Common use of Protected Health Information Clause in Contracts

Protected Health Information. PHI"). Notwithstanding anything to ------------------------------------ the contrary in this Agreement, in order to comply with HIPAA requirements, Broker agrees with respect to any PHI received, obtained or created by Broker, or disclosed or made accessible to Broker, that Broker: (a) shall not use or disclose PHI except to provide services pursuant to this Agreement and consistent with Applicable Law; (b) shall limit the use of, access to and disclosure of PHI to the minimum required to perform services or by Applicable Law; (c) shall use appropriate safeguards to prevent use or disclosure of PHI except as permitted by this Agreement; (d) shall promptly report to MLIDC any use or disclosure of MLIDC PHI not permitted by this Agreement of which it becomes aware; (e) shall take reasonable steps to mitigate any harmful effect of any use or disclosure of PHI by Broker in violation of the terms of this Agreement or Applicable Law; (f) shall require that any of its Representatives and independent contractors to whom PHI is disclosed or made accessible or who uses PHI has agreed to the same restrictions and conditions that apply to Broker with respect to PHI pursuant to this Agreement; (g) shall, within fifteen (15) days of MLIDC's request, provide to MLIDC any PHI or information relating to PHI as deemed necessary by MLIDC to provide individuals with access to, amendment of, and an accounting of disclosures of their PHI, and to incorporate any amendments of the PHI as requested by MLIDC; (h) shall make its internal practices, books and records relating to its use or disclosure of PHI available to the Secretary of the United States Department of Health and Human Services at his/her request to determine MLIDC's compliance with Applicable Law; (i) agrees that upon termination of this Agreement it shall, if feasible, return to MLIDC or destroy all PHI it maintains in any form and retain no copies, and if such return or destruction is not feasible, to extend the protections of this Agreement to the PHI beyond the termination of this Agreement and for as long as Broker has PHI, and further agrees that any further use or disclosure of the PHI shall be solely for the purposes that make return or destruction infeasible. Destruction without retention of copies is not deemed feasible if prohibited by the terms of this Agreement or by Applicable Law, including record retention requirements under state insurance laws. With respect to PHI received made accessible, maintained or transmitted electronically in the performance of its obligations under this Agreement, Broker further agrees that it shall (1) implement administrative, physical, and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability or any such electronic PHI; (2) ensure that its Representatives agree to implement reasonable and appropriate safeguards to protect such electronic PHI; and (3) report to the Company any security incident related to Electronic PHI of which the Broker becomes aware. In this context, the term "security incident" means the attempted or successful unauthorized access, use, disclosure, modification or destruction of information or interference with system operations in information systems such as hardware, software, information, data applications, communications and people.

Protected Health Information. PHI"). Notwithstanding anything to ------------------------------------ ------------------------------------- the contrary in this Agreement, in order to comply with HIPAA requirements, Broker agrees with respect to any PHI received, obtained or created by Broker, or disclosed or made accessible to Broker, that Broker: (a) shall not use or disclose PHI except to provide services pursuant to this Agreement and consistent with Applicable Law; (b) shall limit the use of, access to and disclosure of PHI to the minimum required to perform services or by Applicable Law; (c) shall use appropriate safeguards to prevent use or disclosure of PHI except as permitted by this Agreement; (d) shall promptly report to MLIDC any use or disclosure of MLIDC PHI not permitted by this Agreement of which it becomes aware; (e) shall take reasonable steps to mitigate any harmful effect of any use or disclosure of PHI by Broker in violation of the terms of this Agreement or Applicable Law; (f) shall require that any of its Representatives and independent contractors to whom PHI is disclosed or made accessible or who uses PHI has agreed to the same restrictions and conditions that apply to Broker with respect to PHI pursuant to this Agreement; (g) shall, within fifteen (15) days of MLIDC's request, provide to MLIDC any PHI or information relating to PHI as deemed necessary by MLIDC to provide individuals with access to, amendment of, and an accounting of disclosures of their PHI, and to incorporate any amendments of the PHI as requested by MLIDC; (h) shall make its internal practices, books and records relating to its use or disclosure of PHI available to the Secretary of the United States Department of Health and Human Services at his/her request to determine MLIDC's compliance with Applicable Law; (i) agrees that upon termination of this Agreement it shall, if feasible, return to MLIDC or destroy all PHI it maintains in any form and retain no copies, and if such return or destruction is not feasible, to extend the protections of this Agreement to the PHI beyond the termination of this Agreement and for as long as Broker has PHI, and further agrees that any further use or disclosure of the PHI shall be solely for the purposes that make return or destruction infeasible. Destruction without retention of copies is not deemed feasible if prohibited by the terms of this Agreement or by Applicable Law, including record retention requirements under state insurance laws. With respect to PHI received made accessible, maintained or transmitted electronically in the performance of its obligations under this Agreement, Broker further agrees that it shall (1) implement administrative, physical, and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability or any such electronic PHI; (2) ensure that its Representatives agree to implement reasonable and appropriate safeguards to protect such electronic PHI; and (3) report to the Company any security incident related to Electronic PHI of which the Broker becomes aware. In this context, the term "security incident" means the attempted or successful unauthorized access, use, disclosure, modification or destruction of information or interference with system operations in information systems such as hardware, software, information, data applications, communications and people.

