, this BAA, or as permitted or Required by Law. Further, Business Associate shall not Use PHI in any manner that would constitute a violation of the HIPAA Privacy Rule, the HITECH Act, or the Omnibus Final Rule, if so Used by Covered Entity. Except Business Associate may Use or Disclose PHI (1) for the proper management and administration of Business Associate, (2) to carry out the legal responsibilities of Business Associate, or (3) for Data Aggregation purposes for the Health Care Operations of Covered Entity consistent with HIPAA requirements. In order to Disclose PHI for its proper management and administration, such Disclosures are to be Required by Law, or the Business Associate is to obtain reasonable assurances from the person to whom the information is Disclosed that it will remain confidential and Used or further Disclosed only as Required by Law or for the purpose for which it was Disclosed to the person, and the person notifies the Business Associate of any instances of which it is aware in which the confidentiality of the information has been Breached.

Permitted Uses and Disclosures of Protected Health Information. Business Associate shall not Use or Disclose PHI other than for the for the purposes listed on the signature page hereto for performing the Services, as permitted or required by this BAA, or as Required by Law. Business Associate shall not Use or Disclose PHI in any manner that would constitute a violation of Subpart E of 45 C.F.R. Part 164 if so Used or Disclosed by Covered Entity. However, Business Associate may Use or Disclose PHI (i) for the proper management and administration of Business Associate; (ii) to carry out the legal responsibilities of Business Associate, provided that with respect to any such Disclosure either: (a) the Disclosure is Required by Law; or (b) Business Associate obtains a written agreement from the person to whom the PHI is to be Disclosed that such person will hold the PHI in confidence and will not Use and further Disclose such PHI except as Required by Law and for the purpose(s) for which it was Disclosed by Business Associate to such person, and that such person will notify Business Associate of any instances of which it is aware in which the confidentiality of the PHI has been breached; (iii) for Data Aggregation purposes for the Health Care Operations of Covered Entity. To the extent that Business Associate carries out one or more of Covered Entity’s obligations under Subpart E of 45 C.F.R. Part 164, Business Associate must comply with the requirements of Subpart E that apply to the Covered Entity in the performance of such obligations.

Permitted Uses and Disclosures of Protected Health Information a. Performance of the Agreement for Microsoft Online Services. Except as otherwise limited in this BAA, Microsoft may Use and Disclose Protected Health Information for, or on behalf of, Customer as specified in the Agreement; provided that any such Use or Disclosure would not violate HIPAA if done by Customer, unless expressly permitted under paragraph b of this Section.

Permitted Uses and Disclosures of Protected Health Information. 3.1 Upon execution of this Agreement and subject to its terms, from time to time, Covered Entity may disclose PHI to Business Associate and allow Business Associate to create or receive PHI on behalf of Covered Entity. 3.2 Except as otherwise limited in this Agreement, Business Associate may use PHI received from or created on behalf of Covered Entity to carry out the responsibilities imposed upon Business Associate under the Service Arrangement provided that such use or disclosure would not violate the Privacy Regulations if done by Covered Entity or the minimum necessary policies and procedures of Covered Entity. Business Associate may use PHI in connection with the proper management and administration of Business Associate or to carry out legal responsibilities of Business Associate. Business Associate may disclose PHI in connection with the proper management and administration of Business Associate if (a) the disclosure is Required By Law, or (b) Business Associate receives adequate assurances from the person to whom the information is disclosed that the information will be held confidentially, used or further disclosed only as Required By Law or for the purposes for which the disclosure was made, and the person notifies Business Associate of any instance of which it is aware in which the confidentiality of the information has been breached. 3.3 Any use or disclosure of PHI which is not specifically permitted in this Agreement is prohibited. 3.4 Business Associate may use PHI to report violations of law to appropriate authorities consistent with 45 C.F.R. ' 164.502(j)(1).

