Part 164. The policies and controls shall include, but not be limited to:
Part 164. In the event of a Breach requiring indemnification and hold harmless in accordance with subsection 5(u), below, the Covered Entity may elect to directly comply with breach notification requirements or require Business Associate to comply with all breach notifications requirements of 45 C.F.R. Part 164 on behalf of the Covered Entity. If the Covered Entity requires the Business Associate to comply with breach notification requirements, the Business Associate shall provide the Covered Entity with a detailed weekly, written report, starting one week following discovery of the Breach. The report shall include, at a minimum, the Business Associate’s progress regarding breach notification and mitigation of the Breach. If the Covered Entity elects to directly meet the requirements of 45 C.F.R. Part 164, the Business Associate shall be financially responsible to the Covered Entity for all resulting costs and fees incurred by the Covered Entity, including, but not limited to, labor, materials, or supplies. The Covered Entity may at its sole option: Offset amounts otherwise due and payable to Business Associate under the Agreement; or Seek reimbursement of or direct payment to a third party of the Covered Entity’s costs and fees incurred under this subsection. The Business Associate shall make payment to the Covered Entity (or a third party as applicable) within 30 days from the date of the Covered Entity’s written notice to the Business Associate.
Part 164. In the event Evaluator is operated by a state, federal, or municipal agency and therefore subject to applicable open records laws that may require Evaluator to release Confidential Information of NCPG, Evaluator agrees to promptly notify NCPG of any request under such laws for the release of such information. Further, Evaluator shall cooperate in good faith with NCPG and use its best efforts to assist NCPG in preventing the release of such information to the extent consistent with applicable law.
Part 164. B. Breach of Unsecured PHI shall have the meaning given to the terms “Breach” and “Unsecured Protected Health Information” at 45 C.F.R. § 164.402.
Part 164. Each enrollee is guaranteed the right to received information on the managed care program and plan into which he/she is enrolled. The Contractor must make available in electronic or paper form the provider directory as provided for in Section 2.8.H of this Agreement (Provider Network Lists). The Contractor must provide members, in adherence with 42 § C.F.R. 438.10(f)(4)with written notice of any significant changes in enrollee rights or information at least 30 days before the intended effective date of the change. The Contractor shall comply with requirements as specified in 42 C.F.R. §