Protected Health Information. “PHI"”). Notwithstanding anything to ------------------------------------ the contrary in this Agreement, in In order to comply with HIPAA requirements, Broker Xxxxxx agrees with respect to any PHI received, obtained or created by Broker, or disclosed or made accessible to Broker, that Broker: (a) shall not use or disclose PHI except to provide services pursuant to this Agreement and consistent with Applicable Law; (b) shall limit the use of, access to and disclosure of PHI to the minimum required to perform services or by Applicable Law; (c) shall use appropriate safeguards to prevent use or disclosure of PHI except as permitted by this Agreement; (d) shall promptly report to MLIDC MetLife any use or disclosure of MLIDC MetLife PHI not permitted by this Agreement of which it becomes aware; (e) shall take reasonable steps to mitigate any harmful effect of any use or disclosure of PHI by Broker in violation of the terms of this Agreement or Applicable Law; (f) shall require that any of its Representatives and Brokers or independent contractors to whom PHI is disclosed or made accessible or who uses PHI has agreed to the same restrictions and conditions that apply to Broker with respect to PHI pursuant to this Agreement; (g) shall, within fifteen (15) days of MLIDC's MetLife’s request, provide to MLIDC MetLife any PHI or information relating to PHI as deemed necessary by MLIDC MetLife to provide individuals with access to, amendment of, and an accounting of disclosures of their PHI, and to incorporate any amendments of the PHI as requested by MLIDCMetLife; (h) shall make its internal practices, books and records relating to its use or disclosure of PHI available to the Secretary of the United States Department of Health and Human Services at his/her request to determine MLIDC's MetLife’s compliance with Applicable Law; (i) agrees that upon termination of this Agreement it shallwill, if feasible, return to MLIDC MetLife or destroy all PHI it maintains in any form and retain no copies, and if such return or destruction is not feasible, to extend the protections of this Agreement to the PHI beyond the termination of this Agreement and for as long as Broker has PHI, and further agrees that any further use or disclosure of the PHI shall will be solely for the purposes that make return or destruction infeasible. Destruction without retention of copies is not deemed feasible if prohibited by the terms of this Agreement or by Applicable Law, including record retention requirements under state insurance laws. With respect to PHI received made accessible, maintained or transmitted electronically in the performance of its obligations under this Agreement, Broker Xxxxxx further agrees that it shall (1) implement administrative, physical, and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability or any such electronic PHI; (2) ensure that its Representatives Brokers agree to implement reasonable and appropriate safeguards to protect such electronic PHI; and (3) report to the Company any security incident related to Electronic PHI of which the Broker becomes aware. In this context, the term "security incident" means the attempted or successful unauthorized access, use, disclosure, modification or destruction of information or interference with system operations in information systems such as hardware, software, information, data applications, communications and people.

Protected Health Information. PHI"). Notwithstanding anything to ------------------------------------ ---------------------------- the contrary in this Agreement, in order to comply with HIPAA requirements, Broker agrees with respect to any PHI received, obtained or created by Broker, or disclosed or made accessible to Broker, that Broker: (a) shall not use or disclose PHI except to provide services pursuant to this Agreement and consistent with Applicable Law; (b) shall limit the use of, access to and disclosure of PHI to the minimum required to perform services or by Applicable Law; (c) shall use appropriate safeguards to prevent use or disclosure of PHI except as permitted by this Agreement; (d) shall promptly report to MLIDC any use or disclosure of MLIDC PHI not permitted by this Agreement of which it becomes aware; (e) shall take reasonable steps to mitigate any harmful effect of any use or disclosure of PHI by Broker in violation of the terms of this Agreement or Applicable Law; (f) shall require that any of its Representatives and independent contractors to whom PHI is disclosed or made accessible or who uses PHI has agreed to the same restrictions and conditions that apply to Broker with respect to PHI pursuant to this Agreement; (g) shall, within fifteen (15) days of MLIDC's request, provide to MLIDC any PHI or information relating to PHI as deemed necessary by MLIDC to provide individuals with access to, amendment of, and an accounting of disclosures of their PHI, and to incorporate any amendments of the PHI as requested by MLIDC; (h) shall make its internal practices, books and records relating to its use or disclosure of PHI available to the Secretary of the United States Department of Health and Human Services at his/her request to determine MLIDC's compliance with Applicable Law; (i) agrees that upon termination of this Agreement it shall, if feasible, return to MLIDC or destroy all PHI it maintains in any form and retain no copies, and if such return or destruction is not feasible, to extend the protections of this Agreement to the PHI beyond the termination of this Agreement and for as long as Broker has PHI, and further agrees that any further use or disclosure of the PHI shall be solely for the purposes that make return or destruction infeasible. Destruction without retention of copies is not deemed feasible if prohibited by the terms of this Agreement or by Applicable Law, including record retention requirements under state insurance laws. With respect to PHI received made accessible, maintained or transmitted electronically in the performance of its obligations under this Agreement, Broker further agrees that it shall (1) implement administrative, physical, and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability or any such electronic PHI; (2) ensure that its Representatives agree to implement reasonable and appropriate safeguards to protect such electronic PHI; and (3) report to the Company any security incident related to Electronic PHI of which the Broker becomes aware. In this context, the term "security incident" means the attempted or successful unauthorized access, use, disclosure, modification or destruction of information or interference with system operations in information systems such as hardware, software, information, data applications, communications and people.

