My WebLink
|
Help
|
About
|
Sign Out
Home
2015_1130_CCpacket
Roseville
>
City Council
>
City Council Meeting Packets
>
2015
>
2015_1130_CCpacket
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
12/21/2015 3:05:31 PM
Creation date
11/25/2015 3:11:48 PM
Metadata
Jump to thumbnail
< previous set
next set >
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
244
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
(a) Must impose the same or greater restrictions, requirements and conditions <br />with respect to PHI as this BAA imposes on Business Associate; and <br />(b) Must require, with respect to Electronic PHI, that Subcontractor comply <br />with the applicable requirements of the Security Regulation. <br />2.4.2. Response required in case of Subcontractor breach. If Business Associate <br />knows of a pattern of activity or practice of its Subcontractor that is a material <br />breach or violation of its business associate agreement with Subcontractor, <br />Business Associate must take reasonable steps to cure the breach or end the <br />violation, and if not successful, must terminate the contract with Subcontractor, if <br />feasible. <br />2.5. As Required by Law. Business Associate may Use or Disclose PHI as Required by Law, <br />including but not limited to Business Associate's obligation to disclose PHI to Secretary <br />when requested for investigation or determination of Business Associate's compliance <br />with the Regulations. <br />2.6. Minimum necessary. Any Use or Disclosure of, or request for, PHI by Business <br />Associate must comply with the "minimum necessary" standard in <br />45 C.F.R. § 164.502(b). <br />2.7. De-identification of PHL Business Associate may create De-identified Information from <br />PHI. <br />2.8. Other Uses and Disclosures Prohibited. Any Use or Disclosure of PHI by the Business <br />Associate not expressly permitted or required by this BAA is prohibited. <br />3. RESPONSIBILITIES OF THE PARTIES WITH RESPECT TO <br />PROTECTED HEALTH INFORMATION <br />3.1. Responsibilities of Business Associate. The Business Associate has the following <br />responsibilities with regard to its creation, receipt, maintenance, Use, transmission or <br />Disclosure of PHI: <br />3.1.1. Establish and use safeguards. Business Associate must <br />(a) Establish and use appropriate safeguards to prevent the Use or Disclosure of <br />PHI in any manner or for any purpose not permitted by this BAA; and <br />(b) With regard to Electronic PHI, comply with the applicable provisions of the <br />Security Regulation. <br />3.1.2. Mitigate harm. Business Associate must establish and follow procedures for <br />mitigating harmful effects of Uses or Disclosures of PHI not permitted by the <br />Regulations or this BAA. <br />3.1.3. Access and inspection by the Secretary. Business Associate must make <br />available upon request all of its internal practices, records, books, agreements, <br />policies and procedures relating to the Use or Disclosure of PHI to the Secretary <br />for purpose of determining Covered Entity's compliance with the Regulations. <br />1032762-6 <br />17 <br />
The URL can be used to link to this page
Your browser does not support the video tag.