Browse
Search
2012-417 EMS - EMS Management & Consultants for Update Business Associate Agreement in ref to HIPAA
OrangeCountyNC
>
Board of County Commissioners
>
Contracts and Agreements
>
General Contracts and Agreements
>
2010's
>
2012
>
2012-417 EMS - EMS Management & Consultants for Update Business Associate Agreement in ref to HIPAA
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
1/8/2013 3:32:21 PM
Creation date
1/8/2013 3:32:18 PM
Metadata
Fields
Template:
BOCC
Date
1/4/2013
Meeting Type
Work Session
Document Type
Agreement
Agenda Item
Manager Signed
Document Relationships
2012-417 S EMS - EMS Management & Consultants for Update Business Associate Agreement in ref to HIPAA
(Linked From)
Path:
\Board of County Commissioners\Contracts and Agreements\Contract Routing Sheets\Routing Sheets\2012
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
11
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
address,account number, diagnosis, disability code, or other types of information were involved; <br /> 4. any steps individuals should take to protect themselves from potential harm <br /> resulting from the Breach; <br /> 5. a brief description of what Business Associate is doing to investigate the Breach, <br /> to mitigate harm to individuals,and to protect against any further Breaches; and <br /> 6. contact procedures for individuals to ask questions or learn additional <br /> information, which shall include a toll-free telephone number, an e-mail address, Web site, or <br /> postal address. <br /> e. Business Associate shall provide the information specified in Section IVA., above, to <br /> Covered Entity at the time of the Breach notification if possible or promptly thereafter as information <br /> becomes available, Business Associate shall not delay notification to Covered Entity that a Breach has <br /> occurred in order to collect the information described in Section IV A. and shall provide such information <br /> to Covered Entity even if the information becomes available after the forty-five (45)-day period provided <br /> for initial Breach notification. <br /> V. WARRANTIES OF BUSINESS ASSOCIATE <br /> Business Associate warrants: <br /> a. That its internal practices, policies, and records relating to the use and disclosure of <br /> Protected Health Information will comply with the HIPAA Privacy and Security Rules; and <br /> b. That it will train all of its employees, agents, representatives, and subcontractors on the <br /> network access and other security practices, procedures and/or policies established by Covered Entity <br /> including, without limitation, those established pursuant to the HIPAA Privacy and Security Rules and <br /> the Red Flag Rules prior to permitting such employees, agents, representatives, and subcontractors to be <br /> present at any Covered Entity facility and/or to access Covered Entity's computer network(s). <br /> VI. OBLIGATIONS OF COVERED ENTITY <br /> a. Upon request of Business Associate, Covered Entity shall provide Business Associate <br /> with the notice of privacy practices that Covered Entity produces in accordance with Section 164.520 of <br /> the HIPAA Privacy and Security Rules. <br /> b. Covered Entity shall provide Business Associate with any changes in, or revocation of, <br /> permission by an individual to use or disclose Protected Health Information, if such changes affect <br /> Business Associate's permitted or required uses and disclosures. <br /> C. Covered Entity shall notify Business Associate of any restriction to the use or disclosure <br /> of Protected Health Information to which Covered Entity has agreed in accordance with Section 164.522 <br /> of the HIPAA Privacy and Security Rules, and Covered Entity shall inform Business Associate of the <br /> termination of any such restriction, and the effect that such termination shall have, if any, upon Business <br /> Associate's use and disclosure of such Protected Health Information. <br /> VII. REQUIRED COMPLIANCE WITH RED FLAG RULES <br /> In the event that Business Associate is engaged to perform an activity in connection with any <br /> 7 <br />
The URL can be used to link to this page
Your browser does not support the video tag.