Protected Health Information. “PHI"”). Notwithstanding anything to ------------------------------------ the contrary in this Agreement, in order to comply with HIPAA requirements, Broker agrees with respect to any PHI received, obtained or created by Broker, or disclosed or made accessible to Broker, that Broker: (a) shall not use or disclose PHI except to provide services pursuant to this Agreement and consistent with Applicable Law; (b) shall limit the use of, access to and disclosure of PHI to the minimum required to perform services or by Applicable Law; (c) shall use appropriate safeguards to prevent use or disclosure of PHI except as permitted by this Agreement; (d) shall promptly report to MLIDC any use or disclosure of MLIDC PHI not permitted by this Agreement of which it becomes aware; (e) shall take reasonable steps to mitigate any harmful effect of any use or disclosure of PHI by Broker in violation of the terms of this Agreement or Applicable Law; (f) shall require that any of its Representatives and independent contractors to whom PHI is disclosed or made accessible or who uses PHI has agreed to the same restrictions and conditions that apply to Broker with respect to PHI pursuant to this Agreement; (g) shall, within fifteen (15) days of MLIDC's ’s request, provide to MLIDC any PHI or information relating to PHI as deemed necessary by MLIDC to provide individuals with access to, amendment of, and an accounting of disclosures of their PHI, and to incorporate any amendments of the PHI as requested by MLIDC; (h) shall make its internal practices, books and records relating to its use or disclosure of PHI available to the Secretary of the United States Department of Health and Human Services at his/her request to determine MLIDC's ’s compliance with Applicable Law; (i) agrees that upon termination of this Agreement it shall, if feasible, return to MLIDC or destroy all PHI it maintains in any form and retain no copies, and if such return or destruction is not feasible, to extend the protections of this Agreement to the PHI beyond the termination of this Agreement and for as long as Broker has PHI, and further agrees that any further use or disclosure of the PHI shall be solely for the purposes that make return or destruction infeasible. Destruction without retention of copies is not deemed feasible if prohibited by the terms of this Agreement or by Applicable Law, including record retention requirements under state insurance laws. With respect to PHI received made accessible, maintained or transmitted electronically in the performance of its obligations under this Agreement, Broker further agrees that it shall (1) implement administrative, physical, and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability or any such electronic PHI; (2) ensure that its Representatives agree to implement reasonable and appropriate safeguards to protect such electronic PHI; and (3) report to the Company any security incident related to Electronic PHI of which the Broker becomes aware. In this context, the term "“security incident" ” means the attempted or successful unauthorized access, use, disclosure, modification or destruction of information or interference with system operations in information systems such as hardware, software, information, data applications, communications and people.

Protected Health Information. PHI"). Notwithstanding anything to ------------------------------------ the contrary in this Agreement, in order to comply with HIPAA requirements, Broker agrees with respect to any PHI received, obtained or created by Broker, or disclosed or made accessible to Broker, that Broker: (a) shall not use or disclose PHI except to provide services pursuant to this Agreement and consistent with Applicable Law; (b) shall limit the use of, access to and disclosure of PHI to the minimum required to perform services or by Applicable Law; (c) shall use appropriate safeguards to prevent use or disclosure of PHI except as permitted by this Agreement; (d) shall promptly report to MLIDC any use or disclosure of MLIDC PHI not permitted by this Agreement of which it becomes aware; (e) shall take reasonable steps to mitigate any harmful effect of any use or disclosure of PHI by Broker in violation of the terms of this Agreement or Applicable Law; (f) shall require that any of its Representatives and independent contractors to whom PHI is disclosed or made accessible or who uses PHI has agreed to the same restrictions and conditions that apply to Broker with respect to PHI pursuant to this Agreement; (g) shall, within fifteen (15) days of MLIDC's request, provide to MLIDC any PHI or information relating to PHI as deemed necessary by MLIDC to provide individuals with access to, amendment of, and an accounting of disclosures of their PHI, and to incorporate any amendments of the PHI as requested by MLIDC; (h) shall make its internal practices, books and records relating to its use or disclosure of PHI available to the Secretary of the United States Department of Health and Human Services at his/her request to determine MLIDC's compliance with Applicable Law; (i) agrees that upon termination of this Agreement it shall, if feasible, return to MLIDC or destroy all PHI it maintains in any form and retain no copies, and if such return or destruction is not feasible, to extend the protections of this Agreement to the PHI beyond the termination of this Agreement and for as long as Broker has PHI, and further agrees that any further use or disclosure of the PHI shall be solely for the purposes that make return or destruction infeasible. Destruction without retention of copies is not deemed feasible if prohibited by the terms of this Agreement or by Applicable Law, including record retention requirements under state insurance laws. With respect to PHI received made accessible, maintained or transmitted electronically in the performance of its obligations under this Agreement, Broker further agrees that it shall (1) implement administrative, physical, and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability or any such electronic PHI; (2) ensure that its Representatives agree to implement reasonable and appropriate safeguards to protect such electronic PHI; and (3) report to the Company any security incident related to Electronic PHI of which the Broker becomes aware. In this context, the term "security incident" means the attempted or successful unauthorized access, use, disclosure, modification or destruction of information or interference with system operations in information systems such as hardware, software, information, data applications, communications and people.

