Protection of Phi by Business Associate Sample Clauses

Protection of Phi by Business Associate. Business Associate shall:

Protection of Phi by Business Associate. Business Associate shall: Not use or disclose PHI other than as permitted or required by this Agreement, any underlying agreement between the parties, or as Required By Law. Make reasonable efforts to limit requests for and the use and disclosure of PHI to a Limited Data Set (as defined in 45 C.F.R. § 164.514(e)(2)) or to the Minimum Necessary PHI to accomplish the intended purpose of such use, disclosure or request. Use appropriate, commercially reasonable safeguards to prevent the use or disclosure of PHI other than those uses or disclosures provided for by this Agreement and comply with the Security Rule with respect to ePHI. Develop and implement administrative, physical and technical safeguards, at its expense, as may be required from time to time to maintain compliance with HIPAA and HITECH and to reasonably and appropriately protect the confidentiality, integrity and availability of ePHI that it creates, receives, maintains or transmits on behalf of Covered Entity and to prevent non-permitted or violating Uses or Disclosures of ePHI. Mitigate, to the extent practicable, any harmful effect of an unauthorized use or disclosure of PHI by Business Associate, or a subcontractor, vendor, or agent of Business Associate, in violation of the requirements of this Agreement. Report without unreasonable delay, and in no event later than three (3) business days, to the designated privacy officer of Covered Entity any Security Incident Business Associate Discovers. Notify the designated privacy officer of Covered Entity after Business Associate’s Discovery of a Breach without unreasonable delay, and in no event later than three (3) business days after Business Associate, or any of its employees or agents, Discovered the Breach. Such notification shall include, to the extent possible, the identification of each Individual whose PHI has been, or is reasonably believed by Business Associate to have been, accessed, acquired, used, or disclosed during the Breach and any other information available to Business Associate about the Breach which is required to be included in the notification of the Breach provided to the Individual in accordance with 45 C.F.R. §164.404(c). Business Associate will notify Covered Entity prior to any communication with Individuals affected by any Breach. If Business Associate (or one of its subcontractors, vendors or agents) is responsible for a Breach, Covered Entity may, at its option, require Business Associate to provide any of the notif...

Protection of Phi by Business Associate. 3.1 Business Associate acknowledges and agrees that all PHI that is created or received by Covered Entity and disclosed or made available in any form, including paper record, oral communication, audio recording and electronic display, by Covered Entity or its operating units to Business Associate, or is created or received by Business Associate on Covered Entity’s behalf, shall be subject to this Business Associate Agreement.

Protection of Phi by Business Associate