PHI Compliance Clause Samples

The PHI Compliance clause establishes requirements for handling Protected Health Information (PHI) in accordance with applicable privacy laws, such as HIPAA. It typically mandates that parties implement safeguards to protect PHI, restrict its use and disclosure, and promptly report any unauthorized access or breaches. This clause ensures that sensitive health information is managed securely and legally, thereby reducing the risk of data breaches and regulatory penalties.
PHI Compliance. Contractor will adhere to Titles 9 and 22 and all other applicable Federal and State statutes and regulations, including the Health Insurance Portability and Accountability Act of 1996 (HIPPA) and 42 CFR Part 2 and will make his best efforts to preserve data integrity and confidentiality of protected health information.
View SourceView Similar (8)
PHI Compliance. Customer represents and warrants that, to the extent Customer is a “covered entity”: (i) any PHI or clinical laboratory data of SQL and Customer’s patients which is delivered via the AIM Platform (collectively with PHI, the “Data”) it requires or receives under this Agreement is solely for its health care operation (“HCO”) purposes; (ii) it will not use such information other than for its internal HCO purposes; (iii) it is requesting the minimum necessary PHI to accomplish the intended authorized purpose; (iv) it will not disclose PHI to any third party except in accordance with this Agreement. PHI may be shared with federal or state regulatory agencies, with accreditation agencies, or with the advance written consent of the patient or of SQL; and (v) it will report to SQL promptly the discovery of any type of discrepancies, anomalies, or errors detected in the PHI it receives from SQL.
View Source

Related to PHI Compliance

  • PCI Compliance Company shall not connect to or utilize any computer network or systems of the Aviation Authority, including, without limitation, for transmission of credit card payments. Company shall be solely responsible for providing and maintaining its own computer networks and systems and shall ensure its system ensure its system used to collect, process, store or transmit credit card or customer credit card and/or personal information is compliant with all applicable Payment Card Industry (“PCI”) Data Security Standard (“DSS”). 1. Company shall, within 5 days, notify the Aviation Authority of any security malfunction or breach, intrusion or unauthorized access to cardholder or other customer data, and shall comply with all then applicable PCI requirements. 2. Company, in addition to notifying the Aviation Authority and satisfying the PCI requirements, will immediately take the remedial actions available under the circumstances and provide the Aviation Authority with an explanation of the cause of the breach or intrusion and the proposed remediation plan. Company will notify the Aviation Authority promptly if it learns that it is no longer PCI DSS compliant and will immediately provide the Aviation Authority with a report on steps being taken to remediate the non-compliance status and provide evidence of compliance once PCI DSS compliance is achieved. 3. Company, its successor’s and assigns, will continue to comply with all provisions of this Agreement relating to accidents, incidents, damages and remedial requirements after the termination of this Agreement. 4. Company shall ensure strict compliance with PCI DSS for each credit card transaction and acknowledges responsibility for the security of cardholder data. Company will create and maintain reasonable detailed, complete and accurate documentation describing the systems, processes, network segments, security controls and dataflow used to receive, process transmit store and secure Customer’s cardholder data. Such documentation shall conform to the most current version of PCI DSS. 5. Company must maintain PCI Certification as a bankcard merchant at the Airport. Company is responsible, at Company’s own expense, to contract and pay for all quarterly, annual or other required assessments, remediation activities related to processes within Concessionaire’s control, analysis or certification processes necessary to maintain PCI certification as a bankcard merchant. 6. PCI DSS - Company shall make available on the Premises, within 24 hours upon request by the Aviation Authority, such documentation, policies, procedures, reports, logs, configuration standards and settings and all other documentation necessary for the Aviation Authority to validate Company’s compliance with PCI DSS as well as make available to the individuals responsible for implementing, maintaining and monitoring those system components and processes. Requested logs must be made available to the Aviation Authority in electronic format compatible with computers used by the Aviation Authority. 7. Evidence of PCI DSS Compliance – Company agrees to supply their PCI DSS compliance status and evidence of its most recent validation of compliance upon execution of the Contract. Company must supply to the Aviation Authority evidence of validation of compliance at least annually to be delivered along with the Annual Certification of Fees in accordance with Article 5.C. of this Agreement.

  • OSHA Compliance To the extent applicable to the services to be performed under this Agreement, Contractor represents and warrants, that all articles and services furnished under this Agreement meet or exceed the safety standards established and promulgated under the Federal Occupational Safety and Health Law (Public Law 91-596) and its regulations in effect or proposed as of the date of this Agreement.

  • CEQA Compliance The District has complied with all assessment requirements imposed upon it by the California Environmental Quality Act (Public Resource Code Section 21000 et seq. (“CEQA”) in connection with the Project, and no further environmental review of the Project is necessary pursuant to CEQA before the construction of the Project may commence.

  • FCPA Compliance The Company has not and, to the Company’s actual knowledge, none of its employees or agents at any time during the last five years have (i) made any unlawful contribution to any candidate for foreign office, or failed to disclose fully any contribution in violation of law, or (ii) made any payment to any federal or state governmental officer or official, or other person charged with similar public or quasi-public duties, other than payments required or permitted by the laws of the United States or any jurisdiction thereof.

  • HIPAA Compliance If this Contract involves services, activities or products subject to the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the Contractor covenants that it will appropriately safeguard Protected Health Information (defined in 45 CFR 160.103), and agrees that it is subject to, and shall comply with, the provisions of 45 CFR 164 Subpart E regarding use and disclosure of Protected Health Information.