Use or Disclosure of PHI. Outside Entity shall not use or disclose PHI received from Connecticut Children’s in any manner that would constitute a violation of federal or state law, including, but not limited to, HIPAA. Outside Entity shall require that its directors, officers, employees, contractors, and agents use or disclose PHI received from, or created or received on behalf of Connecticut Children’s only in accordance with the provisions of this Agreement and federal and state law. Outside Entity shall not disclose PHI in any manner other than as permitted by this Agreement. Outside Entity further agrees that all information accessed through the System will be maintained in the strictest confidentiality and in the same manner as Outside Entity safeguards the confidentiality of other patient care records, or as required by state and federal law.
A. Outside Entity agrees to implement and utilize the System and shall provide Connecticut Children’s with access to a patient’s EHR that are created, maintained, transmitted, or received using the System when such patient is also a patient of Connecticut Children’s solely for the purposes of treatment, payment, or health care operations to the extent permitted without patient authorization by HIPAA. Outside Entity shall use the System in accordance with any applicable network security policies issued by Connecticut Children’s from time to time. Connecticut Children’s will provide Outside Entity with such policies upon request and will notify Outside Entity of any material changes to such policies.
B. Connecticut Children’s and Outside Entity shall comply in all material respects with the standards for privacy of individually identifiable health information of the Administrative Simplification subtitle of HIPAA. Connecticut Children’s and Outside Entity recognize their status as “covered entities” under HIPAA and agree to carry out their responsibilities under this Agreement in accordance with such status. Additionally, the Outside Entity shall not redisclose Connecticut Children’s records except for the purpose of treatment, payment or healthcare operations, or as permitted by applicable law.
Use or Disclosure of PHI. A. Outside Practice shall not use or disclose PHI received from HMH in any manner that would constitute a violation of federal or state law, including, but not limited to, HIPAA. Outside Practice shall ensure that its directors, officers, employees, contractors, and agents use or disclose PHI received from, or created or received on behalf of HMH only in accordance with the provisions of this Agreement and federal and state law. Outside Practice shall not disclose PHI in any manner other than as permitted by this Agreement. Outside Practice further agrees that all information accessed through the HMH EHR will be maintained in the strictest confidentiality and in the same manner as Outside Practice safeguards the confidentiality of other patient care records, or as required by state and federal law.
B. Outside Practice agrees to implement and utilize the HMH EHR and shall provide HMH with access to patients’ EHR that are created, maintained, transmitted, or received using the HMH EHR when such patients are also patients of HMH solely for the purposes of treatment, payment, or health care operations to the extent permitted without patient authorization by HIPAA. Outside Practice shall use the HMH EHR in accordance with any network security policies issued by HMH from time to time.
C. HMH and Outside Practice shall comply in all material respects with the standards for privacy of individually identifiable health information of the Administrative Simplification subtitle of HIPAA. HMH and Outside Practice recognize their status as “covered entities” under HIPAA and agree to carry out their
Use or Disclosure of PHI. Only the minimum necessary PHI to accomplish the intended purpose of this agreement can be used or disclosed. Outside Entity shall not use or disclose PHI received from UW Medicine in any manner that would constitute a violation of federal or Washington State law, including but not limited to the Health Insurance Portability and Accountability Act and any regulations enacted pursuant to its provisions (“HIPAA Standards”) or applicable provisions of Washington state law (including but not limited to: RCW 70.02 Medical Records — Health Care Information Access And Disclosure). Outside Entity shall ensure that its directors, officers, employees, contractors, and agents use or disclose PHI received from, or created or received on behalf of UW Medicine only in accordance with the provisions of this Agreement and federal and state law. Outside Entity shall not disclose PHI in any manner other than that permitted by this Agreement. Outside Entity further agrees that all information accessed through the UW Medicine Information System will be maintained in the strictest confidentiality and in the same manner as Outside Entity safeguards the confidentiality of their PHI and as required by state and federal law.
Use or Disclosure of PHI. The Facility may use and/or disclose your PHI for purposes related to your care, payment for your care, and health care operations of the Facility. The following are examples of the types of uses and/or disclosures of your PHI that may occur. These examples are not meant to include all possible types of use and/or disclosure.
