Limitations on Uses and Disclosures of PHI Clause Samples

The "Limitations on Uses and Disclosures of PHI" clause restricts how protected health information (PHI) can be used or shared by parties subject to the agreement. Typically, this clause specifies that PHI may only be used or disclosed for purposes directly related to the services provided, such as treatment, payment, or healthcare operations, and may require additional safeguards or authorizations for any other uses. By clearly defining and limiting the circumstances under which PHI can be accessed or shared, this clause helps ensure compliance with privacy laws like HIPAA and protects individuals' sensitive health information from unauthorized exposure.
Limitations on Uses and Disclosures of PHI. Business Associate/QSO shall not, and shall ensure that its directors, officers, employees, and agents do not, use or disclose PHI in any manner that is not permitted or required by the Relationship, this Agreement, or required by law. All uses and disclosures of, and requests by Business Associate/QSO, for PHI are subject to the minimum necessary rule of the Privacy Standards and shall be limited to the information contained in a limited data set, to the extent practical, unless additional information is needed to accomplish the intended purpose, or as otherwise permitted in accordance with Section 13405(b) of HITECH and any implementing regulations. See Permitted Uses and Disclosures by Business Associate below.
View SourceView Similar (19)
Limitations on Uses and Disclosures of PHI. Business Associate shall not, and shall ensure that its directors, officers, employees, and agents do not, use or disclose PHI received from Covered Entity in any manner that would constitute a violation of HIPAA or is not permitted or required by this Business Associate Agreement or required by law. All uses and disclosures of and requests by Business Associate for PHI are subject to the minimum necessary rule of the Privacy Standards.
View Source
Limitations on Uses and Disclosures of PHI. Business Associate shall not Use or Disclose PHI in any manner that would violate HIPAA, [State] Confidentiality Law, or other applicable law or regulation governing the privacy of PHI.
View Source
Limitations on Uses and Disclosures of PHI. Business Associate shall not, and shall ensure that its directors, officers, employees, and agents do not, use or disclose PHI received from a Covered Entity or Ascension Health in any manner that is not permitted or required by the Agreements, this Addendum, or required by law. All uses and disclosures of, and requests by Business Associate for, PHI are subject to the minimum necessary rule under HIPAA and HITECH and shall be limited to the information contained in a limited data set, to the extent practical, unless additional information is needed to accomplish the intended purpose, or as otherwise permitted in accordance with Section 13405(b) of HITECH and any implementing regulations.
View Source
Limitations on Uses and Disclosures of PHI. Business Associate shall not, and shall ensure that its directors, officers, employees, and agents do not, use or disclose PHI received from a Covered Entity or Ascension Health in any manner that is not permitted or required by the Agreements, this Addendum, or required by law. All uses and disclosures of, and requests by Business Associate for, PHI are subject to the minimum necessary rule under HIPAA and HITECH and shall be limited to the information contained in a limited data set, to the extent practical, unless additional information is needed to accomplish the intended purpose, or as otherwise permitted in accordance with Section 13405(b) of HITECH and any implementing regulations. 5. Required Safeguards To Protect PHI. Business Associate agrees that it will implement appropriate safeguards in accordance with HIPAA and HITECH to prevent the use or disclosure of PHI other than pursuant to the terms and conditions of this Addendum. Business Associate will provide its policies and procedures that set forth these safeguards, at least annually to Covered Entity.
View Source
Limitations on Uses and Disclosures of PHI. Business Associate shall not, and shall ensure that its directors, officers, employees, subcontractors, and agents do not, use or disclose PHI in any manner that is not permitted by this Agreement or that would violate Subpart E of 45 CFR 164 ("Privacy Rule") if done by Covered Entity. Business Associate is not authorized to create de-identified information from PHI. All uses and disclosures of, and requests by, Business Associate for PHI are subject to the minimum necessary rule of the Privacy Rule and consistent with Covered Entity's minimum necessary policies and procedures.
View Source

Related to Limitations on Uses and Disclosures of PHI

  • Restrictions on Use and Disclosure Covered Entity shall notify Business Associate of any restriction on the use or disclosure of PHI that Covered Entity has agreed to in accordance with 45 C.F.R. § 164.522, to the extent such restriction may affect Business Associate’s use or disclosure of PHI.

  • Permitted Uses and Disclosures of PHI and the third party notifies the Business Associate of any instances of which it is aware in which the confidentiality of the information has been breached.

  • Specific Use and Disclosure Provisions (A) Except as otherwise limited in this Section of the Contract, Business Associate may use PHI for the proper management and administration of Business Associate or to carry out the legal responsibilities of Business Associate. (B) Except as otherwise limited in this Section of the Contract, Business Associate may disclose PHI for the proper management and administration of Business Associate, provided that disclosures are Required by Law, or Business Associate obtains reasonable assurances from the person to whom the information is disclosed that it will remain confidential and used or further disclosed only as Required by Law or for the purpose for which it was disclosed to the person, and the person notifies Business Associate of any instances of which it is aware in which the confidentiality of the information has been breached. (C) Except as otherwise limited in this Section of the Contract, Business Associate may use PHI to provide data aggregation services to Covered Entity as permitted by 45 C.F.R. § 164.504(e)(2)(i)(B).

  • Use and Disclosure Restrictions Receiving Party will: (i) not use the Disclosing Party’s Confidential Information, except as necessary to exercise the rights granted under this Agreement or to evaluate opportunities to license additional Software pursuant to this Agreement; and (ii) not disclose such Confidential Information to any third party, other than to its employees, contractors and as permitted under this Section 4.3. The foregoing obligations will not restrict either party from disclosing the other party’s Confidential Information or the terms and conditions of this Agreement: (a) pursuant to the order or requirement of a court, administrative agency, or other governmental body, provided that the party required to make such a disclosure gives reasonable notice to the other party to enable it to contest such order or requirement; (b) on a confidential basis to its legal or financial advisors that need to know in order to provide business advice to such party; (c) as required under applicable securities regulations; or (d) on a confidential basis to present or future providers of venture capital and/or potential private investors in or acquirers of such party.

  • Permitted Uses and Disclosures of Phi by Business Associate Except as otherwise indicated in this Agreement, Business Associate may use or disclose PHI, inclusive of de-identified data derived from such PHI, only to perform functions, activities or services specified in this Agreement on behalf of DHCS, provided that such use or disclosure would not violate HIPAA or other applicable laws if done by DHCS.