Laserfiche WebLink
extent that Business Associate will use or disclose PHI for Data Aggregation or management <br /> and administrative activities and legal responsibilities of Business Associate. <br /> 5, Security Restrictions on Business Associate. <br /> 5.1. General.Business Associate shall implement administrative,physical and technical safeguards <br /> that reasonably and appropriately protect the confidentiality, integrity and availability of the <br /> EPHI that Business Associate creates, receives, maintains, or transmits on behalf of Covered <br /> Entity as required by the HIPAA Security Regulations. <br /> 5.2. Agents; Subcontractors. Business Associate will ensure that any agent, including a <br /> subcontractor, to whom Business Associate provides EPHI, agrees to implement <br /> administrative, physical and technical safeguards that reasonably and appropriately protect the <br /> confidentiality, integrity,and availability of such EPHI. <br /> 5.3. Reporting of Security Incidents. Business Associate shall report to Covered Entity in writing <br /> without unreasonable delay, but not later than five (5) business days, any Security Incident <br /> affecting EPHI created, received, maintained, accessed or transmitted by Business Associate <br /> on behalf of Covered Entity, of which Business Associate becomes aware. <br /> 5.4. HIPAA Security Regulations Compliance.Business Associate agrees to comply with Sections <br /> 164.306, 164.308, 164.310, 164.312, and 164.316 of Title 45, Code of Federal Regulations <br /> with respect to all EPHI. <br /> 6. Term and Termination. <br /> 6.1. Term. This Agreement shall take effect on Effective Date, and shall terminate when all of the <br /> PHI disclosed to Business Associate by Covered Entity or created or received by Business <br /> Associate on behalf of Covered Entity, is destroyed according to applicable records retention <br /> guidelines or returned to Covered Entity, or, if it is infeasible to return or destroy PHI in <br /> accordance with applicable records retention guidelines, protections are extended to such <br /> information, in accordance with the termination provisions in this Section 6. <br /> 6.2. Termination for Cause. If Covered Entity determines that Business Associate has breached a <br /> material term of this Agreement, Covered Entity will provide written notice to Business <br /> Associate that sets forth Covered Entity's determination that Business Associate breached a <br /> material terms of this Agreement,and Covered Entity may: <br /> 6.2.1. Provide written notice to Business Associate that provides an opportunity for Business <br /> Associate to cure the breach or end the violation, as applicable. If Business Associate <br /> does not cure the breach or end the violation within the time specified by Covered <br /> Entity, then Covered Entity may immediately thereafter terminate this Agreement; or <br /> 6.2.2. Immediately terminate this Agreement if Business Associate has breached a material <br /> term of this Agreement and cure is not possible <br /> 6.2.3. If neither termination nor cure is feasible as provided in Section 6,2.1 and 6,2.2 of this <br /> Agreement,Covered Entity will report the violation to the Secretary. <br /> Page 6 of 9 <br />