Obligation of Pharmacy Benefit Manager – Unauthorized Uses and Disclosures Sample Clauses

Open Split View

Download

Share

Cite

Obligation of Pharmacy Benefit Manager – Unauthorized Uses and Disclosures. The Pharmacy Benefit Manager will:

Sample 1

Save

Copy

Related to Obligation of Pharmacy Benefit Manager – Unauthorized Uses and Disclosures

• Permitted Uses and Disclosures of Phi by Business Associate Except as otherwise indicated in this Agreement, Business Associate may use or disclose PHI, inclusive of de-identified data derived from such PHI, only to perform functions, activities or services specified in this Agreement on behalf of DHCS, provided that such use or disclosure would not violate HIPAA or other applicable laws if done by DHCS.

• Permitted Uses and Disclosures by Business Associate 1. Business Associate may only use or disclose protected health information as necessary to perform the services as outlined in the underlying agreement.

• Permitted Uses and Disclosure by Business Associate (1) General Use and Disclosure Provisions Except as otherwise limited in this Section of the Contract, Business Associate may use or disclose PHI to perform functions, activities, or services for, or on behalf of, Covered Entity as specified in this Contract, provided that such use or disclosure would not violate the HIPAA Standards if done by Covered Entity or the minimum necessary policies and procedures of the Covered Entity.

• Permitted Uses and Disclosures of PHI 2.1 Unless otherwise limited herein, Business Associate may:

• Permitted Uses and Disclosures of Protected Health Information Business Associate:

• PERMITTED USES AND DISCLOSURES BY CONTRACTOR Except as otherwise limited in this Schedule, Contractor may use or disclose Protected Health Information to perform functions, activities, or services for, or on behalf of, County as specified in the Agreement; provided that such use or disclosure would not violate the Privacy Rule if done by County.

• Prohibited Uses and Disclosures BA shall not use or disclose PHI other than as permitted or required by the Contract and Addendum, or as required by law. BA shall not use or disclose Protected Information for fundraising or marketing purposes. BA shall not disclose Protected Information to a health plan for payment or health care operation purposes if the patient has requested this special restriction, and has paid out of pocket in full for the health care item or service to which the PHI solely relates [42 U.S.C. Section 17935(a) and 45 C.F.R. Section 164.522(a)(vi)]. BA shall not directly or indirectly receive remuneration in exchange for Protected Information, except with the prior written consent of CE and as permitted by the HITECH Act, 42 U.S.C. Section 17935(d)(2), and the HIPAA regulations, 45 C.F.R. Section 164.502(a)(5)(ii); however, this prohibition shall not affect payment by CE to BA for services provided pursuant to the Contract.

• Permitted Uses and Disclosures i. Business Associate shall use and disclose PHI only to accomplish Business Associate’s obligations under the Contract.

• Reporting of Unauthorized Disclosure The Contractor shall immediately report to the State any unauthorized disclosure of confidential information.

• Archival Back-Up and Disaster Recovery Licensee may use and copy the Product and related Documentation in connection with: i) reproducing a reasonable number of copies of the Product for archival backup and disaster recovery procedures in the event of destruction or corruption of the Product or disasters or emergencies which require Licensee to restore backup(s) or to initiate disaster recovery procedures for its platform or operating systems; ii) reproducing a reasonable number of copies of the Product and related Documentation for cold site storage. “Cold Site” storage shall be defined as a restorable back-up copy of the Product not to be installed until and after the declaration by the Licensee of a disaster; iii) reproducing a back-up copy of the Product to run for a reasonable period of time in conjunction with a documented consolidation or transfer otherwise allowed herein. “Disaster Recovery” shall be defined as the installation and storage of Product in ready-to-execute, back-up computer systems prior to disaster or breakdown which is not used for active production or development.