Common use of Participant Requirements Clause in Contracts

Participant Requirements. Each Participant, whether providing, receiving or using information hereunder, shall:7 a. establish and implement appropriate policies and procedures to prevent unauthorized access, use and disclosure of Protected Information and ensure that such policies and procedures do not conflict with and are not less restrictive than this Agreement;8 b. regularly monitor and audit access to Protected Information and take reasonable steps to pursue, address and mitigate any breach or other privacy and security issues detected by such monitoring;9 c. notify the affected Participants, as soon as reasonably possible, of any Significant Breach and take all reasonable steps to mitigate the breach (for purposes of this subsection c., “affected Participants” shall include any Participant regarding which there is a reasonable possibility that the Participant’s System or data thereon could be negatively impacted by the Significant Breach); d. make its internal practices, books and records relating to uses and disclosures of Protected Information available to the Secretary of the U.S. Department of Health and Human Services or his/her designee, as necessary to comply with HIPAA or other applicable State and federal law; e. provide all Authorized Users with appropriate education and training on the requirements of this Agreement; and f. provide upon request copies or detailed summaries of its privacy and security policies and procedures to the other Participants and, upon reasonable request by another Participant, demonstrate compliance with its policies and procedures.10

Participant Requirements. Each Participant, whether providing, receiving or using information hereunder, shall:7 a. shall:7 establish and implement appropriate policies and procedures to prevent unauthorized access, use and disclosure of Protected Information and ensure that such policies and procedures do not conflict with and are not less restrictive than this Agreement;8 b. Agreement;8 regularly monitor and audit access to Protected Information and take reasonable steps to pursue, address and mitigate any breach or other privacy and security issues detected by such monitoring;9 c. monitoring;9 notify the affected Participants, as soon as reasonably possible, of any Significant Breach and take all reasonable steps to mitigate the breach (for purposes of this subsection c., “affected Participants” shall include any Participant regarding which there is a reasonable possibility that the Participant’s System or data thereon could be negatively impacted by the Significant Breach); d. ; make its internal practices, books and records relating to uses and disclosures of Protected Information available to the Secretary of the U.S. Department of Health and Human Services or his/her designee, as necessary to comply with HIPAA or other applicable State and federal law; e. ; provide all Authorized Users with appropriate education and training on the requirements of this Agreement; and f. and provide upon request copies or detailed summaries of its privacy and security policies and procedures to the other Participants and, upon reasonable request by another Participant, demonstrate compliance with its policies and procedures.10