Laserfiche WebLink
meridian <br /> definitions of PII. PHI is defined as any information that is related to an individual's health record <br /> as defined by the Health Insurance Portability and Accountability Act(HIPAA). <br /> e. PHI/PII Processing - The parties shall comply, and warrant that they have complied, with <br /> implementing all applicable data protection and privacy laws and regulations in any relevant <br /> jurisdiction (together, the "Data Protection Laws"); and where, in connection with this Agreement, <br /> the Software is processing information related to PHI/PII on behalf of the CLIENT, MERIDIAN <br /> shall: <br /> i. Process the PHI/PII only on the written instructions of CLIENT; <br /> ii, Make all reasonable efforts to implement appropriate technical and organizational measures <br /> to protect those PHI/PII against accidental or unlawful destruction or accidental loss,alteration, <br /> unauthorized disclosure or access, in particular where the processing involves the <br /> transmission of data over a network, and against all other unlawful forms of processing; <br /> iii. Return or destroy all such personal data promptly upon the termination of this Agreement, or <br /> at any time during the term of this Agreement upon written instructions from CLIENT; <br /> iv. Not disclose PHI/PII to any person except as required or permitted by this Agreement or with <br /> CLIENT's written consent; <br /> V. Provide full cooperation and assistance to CLIENT in implementing any procedures required <br /> in order to comply with data privacy laws to which CLIENT is subject, as advised by CLIENT <br /> from time to time; <br /> vi. Not process PHI/PII except to the extent reasonably necessary to the performance of this <br /> Agreement; <br /> vii. Notify CLIENT immediately in the event of any breach of the security of such personal data, <br /> and cooperate with CLIENT in any post- breach investigation or remediation efforts; and <br /> viii. Notify CLIENT promptly in the event that MERIDIAN is required by law, court order, warrant, <br /> subpoena, or other legal or judicial process to disclose any PHI/PII to any person other than <br /> CLIENT. <br /> The CLIENT shall make all reasonable efforts to ensure that those Personal Data are accurate and <br /> up to date at all times, to the extent that it is within CLIENT's ability to do so. <br /> The Parties hereto agree, that the above warranties relating to PHI and PII are Meridian's sole <br /> responsibilities related to the processing and control of CLIENT PHI and PII. <br /> 7. European Union Clients <br /> In the event that CLIENT will access PII originating from a country in the European Economic Area <br /> ("EEK) or from a country outside the EEA, MERIDIAN shall,if requested by CLIENT,will comply with <br /> the applicable Privacy Law Legislation in coordination with the European Commission, relating to <br /> requirements of the European Union's Directive on Data Protection. CLIENT warrants that it has the <br /> consent of its employees, independent contractors or any other individual whose PII is being <br /> processed and/or transmitted within the Services and MERIDIAN shall have no liability should CLIENT <br /> not have received such consent. CLIENT will indemnify, defend and hold MERIDIAN harmless should <br />