Browse
Search
2013-426 Attorney - Setoff Clearinghouse - Legal Subscription
OrangeCountyNC
>
Board of County Commissioners
>
Contracts and Agreements
>
General Contracts and Agreements
>
2010's
>
2013
>
2013-426 Attorney - Setoff Clearinghouse - Legal Subscription
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
11/4/2013 4:03:03 PM
Creation date
11/4/2013 4:03:02 PM
Metadata
Fields
Template:
BOCC
Date
11/4/1996
Meeting Type
Work Session
Document Type
Contract
Agenda Item
Mgr Signed
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
7
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
1. not, directly or indirectly, receive remuneration in exchange for PHI unless Business Associate <br /> or Covered Entity has obtained an authorization from the subject individual(s)that complies with <br /> all applicable requirements or unless an exception specified in Section 45 C.F.R. <br /> 164.502(a)(5)(ii)(B)(2)applies. <br /> m. to the extent Business Associate is to carry out any of Covered Entity's obligations under the <br /> Privacy Rule, comply with the requirements of the Privacy Rule applicable to Covered Entity in <br /> the performance of such obligations. <br /> 3.2 Permitted Uses and Disclosures of PHI by Business Associate. Except as otherwise specified in <br /> this Agreement, Business Associate may make any and all uses and disclosures of PHI necessary <br /> to perform its obligations under the Underlying Contracts. Unless otherwise limited by this <br /> Agreement, Business Associate may also: (a) use the PHI in its possession for its proper <br /> management and administration or to carry out the legal responsibilities of Business Associate; <br /> (b) disclose the PHI in its possession to a third party for the purpose of Business Associate's <br /> proper management and administration or to carry out the legal responsibilities of Business <br /> Associate, provided that the disclosures are Required by Law or that Business Associate has <br /> obtained reasonable assurances from the third party to whom PHI is to be disclosed that the PHI <br /> will be held confidentially and used and further disclosed only as Required by Law or for the <br /> purposes it was disclosed to the third party, and the third party has agreed to notify Business <br /> Associate of any instances of which it becomes aware in which the confidentiality of the <br /> information has been breached; (c)provide Data Aggregation services relating to the Health Care <br /> Operations of the Covered Entity as permitted by the Privacy Rule; and(d)de-identify the PHI in <br /> accordance with the de-identification standards set forth in 45 C.F.R. § 165.514 and use and <br /> disclose such de-identified information on Business Associate's own behalf. Business Associate <br /> may only use and disclose PHI as described above if such use and disclosure is in compliance <br /> with 45 C.F.R. 164.504(e). <br /> 3.3 Obligations of Covered Entity. Covered Entity agrees to notify Business Associate of any <br /> restrictions on uses and disclosures of PHI to which Covered Entity agrees that will impact in <br /> any manner the use and/or disclosure of that PHI by Business Associate under this Agreement. <br /> Covered Entity agrees to notify Business Associate of any changes in, or revocation of, <br /> permission by an Individual to use or disclose PHI that will impact in any manner the use and/or <br /> disclosure of that PHI by Business Associate under this Agreement. Covered Entity agrees to <br /> notify Business Associate of any changes in its Notice of Privacy Practices that will impact in <br /> any manner the use and/or disclosure of PHI by Business Associate under this Agreement. <br /> 3.4 Breach of Unsecured Protected Health Information. Business Associate shall report to Covered <br /> Entity in writing a Breach of Unsecured PHI within ten (10) days of the first day the Breach is <br /> known, or reasonably should have been known, to Business Associate. The written notice shall <br /> include, to the extent possible, the identification of each individual whose Unsecured PHI was, <br /> or is reasonably believed to have been, subject to the Breach and the circumstances of the <br /> Breach, as both are known to Business Associate at that time. To the extent possible, the <br /> description of the circumstances of the Breach shall include: (1) a brief description of what <br /> happened, including the date of the Breach and the date of the discovery of the Breach; (2) a <br /> description of the types of Unsecured PHI that were involved in the Breach; and (3) a brief <br /> description of what Business Associate is doing to investigate the Breach, to mitigate harm to <br /> individuals,and to protect against any further Breaches. Following the written notice to Covered <br /> Entity, Business Associate shall conduct such further investigation and analysis as is reasonably <br /> required, and shall promptly advise Covered Entity of additional information pertinent to the <br /> 3 <br />
The URL can be used to link to this page
Your browser does not support the video tag.