Audits, Inspection and Enforcement. Within ten (10) days of a request by CE, BA and its agents and subcontractors shall allow CE or its agents or subcontractors to conduct a reasonable inspection of the facilities, systems, books, records, agreements, policies and procedures relating to the use or disclosure of Protected Information pursuant to this Addendum for the purpose of determining whether BA has complied with this Addendum or maintains adequate security safeguards; provided, however, that (i) BA and CE shall mutually agree in advance upon the scope, timing, and location of such an inspection, (ii) CE shall protect the confidentiality of all confidential and proprietary information of BA to which CE has access during the course of such inspection; and (iii) CE shall execute a nondisclosure agreement, upon terms mutually agreed upon by the parties, if requested by BA. The fact that CE inspects, or fails to inspect, or has the right to inspect, BA’s facilities, systems, books, records, agreements, policies, and procedures does not relieve BA of its responsibility to comply with this Addendum, nor does CE’s (i) failure to detect or (ii) detection, but failure to notify BA or require BA’s remediation of any unsatisfactory practices, constitute acceptance of such practice or a waiver of CE’s enforcement rights under the Contract or Addendum. BA shall notify CE within five (5) days of learning that BA has become the subject of an audit, compliance review, or complaint investigation by the Office of Civil Rights or other state or federal government entity.
Audits, Inspection and Enforcement. From time to time, County may inspect the facilities, systems, books and records of Business Associate to monitor compliance with this Agreement and this Addendum. Business Associate shall promptly remedy any violation of any provision of this Addendum and shall certify the same to the County Compliance Manager in writing. The fact that County inspects, or fails to inspect, or has the right to inspect, Business Associate’s facilities, systems and procedures does not relieve Business Associate of its responsibility to comply with this Addendum, nor does County:
A. Failure to detect; or
B. Detection, but failure to notify Business Associate or require Business Associate’s remediation of any unsatisfactory practices constitute acceptance of such practice or a waiver of County enforcement rights under this Agreement and this Addendum.
Audits, Inspection and Enforcement. CE may, after providing reasonable notice to the BA, conduct an inspection of the facilities, systems, books, logs and records of BA that relate to BA’s use of CE’s PHI, including inspecting logs showing the creation, modification, viewing, and deleting of PHI at BA’s level. Failure by CE to inspect does not waive any rights of the CE or relieve BA of its responsibility to comply with this BAA. CE's failure to detect or failure to require remediation does not constitute acceptance of any practice or waive any rights of CE to enforce this BAA. Notwithstanding BA’s obligation to report under paragraph 3.c of this BAA, BA shall provide a monthly report to CE detailing the unauthorized, or reasonable belief of unauthorized, acquisition, access, use, or disclosure of CE’s PHI, including any unauthorized creation, modification, or destruction of PHI and unauthorized login attempts. BA shall include privileged and nonprivileged accounts in its audit and report, indicating the unique individual using the privileged account. BA shall also indicate whether CE’s PHI subject to unauthorized activity was encrypted or destroyed at the time of the unauthorized activity. BA shall provide a yearly report to CE that lists the names of all individuals with technical or physical access to CE’s PHI and the scope of that access.
Audits, Inspection and Enforcement. Within ten (10) business days of a written request by CE, Associate and its agents or Subcontractors shall allow CE to conduct a reasonable inspection of the facilities, systems, books, records, agreements, policies and procedures relating to the use or disclosure of Protected Information pursuant to this Addendum for the purpose of determining whether Associate has complied with this Addendum; provided, however, that: (i) Associate and CE shall mutually agree in advance upon the scope, timing and location of such an inspection; and (ii) CE shall protect the confidentiality of all confidential and proprietary information of Associate to which CE has access during the course of such inspection. The fact that CE inspects, or fails to inspect, or has the right to inspect, Associate’s facilities, systems, books, records, agreements, policies and procedures does not relieve Associate of its responsibility to comply with this Addendum, nor does CE’s (i) failure to detect or (ii) detection, but failure to notify Associate or require Associate’s remediation of any unsatisfactory practices, constitute acceptance of such practice or a waiver of CE’s enforcement rights under the Contract.