Permitted Uses and Disclosures of Protected Health Information. Business Associate may use and disclose PHI received from and made available from Covered Entity or created by Business Associate on behalf of Covered Entity, only as necessary to perform the Services and as otherwise authorized by Covered Entity, provided that such use and disclosure would be permitted under state and federal confidentiality laws if done by Covered Entity, or as otherwise required by law or regulation. All other uses and disclosures not authorized by this Agreement are prohibited, without obtaining written authorization from Covered Entity. Notwithstanding the foregoing, Business Associate may use or disclose PHI for the specific uses and disclosures set forth below:

Permitted Uses and Disclosures of Protected Health Information. Services. Pursuant to the Contract, Business Associate provides services (“Services”) for the Covered Entity that involve the use and/or disclosure of Protected Health Information. Except as otherwise specified herein, the Business Associate may make any and all uses of Protected Health Information necessary to perform its obligations under the Contract, , provided that such use would not violate the Privacy and Security Regulations if done by Covered Entity or the minimum necessary policies and procedures of the Covered Entity. All other uses not authorized by this Agreement are prohibited. Moreover, Business Associate may disclose Protected Health Information for the purposes authorized by this Agreement only, (i) to its employees, subcontractors and agents, in accordance with Section 3.1(e), (ii) as directed by the Covered Entity, or (iii) as otherwise permitted by the terms of this Agreement including, but not limited to, Section 2.2(b) below, provided that such disclosure would not violate the Privacy or Security Regulations if done by Covered Entity or the minimum necessary policies and procedures of the Covered Entity.

Permitted Uses and Disclosures of Protected Health Information. Sub-Business Associate: (a) shall Use and Disclose Protected Health Information only as necessary to perform the services, and as otherwise provided in this Agreement; (b) shall Disclose Protected Health Information to Business Associate or Covered Entity upon request; (c) may, as necessary for the proper management and administration of its business or to carry out its legal responsibilities: (i) Use and Disclose Protected Health Information; and (ii) Disclose Protected Health Information if the Disclosure is Required by Law; (d) may Use or Disclose Protected Health Information to provide data aggregation services to Business Associate, except as otherwise limited in this Agreement. Sub-Business Associate shall not Use or Disclose Protected Health Information for any other purpose or in any manner that would constitute a violation of the Privacy Regulations or the HITECH Act if so Used or Disclosed by Business Associate.

Permitted Uses and Disclosures of Protected Health Information. Business Associate shall not Use or Disclose PHI received, accessed, maintained, or created for or on behalf of Covered Entity except to perform the Services required by any Underlying Agreement, or as permitted by this BAA or Required by Law. Business Associate shall not Use or Disclose PHI in any manner that would constitute a violation of the HIPAA Regulations if so Used or Disclosed by Covered Entity. Without limiting the generality of the foregoing, Business Associate is permitted to (i) Use PHI for the proper management and administration of Business Associate; (ii) Use and Disclose PHI to carry out the legal responsibilities of Business Associate, provided that with respect to any such Disclosure either: (a) the Disclosure is Required by Law; or (b) Business Associate obtains an agreement from the person to whom the PHI is to be Disclosed that such person will hold the PHI in confidence and will not Use and further Disclose such PHI except as Required by Law and for the purpose(s) for which it was Disclosed by Business Associate to such person, and that such person will notify Business Associate of any instances of which it is aware in which the confidentiality of the PHI has been breached; (iii) Use PHI for Data Aggregation purposes in connection with the Health Care Operations of Covered Entity; and (iv) Use PHI for purposes of de-identification of the PHI.

Permitted Uses and Disclosures of Protected Health Information. (a) Sub-Business Associate agrees not to use or disclose Protected Health Information other than as permitted or required by this Agreement or as Required by Law. Subject to those limitations set forth in this Agreement, Sub-Business Associate may use and disclose Protected Health Information as necessary in order to provide its services as described in the Services Agreement. (b) Subject to the limitations set forth in this Agreement, Sub-Business Associate may use Protected Health Information if necessary for its proper management and administration or to carry out its legal responsibilities. In addition, Sub-Business Associate may disclose Protected Health Information as necessary for its proper management and administration or to carry out its legal responsibilities provided that: (i) any such disclosure is Required By Law; or (1) Sub-Business Associate obtains reasonable assurances, in the form of a written agreement, from the person to whom the Protected Health Information is disclosed that it will be held confidentially and used or further disclosed only as Required By Law or for the purpose for which it was disclosed to the person; and (2) the person agrees to immediately notify Sub-Business Associate (which shall immediately notify Company and SilverScript in accordance with Section 2 above) of any instances of which it is aware in which the confidentiality of the Protected Health Information has been breached. (c) Sub-Business Associate may not de-identify Protected Health Information except as necessary to provide its services as described in the Services Agreement. Sub-Business Associate is prohibited from using or disclosing such de-identified information for its own purpose without the explicit written permission of Company.