Protected Health Information. PHI"). Notwithstanding anything to ------------------------------------ the contrary in this Agreement, in order to comply with HIPAA requirements, Broker agrees with respect to any PHI received, obtained or created by Broker, or disclosed or made accessible to Broker, that Broker: (a) shall not use or disclose PHI except to provide services pursuant to this Agreement and consistent with Applicable Law; (b) shall limit the use of, access to and disclosure of PHI to the minimum required to perform services or by Applicable Law; (c) shall use appropriate safeguards to prevent use or disclosure of PHI except as permitted by this Agreement; (d) shall promptly report to MLIDC any use or disclosure of MLIDC PHI not permitted by this Agreement of which it becomes aware; (e) shall take reasonable steps to mitigate any harmful effect of any use or disclosure of PHI by Broker in violation of the terms of this Agreement or Applicable Law; (f) shall require that any of its Representatives and independent contractors to whom PHI is disclosed or made accessible or who uses PHI has agreed to the same restrictions and conditions that apply to Broker with respect to PHI pursuant to this Agreement; (g) shall, within fifteen (15) days of MLIDC's request, provide to MLIDC any PHI or information relating to PHI as deemed necessary by MLIDC to provide individuals with access to, amendment of, and an accounting of disclosures of their PHI, and to incorporate any amendments of the PHI as requested by MLIDC; (h) shall make its internal practices, books and records relating to its use or disclosure of PHI available to the Secretary of the United States Department of Health and Human Services at his/her request to determine MLIDC's compliance with Applicable Law; (i) agrees that upon termination of this Agreement it shall, if feasible, return to MLIDC or destroy all PHI it maintains in any form and retain no copies, and if such return or destruction is not feasible, to extend the protections of this Agreement to the PHI beyond the termination of this Agreement and for as long as Broker has PHI, and further agrees that any further use or disclosure of the PHI shall be solely for the purposes that make return or destruction infeasible. Destruction without retention of copies is not deemed feasible if prohibited by the terms of this Agreement or by Applicable Law, including record retention requirements under state insurance laws. With respect to PHI received made accessible, maintained or transmitted electronically in the performance of its obligations under this Agreement, Broker further agrees that it shall (1) implement administrative, physical, and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability or any such electronic PHI; (2) ensure that its Representatives agree to implement reasonable and appropriate safeguards to protect such electronic PHI; and (3) report to the Company any security incident related to Electronic PHI of which the Broker becomes aware. In this context, the term "security incident" means the attempted or successful unauthorized access, use, disclosure, modification or destruction of information or interference with system operations in information systems such as hardware, software, information, data applications, communications and people.

Protected Health Information. “PHI"”). Notwithstanding anything to ------------------------------------ the contrary in this Agreement, in In order to comply with HIPAA requirements, Broker agrees with respect to any PHI received, obtained or created by Broker, or disclosed or made accessible to Broker, that Broker: (a) shall not use or disclose PHI except to provide services pursuant to this Agreement and consistent with Applicable Law; (b) shall limit the use of, access to and disclosure of PHI to the minimum required to perform services or by Applicable Law; (c) shall use appropriate safeguards to prevent use or disclosure of PHI except as permitted by this Agreement; (d) shall promptly report to MLIDC Phoenix any use or disclosure of MLIDC Phoenix PHI not permitted by this Agreement of which it becomes aware; (e) shall take reasonable steps to mitigate any harmful effect of any use or disclosure of PHI by Broker in violation of the terms of this Agreement or Applicable Law; (f) shall require that any of its Representatives and independent contractors to whom PHI is disclosed or made accessible or who uses PHI has agreed to the same restrictions and conditions that apply to Broker with respect to PHI pursuant to this Agreement; (g) shall, within fifteen (15) days of MLIDC's Phoenix’s request, provide to MLIDC Phoenix any PHI or information relating to PHI as deemed necessary by MLIDC Phoenix to provide individuals with access to, amendment of, and an accounting of disclosures of their PHI, and to incorporate any amendments of the PHI as requested by MLIDCPhoenix; (hg) shall make its internal practices, books and records relating to its use or disclosure of PHI available to the Secretary of the United States Department of Health and Human Services at his/her request to determine MLIDC's Phoenix’s compliance with Applicable Law; (ih) agrees that upon termination of this Agreement it shallwill, if feasible, return to MLIDC Phoenix or destroy all PHI it maintains in any form and retain no copies, and if such return or destruction is not feasible, to extend the protections of this Agreement to the PHI beyond the termination of this Agreement and for as long as Broker has PHI, and further agrees that any further use or disclosure of the PHI shall will be solely for the purposes that make return or destruction infeasible. Destruction without retention of copies is not deemed feasible if prohibited by the terms of this Agreement or by Applicable Law, including record retention requirements under state insurance laws. With respect to PHI received made accessible, maintained or transmitted electronically in the performance of its obligations under this Agreement, Broker further agrees that it shall (1) implement administrative, physical, and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability or any such electronic PHI; (2) ensure that its Representatives agree to implement reasonable and appropriate safeguards to protect such electronic PHI; and (3) report to the Company any security incident related to Electronic PHI of which the Broker becomes aware. In this context, the term "security incident" means the attempted or successful unauthorized access, use, disclosure, modification or destruction of information or interference with system operations in information systems such as hardware, software, information, data applications, communications and people.;

