Electronic PHI Security Rule Obligations Clause Samples

The Electronic PHI Security Rule Obligations clause defines the responsibilities of parties to protect the security of electronic protected health information (ePHI) in accordance with applicable laws, such as HIPAA. It typically requires implementing administrative, physical, and technical safeguards to prevent unauthorized access, use, or disclosure of ePHI, and may include requirements for risk assessments, employee training, and incident response procedures. This clause ensures that sensitive health information is properly secured in electronic form, thereby reducing the risk of data breaches and maintaining compliance with legal and regulatory standards.
Electronic PHI Security Rule Obligations. 5.1 With respect to Electronic PHI, Business Associate shall: a) Implement and use Administrative, Physical, and Technical Safeguards in compliance with 45 CFR sections 164.308, 164.310, and 164.312; b) Identify in writing upon request from Covered Entity all the safeguards that it uses to protect such Electronic PHI; c) Prior to any Use or Disclosure of Electronic PHI by an Agent or Subcontractor, ensure that any Agent or Subcontractor to whom it provides Electronic PHI agrees in writing to implement and use Administrative, Physical, and Technical Safeguards that reasonably and appropriately protect the Confidentiality, Integrity and Availability of Electronic PHI. The written agreement must identify Covered Entity as a direct and intended third party beneficiary with the right to enforce any breach of the agreement concerning the Use or Disclosure of Electronic PHI, and be provided to Covered Entity upon request; d) Report in writing to Covered Entity any Successful Security Incident or Targeted Unsuccessful Security Incident as soon as it becomes aware of such incident and in no event later than five (5) business days after such awareness. Such Report shall be timely made notwithstanding the fact that little information may be known at the time of the Report and need only include such information then available; e) Following such Report, provide Covered Entity with the information necessary for Covered Entity to investigate any such incident; and f) Continue to provide to Covered Entity information concerning the incident as it becomes available to it.
View SourceView Similar (169)
Electronic PHI Security Rule Obligations. 5.1 With respect to Electronic PHI, Contractor Business Associate shall: a) Implement and use Administrative, Physical, and Technical Safeguards in compliance with 45 CFR sections 164.308, 164.310, and 164.312; b) Identify in writing upon request from the State all the safeguards that it uses to protect such Electronic PHI; c) Prior to any Use or Disclosure of Electronic PHI by an Agent or Subcontractor, ensure that any Agent or Subcontractor to whom it provides Electronic PHI agrees in writing to implement and use Administrative, Physical, and Technical Safeguards that reasonably and appropriately protect the Confidentiality, Integrity and Availability of Electronic PHI. The written agreement must identify the State as a direct and intended third party beneficiary with the right to enforce any breach of the agreement concerning the Use or Disclosure of Electronic PHI, and be provided to the State upon request;
View SourceView Similar (6)
Electronic PHI Security Rule Obligations. 5.1 With respect to Electronic PHI, Business Associate shall:
View SourceView Similar (3)
Electronic PHI Security Rule Obligations. 5.1 With respect to Electronic PHI, Business Associate shall: a) Implement and use Administrative, Physical, and Technical Safeguards in compliance with 45 CFR sections 164.308, 164.310, and 164.312; b) Identify in writing upon request from Covered Entity all the safeguards that it uses to protect such Electronic PHI; c) Prior to any Use or Disclosure of Electronic PHI by an Agent or Subcontractor, ensure that any Agent or Subcontractor to whom it provides Electronic PHI agrees in writing to implement and use Administrative, Physical, and Technical Safeguards that reasonably and appropriately protect the Confidentiality, Integrity and Availability of Electronic PHI. The written agreement must identify Covered Entity as a direct and intended third party beneficiary with the right to enforce any breach of the agreement concerning the Use or Disclosure of Electronic PHI, and be provided to Covered Entity upon request; d) Report in writing to Covered Entity any Successful Security Incident or Targeted Unsuccessful Security Incident as soon as it becomes aware of such incident and in no
View Source

Related to Electronic PHI Security Rule Obligations

  • Data Security Requirements Without limiting Contractor’s obligation of confidentiality as further described in this Contract, Contractor must establish, maintain, and enforce a data privacy program and an information and cyber security program, including safety, physical, and technical security and resiliency policies and procedures, that comply with the requirements set forth in this Contract and, to the extent such programs are consistent with and not less protective than the requirements set forth in this Contract and are at least equal to applicable best industry practices and standards (NIST 800-53).

  • Electronic Payments The Grantee can choose to use electronic funds transfer (EFT) to receive grant payments. All grantees wishing to receive their award through EFT must submit a Vendor Direct Deposit Authorization form (form number DFS-AI-26E, rev 6/2014), incorporated by reference, to the Florida Department of Financial Services. If EFT has already been set up for your organization, you do not need to submit another authorization form unless you have changed bank accounts. To download this form visit ▇▇▇▇▇▇▇▇▇▇▇▇.▇▇▇/▇▇▇▇▇▇▇▇/▇▇/▇▇▇▇▇/▇▇▇-▇▇-▇▇▇.▇▇▇. The form also includes tools and information that allow you to check on payments.