REPORTING OF A VIOLATION TO COVERED ENTITY BY BUSINESS ASSOCIATE Sample Clauses

REPORTING OF A VIOLATION TO COVERED ENTITY BY BUSINESS ASSOCIATE. The Business Associate shall report to Covered Entity any use or disclosure of Protected Health Information not provided for by the Agreement of which it becomes aware, including breaches of unsecured Protected Health Information as required at 45 CFR 164.410 and any security incident.
AutoNDA by SimpleDocs
REPORTING OF A VIOLATION TO COVERED ENTITY BY BUSINESS ASSOCIATE. Business Associate shall report to Covered Entity’s Breach Investigation Team (BIT) via email at xxxxxxxxx@xx.xxx, any use or disclosure of PHI not provided for by this Agreement, of which it becomes aware, including breaches of unsecured PHI as required at 45 CFR § 164.410, and any Security Incident of which it becomes aware, immediately, and in no case later than ten (10) business days after the use or disclosure.
REPORTING OF A VIOLATION TO COVERED ENTITY BY BUSINESS ASSOCIATE 

Related to REPORTING OF A VIOLATION TO COVERED ENTITY BY BUSINESS ASSOCIATE

  • Provisions for Covered Entity to Inform Business Associate of Privacy Practices and Restrictions (a) Covered Entity shall notify Business Associate of any limitation(s) in the notice of privacy practices of Covered Entity under 45 CFR 164.520, to the extent that such limitation may affect Business Associate’s use or disclosure of protected health information.

  • Business Associate “Business Associate” shall have the same meaning as the term “business associate” at 45 C.F.R. 160.103, and shall refer to Contractor.

  • Permitted Uses and Disclosure by Business Associate (1) General Use and Disclosure Provisions Except as otherwise limited in this Section of the Contract, Business Associate may use or disclose PHI to perform functions, activities, or services for, or on behalf of, Covered Entity as specified in this Contract, provided that such use or disclosure would not violate the HIPAA Standards if done by Covered Entity or the minimum necessary policies and procedures of the Covered Entity.

  • Confidentiality and Safeguarding of University Records; Press Releases; Public Information Under this Agreement, Contractor may (1) create, (2) receive from or on behalf of University, or (3) have access to, records or record systems (collectively, University Records). Among other things, University Records may contain social security numbers, credit card numbers, or data protected or made confidential or sensitive by Applicable Laws. [Option (Include if University Records are subject to FERPA.): Additional mandatory confidentiality and security compliance requirements with respect to University Records subject to the Family Educational Rights and Privacy Act, 20 United States Code (USC) §1232g (FERPA) are addressed in Section 12.41.] [Option (Include if University is a HIPAA Covered Entity and University Records are subject to HIPAA.): Additional mandatory confidentiality and security compliance requirements with respect to University Records subject to the Health Insurance Portability and Accountability Act and 45 Code of Federal Regulations (CFR) Part 160 and subparts A and E of Part 164 (collectively, HIPAA) are addressed in Section 12.26.] Contractor represents, warrants, and agrees that it will: (1) hold University Records in strict confidence and will not use or disclose University Records except as (a) permitted or required by this Agreement, (b) required by Applicable Laws, or (c) otherwise authorized by University in writing; (2) safeguard University Records according to reasonable administrative, physical and technical standards (such as standards established by the National Institute of Standards and Technology and the Center for Internet Security [Option (Include if Section 12.39 related to Payment Card Industry Data Security Standards is not include in this Agreement.):, as well as the Payment Card Industry Data Security Standards]) that are no less rigorous than the standards by which Contractor protects its own confidential information; (3) continually monitor its operations and take any action necessary to assure that University Records are safeguarded and the confidentiality of University Records is maintained in accordance with all Applicable Laws and the terms of this Agreement; and (4) comply with University Rules regarding access to and use of University’s computer systems, including UTS165 at xxxx://xxx.xxxxxxxx.xxx/board-of-regents/policy-library/policies/uts165-information-resources-use-and-security-policy. At the request of University, Contractor agrees to provide University with a written summary of the procedures Contractor uses to safeguard and maintain the confidentiality of University Records.