Use or Disclosure of PHI. A. Neither Site User nor any Authorized User shall use or disclose protected health information (“PHI”) obtained through AHS CARELINK in any manner that would constitute a violation of federal law, including, but not limited to, HIPAA, or state law, including but not limited to state laws governing specially protected PHI, such as mental health information and HIV information. Site User shall ensure that its directors, officers, employees, contractors, representatives and agents, or those to whom Site User grants access pursuant to this Agreement, use (access) and disclose PHI obtained through AHS CARELINK only in accordance with the provisions of this Agreement and federal and state law. Site User shall not disclose PHI in any manner other than as permitted by this Agreement. Site User further agrees that all information accessed through AHS CARELINK will be maintained in the strictest confidentiality and in the same manner as Site User safeguards the confidentiality of other patient care records, or as required by state and federal law.
B. Site User and each Authorized User agree to implement and utilize AHS CARELINK solely for the purposes of treatment, payment related activities, and/or limited health care operations (e.g., case management and care coordination) relevant to their mutual patient, or other Approved Activities, as appropriate, to the extent permitted without patient authorization by HIPPA.
C. Site User agrees that it will implement all appropriate technical, administrative and physical safeguards to prevent unauthorized use or disclosure of PHI. Site User agrees to comply with all federal and state laws and regulations regarding privacy, security, and electronic exchange of health information, as currently enacted or amended in the future.
D. Site User shall use AHS CARELINK to access patient records consistent with the minimum necessary requirements of HIPAA and its implementing regulations. Site User is solely responsible for ensuring that its Authorized Users request and access only the minimum necessary information relevant to carrying out their duties to the patients at issue.
E. The duties outlined in this Section 2 shall survive the termination of this Agreement.
Use or Disclosure of PHI. A. Outside Entity shall not use or disclose PHI received from Cone Health in any manner that would constitute a violation of federal or state law, including, but not limited to, HIPAA. Outside Entity shall ensure that only its Authorized Users use or disclose PHI received from, or created or received on behalf of, Cone Health only in accordance with the provisions of this Agreement and federal and state law. Outside Entity shall not disclose PHI in any manner other than as permitted by this Agreement. Outside Entity further agrees that all information accessed, viewed, or downloaded through the System will be maintained in the strictest confidence and, at a minimum, as required by state and federal law. In the event that the privacy and security standards employed by Outside Entity exceed state and federal requirements, Outside Entity shall protect such data in the same manner as Outside Entity safeguards the confidentiality of other patient care records. Outside Entity further agrees that it will implement all appropriate safeguards to prevent unauthorized use or disclosure of PHI or intrusion to Cone Health systems.
X. Xxxx Health and Outside Entity shall comply in all material respects with the standards for privacy of individually identifiable health information of the Administrative Simplification subtitle of HIPAA and state law, as applicable. If applicable, Outside Entity recognizes its status as a “covered entity” under HIPAA and agrees to carry out its responsibilities under this Agreement in accordance with such status.
Use or Disclosure of PHI. A. Outside Entity shall not use or disclose PHI received from Connecticut Children’s in any manner that would constitute a violation of federal or state law, including, but not limited to, HIPAA. Outside Entity agrees to implement and utilize the System and shall use the System in accordance with any network security policies issued by Connecticut Children’s from time to time.
B. Outside Entity shall, within one (1) working day of becoming aware of an unauthorized use or disclosure of PHI by Outside Entity, its officers, directors, employees, contractors, agents or by a third party to which Outside Entity disclosed PHI, report any such disclosure to Connecticut Children’s. Such notice shall be made to the following:
C. If at any time Outside Entity has reason to believe that PHI transmitted pursuant to this Agreement may have been accessed or disclosed without proper authorization and contrary to the terms of this Agreement, Outside Entity will immediately give Connecticut Children’s notice and take actions to eliminate the cause of the breach. To the extent Connecticut Children’s deems warranted, in its sole discretion, Connecticut Children’s will provide notice (at Outside Entity’s expense) or require Outside Entity (at its own expense) to provide notice to individuals whose PHI may have been improperly accessed or disclosed. In the event credit monitoring is necessary for affected individuals, it shall be provided at Outside Entity’s sole cost and expense.
