Use and Disclosure of Protected Health Information Clause Samples

Use and Disclosure of Protected Health Information. 3.1 Business Associate will not use or further disclose PHI other than as permitted or required by this Contract and the Service Agreement or as required by law. 3.2 Business Associate may use or disclose PHI to perform the Services, provided that such use or disclosures would not violate HIPAA if done by the Plan Sponsor or the minimum necessary policies and procedures of the Plan Sponsor required by 45 C.F.R. §164.514(d). 3.3 Business Associate may use and disclose PHI only to the minimum extent necessary to perform its obligations under this Contract and the Service Agreement. 3.4 Except as otherwise limited in this Contract, Business Associate may use PHI for the proper management and administration of Business Associate or to carry out legal responsibilities of the Business Associate. 3.5 Except as otherwise limited in this Contract, Business Associate may disclose PHI for the proper management and adminis- tration of Business Associate, provided that disclosures are Required by Law, or Business Associate obtains reasonable assurances from the person to whom the PHI is disclosed that it will remain confidential and used or further disclosed only as Required by Law or for the purposes for which it was disclosed to the person, and the person notifies Business Associate of any instances of which it is aware in which the confidentiality of the PHI has been breached. 3.6 If a use or disclosure occurs in violation of this Contract or the Service Agreement, Business Associate shall mitigate, to the extent practicable, any harmful effect of the use or disclosure reasonably known to Business Associate. 3.7 Business Associate shall report to Plan Sponsor any “Security Incident” as defined in 45 CFR 164.304 of which Business Associate becomes aware that may reasonably have compromised the security of plan member PHI. For purposes of this Contract, the parties agree that inconsequential Security Incidents, such as scans and pings that occur on a regular basis and that are unsuccessful in penetrating Business Associate’s computer networks or servicers need not be reported as described above. Instead, Business Associate shall, upon request from Plan Sponsor, report the occurrence of inconsequential Security Incidents in aggregate over a specified reporting period. Notwithstanding the foregoing, if Business Associate detects a sus- picious pattern of inconsequential Security Incidents, Business Associate will promptly report same to Plan Sponsor. 3.8 Business Associ...

Use and Disclosure of Protected Health Information. The Vendor shall not use or disclose protected health information other than as permitted by this Contract or by federal and state law. The Vendor will use appropriate safeguards to prevent the use or disclosure of protected health information for any purpose not in conformity with this Contract and federal and state law. The Vendor will implement administrative, physical, and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability of electronic protected health information the Vendor creates, receives, maintains, or transmits on behalf of the Agency.

Use and Disclosure of Protected Health Information. Business Associate may use and disclose Protected Health Information as permitted or required under this BA Agreement, the Service Agreement, and as Required by Law, but Business Associate shall not otherwise use or disclose any Protected Health Information. Business Associate shall not use or disclose Protected Health Information received from Covered Entity in any manner that would constitute a violation of the HIPAA Rules if so used or disclosed by Covered Entity. To the extent Business Associate carries out any of Covered Entity’s obligations under HIPAA, Business Associate shall comply with the requirements of HIPAA that apply to Covered Entity in the performance of such obligations. Without limiting the generality of the foregoing, Business Associate is permitted to use or disclose Protected Health Information as set forth below: (a) Business Associate may use Protected Health Information internally for Business Associate’s proper management and administrative services or to carry out its legal responsibilities. (b) Business Associate may disclose Protected Health Information to a third-party for Business Associate’s proper management and administration, provided that: (i) the disclosure is Required by Law; (ii) Business Associate makes the disclosure pursuant to an agreement consistent with Section 6 of this BA Agreement; or (iii) Business Associate makes the disclosure pursuant to a written confidentiality agreement under which the third-party is required to: (A) protect the confidentiality of the Protected Health Information; (B) only use or further disclose the Protected Health Information as Required by Law or for the purpose for which it was disclosed to the third-party; and (C) notify Covered Entity of any acquisition, access, use, or disclosure of Protected Health Information in a manner not permitted by the confidentiality agreement. (c) Business Associate may use Protected Health Information to provide Data Aggregation services relating to the Health Care Operations of Covered Entity if required or permitted under the Service Agreement. (d) Business Associate may de-identify any and all Protected Health Information obtained by Business Associate under this BA Agreement or the Service Agreement at any location, and use such de-identified data, all in accordance with the de-identification requirements of the Privacy Rule.

Use and Disclosure of Protected Health Information. Except as otherwise provided in this Addendum, Business Associate, may use or disclose protected health information only to perform program functions, activities or services in connection with the program for which services are provided by the Contractor under the Agreement, provided that such use or disclosure does not violate the Health Insurance Portability and Accountability Act (HIPAA), (U.S.C. et seq.), and its implementing regulations including but not limited to 45 Code of Federal Regulations parts 142, 160, 162, and 164, hereinafter referred to as the Privacy Rule. The uses and disclosures of PHI may not exceed the limitations applicable to the Contractor under the regulations except as authorized for management, administrative or legal responsibilities of the Business Associate.

Use and Disclosure of Protected Health Information. CONTRACTOR shall not use or disclose PHI in any manner that would constitute a breach of this Agreement or a violation of any applicable local, state or federal laws, regulations or standards.

Use and Disclosure of Protected Health Information. Vendor shall use and/or disclose Protected Health Information ("PHl") only to the extent necessary to satisfy Vendor's obligations under the Agreement.

Use and Disclosure of Protected Health Information. Except as otherwise provided in this BAA, the Business Associate may use or disclose Protected Health Information (“PHI”) to perform functions, activities or services for or on behalf of the Covered Entity as specified in the Agreement, provided that such use or disclosure would not violate HIPAA and its implementing regulations if done by the Covered Entity. The Business Associate may use and disclose the minimum necessary PHI for its proper management, administrative, and legal responsibilities as follows: A. The Business Associate may use the minimum necessary PHI for the Business Associate’s proper management and administration, or to carry out Business Associate’s legal responsibilities. B. The Business Associate may disclose the minimum necessary PHI for the Business Associate’s proper management and administration, or to carry out the Business Associate’s legal responsibilities only if: (1) The disclosure is required by law; or (2) The Business Associate obtains reasonable assurances, evidenced in writing, from the person to whom the PHI is being disclosed that the PHI will be held confidentially and used or further disclosed only as required by law or for the purpose for which it was disclosed to the person; and (3) The person promptly notifies the Business Associate (who will in turn promptly notify the Covered Entity) of any instances of which it is aware in which the confidentiality of the PHI has been breached.

Use and Disclosure of Protected Health Information. The Vendor shall comply with the provisions of 45 CFR 164.504(e)(2)(ii). The Vendor shall not use or disclose protected health information other than as permitted by this Contract or by federal and state law. The sale of protected health information or any components thereof is prohibited except as provided in 45 CFR 164.502(a)(5). The Vendor will use appropriate safeguards to prevent the use or disclosure of protected health information for any purpose not in conformity with this Contract and federal and state law. The Vendor will implement administrative, physical, and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability of electronic protected health information the Vendor creates, receives, maintains, or transmits on behalf of the Agency.

Use and Disclosure of Protected Health Information. We use and disclose the minimum necessary health information about you for your treatment, for payment for your services, and for The Family Institute’s health care operations.