Privacy Practices. The Provider that creates, receives, maintains, or transmits protected health information through the provision of services under the Provider Agreement shall undertake the following acts regarding such information:
a. Establish physical, technical, and administrative safeguards that prevent the improper use or disclosure of the information, including:
i. Designating a person or persons to be responsible for assuring the privacy of the information.
ii. Developing and implementing privacy policies and procedures regarding required and permissible use and disclosure of the information. Toward that end, the Provider may only use and disclose protected health information owned by DHSS that it accesses, maintains, retains, modifies, records, stores, receives, or transmits if the use or disclosure is in compliance with each applicable requirement of 45 C.F.R. 164.504(e) of the Privacy Rule. The additional requirements of Subtitle D of the HITECH Act contained in Public Law 111-5 that relate to privacy and that are made applicable with respect to covered entities shall also be applicable to the Provider and are incorporated into this Privacy and Security Procedures. To the extent that the Provider discloses protected health information to a third party, the Provider must obtain, prior to making any such disclosure: (1) reasonable assurances from the third party that the protected health information will be held confidential as provided in this Privacy and Security Procedures and only disclosed as required by law or for the purposes for which it was disclosed to the third party; and (2) an agreement from the third party to notify the Provider within one business day of any breach of confidentiality of the protected health information, to the extent it obtained knowledge of the breach.
iii. Identifying a contact person responsible for receiving complaints, appropriately investigating, and, if necessary, taking prompt corrective action to cure any deficiencies that result from breaches of security, intrusion, or unauthorized use or disclosure of service recipient information;
iv. Permitting the disclosure of the information to DHSS as a health oversight agency (without requiring the authorization of a recipient of services) for purposes of DHSS’s determination of compliance with, administration of the terms, or termination of the Provider Agreement, or assignment of services to an approved subcontractor or another provider.
b. Take reasonable steps to mitigate the h...
Privacy Practices. The Department will provide and Business Associate shall immediately begin using any applicable form, including but not limited to, any form used for Notice of Privacy Practices, Accounting for Disclosures, or Authorization, upon the effective date designated by the Program or Department. The Department retains the right to change the applicable privacy practices, documents and forms. The Business Associate shall implement changes as soon as practicable, but not later than 45 days from the date of notice of the change.
Privacy Practices. Covered Entity shall provide Business Associate with the notice of privacy practices that Covered Entity produces in accordance with 45 CFR § 164.520, as well as any changes to such notice.
Privacy Practices. The Covered Entity will provide and Business Associate shall immediately begin using and/or distributing to clients any applicable form, including but not limited to, any form used for Notice of Privacy Practices, Accounting for Disclosures, or Authorization, upon the effective date of this Attachment 5, or as otherwise designated by the Program or Covered Entity. The Covered Entity retains the right to change the applicable privacy practices, documents and forms. The Business Associate shall implement changes as soon as practicable, but not later than 45 days from the date of notice of the change.
Privacy Practices. I understand that Transformations adheres to the Health Information Privacy Act and I agree to these practices. I agree that this information has been made available to me for me review.
Privacy Practices. I hereby authorize the release of all medical information necessary to process my claims and I authorize release of this same information, when necessary, to other providers rendering medical/dental care, as well as to labs that need my information to make a diagnosis, treatment and/or fabricate an appliance necessary for my treatment. I acknowledge receipt and agree for my information to be provided or obtained for processing of insurance claims; when releasing or requesting medical information to insurance companies or your provider needed for the processing of your claims and treatment; release and use of photographic documentation for educational and research purposes.
Privacy Practices. Covered Entity will provide Business Associate with all applicable forms, including but not limited to, any form used for Notice of Privacy Practices, Accounting for Disclosures, or Authorization, upon the effective date designated by the Program or Covered Entity. Covered Entity may change applicable privacy practices, documents and forms. The Business Associate shall make reasonable endeavors to implement changes as soon as practicable, but not later than 45 days from the date of notice of the change. Business Associate shall otherwise comply with all applicable laws and agency guidance pertaining to notices of privacy practices, including the requirements set forth in 45 C.F.R. § 164.520.
Privacy Practices. Genesys takes the privacy expectations of its Customers and end users very seriously and is committed to disclosing relevant data handling and management practices in an open and transparent manner.
Privacy Practices. Xxxxxx Permanente will protect the privacy of your protected health information (PHI). We also require contracting providers to protect your PHI. Your PHI is individually identifiable information about your health, the health care Services you receive, and payment for your health care. You may generally:
Privacy Practices. Veeva maintains documented policies, procedures, and practices regarding the processing of Customer Data that is personal data as well as technical and operational security measures to maintain the confidentiality, integrity, and availability of Customer Data. With respect to the processing of Customer Data that is personal data, the parties will comply with the terms set forth on the Data Processing Addendum, available at xxx.xxxxx.xxx/xxxxxxxxx/, the terms of which are made part of this Agreement.