Obligations of Covered Entity Regarding Protected Health Information Sample Clauses

Obligations of Covered Entity Regarding Protected Health Information. (a) Covered Entity shall provide Business Associate with any changes in, or revocation of, authorization by an Individual to use or disclose Protected Health Information, if such changes affect Business Associate's permitted or required uses and disclosures. (b) Covered Entity shall notify Business Associate of any restriction to the use or disclosure of Protected Health Information that Covered Entity has agreed to in accordance with 45 C.F.R. § 164.522. Covered Entity shall not agree to any restrictions on the use and/or disclosure of PHI that adversely affects Business Associate. Covered Entity shall notify Business Associate, in writing, of any restriction on the use and/or disclosure of PHI that may adversely affect Business Associate. Covered Entity agrees that Business Associate shall recover costs associated with restrictions on the use and/or disclosure of PHI that adversely affect the Business Associate’s ability or costs of performance. (c) Covered Entity shall provide Business Associate with the notice of privacy practices that Covered Entity produces in accordance with 45 C.F.R. § 164.520, as well as any changes to that notice. (d) Covered Entity acknowledges that it shall provide to, or request from, the Business Associate only the minimum Protected Health Information necessary for Business Associate to perform or fulfill a specific function required or permitted hereunder. (e) Covered Entity shall take immediate steps to mitigate an impermissible use or disclosure of Protected Health Information from Business Associate to Covered Entity, including its staff, employees and agents who send and receive Protected Health Information to and from Business Associate in the course and scope of their employment, such as obtaining the recipient’s satisfactory assurances that the information will not be further used or disclosed (through a confidentiality agreement or similar means between Covered Entity and its staff, employees and agents) or will be destroyed.
View SourceView Similar (2)

Related to Obligations of Covered Entity Regarding Protected Health Information

  • ACCESS TO PROTECTED HEALTH INFORMATION 7.1 To the extent Covered Entity determines that Protected Health Information is maintained by Business Associate or its agents or Subcontractors in a Designated Record Set, Business Associate shall, within two (2) business days after receipt of a request from Covered Entity, make the Protected Health Information specified by Covered Entity available to the Individual(s) identified by Covered Entity as being entitled to access and shall provide such Individuals(s) or other person(s) designated by Covered Entity with a copy the specified Protected Health Information, in order for Covered Entity to meet the requirements of 45 C.F.R. § 164.524. 7.2 If any Individual requests access to Protected Health Information directly from Business Associate or its agents or Subcontractors, Business Associate shall notify Covered Entity in writing within two (2) days of the receipt of the request. Whether access shall be provided or denied shall be determined by Covered Entity. 7.3 To the extent that Business Associate maintains Protected Health Information that is subject to access as set forth above in one or more Designated Record Sets electronically and if the Individual requests an electronic copy of such information, Business Associate shall provide the Individual with access to the Protected Health Information in the electronic form and format requested by the Individual, if it is readily producible in such form and format; or, if not, in a readable electronic form and format as agreed to by Covered Entity and the Individual.

  • Data Protection and Privacy: Protected Health Information Party shall maintain the privacy and security of all individually identifiable health information acquired by or provided to it as a part of the performance of this Agreement. Party shall follow federal and state law relating to privacy and security of individually identifiable health information as applicable, including the Health Insurance Portability and Accountability Act (HIPAA) and its federal regulations.

  • Amendment of Protected Health Information 8.1 To the extent Covered Entity determines that any Protected Health Information is maintained by Business Associate or its agents or Subcontractors in a Designated Record Set, Business Associate shall, within ten (10) business days after receipt of a written request from Covered Entity, make any amendments to such Protected Health Information that are requested by Covered Entity, in order for Covered Entity to meet the requirements of 45 C.F.R. § 164.526. 8.2 If any Individual requests an amendment to Protected Health Information directly from Business Associate or its agents or Subcontractors, Business Associate shall notify Covered Entity in writing within five (5) days of the receipt of the request. Whether an amendment shall be granted or denied shall be determined by Covered Entity.

  • Electronic Protected Health Information “Electronic Protected Health Information” means individually identifiable health information that is transmitted by or maintained in electronic media.

  • Protected Health Information “Protected Health Information” shall have the same meaning as the term “protected health information” in Section 160.103 and is limited to the information created or received by Contractor from or on behalf of County.