2. A counterparty may authorize a counterparty that is a subcontractor to produce, receive, maintain or transmit electronically protected health information on its behalf only if the counterparty receives satisfactory assurances, in accordance with paragraph 164.314(a), that the processor adequately protects the information” 2.2. The counterparty undertakes to take and use appropriate administrative, physical and technical security measures to (a) prevent the use or disclosure of the PHI; (b) adequately protect the confidentiality, integrity and availability of the ePHI that the counterparty creates, receives, maintains or transfers on behalf of the covered entity. Such security measures shall include a written information security directive, a security incident response plan, regular security awareness training, and confidentiality/confidentiality agreements with subcontractors and independent consultants with whom the counterparty has delegated tasks under this BAA. [Parties may wish to add additional details as to how the counterparty responds to an access request that the counterparty receives directly from the person (e.g. B whether and to what extent a counterparty is to provide the requested access or if the counterparty forwards the person`s request to the entity concerned to satisfy it) and the timetable within which the counterparty is to provide the information to the covered entity.] (a) counterparties. “counterparty” generally has the same meaning as the term “counterparty” in 45 CFR 160.103 and means in relation to the party to this Agreement [insert counterparty name]. Counterparty Agreement Part i – Preamble a. Date of entry into force: the date of entry into force of this counterparty agreement (agreement) is. b. Parties: The parties to this Agreement are , (covered entity) and hcc life insurance company (h) to the extent that the counterparty must fulfill one or more of the obligations of the covered enterprise pursuant to Subsection E of 45 CFR Part 164, to meet the requirements of Subsection E that apply to the covered entity in compliance with that obligation(s); and it is only an exemplary language, and the use of these examples is not necessary to comply with HIPC rules. The language may be changed to more accurately reflect the commercial agreements between a covered entity and a counterparty or counterparty and a subcontractor.
In addition, those provisions, or other similar provisions, may be included in a service provision agreement between a covered enterprise and a counterparty or counterparty or subcontractor, or may be included in a separate counterparty agreement. . . .