Protected Health Information. PHI"). Notwithstanding anything to ------------------------------------ the contrary in this Agreement, in order to comply with HIPAA requirements, Broker agrees with respect to any PHI received, obtained or created by Broker, or disclosed or made accessible to Broker, that Broker: (a) shall not use or disclose PHI except to provide services pursuant to this Agreement and consistent with Applicable Law; (b) shall limit the use of, access to and disclosure of PHI to the minimum required to perform services or by Applicable Law; (c) shall use appropriate safeguards to prevent use or disclosure of PHI except as permitted by this Agreement; (d) shall promptly report to MLIDC any use or disclosure of MLIDC PHI not permitted by this Agreement of which it becomes aware; (e) shall take reasonable steps to mitigate any harmful effect of any use or disclosure of PHI by Broker in violation of the terms of this Agreement or Applicable Law; (f) shall require that any of its Representatives and independent contractors to whom PHI is disclosed or made accessible or who uses PHI has agreed to the same restrictions and conditions that apply to Broker with respect to PHI pursuant to this Agreement; (g) shall, within fifteen (15) days of MLIDC's request, provide to MLIDC any PHI or information relating to PHI as deemed necessary by MLIDC to provide individuals with access to, amendment of, and an accounting of disclosures of their PHI, and to incorporate any amendments of the PHI as requested by MLIDC; (h) shall make its internal practices, books and records relating to its use or disclosure of PHI available to the Secretary of the United States Department of Health and Human Services at his/her request to determine MLIDC's compliance with Applicable Law; (i) agrees that upon termination of this Agreement it shall, if feasible, return to MLIDC or destroy all PHI it maintains in any form and retain no copies, and if such return or destruction is not feasible, to extend the protections of this Agreement to the PHI beyond the termination of this Agreement and for as long as Broker has PHI, and further agrees that any further use or disclosure of the PHI shall be solely for the purposes that make return or destruction infeasible. Destruction without retention of copies is not deemed feasible if prohibited by the terms of this Agreement or by Applicable Law, including record retention requirements under state insurance laws. With respect to PHI received made accessible, maintained or transmitted electronically in the performance of its obligations under this Agreement, Broker further agrees that it shall (1) implement administrative, physical, and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability or any such electronic PHI; (2) ensure that its Representatives agree to implement reasonable and appropriate safeguards to protect such electronic PHI; and (3) report to the Company any security incident related to Electronic PHI of which the Broker becomes aware. In this context, the term "security incident" means the attempted or successful unauthorized access, use, disclosure, modification or destruction of information or interference with system operations in information systems such as hardware, software, information, data applications, communications and people.

Protected Health Information. PHI"). Notwithstanding anything to ------------------------------------ the contrary in this Agreement, in order to comply with HIPAA requirements, Broker agrees with respect to any PHI received, obtained or created by Broker, or disclosed or made accessible to Broker, that Broker: (a) shall not use or disclose PHI except to provide services pursuant to this Agreement and consistent with Applicable Law; (b) shall limit the use of, access to and disclosure of PHI to the minimum required to perform services or by Applicable Law; (c) shall use appropriate safeguards to prevent use or disclosure of PHI except as permitted by this Agreement; (d) shall promptly report to MLIDC any use or disclosure of MLIDC PHI not permitted by this Agreement of which it becomes aware; (e) shall take reasonable steps to mitigate any harmful effect of any use or disclosure of PHI by Broker in violation of the terms of this Agreement or Applicable Law; (f) shall require that any of its Representatives and independent contractors to whom PHI is disclosed or made accessible or who uses PHI has agreed to the same restrictions and conditions that apply to Broker with respect to PHI pursuant to this Agreement; (g) shall, within fifteen (15) days of MLIDC's request, provide to MLIDC any PHI or information relating to PHI as deemed necessary by MLIDC to provide individuals with access to, amendment of, and an accounting of disclosures of their PHI, and to incorporate any amendments of the PHI as requested by MLIDC; (h) shall make its internal practices, books and records relating to its use or disclosure of PHI available to the Secretary of the United States Department of Health and Human Services at his/her request to determine MLIDC's compliance with Applicable Law; (i) agrees that upon termination of this Agreement it shall, if feasible, return to MLIDC or destroy all PHI it maintains in any form and retain no copies, and if such return or destruction is not feasible, to extend the protections of this Agreement to the PHI beyond the termination of this Agreement and for as long as Broker has PHI, and further FURTHER agrees that any further use or disclosure of the PHI shall be solely for the purposes that make return or destruction infeasible. Destruction without retention of copies is not deemed feasible if prohibited by the terms of this Agreement or by Applicable Law, including record retention requirements under state insurance laws. With respect to PHI received made accessible, maintained or transmitted electronically in the performance of its obligations under this Agreement, Broker further agrees that it shall (1) implement administrative, physical, and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability or any such electronic PHI; (2) ensure that its Representatives agree to implement reasonable and appropriate safeguards to protect such electronic PHI; and (3) report to the Company any security incident related to Electronic PHI of which the Broker becomes aware. In this context, the term "security incident" means the attempted or successful unauthorized access, use, disclosure, modification or destruction of information or interference with system operations in information systems such as hardware, software, information, data applications, communications and people.

