Common use of Prohibition on Unauthorized Use or Disclosure of Protected Health Information Clause in Contracts

Prohibition on Unauthorized Use or Disclosure of Protected Health Information. Business Associate acknowledges that any PHI provided to Business Associate by EMS Agency or any PHI created, maintained or transmitted by Business Associate or any authorized subcontractor or agent in connection with providing services to, or on behalf of EMS Agency, shall be subject to this Addendum. Business Associate shall not use or disclose any Protected Health Information (“PHI”) it receives, creates, maintains or transmits, except as permitted or required by the Agreement or as otherwise required by law or authorized in writing by EMS Agency, and then only if such use or disclosure would not violate the Privacy Rule if used or disclosed by EMS Agency. Business Associate shall comply with: (a) the HIPAA Rules as if Business Associate were a Covered Provider under such rules; (b) State laws, rules and regulations that apply to PHI and that are not preempted by the HIPAA Rules or the Employee Retirement Income Security Act of 1974 ("ERISA") as amended; and (c) EMS Agency's Health Information Privacy and Security Policies and Procedures.

Prohibition on Unauthorized Use or Disclosure of Protected Health Information. Business Associate acknowledges that any PHI Protected Health Information (“PHI”) provided to Business Associate by EMS Agency or any PHI created, maintained or transmitted by Business Associate or any authorized subcontractor or agent in connection with providing services to, or on behalf of EMS Agency, shall be subject to this Addendum. Business Associate shall not use or disclose any Protected Health Information (“PHI”) PHI it receives, creates, maintains or transmits, except as permitted or required by the Agreement or as otherwise required by law or authorized in writing by EMS Agency, and then only if such use or disclosure would not violate the Privacy Rule if used or disclosed by EMS Agency. Business Associate shall comply with: (a) the HIPAA Rules as if Business Associate were a Covered Provider under such rules; (b) State state laws, rules and regulations that apply to PHI and that are not preempted by the HIPAA Rules or the Employee Retirement Income Security Act of 1974 ("ERISA") as amended; and (c) EMS Agency's Health Information Privacy and Security Policies and Procedures.