Security Rule Requirements Clause Samples

Security Rule Requirements. Business Associate agrees, to the extent any Protected Health Information created, received, maintained or transmitted by or in electronic media, also referred to as electronic protected health care information, as defined by 45 CFR § 160.103, that it will only create, maintain or transmit such information with appropriate safeguards in place. Business Associate shall therefore: implement administrative, physical, and technical safeguards that reasonably and appropriately protect the confidentiality, integrity and availability of the electronic protected health care information; ensure that any agent, including Subcontractors, to whom it provides such information shall agree to also implement reasonable and appropriate safeguards to protect the information; and report to the Covered Entity any Security Incident, as that term is defined by 45 CFR § 164.304, of which it becomes aware.
View SourceView Similar (3)
Security Rule Requirements. Business Associate shall implement Administrative, Physical, and Technical Safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability of Electronic PHI that it creates, receives, maintains, or transmits on behalf of the Covered Entity as required by the Security Rule. Additionally, Business Associate shall comply with the security and privacy requirements described in the attached Data Use, Security and Confidentiality Addendum and the Security & Privacy Addendum. Not more than once per calendar year, Business Associate shall within ten (10) days after request from Covered Entity truthfully complete and duly execute the Annual Attestation that is attached hereto or, alternatively, notify Covered Entity in writing of any facts or events that would render untrue any statement within the Annual Attestation. Business Associate shall document policies and procedures that implement the foregoing requirements and shall, upon request, provide them to Covered Entity, who may further disclose them to any governmental entity with regulatory oversight over Covered Entity. Business Associate agrees to report to Covered Entity any use or disclosure of PHI not provided for by this Agreement or the HIPAA Authorities of which it becomes aware, including any Incident. Accordingly, as also provided in the Report of Improper Use or Disclosure section of this Agreement, Business Associate agrees to report any Incident of which it becomes aware to Covered Entity immediately, but not later than one business day from the day of discovery of the Incident. All reports required of the Business Associate pursuant to this Section shall be provided as specified in the Report of Improper Use or Disclosure section of this Agreement, including the actions and the mitigation steps, if any, taken by Business Associate in response to the Incident(s). Compliance with HIPAA Authorities. Requirements of the HIPAA Authorities that are made applicable with respect to business associates, or any other provision required to be included in this Agreement pursuant to the HIPAA Authorities, are incorporated into this Agreement by this reference.
View SourceView Similar (2)
Security Rule Requirements. To the extent that Business Associate creates, receives, maintains, or transmits electronic PHI, Business Associate shall also implement administrative, physical and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability of any electronic Protected Information that may be transmitted in conformity with the requirements of the Security Rule.
View Source
Security Rule Requirements. BUSINESS ASSOCIATE shall implement administrative, physical and technical safeguards that reasonably and appropriately protect the confidentiality, integrity and availability of the ePHI that it creates, receives, maintains or transmits on behalf of COVERED ENTITY in accordance with the Security Rule; and (ii) make its policies and procedures, and documentation required by the Security Rule relating to such safeguards available to the Secretary for purposes of determining COVERED ENTITY’s compliance with the Security Rule.
View Source
Security Rule Requirements. Practice Sense agrees to: A. Implement and document, as set forth in 45 C.F.R. § 164.316. Administrative Safeguards, Physical Safeguards and Technical Safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability of the electronic Protected Health Information that it receives, maintains, or transmits on behalf of the Covered Entity, as required by 46 C.F.R. Part 164, Subpart C, and specifically, but not exclusively, including the following; I. Ensure the confidentiality, integrity, and availability of all electronic Protected Health Information Practice Sense receives, maintains, or transmits on behalf of Covered Entity; II. Protect against any reasonably anticipated threats or hazards to the security or integrity of such information; III. Protect against any reasonably anticipated uses or disclosures of such information that are not permitted or required under the HIPAA Privacy Rule, HIPAA Security Rule; and IV. Ensure compliance with these sections by its workforce.
View Source

Related to Security Rule Requirements

  • Security Rule “Security Rule” shall mean the Standards for the Protection of Electronic Protected Health Information at 45 CFR Part 160 and Part 164, Subparts A and C.

  • DBE Requirements A. Notice is hereby given to the CONSULTANT and any SUB-CONSULTANT, and both agree, that failure to carry out the requirements set forth in 49 CFR Sec. 26.13(b) shall constitute a breach of this Contract and, after notification and failure to promptly cure such breach, may result in termination of this Contract or such remedy as INDOT deems appropriate. The referenced section requires the following assurance to be included in all subsequent contracts between the CONSULTANT and any SUB-CONSULTANT: The CONSULTANT, sub recipient or SUB-CONSULTANT shall not discriminate on the basis of race, color, national origin, or sex in the performance of this Contract. The CONSULTANT shall carry out applicable requirements of 49 CFR Part 26 in the award and administration of DOT-assisted contracts. Failure by the CONSULTANT to carry out these requirements is a material breach of this Contract, which may result in the termination of this Contract or such other remedy, as INDOT, as the recipient, deems appropriate. B. The CONSULTANT shall make good faith efforts to achieve the DBE percentage goal that may be included as part of this Contract with the approved DBE SUB-CONSULTANTS identified on its Affirmative Action Certification submitted with its Letter of Interest, or with approved amendments. Any changes to a DBE firm listed in the Affirmative Action Certification must be requested in writing and receive prior approval by the LPA and INDOT’s Economic Opportunity Division Director. After this Contract is completed and if a DBE SUB- CONSULTANT has performed services thereon, the CONSULTANT must complete, and return, a Disadvantaged Business Enterprise Utilization Affidavit (“DBE-3 Form”) to INDOT’s Economic Opportunity Division Director. The DBE-3 Form requires certification by the CONSULTANT AND DBE SUB-CONSULTANT that the committed contract amounts have been paid and received.

  • Interface Requirements 2.4.5.1 The NID shall be equal to or better than all of the requirements for NIDs set forth in the applicable industry standard technical references.

  • Security Requirements 7.1 The Authority will review the Contractor’s Security Plan when submitted by the Contractor in accordance with the Schedule (Security Requirements and Plan) and at least annually thereafter.

  • Vehicle Requirements The following shall be considered minimum Vehicle requirements. The Authorized User shall include supplemental required specifications for Vehicles specified in a Mini-Bid. Unless otherwise indicated, all items specified which are listed on the OEM Pricelist as standard or optional equipment shall be factory installed and operative. Vehicles delivered to an Authorized User in a condition considered to be below retail customer acceptance levels will not be accepted. Items which determine this acceptance level shall include, but not be limited to, the general appearance of the interior and exterior of the vehicle for completeness and quality of workmanship, lubrication and fluid levels, with any leaks corrected, mechanical operation of the vehicle and all electrical components operational. Product specified to be furnished and installed which is not available through the OEM shall conform to the standards known to that particular industry, both product and installation.