Business Associate Agreement This Agreement may require the exchange of information covered by the U.S. Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). A Business Associate Agreement (“BAA”) executed by the Parties is attached as Appendix [Letter C/D/E etc.].
CONFIDENTIALITY AND PRIVACY POLICIES AND LAWS The Contractor shall comply to the extent applicable with all State and Authorized User policies regarding compliance with various confidentiality and privacy laws, rules and regulations, including but not limited to the IRS Publication 1075, Family Educational Rights and Privacy Act (FERPA), the Health Insurance and Portability Act of 1996 (HIPAA) and the Health Information Technology for Economic and Clinical Health Act (HITECH). Contractor shall cooperate in executing a written confidentiality agreement under FERPA and/or a Business Associate Agreement (HIPAA/HITECH) or other contractual provisions upon request by the State or any Authorized User.
ATTACHMENT E BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement (“Agreement”) is entered into by and between the State of Vermont Agency of Human Services, operating by and through its Department of Vermont Health Access (“Covered Entity”) and OptumInsight, Inc. (“Business Associate”) as of June 6, 2014 (“Effective Date”). This Agreement supplements and is made a part of the contract/grant to which it is attached. Covered Entity and Business Associate enter into this Agreement to comply with standards promulgated under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), including the Standards for the Privacy of Individually Identifiable Health Information, at 45 CFR Parts 160 and 164 (“Privacy Rule”), and the Security Standards, at 45 CFR Parts 160 and 164 (“Security Rule”), as amended by Subtitle D of the Health Information Technology for Economic and Clinical Health Act (HITECH), and any associated federal rules and regulations. The parties agree as follows:
Provisions for Covered Entity to Inform Business Associate of Privacy Practices and Restrictions (a) Covered Entity shall notify Business Associate of any limitation(s) in the notice of privacy practices of Covered Entity under 45 CFR 164.520, to the extent that such limitation may affect Business Associate’s use or disclosure of protected health information.
Business Associate Contract A. GENERAL PROVISIONS AND RECITALS
Confidentiality Statement All persons that will be working with PHI COUNTY 21 discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of 22 COUNTY must sign a confidentiality statement that includes, at a minimum, General Use, Security and 23 Privacy Safeguards, Unacceptable Use, and Enforcement Policies. The statement must be signed by the 24 workforce member prior to access to such PHI. The statement must be renewed annually. The 25 CONTRACTOR shall retain each person’s written confidentiality statement for COUNTY inspection 26 for a period of six (6) years following the termination of the Agreement.
Confidentiality and Safeguarding of University Records; Press Releases; Public Information Under this Agreement, Contractor may (1) create, (2) receive from or on behalf of University, or (3) have access to, records or record systems (collectively, University Records). Among other things, University Records may contain social security numbers, credit card numbers, or data protected or made confidential or sensitive by Applicable Laws. [Option (Include if University Records are subject to FERPA.): Additional mandatory confidentiality and security compliance requirements with respect to University Records subject to the Family Educational Rights and Privacy Act, 20 United States Code (USC) §1232g (FERPA) are addressed in Section 12.41.] [Option (Include if University is a HIPAA Covered Entity and University Records are subject to HIPAA.): Additional mandatory confidentiality and security compliance requirements with respect to University Records subject to the Health Insurance Portability and Accountability Act and 45 Code of Federal Regulations (CFR) Part 160 and subparts A and E of Part 164 (collectively, HIPAA) are addressed in Section 12.26.] Contractor represents, warrants, and agrees that it will: (1) hold University Records in strict confidence and will not use or disclose University Records except as (a) permitted or required by this Agreement, (b) required by Applicable Laws, or (c) otherwise authorized by University in writing; (2) safeguard University Records according to reasonable administrative, physical and technical standards (such as standards established by the National Institute of Standards and Technology and the Center for Internet Security [Option (Include if Section 12.39 related to Payment Card Industry Data Security Standards is not include in this Agreement.):, as well as the Payment Card Industry Data Security Standards]) that are no less rigorous than the standards by which Contractor protects its own confidential information; (3) continually monitor its operations and take any action necessary to assure that University Records are safeguarded and the confidentiality of University Records is maintained in accordance with all Applicable Laws and the terms of this Agreement; and (4) comply with University Rules regarding access to and use of University’s computer systems, including UTS165 at xxxx://xxx.xxxxxxxx.xxx/board-of-regents/policy-library/policies/uts165-information-resources-use-and-security-policy. At the request of University, Contractor agrees to provide University with a written summary of the procedures Contractor uses to safeguard and maintain the confidentiality of University Records.
