Audits, Inspection and Enforcement. Within ten (10) days of a request by CE, BA and its agents and subcontractors shall allow CE or its agents or subcontractors to conduct a reasonable inspection of the facilities, systems, books, records, agreements, policies and procedures relating to the use or disclosure of Protected Information pursuant to this Addendum for the purpose of determining whether BA has complied with this Addendum or maintains adequate security safeguards; provided, however, that (i) BA and CE shall mutually agree in advance upon the scope, timing, and location of such an inspection, (ii) CE shall protect the confidentiality of all confidential and proprietary information of BA to which CE has access during the course of such inspection; and (iii) CE shall execute a nondisclosure agreement, upon terms mutually agreed upon by the parties, if requested by BA. The fact that CE inspects, or fails to inspect, or has the right to inspect, BA’s facilities, systems, books, records, agreements, policies, and procedures does not relieve BA of its responsibility to comply with this Addendum, nor does CE’s (i) failure to detect or (ii) detection, but failure to notify BA or require BA’s remediation of any unsatisfactory practices, constitute acceptance of such practice or a waiver of CE’s enforcement rights under the Contract or Addendum. BA shall notify CE within five (5) days of learning that BA has become the subject of an audit, compliance review, or complaint investigation by the Office of Civil Rights or other state or federal government entity.
Audits, Inspection and Enforcement. From time to time, County may inspect the facilities, systems, books and records of Business Associate to monitor compliance with this Agreement and this Addendum. Business Associate shall promptly remedy any violation of any provision of this Addendum and shall certify the same to the County Compliance Manager in writing. The fact that County inspects, or fails to inspect, or has the right to inspect, Business Associate’s facilities, systems and procedures does not relieve Business Associate of its responsibility to comply with this Addendum, nor does County:
Audits, Inspection and Enforcement. CE may, after providing reasonable notice to the BA, conduct an inspection of the facilities, systems, books, logs and records of BA that relate to BA’s use of CE’s PHI, including inspecting logs showing the creation, modification, viewing, and deleting of PHI at BA’s level. Failure by CE to inspect does not waive any rights of the CE or relieve BA of its responsibility to comply with this BAA. CE's failure to detect or failure to require remediation does not constitute acceptance of any practice or waive any rights of CE to enforce this BAA. Notwithstanding BA’s obligation to report under paragraph 3.c of this BAA, BA shall provide a monthly report to CE detailing the unauthorized, or reasonable belief of unauthorized, acquisition, access, use, or disclosure of CE’s PHI, including any unauthorized creation, modification, or destruction of PHI and unauthorized login attempts. BA shall include privileged and nonprivileged accounts in its audit and report, indicating the unique individual using the privileged account. BA shall also indicate whether CE’s PHI subject to unauthorized activity was encrypted or destroyed at the time of the unauthorized activity. BA shall provide a yearly report to CE that lists the names of all individuals with technical or physical access to CE’s PHI and the scope of that access.
Audits, Inspection and Enforcement. Within ten (10) business days of a written request by CE, Associate and its agents or Subcontractors shall allow CE to conduct a reasonable inspection of the facilities, systems, books, records, agreements, policies and procedures relating to the use or disclosure of Protected Information pursuant to this Addendum for the purpose of determining whether Associate has complied with this Addendum; provided, however, that: (i) Associate and CE shall mutually agree in advance upon the scope, timing and location of such an inspection; and (ii) CE shall protect the confidentiality of all confidential and proprietary information of Associate to which CE has access during the course of such inspection. The fact that CE inspects, or fails to inspect, or has the right to inspect, Associate’s facilities, systems, books, records, agreements, policies and procedures does not relieve Associate of its responsibility to comply with this Addendum, nor does CE’s (i) failure to detect or (ii) detection, but failure to notify Associate or require Associate’s remediation of any unsatisfactory practices, constitute acceptance of such practice or a waiver of CE’s enforcement rights under the Contract.
Audits, Inspection and Enforcement. 20.1 From time to time, DHCS may inspect the facilities, systems, books and records of Business Associate to monitor compliance with this Agreement. Business Associate shall promptly remedy any violation of this Agreement and shall certify the same to the DHCS Privacy Officer in writing. Whether or how DHCS exercises this provision shall not in any respect relieve Business Associate of its responsibility to comply with this Agreement.