  • Permitted Uses and Disclosures by Business Associate 1. Business Associate may only use or disclose protected health information as necessary to perform the services as outlined in the underlying agreement.

  • Handling Sensitive Personal Information and Breach Notification A. As part of its contract with HHSC Contractor may receive or create sensitive personal information, as section 521.002 of the Business and Commerce Code defines that phrase. Contractor must use appropriate safeguards to protect this sensitive personal information. These safeguards must include maintaining the sensitive personal information in a form that is unusable, unreadable, or indecipherable to unauthorized persons. Contractor may consult the “Guidance to Render Unsecured Protected Health Information Unusable, Unreadable, or Indecipherable to Unauthorized Individuals” issued by the U.S. Department of Health and Human Services to determine ways to meet this standard.

  • Permitted Uses and Disclosures of Phi by Business Associate Except as otherwise indicated in this Agreement, Business Associate may use or disclose PHI, inclusive of de-identified data derived from such PHI, only to perform functions, activities or services specified in this Agreement on behalf of DHCS, provided that such use or disclosure would not violate HIPAA or other applicable laws if done by DHCS.

  • Convicted, Discriminatory, Antitrust Violator, and Suspended Vendor Lists In accordance with sections 287.133, 287.134, and 287.137, F.S., the Contractor is hereby informed of the provisions of sections 287.133(2)(a), 287.134(2)(a), and 287.137(2)(a), F.S. For purposes of this Contract, a person or affiliate who is on the Convicted Vendor List, the Discriminatory Vendor List, or the Antitrust Violator Vendor List may not perform work as a contractor, supplier, subcontractor, or consultant under the Contract. The Contractor must notify the Department if it or any of its suppliers, subcontractors, or consultants have been placed on the Convicted Vendor List, the Discriminatory Vendor List, or the Antitrust Violator Vendor List during the term of the Contract. In accordance with section 287.1351, F.S., a vendor placed on the Suspended Vendor List may not enter into or renew a contract to provide any goods or services to an agency after its placement on the Suspended Vendor List. A firm or individual placed on the Suspended Vendor List pursuant to section 287.1351, F.S., the Convicted Vendor List pursuant to section 287.133, F.S., the Antitrust Violator Vendor List pursuant to section 287.137, F.S., or the Discriminatory Vendor List pursuant to section 287.134, F.S., is immediately disqualified from Contract eligibility.

  • EDD Independent Subrecipient Reporting Requirements Effective January 1, 2001, the County of Orange is required to file in accordance with subdivision (a) of Section 6041A of the Internal Revenue Code for services received from a “service provider” to whom the County pays $600 or more or with whom the County enters into a contract for $600 or more within a single calendar year. The purpose of this reporting requirement is to increase child support collection by helping to locate parents who are delinquent in their child support obligations. The term “service provider” is defined in California Unemployment Insurance Code Section 1088.8, Subparagraph B.2 as “an individual who is not an employee of the service recipient for California purposes and who received compensation or executes a contract for services performed for that service recipient within or without the State.” The term is further defined by the California Employment Development Department to refer specifically to independent Subrecipients. An independent Subrecipient is defined as “an individual who is not an employee of the ... government entity for California purposes and who receives compensation or executes a contract for services performed for that ... government entity either in or outside of California.” The reporting requirement does not apply to corporations, general partnerships, limited liability partnerships, and limited liability companies. Additional information on this reporting requirement can be found at the California Employment Development Department web site located at xxxx://xxx.xxx.xx.xxx/Employer_Services.htm

  • Customer Information and Release Authorization Throughout this Agreement, you authorize Clearview Energy or its agents to obtain and review information from credit-reporting agencies regarding your credit history and information from the Utility relating to you and your account that includes, but is not limited to: account name and number; billing history; payment history; rate classification; historical and future electricity usage; meter readings; and characteristics of electricity service. Clearview Energy will not provide or sell such information to any other party without your consent unless required to do so by law, or it is necessary to enforce the terms of this Agreement. Clearview Energy reserves the right to reject your enrollment, or terminate this Agreement, in the event you rescind these authorizations.

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!