Electronic Protected Health Information “Electronic Protected Health Information” means individually identifiable health information that is transmitted by or maintained in electronic media.
ACCESS TO PROTECTED HEALTH INFORMATION 7.1 To the extent Covered Entity determines that Protected Health Information is maintained by Business Associate or its agents or Subcontractors in a Designated Record Set, Business Associate shall, within two (2) business days after receipt of a request from Covered Entity, make the Protected Health Information specified by Covered Entity available to the Individual(s) identified by Covered Entity as being entitled to access and shall provide such Individuals(s) or other person(s) designated by Covered Entity with a copy the specified Protected Health Information, in order for Covered Entity to meet the requirements of 45 C.F.R. § 164.524.
7.2 If any Individual requests access to Protected Health Information directly from Business Associate or its agents or Subcontractors, Business Associate shall notify Covered Entity in writing within two (2) days of the receipt of the request. Whether access shall be provided or denied shall be determined by Covered Entity.
7.3 To the extent that Business Associate maintains Protected Health Information that is subject to access as set forth above in one or more Designated Record Sets electronically and if the Individual requests an electronic copy of such information, Business Associate shall provide the Individual with access to the Protected Health Information in the electronic form and format requested by the Individual, if it is readily producible in such form and format; or, if not, in a readable electronic form and format as agreed to by Covered Entity and the Individual.
Data Protection and Privacy:
Protected Health Information Party shall maintain the privacy and security of all individually identifiable health information acquired by or provided to it as a part of the performance of this Agreement. Party shall follow federal and state law relating to privacy and security of individually identifiable health information as applicable, including the Health Insurance Portability and Accountability Act (HIPAA) and its federal regulations.
Safeguarding and Protecting Children and Vulnerable Adults The Supplier will comply with all applicable legislation and codes of practice, including, where applicable, all legislation and statutory guidance relevant to the safeguarding and protection of children and vulnerable adults and with the British Council’s Child Protection Policy, as notified to the Supplier and amended from time to time, which the Supplier acknowledges may include submitting to a check by the UK Disclosure & Barring Service (DBS) or the equivalent local service; in addition, the Supplier will ensure that, where it engages any other party to supply any of the Services under this Agreement, that that party will also comply with the same requirements as if they were a party to this Agreement.
Virus Protection The Bank is not responsible for any electronic virus or viruses that you may encounter. We suggest that you routinely scan your PC using a virus protection product. An undetected virus may corrupt and destroy your programs, files, and your hardware.
Freedom of Information and Transparency 20.1 The Recipient acknowledges that the Commissioner is subject to the provisions of the FOIA and agrees to assist and co-operate with the Commissioner (at the Recipient’s expense) where necessary to enable the Commissioner to comply with any requests received under the FOIA relating to this Agreement. This includes, but is not limited to, transferring to the Commissioner any request received by the Recipient under the FOIA relating to this Agreement as soon as practicable following receipt and in any event within three working days of receipt.
20.2 In no event shall the Recipient respond to a request under the FOIA relating to this Agreement without obtaining the prior written consent of the Commissioner.
20.3 The Recipient acknowledges that the Commissioner may be obliged to disclose information under the FOIA:
20.3.1 Without consulting the Recipient; or
20.3.2 Following consultation with the Recipient and having taken into account its views. Provided that where clause 20.3.1 applies the Commissioner shall, in accordance with the recommendations of the Secretary of State for Constitutional Affairs’ Code of Practice on the discharge of a public authorities’ functions under Part 1 of FOIA, take reasonable steps, to give the Recipient advanced notice or to draw the disclosure to the Recipient’s attention after any such disclosure.
20.4 The Recipient shall ensure it retains for disclosure all information (as defined in the FOIA) produced in the course of this Agreement or relating to this Agreement and shall allow the Commissioner to inspect such records from time to time upon request.
20.5 The Recipient acknowledges that the Commissioner is subject to certain transparency and disclosure obligations set out in the Elected Local Policing Bodies Specified Information Order 2011 (as amended) (“Transparency Obligations”)
20.6 The Recipient consents to the Commissioner publishing the contents of this Agreement and information regarding any tender process related to the Purpose of the Agreement to enable the Commissioner to comply with their Transparency Obligations.
