Finally, failure to comply with the requirements of an agreement by a counterparty/subcontractor could have significant consequences: e) This BAA represents the entire agreement between the parties that is related to the purpose of the PRESENT AA. This AAD replaces all pre-negotiations, discussions, presentations or proposals, both oral and written. This BAA can only be amended if it is written and signed by a duly accredited representative of both parties. If a provision of this BAA or part of it is found to be invalid, the other provisions remain in force. Once companies, business partners and covered business partners have identified their relationship, it is important to ensure that third parties protect the POs they receive. A signed agreement proves that the BA knows that they must manage THE PHI. (d) Business Associate undertakes to report to the insured unit any violation of unsecured PHI that is not provided for by the BAA and of which it is aware within ten (10) working days following the “discovery” within the meaning of the HITECH Act. This notification includes the identification of anyone whose unsecured PHI has been accessed, accessed, acquired or disclosed by Business Associate in connection with such a breach. In addition, Business Associate provides all additional information that is reasonably requested by the insured unit to investigate the violation and any other available information that the unit concerned must provide to the person at 45 C.F.R. 164.404 (c) at the time of notification or soon after, if the information is delayed. The notification to the consideration of an unsecured PPH violation in accordance with this section is consistent with all applicable provisions of Section 13400 of ARRA`s subtitle D (data protection), HIPAA rules and related guidelines, which are published from time to time by the Secretary`s Secretary or Secretary`s Delegate. The ADDENDUM OF ASSOCIATIVE SUPPORT BUSINESS (“Addendum”) is part of the terms of information sharing between InterSystems Corporation, Massachusetts Corporation, headquartered at 1 Memorial Drive, Cambridge, MA 02142 USA (“InterSystems”) and the supported account that is defined here and which, if applicable, is part of a licensing, support or partnership agreement (“agreement”).
Supported account, end-users, application partners, implementation partners, solution partners, system integrator or any party with which InterSystems interacts in relation to the need for the party to disclose to InterSystems protected health information, as defined below, that comply with the conditions for information sharing. InterSystems and assistance account are parties to this addendum (each “one party,” a total of “parties”). Given the alliances and promises and other good and valuable considerations that the parties hereafter acknowledge, the parties agree to: 2.8. After the counterparty discovers an unsecured PHI breach (a “data breach”) by the counterparty or its subcontractors, Business Associate undertakes to notify the account assisted of this breach immediately and within five (5) business days after the counterparty has found a data breach. This communication includes, if applicable, the identity of any person whose unsecured PHI has been accessed, acquired, used or disclosed by Business Associate at the time of the data breach or is reasonably accepted. At the time of notification or timely availability of this information, the counterparty also makes available to the account supported the other information available necessary for the account taken care of to inform a person of the violation, as provided by 45 CFR no 164.404 (c).