Audits, Inspection and Enforcement. Within ten (10) days of a written request by County, Contractor and its agents or subcontractors shall allow County to conduct a reasonable inspection of the facilities, systems, books, records, agreements, contracts, policies and procedures relating to the use or disclosure of Protected Information pursuant to this Exhibit “I” for the purpose of determining whether Contractor has complied with this Exhibit; provided, however, that (i) Contractor and County shall mutually agree in advance upon the scope, timing and location of such an inspection, (ii) County shall protect the confidentiality of all confidential and proprietary information of Contractor to which County has access during the course of such inspection; and (iii) County shall execute a nondisclosure agreement, upon terms mutually agreed upon by the parties, if requested by Contractor. The fact that County inspects, or fails to inspect, or has the right to inspect, Contractor’s facilities, systems, books, records, agreements, contracts, policies and procedures does not relieve Contractor of its responsibility to comply with this Exhibit “I”, nor does County’s (i) failure to detect or (ii) detection, but failure to notify Contractor or require Contractor’s remediation of any unsatisfactory practices, constitute acceptance of such practice or a waiver of County’s enforcement rights under the Contract or this Exhibit “I”. Contractor shall notify County within ten (10) business days of learning that Contractor has become the subject of an audit, compliance review, or complaint investigation by the Office for Civil Rights.
Audits, Inspection and Enforcement. If Contractor is the subject of an audit, compliance review, or complaint investigation by the Secretary or the Office for Civil Rights, U.S. Department of Health and Human Services, that is related to the performance of its obligations pursuant to this HIPAA Business Associate Exhibit E-1,Contractor shall immediately notify the Department. Upon request from the Department, Contractor shall provide the Department with a copy of any Department PHI that Contractor, as the Business Associate, provides to the Secretary or the Office of Civil Rights concurrently with providing such PHI to the Secretary. Contractor is responsible for any civil penalties assessed due to an audit or investigation of Contractor, in accordance with 42 U.S.C. Section 17934(c).
Audits, Inspection and Enforcement. A. Contractor agrees to allow the DSH to inspect its facilities and systems, and make available for review its books and records to enable the DSH to monitor compliance with the terms of this Agreement and audit invoices submitted to the DSH.
Audits, Inspection and Enforcement. Within 10 days written notice, upon a reasonable determination by the Covered Entity that Business Associate has breached this BAS, the Covered Entity may conduct a reasonable inspection of Business Associate's facilities, systems, books and records governing the privacy and security of PHI ; provided, however, that (i) the parties shall mutually agree in advance upon the reasonable scope, timing, and location of such inspection; (ii) Covered Entity shall protect the confidentiality of all confidential and proprietary information of Business Associate to which Covered Entity has access during the course of such inspection; and (iii) upon request of Business Associate, Covered Entity agrees to execute a nondisclosure agreement prior to such inspection, upon terms mutually agreed upon by the parties. Business Associate shall promptly remedy any violation of any term of this BAS and shall certify the same to the Covered Entity in writing. The fact that the Covered Entity inspects, or fails to inspect, or has the right to inspect, Business Associate's facilities, systems and procedures does not relieve Business Associate of its responsibility to comply with this BAS, nor does the Covered Entity's (i) failure to detect or (ii) detection, but failure to notify Business Associate or require Business Associate's remediation of any unsatisfactory practices constitute acceptance of such practice or a waiver of the Covered Entity's enforcement rights under this BAS. Business Associate shall fully cooperate with the U.S. Department of Health and Human Services, as the primary enforcer of the HIPAA, who shall conduct periodic compliance audits to ensure that both Business Associate and the Covered Entity are compliant.
Audits, Inspection and Enforcement. From time to time, COUNTY may inspect the facilities, systems, books and records of Business Associate to monitor compliance with this Agreement and this Addendum. Business Associate shall promptly remedy any violation of any provision of this Addendum and shall certify the same to the COUNTY Compliance Officer in writing. The fact that COUNTY inspects, or fails to inspect, or has the right to inspect, Business Associate’s facilities, systems and procedures does not relieve Business Associate of its responsibility to comply with this Addendum, nor does COUNTY: