Common use of Records and Audit Clause in Contracts

Records and Audit. Contractor agrees to make its internal practices, books and records relating to the use and disclosure of Protected Health Information and/or Personally Identifiable Information received from the Exchange, or created or received by Contractor on behalf of the Exchange or in connection with this Agreement available to the Secretary of the U.S. Department of Health and Human Services for purposes of determining the Contractor’s and/or the Exchange’s compliance with HIPAA Requirements. In addition, Contractor shall provide the Exchange with information concerning its safeguards described throughout this Section and/or other information security practices as they pertain to the protection of Protected Health Information and Personally Identifiable Information, as the Exchange may from time to time request. Failure of Contractor to complete or to respond to the Exchange’s request for information within the reasonable timeframe specified by the Exchange shall constitute a material breach of this Agreement. In the event of a Breach or Security Incident related to Protected Health Information and/or Personally Identifiable Information or any use or disclosure of Protected Health Information and/or Personally Identifiable Information by Contractor in violation of the requirements of this Agreement, the Exchange will be permitted access to Contractor’s facilities in order to review policies, procedures and controls relating solely to compliance with the terms of this Agreement.

Records and Audit. Contractor Trading Partner agrees to make its internal practices, books and records relating to the use and disclosure of Protected Health Information and/or Personally Identifiable Information received from the Exchange, or created or received by Contractor Trading Partner on behalf of the Exchange or in connection with this Agreement available to the Secretary of the U.S. Department of Health and Human Services for purposes of determining the ContractorTrading Partner’s and/or the Exchange’s compliance with HIPAA Requirements. In addition, Contractor Trading Partner shall provide the Exchange with information concerning its safeguards described throughout this Section and/or other information security practices as they pertain to the protection of Protected Health Information and Personally Identifiable Information, as the Exchange may from time to time request. Failure of Contractor Trading Partner to complete or to respond to the Exchange’s request for information within the reasonable timeframe specified by the Exchange shall constitute a material breach of this Agreement. In the event of a Breach or Security Incident related to Protected Health Information and/or Personally Identifiable Information or any use or disclosure of Protected Health Information and/or Personally Identifiable Information by Contractor Trading Partner in violation of the requirements of this Agreement, the Exchange will be permitted access to ContractorTrading Partner’s facilities in order to review policies, procedures and controls relating solely to compliance with the terms of this Agreement.

Records and Audit. Contractor agrees to make its internal practices, books and records relating to the use and disclosure of Protected Health Information and/or Personally Identifiable Information received from the Exchange, or created or received by Contractor on behalf of the Exchange or in connection with this Agreement available to the Secretary of the U.S. Department of Health and Human Services for purposes of determining the Contractor’s and/or the Exchange’s compliance with HIPAA Requirements. In addition, Contractor shall provide the Exchange with information concerning its safeguards described throughout this Section section and/or other information security practices as they pertain to the protection of Protected Health Information and Personally Identifiable Information, as the Exchange may from time to time request. Failure of Contractor to complete or to respond to the Exchange’s request for information within the reasonable timeframe specified by the Exchange shall constitute a material breach of this Agreement. In the event of a Breach or Security Incident related to Protected Health Information and/or Personally Identifiable Information or any use or disclosure of Protected Health Information and/or Personally Identifiable Information by Contractor in violation of the requirements of this Agreement, the Exchange will be permitted access to Contractor’s facilities in order to review policies, procedures procedures, and controls relating solely to compliance with the terms of this Agreement.

Records and Audit. Contractor agrees to make its internal practices, books and records relating to the use and disclosure of Protected Health Information and/or Personally Identifiable Information received from the Exchange, or created or received by Contractor on behalf of the Exchange or in connection with this Agreement available to the Secretary of the U.S. Department of Health and Human Services for purposes of determining the Contractor’s and/or the Exchange’s compliance with HIPAA Requirements. In addition, Contractor shall provide the Exchange with information concerning its safeguards described throughout this Section section and/or other information security practices as they pertain to the protection of Protected Health Information and Personally Identifiable Information, as the Exchange may from time to time request. Failure of Contractor to complete or to respond to the Exchange’s request for information within the reasonable timeframe specified by the Exchange shall constitute a material breach of this Agreement. In the event of a Breach or Security Incident related to Protected Health Information and/or Personally Identifiable Information or any use or disclosure of Protected Health Information and/or Personally Identifiable Information by Contractor in violation of the requirements of this Agreement, the Exchange will be permitted access to Contractor’s facilities in order to review policies, procedures and controls relating solely to compliance with the terms of this Agreement.

