Safeguarding Privacy and Security of Protected Health Information
Safeguarding Privacy and Security of Protected Health Information Sample Clauses
Related to Safeguarding Privacy and Security of Protected Health Information
Data Protection and Privacy: Protected Health Information Party shall maintain the privacy and security of all individually identifiable health information acquired by or provided to it as a part of the performance of this Agreement. Party shall follow federal and state law relating to privacy and security of individually identifiable health information as applicable, including the Health Insurance Portability and Accountability Act (HIPAA) and its federal regulations.
Access to Protected Health Information 7.1 To the extent Covered Entity determines that Protected Health Information is maintained by Business Associate or its agents or Subcontractors in a Designated Record Set, Business Associate shall, within two (2) business days after receipt of a request from Covered Entity, make the Protected Health Information specified by Covered Entity available to the Individual(s) identified by Covered Entity as being entitled to access and shall provide such Individuals(s) or other person(s) designated by Covered Entity with a copy the specified Protected Health Information, in order for Covered Entity to meet the requirements of 45 C.F.R. § 164.524.
Protected Health Information “Protected Health Information” shall have the same meaning as the term “protected health information” in Section 160.103 and is limited to the information created or received by Contractor from or on behalf of County.
Electronic Protected Health Information “Electronic Protected Health Information” (“EPHI”) means individually identifiable health information that is transmitted or maintained in electronic media, limited to the information created, received, maintained or transmitted by Business Associate from or on behalf of Covered Entity.
Use and Disclosure of Protected Health Information The Business Associate must not use or further disclose protected health information other than as permitted or required by the Contract or as required by law. The Business Associate must not use or further disclose protected health information in a manner that would violate the requirements of HIPAA Regulations.
Unsecured Protected Health Information “Unsecured Protected Health Information” shall have the same meaning as the term “unsecured protected health information” in 45 CFR § 164.402.
Safeguarding and Protecting Children and Vulnerable Adults The Supplier will comply with all applicable legislation and codes of practice, including, where applicable, all legislation and statutory guidance relevant to the safeguarding and protection of children and vulnerable adults and with the British Council’s Child Protection Policy, as notified to the Supplier and amended from time to time, which the Supplier acknowledges may include submitting to a check by the UK Disclosure & Barring Service (DBS) or the equivalent local service; in addition, the Supplier will ensure that, where it engages any other party to supply any of the Services under this Agreement, that that party will also comply with the same requirements as if they were a party to this Agreement.
Privacy of Customer Information (i) Seller’s Customer Information in the possession of Purchaser, other than information independently obtained by Purchaser and not derived in any manner from or using information obtained under or in connection with this Agreement, is and shall remain confidential and proprietary information of Seller. Except in accordance with this Section18(b), Purchaser shall not use any Seller’s Customer Information for any purpose, including the marketing of products or services to, or the solicitation of business from, customers, or disclose any Seller’s Customer Information to any Person, including any of Purchaser’s employees, agents or contractors or any third party not affiliated with Purchaser. Purchaser may use or disclose Seller’s Customer Information only to the extent necessary (1) for examination and audit of Purchaser’s activities, books and records by Purchaser’s regulatory authorities, (2) to protect or exercise Purchaser’s rights and privileges or (3) to carry out Purchaser’s express obligations under this Agreement and the other Program Documents (including providing Seller’s Customer Information to Takeout Buyers), and for no other purpose; provided that Purchaser may also use and disclose Seller’s Customer Information as expressly permitted by Seller in writing, to the extent that such express permission is in accordance with the Privacy Requirements. Purchaser shall take commercially reasonable steps to ensure that each Person to which Purchaser intends to disclose Seller’s Customer Information, before any such disclosure of information, agrees to keep confidential any such Seller’s Customer Information and to use or disclose such Seller’s Customer Information only to the extent necessary to protect or exercise Purchaser’s rights and privileges, or to carry out Purchaser’s express obligations, under this Agreement and the other Program Documents (including providing Seller’s Customer Information to Takeout Buyers). Xxxxxxxxx agrees to maintain an information security program and to assess, manage and control risks relating to the security and confidentiality of Seller’s Customer Information pursuant to such program in the same manner as Purchaser does in respect of its own customers’ information, and shall implement the standards relating to such risks in the manner set forth in the Interagency Guidelines Establishing Standards for Safeguarding Company Customer Information set forth in 12 CFR Parts 30, 168, 170, 208, 211, 225, 263, 308 and 364. Without limiting the scope of the foregoing sentence, Purchaser shall use at least the same physical and other security measures to protect all of Seller’s Customer Information in its possession or control as it uses for its own customers’ confidential and proprietary information.
Safeguarding Customer Information The Servicer has implemented and will maintain security measures designed to meet the objectives of the Interagency Guidelines Establishing Standards for Safeguarding Customer Information published in final form on February 1, 2001, 66 Fed. Reg. 8616 and the rules promulgated thereunder, as amended from time to time (the “Guidelines”). The Servicer shall promptly provide the Master Servicer, the Trustee and the NIMS Insurer information reasonably available to it regarding such security measures upon the reasonable request of the Master Servicer, the Trustee and the NIMS Insurer which information shall include, but not be limited to, any Statement on Auditing Standards (SAS) No. 70 report covering the Servicer’s operations, and any other audit reports, summaries of test results or equivalent measures taken by the Servicer with respect to its security measures to the extent reasonably necessary in order for the Seller to satisfy its obligations under the Guidelines.
Safeguards for Personal Information Supplier agrees to develop, implement, maintain, and use administrative, technical, and physical safeguards, as deemed appropriate by DXC, to preserve the security, integrity and confidentiality of, and to prevent intentional or unintentional non-permitted or violating use or disclosure of, and to protect against unauthorized access to or accidental or unlawful destruction, loss, or alteration of, the Personal Information Processed, created for or received from or on behalf of DXC in connection with the Services, functions or transactions to be provided under or contemplated by this Agreement. Such safeguards shall meet all applicable legal standards (including any encryption requirements imposed by law) and shall meet or exceed accepted security standards in the industry, such as ISO 27001/27002. Supplier agrees to document and keep these safeguards current and shall make the documentation available to DXC upon request. Supplier shall ensure that only Supplier’s employees or representatives who may be required to assist Supplier in meeting its obligations under this Agreement shall have access to the Personal Information.