D. Outside Entity shall obtain the written approval of Connecticut Children’s prior to allowing any agent or subcontractor access to PHI that is created or received on behalf of Connecticut Children’s. In the event that Connecticut Children’s consents to such third party access on a case-by-case basis, Outside Entity shall ensure that the agent or subcontractor agrees to be bound by the same restrictions, terms and conditions that apply to Outside Entity through this Agreement.
Use or Disclosure of PHI. A. Outside Entity shall not use or disclose PHI received from Hospital in any manner that would constitute a violation of federal or state law, including, but not limited to, HIPAA. Outside Entity shall ensure that its directors, officers, employees, contractors, and agents use or disclose PHI received from, or created or received on behalf of Hospital only in accordance with the provisions of this Agreement and federal and state law. Outside Entity shall not disclose PHI in any manner other than as permitted by this Agreement. Outside Entity further agrees that all
B. Outside Entity agrees to implement and utilize the System and shall provide Hospital with access to a patient’s EHR that are created, maintained, transmitted, or received using the System when such patient is also a patient of Hospital solely for the purposes of treatment, payment, or health care operations to the extent permitted without patient authorization by HIPAA. Outside Entity shall use the System in accordance with any network security policies issued by Hospital from time to time.
C. Hospital and Outside Entity shall comply in all material respects with the standards for privacy of individually identifiable health information of the Administrative Simplification subtitle of HIPAA. Hospital and Outside Entity recognize their status as “covered entities” under HIPAA and agree to carry out their responsibilities under this Agreement in accordance with such status. Additionally, the Outside Entity shall not redisclose Hospital's records except for the purpose of treatment, payment or operations.
Use or Disclosure of PHI. A. Outside Entity shall not use or disclose PHI received from UC Health, through the System or otherwise, or created or received on behalf of UC Health, in any manner that would constitute a violation of federal or state law, including, but not limited to, HIPAA, or that would conflict with the IRB approved protocol or research agreement. Outside Entity shall ensure that its executives, directors, officers, employees, contractors, subcontractors, Authorized Users, and agents (“Key Personnel”) use or disclose PHI received from UC Health, through the System or otherwise, or created or received on behalf of UC Health, only in accordance with the provisions of this Agreement and federal and state law. Outside Entity shall not disclose PHI in any manner other than as permitted by this Agreement. Outside Entity further agrees that all information accessed through the System will be maintained in the strictest confidentiality and in the same manner as Outside Entity safeguards the confidentiality of other Study Participant care records and as required by state and federal law.
B. UC Health will provide Outside Entity with access to a Study Participant’s EHR that is created, maintained, transmitted, or received using the System solely for the purposes of research activities as permitted by HIPAA, FDA and federal human subject guidelines. Outside Entity shall use the System in accordance with all security policies and best practices necessary to maintain HIPAA Privacy and Security compliance, and compliance with IRB approved protocol or research agreement.
C. UC Health and Outside Entity shall comply in all material respects with the standards for privacy, security, and electronic transmission of individually identifiable health information of the Administrative Simplification subtitle of HIPAA. Outside Entity recognizes UC Health’s status as a “covered entity” under HIPAA and agrees to carry out its responsibilities under this Agreement in accordance with such status.
Use or Disclosure of PHI. A. Outside Entity shall not use or disclose PHI received from WFUBMC in any manner that would constitute a violation of federal or state law, including, but not limited to, HIPAA. Outside Entity shall ensure that only its directors, officers, employees, contractors, and agents use or disclose PHI received from, or created
B. Outside Entity agrees to implement and utilize the System and shall provide WFUBMC with access to a patient’s EHR located on any system implemented or utilized by Outside Entity that are created, maintained, transmitted, or received using the System when such patient is also a patient of WFUBMC. WFUBMC agrees that such HER shall be used solely for the purposes of treatment, payment, or health care operations to the extent permitted without patient authorization by HIPAA. Outside Entity shall use the System in accordance with any policies issued by WFUBMC from time to time.
C. WFUBMC and Outside Entity shall comply in all material respects with the standards for privacy of individually identifiable health information of the Administrative Simplification subtitle of HIPAA. Outside Entity recognizes its status as a “covered entity” under HIPAA and agrees to carry out its responsibilities under this Agreement in accordance with such status.
