SAFEGUARDING AND SECURITY OF PROTECTED HEALTH INFORMATION. Business Associate understands that pursuant to the HITECH Act and HITECH Omnibus Rule, it is subject to the HIPAA Privacy and Security Rules in a similar manner as the rules apply to Covered Entity. As a result, Business Associate agrees to take all action necessary to comply with the relevant sections of the HIPAA Rule. Business Associate agrees to use appropriate safeguards, and comply with Subpart C of 45 CFR Part 164 with respect to electronic PHI, to prevent unauthorized use or disclosure of the PHI. Business Associate agrees to execute with any Subcontractors written contracts that are similar to the business associate agreements between Covered Entity and Business Associate. Each agreement in the business associate chain must be at least as stringent as the initial agreement between Covered Entity and Business Associate with respect to the permitted uses and disclosures of PHI by Subcontractor. Business Associate shall, and shall require Subcontractors to, implement administrative, physical and technical safeguards (including written policies and procedures) that appropriately protect the confidentiality, integrity and availability of electronic PHI that each creates, accesses, acquires, receives, maintains or transmits for or on behalf of Covered Entity as required by the Security Rule at 45 CFR §§ 164.308, 164.310, 164.312, and 164.316.
Appears in 5 contracts
Samples: Business Associate Agreement, Business Associate Agreement, Business Associate Agreement
