Privacy Obligations. Pursuant to applicable law, PHI that Business Associate will have access to and/or receive from KDADS may be used or disclosed only in accordance with this Agreement and the Privacy Rule. KDADS is a Covered Entity under the act and therefore Business Associate is not permitted to use or disclose PHI in ways that KDADS could not use or disclose the PHI. This protection continues as long as the data is in the hands of Business Associate. Business Associate agrees to comply with the privacy obligations imposed by HIPAA including but not limited to: A. Required/Permitted Uses - 164.504(e)(2)(i). Business Associate is required/permitted to use the PHI only for the purposes described in the Underlying Agreement. B. Required/Permitted Disclosures - 164.504(e)(2)(i). Business Associate shall disclose KDADS’ PHI only as allowed herein or as specifically in the Underlying Agreement, or as specifically directed by KDADS.
Appears in 4 contracts
Samples: Business Associate Agreement, Business Associate Agreement, Business Associate Agreement