Protected Health Information. PHI"). Notwithstanding anything to ------------------------------------ ------------------------------------- the contrary in this Agreement, in order to comply with HIPAA requirements, Broker agrees with respect to any PHI received, obtained or created by Broker, or disclosed or made accessible to Broker, that Broker: (a) shall not use or disclose PHI except to provide services pursuant to this Agreement and consistent with Applicable Law; (b) shall limit the use of, access to and disclosure of PHI to the minimum required to perform services or by Applicable Law; (c) shall use appropriate safeguards to prevent use or disclosure of PHI except as permitted by this Agreement; (d) shall promptly report to MLIDC Principal Underwriter any use or disclosure of MLIDC Principal Underwriter PHI not permitted by this Agreement of which it becomes aware; (e) shall take reasonable steps to mitigate any harmful effect of any use or disclosure of PHI by Broker in violation of the terms of this Agreement or Applicable Law; (f) shall require that any of its Representatives and independent contractors to whom PHI is disclosed or made accessible or who uses PHI has agreed to the same restrictions and conditions that apply to Broker with respect to PHI pursuant to this Agreement; (g) shall, within fifteen (15) days of MLIDCPrincipal Underwriter's request, provide to MLIDC Principal Underwriter any PHI or information relating to PHI as deemed necessary by MLIDC Principal Underwriter to provide individuals with access to, amendment of, and an accounting of disclosures of their PHI, and to incorporate any amendments of the PHI as requested by MLIDCPrincipal Underwriter; (h) shall make its internal practices, books and records relating to its use or disclosure of PHI available to the Secretary of the United States Department of Health and Human Services at his/her request to determine MLIDCPrincipal Underwriter's compliance with Applicable Law; (i) agrees that upon termination of this Agreement it shall, if feasible, return to MLIDC Principal Underwriter or destroy all PHI it maintains in any form and retain no copies, and if such return or destruction is not feasible, to extend the protections of this Agreement to the PHI beyond the termination of this Agreement and for as long as Broker has PHI, and further agrees that any further use or disclosure of the PHI shall be solely for the purposes that make return or destruction infeasible. Destruction without retention of copies is not deemed feasible if prohibited by the terms of this Agreement or by Applicable Law, including record retention requirements under state insurance laws. With respect to PHI received made accessible, maintained or transmitted electronically in the performance of its obligations under this Agreement, Broker further agrees that it shall (1) implement administrative, physical, and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability or any such electronic PHI; (2) ensure that its Representatives agree to implement reasonable and appropriate safeguards to protect such electronic PHI; and (3) report to the Company any security incident related to Electronic PHI of which the Broker becomes aware. In this context, the term "security incident" means the attempted or successful unauthorized access, use, disclosure, modification or destruction of information or interference with system operations in information systems such as hardware, software, information, data applications, communications and people.

Protected Health Information. “PHI"”). Notwithstanding anything to ------------------------------------ the contrary in this Agreement, in order to comply with HIPAA requirements, Broker agrees with respect to any PHI received, obtained or created by Broker, or disclosed or made accessible to Broker, that Broker: (a) shall not use or disclose PHI except to provide services pursuant to this Agreement and consistent with Applicable Law; (b) shall limit the use of, access to and disclosure of PHI to the minimum required to perform services or by Applicable Law; (c) shall use appropriate safeguards to prevent use or disclosure of PHI except as permitted by this Agreement; (d) shall promptly report to MLIDC Principal Underwriter any use or disclosure of MLIDC Principal Underwriter PHI not permitted by this Agreement of which it becomes aware; (e) shall take reasonable steps to mitigate any harmful effect of any use or disclosure of PHI by Broker in violation of the terms of this Agreement or Applicable Law; (f) shall require that any of its Representatives and independent contractors to whom PHI is disclosed or made accessible or who uses PHI has agreed to the same restrictions and conditions that apply to Broker with respect to PHI pursuant to this Agreement; (g) shall, within fifteen (15) days of MLIDC's Principal Underwriter’s request, provide to MLIDC Principal Underwriter any PHI or information relating to PHI as deemed necessary by MLIDC Principal Underwriter to provide individuals with access to, amendment of, and an accounting of disclosures of their PHI, and to incorporate any amendments of the PHI as requested by MLIDCPrincipal Underwriter; (h) shall make its internal practices, books and records relating to its use or disclosure of PHI available to the Secretary of the United States Department of Health and Human Services at his/her request to determine MLIDC's Principal Underwriter’s compliance with Applicable Law; (i) agrees that upon termination of this Agreement it shall, if feasible, return to MLIDC Principal Underwriter or destroy all PHI it maintains in any form and retain no copies, and if such return or destruction is not feasible, to extend the protections of this Agreement to the PHI beyond the termination of this Agreement and for as long as Broker has PHI, and further agrees that any further use or disclosure of the PHI shall be solely for the purposes that make return or destruction infeasible. Destruction without retention of copies is not deemed feasible if prohibited by the terms of this Agreement or by Applicable Law, including record retention requirements under state insurance laws. With respect to PHI received made accessible, maintained or transmitted electronically in the performance of its obligations under this Agreement, Broker further agrees that it shall (1) implement administrative, physical, and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability or any such electronic PHI; (2) ensure that its Representatives agree to implement reasonable and appropriate safeguards to protect such electronic PHI; and (3) report to the Company Principal Underwriter any security incident related to Electronic PHI of which the Broker becomes aware. In this context, the term "“security incident" ” means the attempted or successful unauthorized access, use, disclosure, modification or destruction of information or interference with system operations in information systems such as hardware, software, information, data applications, communications and people.