20.7 The Recipient acknowledges that:
20.7.1 The Commissioner shall be responsible for determining, at their absolute discretion, whether any information is exempt from disclosure or should be disclosed pursuant to the FOIA and/or the Transparency Obligations and to what extent any information disclosed shall be redacted; and
20.7.2 Any lists or schedules provided by the Recipient outlining confidential information are of an indicative value only and that the Commissioner may be obliged to disclose confidential information in accordance with Clause 20.3 and/or Clause 20.5.
Access to Protected Information If BA maintains a designated record set on behalf of CE, BA shall make Protected Information maintained by BA or its agents or subcontractors in Designated Record Sets available to CE for inspection and copying within five (5) days of a request by CE to enable CE to fulfill its obligations under state law [Health and Safety Code Section 123110] and the Privacy Rule, including, but not limited to, 45 C.F.R. Section 164.524 [45 C.F.R. Section 164.504(e)(2)(ii)(E)]. If BA maintains Protected Information in electronic format, BA shall provide such information in electronic format as necessary to enable CE to fulfill its obligations under the HITECH Act and HIPAA Regulations, including, but not limited to, 42 U.S.C. Section 17935(e) and 45 C.F.R. Section 164.524.
Amendment of Protected Health Information 8.1 To the extent Covered Entity determines that any Protected Health Information is maintained by Business Associate or its agents or Subcontractors in a Designated Record Set, Business Associate shall, within ten (10) business days after receipt of a written request from Covered Entity, make any amendments to such Protected Health Information that are requested by Covered Entity, in order for Covered Entity to meet the requirements of 45 C.F.R. § 164.526.
8.2 If any Individual requests an amendment to Protected Health Information directly from Business Associate or its agents or Subcontractors, Business Associate shall notify Covered Entity in writing within five (5) days of the receipt of the request. Whether an amendment shall be granted or denied shall be determined by Covered Entity.
Whistleblower Protections and Trade Secrets Notwithstanding anything to the contrary contained herein, nothing in this Agreement prohibits Executive from reporting possible violations of federal law or regulation to any United States governmental agency or entity in accordance with the provisions of and rules promulgated under Section 21F of the Securities Exchange Act of 1934 or Section 806 of the Xxxxxxxx-Xxxxx Act of 2002, or any other whistleblower protection provisions of state or federal law or regulation (including the right to receive an award for information provided to any such government agencies). Furthermore, in accordance with 18 U.S.C. § 1833, notwithstanding anything to the contrary in this Agreement: (i) Executive shall not be in breach of this Agreement, and shall not be held criminally or civilly liable under any federal or state trade secret law (x) for the disclosure of a trade secret that is made in confidence to a federal, state, or local government official or to an attorney solely for the purpose of reporting or investigating a suspected violation of law, or (y) for the disclosure of a trade secret that is made in a complaint or other document filed in a lawsuit or other proceeding, if such filing is made under seal; and (ii) if Executive files a lawsuit for retaliation by the Company for reporting a suspected violation of law, Executive may disclose the trade secret to Executive’s attorney, and may use the trade secret information in the court proceeding, if Executive files any document containing the trade secret under seal, and does not disclose the trade secret, except pursuant to court order.
Safeguards for Personal Information Supplier agrees to develop, implement, maintain, and use administrative, technical, and physical safeguards, as deemed appropriate by DXC, to preserve the security, integrity and confidentiality of, and to prevent intentional or unintentional non-permitted or violating use or disclosure of, and to protect against unauthorized access to or accidental or unlawful destruction, loss, or alteration of, the Personal Information Processed, created for or received from or on behalf of DXC in connection with the Services, functions or transactions to be provided under or contemplated by this Agreement. Such safeguards shall meet all applicable legal standards (including any encryption requirements imposed by law) and shall meet or exceed accepted security standards in the industry, such as ISO 27001/27002. Supplier agrees to document and keep these safeguards current and shall make the documentation available to DXC upon request. Supplier shall ensure that only Supplier’s employees or representatives who may be required to assist Supplier in meeting its obligations under this Agreement shall have access to the Personal Information.
