Common use of Security Compliance Clause in Contracts

Security Compliance. Business Associate agrees to implement administrative, physical and technical safeguards that reasonably and appropriately protect the confidentiality, integrity and availability of the electronic protected health information that it creates, receives, maintains, or transmits on behalf of the Covered Entity, and will require that its agents and contractors to whom it provides such information do the same. Further, Business Associate agrees to comply with Covered Entity’s security policies and procedures. Business Associate also agrees to provide Covered Entity with access to and information concerning Business Associate’s security and confidentiality policies, processes, and practices that affect electronic PHI provided to or created by Business Associate pursuant to the Agreement upon reasonable request of the Covered Entity. Covered Entity shall determine if Business Associate’s security and confidentiality practices, policies, and processes comply with HIPAA and all regulations promulgated under HIPAA. Additionally, Business Associate will immediately report to Covered Entity any Security Incident of which it becomes aware.