Protected Health Information. “PHI"”). Notwithstanding anything to ------------------------------------ the contrary in this Agreement, in In order to comply with HIPAA requirements, Broker General Agent agrees with respect to any PHI received, obtained or created by BrokerGeneral Agent, or disclosed or made accessible to BrokerGeneral Agent, that BrokerGeneral Agent: (a) shall not use or disclose PHI except to provide services pursuant to this Agreement and consistent with Applicable Law; (b) shall limit the use of, access to and disclosure of PHI to the minimum required to perform services or by Applicable Law; (c) shall use appropriate safeguards to prevent use or disclosure of PHI except as permitted by this Agreement; (d) shall promptly report to MLIDC MetLife any use or disclosure of MLIDC MetLife PHI not permitted by this Agreement of which it becomes aware; (e) shall take reasonable steps to mitigate any harmful effect of any use or disclosure of PHI by Broker General Agent in violation of the terms of this Agreement or Applicable Law; (f) shall require that any of its Representatives and Brokers or independent contractors to whom PHI is disclosed or made accessible or who uses PHI has agreed to the same restrictions and conditions that apply to Broker General Agent with respect to PHI pursuant to this Agreement; (g) shall, within fifteen (15) days of MLIDC's MetLife’s request, provide to MLIDC MetLife any PHI or information relating to PHI as deemed necessary by MLIDC MetLife to provide individuals with access to, amendment of, and an accounting of disclosures of their PHI, and to incorporate any amendments of the PHI as requested by MLIDCMetLife; (h) shall make its internal practices, books and records relating to its use or disclosure of PHI available to the Secretary of the United States Department of Health and Human Services at his/her request to determine MLIDC's MetLife’s compliance with Applicable Law; (i) agrees that upon termination of this Agreement it shallwill, if feasible, return to MLIDC MetLife or destroy all PHI it maintains in any form and retain no copies, and if such return or destruction is not feasible, to extend the protections of this Agreement to the PHI beyond the termination of this Agreement and for as long as Broker General Agent has PHI, and further agrees that any further use or disclosure of the PHI shall will be solely for the purposes that make return or destruction infeasible. Destruction without retention of copies is not deemed feasible if prohibited by the terms of this Agreement or by Applicable Law, including record retention requirements under state insurance laws. .With respect to PHI received made accessible, maintained or transmitted electronically in the performance of its obligations under this Agreement, Broker General Agent further agrees that it shall (1) implement administrative, physical, and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability or any such electronic PHI; (2) ensure that its Representatives Brokers agree to implement reasonable and appropriate safeguards to protect such electronic PHI; and (3) report to the Company any security incident related to Electronic PHI of which the Broker General Agent becomes aware. In this context, the term "security incident" means the attempted or successful unauthorized access, use, disclosure, modification or destruction of information or interference with system operations in information systems such as hardware, software, information, data applications, communications and people.

Protected Health Information. PHI"). Notwithstanding anything to ------------------------------------ ____________________________ the contrary in this Agreement, in order to comply with HIPAA requirements, Broker agrees with respect to any PHI received, obtained or created by Broker, or disclosed or made accessible to Broker, that Broker: (a) shall not use or disclose PHI except to provide services pursuant to this Agreement and consistent with Applicable Law; (b) shall limit the use of, access to and disclosure of PHI to the minimum required to perform services or by Applicable Law; (c) shall use appropriate safeguards to prevent use or disclosure of PHI except as permitted by this Agreement; (d) shall promptly report to MLIDC any use or disclosure of MLIDC PHI not permitted by this Agreement of which it becomes aware; (e) shall take reasonable steps to mitigate any harmful effect of any use or disclosure of PHI by Broker in violation of the terms of this Agreement or Applicable Law; (f) shall require that any of its Representatives and independent contractors to whom PHI is disclosed or made accessible or who uses PHI has agreed to the same restrictions and conditions that apply to Broker with respect to PHI pursuant to this Agreement; (g) shall, within fifteen (15) days of MLIDC's request, provide to MLIDC any PHI or information relating to PHI as deemed necessary by MLIDC to provide individuals with access to, amendment of, and an accounting of disclosures of their PHI, and to incorporate any amendments of the PHI as requested by MLIDC; (h) shall make its internal practices, books and records relating to its use or disclosure of PHI available to the Secretary of the United States Department of Health and Human Services at his/her request to determine MLIDC's compliance with Applicable Law; (i) agrees that upon termination of this Agreement it shall, if feasible, return to MLIDC or destroy all PHI it maintains in any form and retain no copies, and if such return or destruction is not feasible, to extend the protections of this Agreement to the PHI beyond the termination of this Agreement and for as long as Broker has PHI, and further agrees that any further use or disclosure of the PHI shall be solely for the purposes that make return or destruction infeasible. Destruction without retention of copies is not deemed feasible if prohibited by the terms of this Agreement or by Applicable Law, including record retention requirements under state insurance laws. With respect to PHI received made accessible, maintained or transmitted electronically in the performance of its obligations under this Agreement, Broker further agrees that it shall (1) implement administrative, physical, and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability or any such electronic PHI; (2) ensure that its Representatives agree to implement reasonable and appropriate safeguards to protect such electronic PHI; and (3) report to the Company any security incident related to Electronic PHI of which the Broker becomes aware. In this context, the term "security incident" means the attempted or successful unauthorized access, use, disclosure, modification or destruction of information or interference with system operations in information systems such as hardware, software, information, data applications, communications and people.

