Protected Health Information Access Amendment Disclosure Accounting and Restrictions Sample Clauses

Open Split View

Download

Share

Cite

Protected Health Information Access Amendment Disclosure Accounting and Restrictions 

Sample 1Sample 2Sample 3

Save

Copy

Related to Protected Health Information Access Amendment Disclosure Accounting and Restrictions

• Amendment of Protected Health Information 8.1 To the extent Covered Entity determines that any Protected Health Information is maintained by Business Associate or its agents or Subcontractors in a Designated Record Set, Business Associate shall, within ten (10) business days after receipt of a written request from Covered Entity, make any amendments to such Protected Health Information that are requested by Covered Entity, in order for Covered Entity to meet the requirements of 45 C.F.R. § 164.526.

• Access to Protected Health Information 7.1 To the extent Covered Entity determines that Protected Health Information is maintained by Business Associate or its agents or Subcontractors in a Designated Record Set, Business Associate shall, within two (2) business days after receipt of a request from Covered Entity, make the Protected Health Information specified by Covered Entity available to the Individual(s) identified by Covered Entity as being entitled to access and shall provide such Individuals(s) or other person(s) designated by Covered Entity with a copy the specified Protected Health Information, in order for Covered Entity to meet the requirements of 45 C.F.R. § 164.524.

• Permitted Uses and Disclosures of Protected Health Information Business Associate:

• Confidentiality and Safeguarding of University Records; Press Releases; Public Information Under this Agreement, Contractor may (1) create, (2) receive from or on behalf of University, or (3) have access to, records or record systems (collectively, University Records). Among other things, University Records may contain social security numbers, credit card numbers, or data protected or made confidential or sensitive by Applicable Laws. [Option (Include if University Records are subject to FERPA.): Additional mandatory confidentiality and security compliance requirements with respect to University Records subject to the Family Educational Rights and Privacy Act, 20 United States Code (USC) §1232g (FERPA) are addressed in Section 12.41.] [Option (Include if University is a HIPAA Covered Entity and University Records are subject to HIPAA.): Additional mandatory confidentiality and security compliance requirements with respect to University Records subject to the Health Insurance Portability and Accountability Act and 45 Code of Federal Regulations (CFR) Part 160 and subparts A and E of Part 164 (collectively, HIPAA) are addressed in Section 12.26.] Contractor represents, warrants, and agrees that it will: (1) hold University Records in strict confidence and will not use or disclose University Records except as (a) permitted or required by this Agreement, (b) required by Applicable Laws, or (c) otherwise authorized by University in writing; (2) safeguard University Records according to reasonable administrative, physical and technical standards (such as standards established by the National Institute of Standards and Technology and the Center for Internet Security [Option (Include if Section 12.39 related to Payment Card Industry Data Security Standards is not include in this Agreement.):, as well as the Payment Card Industry Data Security Standards]) that are no less rigorous than the standards by which Contractor protects its own confidential information; (3) continually monitor its operations and take any action necessary to assure that University Records are safeguarded and the confidentiality of University Records is maintained in accordance with all Applicable Laws and the terms of this Agreement; and (4) comply with University Rules regarding access to and use of University’s computer systems, including UTS165 at xxxx://xxx.xxxxxxxx.xxx/board-of-regents/policy-library/policies/uts165-information-resources-use-and-security-policy. At the request of University, Contractor agrees to provide University with a written summary of the procedures Contractor uses to safeguard and maintain the confidentiality of University Records.

• Provisions for Covered Entity to Inform Business Associate of Privacy Practices and Restrictions (a) Covered Entity shall notify Business Associate of any limitation(s) in the notice of privacy practices of Covered Entity under 45 CFR 164.520, to the extent that such limitation may affect Business Associate’s use or disclosure of protected health information.

• Confidentiality of Health Information (a) A Nurse shall not be required to provide her or his manager/supervisor specific information regarding the nature of her or his illness or injury during a period of absence. However, the Employer may require the Nurse to provide such information to persons responsible for occupational health.

• Data Protection and Privacy: Protected Health Information Party shall maintain the privacy and security of all individually identifiable health information acquired by or provided to it as a part of the performance of this Agreement. Party shall follow federal and state law relating to privacy and security of individually identifiable health information as applicable, including the Health Insurance Portability and Accountability Act (HIPAA) and its federal regulations.

• Control and Access to Information The Financial Mechanism Committee, the EFTA Board of Auditors and their representatives have the right to carry out any technical or financial mission or review they consider necessary to follow the planning, implementation and monitoring of programmes and projects as well as the use of funds. The Beneficiary State shall provide all necessary assistance, information and documentation.

• Passwords and Employee Access Provider shall secure usernames, passwords, and any other means of gaining access to the Services or to Student Data, at a level suggested by Article 4.3 of NIST 800-63-3. Provider shall only provide access to Student Data to employees or contractors that are performing the Services. Employees with access to Student Data shall have signed confidentiality agreements regarding said Student Data. All employees with access to Student Records shall pass criminal background checks.

• CONFIDENTIALITY OF PERSONAL INFORMATION ‌ 35 Provider shall protect all Personal Information, records and data from unauthorized disclosure 36 in accordance with 42 CFR §431.300 through §431.307, RCWs 70.02, 71.05, 71.34 and for 37 individuals receiving SUD services, in accordance with 42 CFR Part 2 and WAC 388-877B. 38 Provider shall have a process in place to ensure all components of its provider network and 39 system understand and comply with confidentiality requirements for publicly funded 40 behavioral health services. Pursuant to 42 CFR §431.301 and §431.302, personal information 41 concerning applicants and recipients may be disclosed for purposes directly connected with 42 the administration of this Contract and the State Medicaid Plan. Provider shall read and 43 comply with all HIPAA policies.