Documenting and Reporting Breaches 6.1 Business Associate shall report to Covered Entity any Breach of Unsecured PHI, including Breaches reported to it by a Subcontractor, as soon as it (or any of its employees or agents) becomes aware of any such Breach, and in no case later than two (2) business days after it (or any of its employees or agents) becomes aware of the Breach, except when a law enforcement official determines that a notification would impede a criminal investigation or cause damage to national security. 6.2 Business Associate shall provide Covered Entity with the names of the individuals whose Unsecured PHI has been, or is reasonably believed to have been, the subject of the Breach and any other available information that is required to be given to the affected individuals, as set forth in 45 CFR § 164.404(c), and, if requested by Covered Entity, information necessary for Covered Entity to investigate the impermissible use or disclosure. Business Associate shall continue to provide to Covered Entity information concerning the Breach as it becomes available to it. Business Associate shall require its Subcontractor(s) to agree to these same terms and conditions. 6.3 When Business Associate determines that an impermissible acquisition, use or disclosure of PHI by a member of its workforce is not a Breach, as that term is defined in 45 CFR § 164.402, and therefore does not necessitate notice to the impacted individual(s), it shall document its assessment of risk, conducted as set forth in 45 CFR § 402(2). When requested by Covered Entity, Business Associate shall make its risk assessments available to Covered Entity. It shall also provide Covered Entity with 1) the name of the person(s) making the assessment, 2) a brief summary of the facts, and 3) a brief statement of the reasons supporting the determination of low probability that the PHI had been compromised. When a breach is the responsibility of a member of its Subcontractor’s workforce, Business Associate shall either 1) conduct its own risk assessment and draft a summary of the event and assessment or 2) require its Subcontractor to conduct the assessment and draft a summary of the event. In either case, Business Associate shall make these assessments and reports available to Covered Entity. 6.4 Business Associate shall require, by contract, a Subcontractor to report to Business Associate and Covered Entity any Breach of which the Subcontractor becomes aware, no later than two (2) business days after becomes aware of the Breach.
Identification and Disclosure of Privacy and Security Offices Business Associate and Subcontractors shall provide, within ten (10) days of the execution of this agreement, written notice to the Covered Entity’s contract/grant manager the names and contact information of both the HIPAA Privacy Officer and HIPAA Security Officer. This information must be updated any time either of these contacts changes.
Insurance and Fingerprint Requirements Information Insurance If applicable and your staff will be on TIPS member premises for delivery, training or installation etc. and/or with an automobile, you must carry automobile insurance as required by law. You may be asked to provide proof of insurance. Fingerprint It is possible that a vendor may be subject to Chapter 22 of the Texas Education Code. The Texas Education Code, Chapter 22, Section 22.0834. Statutory language may be found at: xxxx://xxx.xxxxxxxx.xxxxx.xxxxx.xx.xx/ If the vendor has staff that meet both of these criterion: (1) will have continuing duties related to the contracted services; and (2) has or will have direct contact with students Then you have ”covered” employees for purposes of completing the attached form. TIPS recommends all vendors consult their legal counsel for guidance in compliance with this law. If you have questions on how to comply, see below. If you have questions on compliance with this code section, contact the Texas Department of Public Safety Non-Criminal Justice Unit, Access and Dissemination Bureau, FAST-FACT at XXXX@xxxxx.xxxxx.xx.xx and you should send an email identifying you as a contractor to a Texas Independent School District or ESC Region 8 and TIPS. Texas DPS phone number is (000) 000-0000. See form in the next attribute to complete entitled: Texas Education Code Chapter 22 Contractor Certification for Contractor Employees
NMHS Governance, Safety and Quality Requirements 2.1 Participates in the maintenance of a safe work environment. 2.2 Participates in an annual performance development review. 2.3 Supports the delivery of safe patient care and the consumers’ experience including participation in continuous quality improvement activities in accordance with the requirements of the National Safety and Quality Health Service Standards and other recognised health standards. 2.4 Completes mandatory training (including safety and quality training) as relevant to role. 2.5 Performs duties in accordance with Government, WA Health, North Metropolitan Health Service and Departmental / Program specific policies and procedures. 2.6 Abides by the WA Health Code of Conduct, Occupational Safety and Health legislation, the Disability Services Act and the Equal Opportunity Act.
Monitoring and Reporting The Programme Operator shall monitor, record and report on progress towards the programme’s outcomes in accordance with the provisions contained in the legal framework. The Programme Operator shall ensure that suitable and sufficient monitoring and reporting arrangements are made with the project promoters in order to enable the Programme Operator and the National Focal Point to meet its obligations to the Donors. When reporting on progress achieved in Annual and Final Programme Reports, the Programme Operator shall disaggregate results achieved as appropriate and in accordance with instructions received from the FMO.
EMHS Governance, Safety and Quality Requirements 4.1 Participates in the maintenance of a safe work environment. 4.2 Actively participates in the Peak Performance program. 4.3 Supports the delivery of safe patient care and the consumers’ experience including participation in continuous quality improvement activities in accordance with the requirements of the National Safety and Quality Health Service Standards and other recognised health standards. 4.4 Completes mandatory training (including safety and quality training) as relevant to role. 4.5 Performs duties in accordance with the EMHS Vision and Values, WA Health Code of Conduct, Occupational Safety and Health legislation, the Disability Services Act and the Equal Opportunity Act and Government, WA Health, EMHS and Departmental / Program specific policies and procedures.
SMHS Governance, Safety and Quality Requirements 4.1 Participates in the maintenance of a safe work environment. 4.2 Participates in an annual performance development review. 4.3 Supports the delivery of safe patient care and the consumers’ experience including participation in continuous quality improvement activities in accordance with the requirements of the National Safety and Quality Health Service Standards and other recognised health standards. 4.4 Completes mandatory training (including safety and quality training) as relevant to role. 4.5 Performs duties in accordance with Government, WA Health, South Metropolitan Health Service and Departmental / Program specific policies and procedures. 4.6 Abides by the WA Health Code of Conduct, Occupational Safety and Health legislation, the Disability Services Act and the Equal Opportunity Act.
Freedom of Information and Protection of Privacy Act Any information provided on this contract may be subject to release under the Freedom of Information and Protection of Privacy Act. The Contractor may be consulted prior to release of any information.
Introduction and Statement of Policy The National Institutes of Health (NIH) has established NIH-designated data repositories (e.g., database of Genotypes and Phenotypes (dbGaP), Sequence Read Archive (SRA), NIH Established Trusted Partnerships) for securely storing and sharing controlled-access human data submitted to NIH under the NIH Genomic Data Sharing (GDS)
Research Use Reporting To assure adherence to NIH GDS Policy, the PI agrees to provide annual Progress Updates as part of the annual Project Renewal or Project Close-out processes, prior to the expiration of the one (1) year data access period. The PI who is seeking Renewal or Close-out of a project agree to complete the appropriate online forms and provide specific information such as how the data have been used, including publications or presentations that resulted from the use of the requested dataset(s), a summary of any plans for future research use (if the PI is seeking renewal), any violations of the terms of access described within this Agreement and the implemented remediation, and information on any downstream intellectual property generated from the data. The PI also may include general comments regarding suggestions for improving the data access process in general. Information provided in the progress updates helps NIH evaluate program activities and may be considered by the NIH GDS governance committees as part of NIH’s effort to provide ongoing stewardship of data sharing activities subject to the NIH GDS Policy.