Records and Audit. Contractor agrees to make its internal practices, books and records relating to the use and disclosure of Protected Health Information and/or Personally Identifiable Information received from the Exchange, or created or received by Contractor on behalf of the Exchange or in connection with this Agreement available to the Secretary of the U.S. Department of Health and Human Services for purposes of determining the Contractor’s and/or the Exchange’s compliance with HIPAA Requirements. In addition, Contractor shall provide the Exchange with information concerning its safeguards described throughout this Section and/or other information security practices as they pertain to the protection of Protected Health Information and Personally Identifiable Information, as the Exchange may from time to time request. Failure of Contractor to complete or to respond to the Exchange’s request for information within the reasonable timeframe specified by the Exchange shall constitute a material breach of this Agreement. In the event of a Breach or Security Incident related to Protected Health Information and/or Personally Identifiable Information or any use or disclosure of Protected Health Information and/or Personally Identifiable Information by Contractor in violation of the requirements of this Agreement, the Exchange will be permitted access to Contractor’s facilities in order to review policies, procedures and controls relating solely to compliance with the terms of this Agreement.

Records and Audit. Contractor Trading Partner agrees to make its internal practices, books and records relating to the use and disclosure of Protected Health Information and/or Personally Identifiable Information received from the ExchangeISCD, or created or received by Contractor Trading Partner on behalf of the Exchange ISCD or in connection with this Agreement available to the Secretary of the U.S. Department of Health and Human Services for purposes of determining the ContractorTrading Partner’s and/or the ExchangeISCD’s compliance with HIPAA Requirements. In addition, Contractor Trading Partner shall provide the Exchange ISCD with information concerning its safeguards described throughout this Section and/or other information security practices as they pertain to the protection of Protected Health Information and Personally Identifiable Information, as the Exchange may from time to time request. Failure of Contractor Trading Partner to complete or to respond to the ExchangeISCD’s request for information within the reasonable timeframe specified by the Exchange ISCD shall constitute a material breach of this Agreement. In the event of a Breach or Security Incident related to Protected Health Information and/or Personally Identifiable Information or any use or disclosure of Protected Health Information and/or Personally Identifiable Information by Contractor Trading Partner in violation of the requirements of this Agreement, the Exchange ISCD will be permitted access to ContractorTrading Partner’s facilities in order to review policies, procedures and controls relating solely to compliance with the terms of this Agreement.

Records and Audit. Contractor agrees to make its internal practices, books and records relating to the use and disclosure of Protected Health Information and/or Personally Identifiable Information received from the Exchange, or created or received by Contractor on behalf of the Exchange or in connection with this Agreement available to the Secretary of the U.S. Department of Health and Human Services for purposes of determining the Contractor’s Contractor¶s and/or the Exchange’s Exchange¶s compliance with HIPAA Requirements. In addition, Contractor shall provide the Exchange with information concerning its safeguards described throughout this Section and/or other information security practices as they pertain to the protection of Protected Health Information and Personally Identifiable Information, as the Exchange may from time to time request. Failure of Contractor to complete or to respond to the Exchange’s Exchange¶s request for information within the reasonable timeframe specified by the Exchange shall constitute a material breach of this Agreement. In the event of a Breach or Security Incident related to Protected Health Information and/or Personally Identifiable Information or any use or disclosure of Protected Health Information and/or Personally Identifiable Information by Contractor in violation of the requirements of this Agreement, the Exchange will be permitted access to Contractor’s Contractor¶s facilities in order to review policies, procedures and controls relating solely to compliance with the terms of this Agreement.

Records and Audit. Contractor agrees to make its internal practices, books and records relating to the use and disclosure of Protected Health Information and/or Personally Identifiable Information received from the Exchange, or created or received by Contractor on behalf of the Exchange or in connection with this Agreement available to the Secretary of the U.S. Department of Health and Human Services for purposes of determining the Contractor’s and/or the Exchange’s compliance with HIPAA Requirements. In addition, Contractor shall provide the Exchange with information concerning its safeguards described throughout this Section and/or other information security practices as they pertain to the protection of Protected Health Information and Personally Identifiable Information, as the Exchange may from time to time request. Failure of Contractor to complete or to respond to the Exchange’s request for information within the reasonable timeframe specified by the Exchange shall constitute a material breach of this Agreement. In the event of a Breach or Security Incident related to Protected Health Information and/or Personally Identifiable Information or any use or disclosure of Protected Health Information and/or Personally Identifiable Information by Contractor in violation of the requirements of this Agreement, the Exchange will be permitted access to Contractor’s facilities in order to review policies, procedures procedures, and controls relating solely to compliance with the terms of this Agreement.