Confidentiality Privacy FTIS shall keep the Confidential Information (as defined in Section 16(a) below) of the Investment Company in confidence and will not use or disclose or allow access to or use of such Confidential Information except (A) as appropriate in connection with activities contemplated by this Agreement; (B) as required pursuant to a court order, subpoena, governmental or regulatory or self-regulatory authority or agency, law, regulation, or binding discovery request in pending litigation (provided the receiving party will provide the other party written notice of such requirement, to the extent such notice is permitted, and subject to proper jurisdiction, if applicable); (C) as requested by a governmental, regulatory or self-regulatory authority or agency in connection with an inquiry, examination, audit or other review; or (D) the information or data is relevant and material to any claim or cause of action between the parties or the defense of any claim or cause of action asserted against FTIS.
Confidentiality of Vendor Data Vendor understands and agrees that by signing this Agreement, all Vendor Data is hereby released to TIPS, TIPS Members, and TIPS third-party administrators to effectuate Vendor’s TIPS Contract except as provided for herein. The Parties agree that Vendor Data is accessible by all TIPS Members as if submitted directly to that TIPS Member Customer for purchase consideration. If Vendor otherwise considers any portion of Vendor’s Data to be confidential and not subject to public disclosure pursuant to Chapter 552 Texas Gov’t Code (the “Public Information Act”) or other law(s) and orders, Vendor must have identified the claimed confidential materials through proper execution of the Confidentiality Claim Form which is required to be submitted as part of Vendor’s proposal resulting in this Agreement and incorporated by reference. The Confidentiality Claim Form included in Vendor’s proposal and incorporated herein by reference is the sole indicator of whether Vendor considers any Vendor Data confidential in the event TIPS receives a Public Information Request. If TIPS receives a request, any responsive documentation not deemed confidential by you in this manner will be automatically released. For Vendor Data deemed confidential by you in this manner, TIPS will follow procedures of controlling statute(s) regarding any claim of confidentiality and shall not be liable for any release of information required by law, including Attorney General determination and opinion. In the event that TIPS receives a written request for information pursuant to the Public Information Act that affects Vendor’s interest in any information or data furnished to TIPS by Vendor, and TIPS requests an opinion from the Attorney General, Vendor may, at its own option and expense, prepare comments and submit information directly to the Attorney General stating why the requested information is exempt from disclosure pursuant to the requirements of the Public Information Act. Vendor is solely responsible for submitting the memorandum brief and information to the Attorney General within the time period prescribed by the Public Information Act. Notwithstanding any other information provided in this solicitation or Vendor designation of certain Vendor Data as confidential or proprietary, Vendor’s acceptance of this TIPS Vendor Agreement constitutes Vendor’s consent to the disclosure of Vendor’s Data, including any information deemed confidential or proprietary, to TIPS Members or as ordered by a Court or government agency, including without limitation the Texas Attorney General. Vendor agrees that TIPS shall not be responsible or liable for any use or distribution of information or documentation by TIPS Members or as required by law.
CONFIDENTIALITY PROVISIONS (a) Each Management Stockholder acknowledges, represents, and agrees that: (i) the Company’s financial statements and any other Confidential Information (as defined below) that the Company may, in its sole discretion, furnish to the Stockholders contain confidential, proprietary, and material nonpublic information about the Company; (ii) it shall keep the Confidential Information and all information therein secret and confidential; (iii) it shall hold same in accordance with its customary procedures, if any, for handling confidential information on investments; (iv) it shall not disclose the Confidential Information or any information therein to anyone except (A) to its Affiliates (that do not compete with, or engage in any of the same businesses as, the Company), officers, directors, employees, agents or advisors, who are directly involved in the administration of its stockholding in the Company, all of whom must be advised of and agree to adhere to the terms of this Section 6, (B) as required by law, or (C) as requested or required by any provincial, state, federal, national or foreign authority or examiner regulating banks or banking or claiming to have the authority to regulate banks or banking; (v) it shall be responsible for any breach of the terms of this Section 6 committed to anyone to whom it disclosed the Confidential Information or any information therein; (vi) it shall not use the Confidential Information or any information therein for any purpose other than for appropriate purposes in connection with its stockholding in the Company; and (vii) in the event of any breach of the terms of this Section 6, the Company shall be entitled to specific performance and/or injunctive relief (without bond) as a remedy for any such breach, in addition to all other remedies available at law or in equity, and shall be entitled to reimbursement of all legal fees and litigation expenses incurred in enforcing the terms of this Section 6.