Audits, Inspection and Enforcement. Within ten (10) days of a written request by County, Contractor and its agents or subcontractors shall allow County to conduct a reasonable inspection of the facilities, systems, books, records, agreements, contracts, policies and procedures relating to the use or disclosure of Protected Information pursuant to this Exhibit “I” for the purpose of determining whether Contractor has complied with this Exhibit; provided, however, that (i) Contractor and County shall mutually agree in advance upon the scope, timing and location of such an inspection, (ii) County shall protect the confidentiality of all confidential and proprietary information of Contractor to which County has access during the course of such inspection; and (iii) County shall execute a nondisclosure agreement, upon terms mutually agreed upon by the parties, if requested by Contractor. The fact that County inspects, or fails to inspect, or has the right to inspect, Contractor’s facilities, systems, books, records, agreements, contracts, policies and procedures does not relieve Contractor of its responsibility to comply with this Exhibit “I”, nor does County’s (i) failure to detect or (ii) detection, but failure to notify Contractor or require Contractor’s remediation of any unsatisfactory practices, constitute acceptance of such practice or a waiver of County’s enforcement rights under the Contract or this Exhibit “I”. Contractor shall notify County within ten (10) business days of learning that Contractor has become the subject of an audit, compliance review, or complaint investigation by the Office for Civil Rights.
Audits, Inspection and Enforcement. If Contractor is the subject of an audit, compliance review, or complaint investigation by the Secretary or the Office for Civil Rights, U.S. Department of Health and Human Services, that is related to the performance of its obligations pursuant to this HIPAA Business Associate Exhibit E-1,Contractor shall immediately notify the Department. Upon request from the Department, Contractor shall provide the Department with a copy of any Department PHI that Contractor, as the Business Associate, provides to the Secretary or the Office of Civil Rights concurrently with providing such PHI to the Secretary. Contractor is responsible for any civil penalties assessed due to an audit or investigation of Contractor, in accordance with 42 U.S.C. Section 17934(c).
Audits, Inspection and Enforcement. A. From time to time, DHCS may inspect the facilities, systems, books and records of Business Associate to monitor compliance with this Agreement and this Addendum. Business Associate shall promptly remedy any violation of any provision of this Addendum and shall certify the same to the DHCS Privacy Officer in writing. The fact that DHCS inspects, or fails to inspect, or has the right to inspect, Business Associate’s facilities, systems and procedures does not relieve Business Associate of its responsibility to comply with this Addendum, nor does DHCS’:
1. Failure to detect or
2. Detection, but failure to notify Business Associate or require Business Associate’s remediation of any unsatisfactory practices constitute acceptance of such practice or a waiver of DHCS’ enforcement rights under this Agreement and this Addendum.
B. If Business Associate is the subject of an audit, compliance review, or complaint investigation by the Secretary or the Office of Civil Rights, U.S. Department of Health and Human Services, that is related to the performance of its obligations pursuant to this HIPAA Business Associate Addendum, Business Associate shall notify DHCS and provide DHCS with a copy of any PHI or PI that Business Associate provides to the Secretary or the Office of Civil Rights concurrently with providing such PHI or PI to the Secretary. Business Associate is responsible for any civil penalties assessed due to an audit or investigation of Business Associate, in accordance with 42 U.S.C. section 17934(c).
Audits, Inspection and Enforcement. A. Contractor agrees to allow the DSH to inspect its facilities and systems, and make available for review its books and records to enable the DSH to monitor compliance with the terms of this Agreement and audit invoices submitted to the DSH.
B. Contractor shall promptly remedy any violation of any provision of this Agreement to the satisfaction of the DSH.
C. The fact that the DSH inspects, or fails to inspect, or has the right to inspect Contractor’s facilities, systems, books and records does not relieve Contractor of its responsibility to independently monitor its compliance with this Agreement.
D. The DSH’s failure to detect or the DSH’s detection of any unsatisfactory practices, but failure to notify Contractor or require Contractor’s remediation of the unsatisfactory practices does not constitute acceptance of such practice or a waiver of the DSH’s enforcement rights under the Agreement.
Audits, Inspection and Enforcement. 20.1 From time to time, DHCS may inspect the facilities, systems, books and records of Business Associate to monitor compliance with this Agreement. Business Associate shall promptly remedy any violation of this Agreement and shall certify the same to the DHCS Privacy Officer in writing. Whether or how DHCS exercises this provision shall not in any respect relieve Business Associate of its responsibility to comply with this Agreement.
20.2 If Business Associate is the subject of an audit, compliance review, investigation or any proceeding that is related to the performance of its obligations pursuant to this Agreement, or is the subject of any judicial or administrative proceeding alleging a violation of HIPAA, Business Associate shall promptly notify DHCS unless it is legally prohibited from doing so.
Audits, Inspection and Enforcement. Within ten (10) days of a written request by CE, BA and its agents or subcontractors shall allow CE to conduct a reasonable inspection of the facilities, systems, books, records, agreements, contracts, policies and procedures relating to the use or disclosure of Protected Information pursuant to this Exhibit “M” for the purpose of determining whether BA has complied with this Exhibit; provided,