Licensee Designated Security Officer Agreement

ROLE OF LICENSEE DESIGNATED SECURITY OFFICER

Licensee is required to designate one Licensee Authorized User as a security officer (the "Licensee Designated Security Officer") and to ensure that the Licensee Designated Security Officer complies with his or her obligations under this Agreement. The Licensee Designated Security Officer serves as Licensee's primary contact with Company regarding security issues. Company's Security Officer oversees Company's information security program and serves as the primary contact for requests pertaining to Service security from Licensee Designated Security Officers.

Licensee represents and warrants that its Licensee Designated Security Officer is knowledgeable concerning the statutory and regulatory requirements applicable to Licensee and the electronic storage and transmission of patient information within and from Licensee, including HIPAA and any state medical privacy mandates. Licensee Designated Security Officer is responsible for remaining actively informed of developments concerning these legal requirements and will identify security services, products and solutions to ensure Licensee adheres to legal requirements related to information privacy and security.

Licensee Designated Security Officer responsibilities include the following:

  • Ensuring that every Licensee Authorized User will have his or her own unique password.
  • Ensuring that these unique passwords are not shared with anyone, even among Licensee Authorized Users.
  • Regenerating a user password, if a Licensee Authorized User forgets his or her password and challenge and response answers and needs it to be regenerated.
  • Regenerating a user password, if a Licensee Authorized User's username or password has been shared or otherwise compromised.
  • Adding or terminating the access of any Licensee Authorized Users to the Services.
  • Managing the access of any Licensee Authorized Users to the Services by granting or denying access to specific functions of the Services.
  • Maintaining tax IDs and provider IDs within the Services, if authorized by Licensee to do so.
  • Ensuring that information accessed via the Services is only used for legitimate business purposes.
  • Setting the amount of time before the Services automatically log off inactive sessions.

If you have any questions regarding this Agreement, please call NaviNet Customer Support at 1-888-482-8057.

This text is part of the NaviNet Use Agreement.