Protected Health Information. PHI"). Notwithstanding anything to ------------------------------------ ---------------------------- the contrary in this Agreement, in order to comply with HIPAA requirements, Broker agrees with respect to any PHI received, obtained or created by Broker, or disclosed or made accessible to Broker, that Broker: (a) shall not use or disclose PHI except to provide services pursuant to this Agreement and consistent with Applicable Law; (b) shall limit the use of, access to and disclosure of PHI to the minimum required to perform services or by Applicable Law; (c) shall use appropriate safeguards to prevent use or disclosure of PHI except as permitted by this Agreement; (d) shall promptly report to MLIDC Principal Underwriter any use or disclosure of MLIDC Principal Underwriter PHI not permitted by this Agreement of which it becomes aware; (e) shall take reasonable steps to mitigate any harmful effect of any use or disclosure of PHI by Broker in violation of the terms of this Agreement or Applicable Law; (f) shall require that any of its Representatives and independent contractors to whom PHI is disclosed or made accessible or who uses PHI has agreed to the same restrictions and conditions that apply to Broker with respect to PHI pursuant to this Agreement; (g) shall, within fifteen (15) days of MLIDCPrincipal Underwriter's request, provide to MLIDC Principal Underwriter any PHI or information relating to PHI as deemed necessary by MLIDC Principal Underwriter to provide individuals with access to, amendment of, and an accounting of disclosures of their PHI, and to incorporate any amendments of the PHI as requested by MLIDCPrincipal Underwriter; (h) shall make its internal practices, books and records relating to its use or disclosure of PHI available to the Secretary of the United States Department of Health and Human Services at his/her request to determine MLIDCPrincipal Underwriter's compliance with Applicable Law; (i) agrees that upon termination of this Agreement it shall, if feasible, return to MLIDC Principal Underwriter or destroy all PHI it maintains in any form and retain no copies, and if such return or destruction is not feasible, to extend the protections of this Agreement to the PHI beyond the termination of this Agreement and for as long as Broker has PHI, and further agrees that any further use or disclosure of the PHI shall be solely for the purposes that make return or destruction infeasible. Destruction without retention of copies is not deemed feasible if prohibited by the terms of this Agreement or by Applicable Law, including record retention requirements under state insurance laws. With respect to PHI received made accessible, maintained or transmitted electronically in the performance of its obligations under this Agreement, Broker further agrees that it shall (1) implement administrative, physical, and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability or any such electronic PHI; (2) ensure that its Representatives agree to implement reasonable and appropriate safeguards to protect such electronic PHI; and (3) report to the Company Principal Underwriter any security incident related to Electronic PHI of which the Broker becomes aware. In this context, the term "security incident" means the attempted or successful unauthorized access, use, disclosure, modification or destruction of information or interference with system operations in information systems such as hardware, software, information, data applications, communications and people.

Protected Health Information. “PHI"”). Notwithstanding anything to ------------------------------------ the contrary in this Agreement, in In order to comply with HIPAA requirements, Broker Member General Agent agrees with respect to any PHI received, obtained or created by BrokerMember General Agent, or disclosed or made accessible to BrokerMember General Agent, that BrokerMember General Agent: (a) shall not use or disclose PHI except to provide services pursuant to this Agreement and consistent with Applicable Law; (b) shall limit the use of, access to and disclosure of PHI to the minimum required to perform services or by Applicable Law; (c) shall use appropriate safeguards to prevent use or disclosure of PHI except as permitted by this Agreement; (d) shall promptly report to MLIDC MetLife any use or disclosure of MLIDC MetLife PHI not permitted by this Agreement of which it becomes aware; (e) shall take reasonable steps to mitigate any harmful effect of any use or disclosure of PHI by Broker Member General Agent in violation of the terms of this Agreement or Applicable Law; (f) shall require that any of its Representatives and Brokers or independent contractors to whom PHI is disclosed or made accessible or who uses PHI has agreed to the same restrictions and conditions that apply to Broker Member General Agent with respect to PHI pursuant to this Agreement; (g) shall, within fifteen (15) days of MLIDC's MetLife’s request, provide to MLIDC MetLife any PHI or information relating to PHI as deemed necessary by MLIDC MetLife to provide individuals with access to, amendment of, and an accounting of disclosures of their PHI, and to incorporate any amendments of the PHI as requested by MLIDCMetLife; (h) shall make its internal practices, books and records relating to its use or disclosure of PHI available to the Secretary of the United States Department of Health and Human Services at his/her request to determine MLIDC's MetLife’s compliance with Applicable Law; (i) agrees that upon termination of this Agreement it shallwill, if feasible, return to MLIDC MetLife or destroy all PHI it maintains in any form and retain no copies, and if such return or destruction is not feasible, to extend the protections of this Agreement to the PHI beyond the termination of this Agreement and for as long as Broker Member General Agent has PHI, and further agrees that any further use or disclosure of the PHI shall will be solely for the purposes that make return or destruction infeasible. Destruction without retention of copies is not deemed feasible if prohibited by the terms of this Agreement or by Applicable Law, including record retention requirements under state insurance laws. With respect to PHI received made accessible, maintained or transmitted electronically in the performance of its obligations under this Agreement, Broker Member General Agent further agrees that it shall (1) implement administrative, physical, and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability or any such electronic PHI; (2) ensure that its Representatives Brokers agree to implement reasonable and appropriate safeguards to protect such electronic PHI; and (3) report to the Company any security incident related to Electronic PHI of which the Broker Member General Agent becomes aware. In this context, the term "security incident" means the attempted or successful unauthorized access, use, disclosure, modification or destruction of information or interference with system operations in information systems such as hardware, software, information, data applications, communications and people.