Laserfiche WebLink
Page 14 of 16 <br />j. Business Associate agrees to provide PHI in the possession or control of Business Associate to <br />appropriate Individuals in order to respond to requests for an accounting of disclosures of PHI <br />pursuant to the requirements of 45 CFR §164.528. <br /> <br />k. Business Associate agrees to promptly notify Covered Entity if there is a Breach of unsecure PHI <br />pursuant to the requirements of 45 CFR §164.410, in which case Business Associate act in good <br />faith to assist Covered Entity in responding to such Breach, provided that under all circumstances <br />Covered Entity shall be responsible for reporting as required by 45 CFR §164.408. <br /> <br />l. Business Associate agrees it will not Use or Disclose genetic information for underwriting <br />purposes in violation of the HIPAA Rules. <br /> <br />m. Business Associate agrees not to receive remuneration, directly or indirectly, in exchange for any <br />PHI unless the Covered Entity or Business Associate previously obtained from the individual a <br />valid authorization in accordance with 45 C.F.R. 164.508, except as otherwise allowed under the <br />HITECH Act. <br /> <br />III. OBLIGATIONS OF THE COVERED ENTITY <br /> <br />Covered Entity shall comply with the following obligations with respect to Business Associate: <br /> <br />a. Inform Business Associate of its privacy practices and any agreed restrictions on PHI as follows: <br /> <br />i. Covered Entity shall advise Business Associate of any limitations in the Notice of <br />Privacy Practices that Covered Entity produces in accordance with 45 CFR §164.520. <br /> <br />ii. Covered Entity shall notify Business Associate of any changes in, or revocation of, <br />permission by an Individual to Use or Disclose PHI, to the extent that such changes <br />affect Business Associate's Use or Disclosure of PHI. <br /> <br />iii. Covered Entity shall notify Business Associate of any restrictions on Use or <br />Disclosure of PHI that Covered Entity has agreed to in accordance with 45 CFR <br />§164.522, to the extent that such restrictions may affect Business Associate's Use or <br />Disclosure of PHI. <br /> <br />b. Covered Entity shall not request Business Associate to Use or Disclose PHI in any manner that <br />would violate the Privacy Rule. <br /> <br />c. Covered Entity shall comply with this Agreement and the HIPAA Rules including the execution <br />of policies and procedures, security implementations, a plan amendment, training, and security <br />risk assessments. <br /> <br /> <br />IV. TERM AND TERMINATION <br /> <br />a. Term. This Agreement shall be effective as of the date stated above and shall terminate when all <br />PHI pertaining to Covered Entity which Business Associate maintains is destroyed or returned to <br />Covered Entity, unless otherwise terminated under Subsection (b) below. <br /> <br />b. Termination for Cause. If Covered Entity or Business Associate learns of a material breach by the <br />other party, it shall: (1) provide a reasonable opportunity for the party to cure the breach or end