Common use of Safeguarding EPHI Clause in Contracts

Safeguarding EPHI. VENDOR agrees to implement and use administrative, physical, and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability of EPHI that it creates, receives, maintains, or transmits on behalf of Community and to comply with Subpart C of 45 C.F.R. Part 164. Specifically, VENDOR agrees to comply with the requirements of 45 C.F.R. §§ 164.308, 164.310, 164.312 and 164.316 to the same extent such requirements apply to Community. In addition, VENDOR agrees to encrypt portable media devices (e.g., flash drives, CDs, PDAs, cell phones, and cameras), desktop, and laptop computers that contain, or are used to store or transmit, Community PHI and/or EPHI. These safeguards shall include, but not be limited to, the following: a) Encryption of EPHI that VENDOR stores and transmits; b) Implementation of strong access controls, including physical locks, firewalls, and strong passwords; c) Use of updated antivirus software; d) Adoption of contingency planning policies and procedures, including data backup and disaster recovery plans; and e) Conduct periodic security training.

Safeguarding EPHI. VENDOR agrees to implement and use administrative, physical, and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability of EPHI that it creates, receives, maintains, or transmits on behalf of Community COMMUNITY and to comply with Subpart C of 45 C.F.R. Part 164. Specifically, VENDOR agrees to comply with the requirements of 45 C.F.R. §§ 164.308, 164.310, 164.312 and 164.316 to the same extent such requirements apply to CommunityCOMMUNITY. In addition, VENDOR agrees to encrypt portable media devices (e.g., flash drives, CDs, PDAs, cell phones, and cameras), desktop, and laptop computers that contain, or are used to store or transmit, Community COMMUNITY PHI and/or EPHI. These safeguards shall include, but not be limited to, the following: a) Encryption of EPHI that VENDOR stores and transmits; b) Implementation of strong access controls, including physical locks, firewalls, and strong passwords; c) Use of updated antivirus software; d) Adoption of contingency planning policies and procedures, including data backup and disaster recovery plans; and e) Conduct periodic security training.

Safeguarding EPHI. VENDOR agrees to implement and use administrative, physical, and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability of EPHI that it creates, receives, maintains, or transmits on behalf of Community Xxxxxx Health and to comply with Subpart C of 45 C.F.R. Part 164. Specifically, VENDOR agrees to comply with the requirements of 45 C.F.R. §§ 164.308, 164.310, 164.312 and 164.316 to the same extent such requirements apply to CommunityXxxxxx Health. In addition, VENDOR agrees to encrypt portable media devices (e.g., flash drives, CDs, PDAs, cell phones, and cameras), desktop, and laptop computers that contain, or are used to store or transmit, Community Xxxxxx Health PHI and/or EPHI. These safeguards shall include, but not be limited to, the following: a) Encryption of EPHI that VENDOR stores and transmits; b) Implementation of strong access controls, including physical locks, firewalls, and strong passwords; c) Use of updated antivirus software; d) Adoption of contingency planning policies and procedures, including data backup and disaster recovery plans; and e) Conduct Conducting periodic security training.