Browse
Search
2011-415 Health- State of NC Health Dept contract extention
OrangeCountyNC
>
Board of County Commissioners
>
Contracts and Agreements
>
General Contracts and Agreements
>
2010's
>
2011
>
2011-415 Health- State of NC Health Dept contract extention
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
11/21/2016 10:48:41 AM
Creation date
6/26/2012 4:11:03 PM
Metadata
Fields
Template:
BOCC
Date
8/23/2011
Meeting Type
Regular Meeting
Document Type
Agreement
Agenda Item
5l
Document Relationships
2012-079 Health - NC State $508,303
(Linked To)
Path:
\Board of County Commissioners\Contracts and Agreements\Contract Routing Sheets\Routing Sheets\2012
Agenda - 08-23-2011 - 5l
(Linked To)
Path:
\Board of County Commissioners\BOCC Agendas\2010's\2011\Agenda - 08-23-2011
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
27
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
Consolidated Agreement-FY13 Page 20 of 22 • <br /> AMENDMENT TO THE NORTH CAROLINA DEPARTMENT OF HEALTH AND HUMAN <br /> SERVICES BUSINESS ASSOCIATE ADDENDUM TO CONSOLIDATED AGREEMENT <br /> This document amends North Carolina Department of Health and Human Services Business Associate <br /> Addendum to the Consolid ted Agreement. This aamendment is made effective the 1"day of July, 2012, <br /> by and between tftnA,-=ta "ea."t� : (name of Local Health Department or"Covered <br /> Entity")and the Division of Public Health("Business Associate") (collectively the"Parties") for the <br /> purpose of specifying the breach reporting and notification requirements following an unauthorized <br /> disclosure of unsecured Protected Health Information(PHI). <br /> I. DEFINITIONS: <br /> The terms defined below shall have the following meaning in this Amendment: <br /> a. "Breach"means the acquisition, access,use, or disclosure of PHI in a manner not permitted <br /> under the HIPAA Privacy Rule which compromises the security or privacy of the PHI. For the <br /> purpose of this definition, "compromises the security or privacy of the PHI"means poses a <br /> significant risk of financial,reputational, or other harm to the individual. A use or disclosure <br /> of PHI that does not include the identifiers listed at § 164.514(e)(2), limited data set, date of <br /> birth, and zip code does not compromise the security or privacy of the PHI. <br /> Breach excludes: <br /> • Any unintentional acquisition, access or use of PHI by a workforce member or person <br /> acting under the authority of a Covered Entity(CE) or Business Associate(BA)if such <br /> acquisition, access, or use was made in good faith and within the scope of authority and <br /> does not result in further use or disclosure in a manner not permitted under the HIPAA <br /> Privacy Rule. <br /> • Any inadvertent disclosure by a person who is authorized to access PHI at a CE or BA to <br /> another person authorized to access PHI at the same CE or BA, or organized health care <br /> arrangement in which the CE participates, and the information received as a result of such <br /> disclosure is not further used or disclosed in a manner not permitted under the HIPAA <br /> Privacy Rule; or <br /> • A disclosure of PHI where a CE or BA has a good faith belief that an unauthorized person <br /> to whom the disclosure was made could not have expected to use or further disclose that <br /> information. <br /> b. "HITECH Act"means the"Health Information Technology for Economic and Clinical Health <br /> ("HITECH")Act,Title XIII of Division A of the American Recovery and Reinvestment Act of <br /> 2009 (P.L. 111-5). <br /> c. "Security breach"means an incident of unauthorized access to and acquisition of unencrypted and <br /> un-redacted records or data containing personal information where illegal use of the personal <br /> information has occurred or is reasonably likely to occur or that creates a material risk of harm to a <br /> consumer. Any incident of unauthorized access to and acquisition of encrypted records or data <br />
The URL can be used to link to this page
Your browser does not support the video tag.