OAR 943-014-0430
Authority Obligations

(1)

To the extent that a business associate’s use or disclosure of protected health information and electronic protected health information may be affected, the Authority shall notify business associate of:

(a)

Limitations in its notice of privacy practices in accordance with 45 CFR 164.520. The Authority may satisfy this obligation by providing business associate with the Authority’s most current Notices of Privacy Practices.

(b)

Changes in, or revocation of, permission by an individual to use or disclose protected health information or electronic protected health information.

(c)

Restrictions to the use or disclosure of protected health information or electronic protected health information that the Authority has agreed to in accordance with 45 CFR 164.522.

(2)

The Authority may not request that a business associate use or disclose protected health information or electronic protected health information in any manner that is not permissible under the Privacy Rule or Security Rule if done by the Authority, except as permitted by OAR 943-014-0420 (Uses and Disclosures of Protected Health Information by Business Associate).

Source: Rule 943-014-0430 — Authority Obligations, https://secure.sos.state.or.us/oard/view.action?ruleNumber=943-014-0430.

943–014–0000
Definitions 943–014–0010
Purpose 943–014–0015
Covered Entity Status for Purposes of the HIPAA Privacy Rules 943–014–0020
Uses and Disclosures of Client or Participant Protected Information 943–014–0030
Client Privacy Rights 943–014–0040
Minimum Necessary Standards 943–014–0060
Uses and Disclosures of Protected Information for Research Purposes 943–014–0070
De-identification of Client Information and Use of Limited Data Sets under Data Use Agreements 943–014–0200
Confidentiality and Inadmissibility of Mediation Communications 943–014–0205
Confidentiality and Inadmissibility of Workplace Interpersonal Dispute Mediation Communications 943–014–0300
Scope 943–014–0305
Definitions 943–014–0310
Information Access 943–014–0315
Security Information Assets 943–014–0320
User Responsibility 943–014–0400
Purpose 943–014–0410
Definitions 943–014–0415
General Business Associate Requirements 943–014–0420
Uses and Disclosures of Protected Health Information by Business Associate 943–014–0430
Authority Obligations 943–014–0435
Contractor Security Requirements 943–014–0440
Breach 943–014–0445
Violations 943–014–0450
Termination of Contract 943–014–0455
Order of Precedence 943–014–0460
Authority Compliance Methods 943–014–0465
Standards in Individual Contracts

Last Updated

Jun. 8, 2021

Rule 943-014-0430’s source at or.us

Stay Connected

Join thousands of people who receive monthly site updates.

Get Legal Help

The Oregon State Bar runs a service for finding an attorney in good standing. Initial consultations are usually free or discounted: Lawyer Referral Service

Committed to Public Service

We will always provide free access to the current law. In addition, we provide special support for non-profit, educational, and government users. Through social entrepreneurship, we’re lowering the cost of legal services and increasing citizen access.

Navigate

California:	Codes
Colorado:	C.R.S.
Nevada:	NRS
New York:	Laws
Oregon:	OAR, ORS
Texas:	Statutes
World:	Rome Statute, International Dictionary

Location: https://oregon.public.law/rules/oar_943-014-0430

Original Source: Rule 943-014-0430 — Authority Obligations, https://secure.sos.state.or.us/oard/view.action?ruleNumber=943-014-0430 (last accessed Jun. 8, 2021).