Governmental Access to Records. BA shall make its internal practices, books and records relating to the use and disclosure of Protected Information available to CE and to the Secretary of the U.S. Department of Health and Human Services (the “Secretary”) for purposes of determining BA’s compliance with HIPAA [45 C.F.R. Section 164.504(A)(2)(ii)(I)]. BA shall provide CE a copy of any Protected Information and other documents and records that BA provides to the Secretary concurrently with providing such Protected Information to the Secretary.
Governmental Access to Records. Business Associate shall make its facilities, internal practices, books, records, and other sources of information, including PHI, available to the Secretary for purposes of determining compliance with the HIPAA Rules in accordance with 45 C.F.R. 160.310.
Governmental Access to Records. Business Associate agrees to make its internal practices, books and records, including policies and procedures and PHI, relating to the use and disclosure of PHI received from, or created or received for Covered Entity, available to the Secretary, for the purposes of the Secretary determining Covered Entity’s compliance with the Privacy Rule.
Governmental Access to Records. Associate shall keep records and make its internal practices, books and records relating to the use and disclosure of Protected Information available to the Secretary of the U.S. Department of Health and Human Services (the “Secretary”), in a time and manner designated by the Secretary, for purposes of determining CE’s or Associate’s compliance with the HIPAA Rules. Associate shall provide to CE a copy of any Protected Information that Associate provides to the Secretary concurrently with providing such Protected Information to the Secretary when the Secretary is investigating CE. Associate shall cooperate with the Secretary if the Secretary undertakes an investigation or compliance review of Associate’s policies, procedures or practices to determine whether Associate is complying with the HIPAA Rules, and permit access by the Secretary during normal business hours to its facilities, books, records, accounts, and other sources of information, including Protected Information, that are pertinent to ascertaining compliance.
Governmental Access to Records. Business Associate shall make its internal practices, books and records relating to the Use and Disclosure of PHI available to the Secretary for purposes of determining Covered Entity’s compliance with the HIPAA Regulations and the HITECH Act. Except to the extent prohibited by law, Business Associate agrees to notify Covered Entity of all requests served upon Business Associate for information or documentation by or on behalf of the Secretary. Business Associate shall provide to Covered Entity a copy of any PHI that Business Associate provides to the Secretary concurrently with providing such PHI to the Secretary.
Governmental Access to Records. Contractor shall make its internal practices, books and records relating to its use and disclosure of the protected health information it creates for or receives from the County, available to the County and to the Secretary of the U.S. Department of Health and Human for purposes of determining Contractors compliance with the Privacy rule [45 C.F.R. § 164.504(e)(2)(ii)(H)]. Contractor shall provide to the County a copy of any Protected Health Information that Contractor provides to the Secretary concurrently with providing such Protected Information to the Secretary.
Governmental Access to Records. Contractor shall make its internal practices, books and records relating to the use, disclosure, and privacy protection of Protected Information available to County and to the DHHS Secretary for purposes of determining County’s compliance with the Privacy Rule. Contractor shall provide to County a copy of any Protected Information that Contractor provides to the DHHS Secretary concurrently with providing such Protected Information to the US Department of Health & Human Services (“DHHS”) Secretary.
Governmental Access to Records. Associate shall make its internal practices, books and records relating to the use and disclosure of Protected Information available to CE and to the Secretary of the U.S. Department of Health and Human Services (the "Secretary") for purposes of determining Associate's compliance with the Privacy Rule. [45 CFR § 164.504(e)(2)(ii)(H)] Associate shall provide to CE a copy of any Protected Information that Associate provides to the Secretary concurrently with providing such Protected Information to the Secretary.
Governmental Access to Records. Business Associate shall make its facilities, internal practices, books, records, and other sources of information, including PHI, available to the Secretary for purposes of determining compliance with the HIPAA Rules in accordance with 45 C.F.R. 160.310. Audit, Inspection and Enforcement. Business Associate shall obtain and update at least annually a written assessment performed by an independent third party reasonably acceptable to Covered Entity, which evaluates the Information Security of the applications, infrastructure, and processes that interact with the Covered Entity data Business Associate receives, manipulates, stores and distributes. Upon request by Covered Entity, Business Associate shall provide to Covered Entity the executive summary of the assessment. Business Associate, upon the request of Covered Entity, shall fully cooperate with Covered Entity’s efforts to audit Business Associate’s compliance with applicable HIPAA Rules. If, through audit or inspection, Covered Entity determines that Business Associate’s conduct would result in violation of the HIPAA Rules or is in violation of the Contract or this Agreement, Business Associate shall promptly remedy any such violation and shall certify completion of its remedy in writing to Covered Entity. Appropriate Safeguards. Business Associate shall use appropriate safeguards and comply with Subpart C of 45 C.F.R. Part 164 with respect to electronic PHI to prevent use or disclosure of PHI other than as provided in this Agreement. Business Associate shall safeguard the PHI from tampering and unauthorized disclosures. Business Associate shall maintain the confidentiality of passwords and other data required for accessing this information. Business Associate shall extend protection beyond the initial information obtained from Covered Entity to any databases or collections of PHI containing information derived from the PHI. The provisions of this section shall be in force unless PHI is de-identified in conformance to the requirements of the HIPAA Rules. Safeguard During Transmission. Business Associate shall use reasonable and appropriate safeguards including, without limitation, Information Security measures to ensure that all transmissions of PHI are authorized and to prevent use or disclosure of PHI other than as provided for by this Agreement. Business Associate shall not transmit PHI over the internet or any other insecure or open communication channel unless the PHI is encrypted or otherwise sa...
Governmental Access to Records. Business Associate shall make PHI and its facilities, internal practices, books, records, accounts, and other information relating to the use and disclosure of PHI available to the Secretary, authorized governmental officials, and Covered Entity in a prompt and reasonable time and manner and shall cooperate with the Secretary concerning any investigation designed to determine Covered Entity's or Business Associate's compliance with HIPAA. Unless the Secretary directs otherwise, Business Associate shall promptly notify Covered Entity in writing of Business Associate's receipt of a request for information from the Secretary or notice concerning an investigation by the Secretary and shall provide Covered Entity with a copy of all documents made available to the Secretary.
