Browse
Search
2016-337-E Health - Pied. Health Services, Inc. - Komen Grant Data Support Services
OrangeCountyNC
>
Board of County Commissioners
>
Contracts and Agreements
>
General Contracts and Agreements
>
2010's
>
2016
>
2016-337-E Health - Pied. Health Services, Inc. - Komen Grant Data Support Services
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
8/9/2016 11:54:05 AM
Creation date
7/7/2016 8:18:40 AM
Metadata
Fields
Template:
BOCC
Date
7/6/2016
Meeting Type
Work Session
Document Type
Contract
Agenda Item
Manager signed
Amount
$2,304.00
Document Relationships
R 2016-337-E Health - Piedmont Health Services, Inc. for Komen Grant Data Support Services
(Linked To)
Path:
\Board of County Commissioners\Contracts and Agreements\Contract Routing Sheets\Routing Sheets\2016
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
14
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
DocuSign Envelope ID:61 B96AF0-9902-4072-B6B0-7716FB6AEOD3 <br /> noncompliance or Security Incident. Business Associate shall cooperate in Covered Entity's breach <br /> analysis and/or risk assessment, if requested. Furthermore, Business Associate shall cooperate with <br /> Covered Entity in the event that Covered Entity determines that any third parties must be notified of a <br /> Breach,provided that Business Associate shall not provide any such notification except at the direction of <br /> Covered Entity. <br /> (f) Breach Reporting. Business Associate shall report in writing to Covered Entity's Privacy <br /> Officer (see Exhibit A), any use or disclosure of Protected Health Information that is not in compliance <br /> with the terms of this Agreement, as well as any Security Incident and any actual or suspected Breach, of <br /> which it becomes aware, without unreasonable delay, and in no event later than forty-eight (48) hours of <br /> such discovery. For purposes of this Agreement, "Security Incident" means the attempted or successful <br /> unauthorized access, use, disclosure, modification, or destruction of information or interference with <br /> system operations in an information system. Such notification shall contain the elements required by 45 <br /> C.F.R. § 164.410. <br /> (g) Compliance. To the extent applicable, Business Associate will comply with (i) Covered <br /> Entity's Notice of Privacy Practices; (ii) any limitations to which Covered Entity has agreed in regard to <br /> an Individual's permission to use or disclose his or her Protected Health Information; and (iii) any <br /> restrictions to the use or disclosure of Protected Health Information to which Covered Entity has agreed <br /> or is required to agree. <br /> (h) Government Access. Business Associate will make its internal practices, books and <br /> records available to the Secretary of the Department of Health and Human Services for purposes of <br /> determining compliance with the terms of the HIPAA Security and Privacy Rule, and, at the request of <br /> the Secretary, will comply with any investigations and compliance reviews, permit access to information, <br /> and cooperate with any complaints, as Required by Law. Without unreasonable delay and, in any event, <br /> no more than 48 hours of receipt of the request or notification, Business Associate will notify Covered <br /> Entity in writing of any request by any governmental entity, or its designee, to review Business <br /> assessment of any kind. <br /> (i) Electronic Transactions. If Business Associate conducts any Standard Transactions for or <br /> on behalf of Covered Entity, Business Associate shall comply with the requirements under the Electronic <br /> Transaction Rule. <br /> (j) Audit. Business Associate shall permit Covered Entity, in its discretion, to conduct an <br /> audit of Business Associate's compliance with this Agreement, HIPAA, and HITECH. Such audit may <br /> consist of an onsite visit, a series of inquiries that require written responses, or both. Business Associate <br /> shall promptly and completely respond to Covered Entity's requests for infolination in support of the <br /> audit, which shall not be conducted more than once annually except in cases of an actual or reasonably <br /> suspected Security Incident or reasonably suspected noncompliance with this Agreement, HIPAA or <br /> HITECH. Each Party shall bear its own costs associated with the audit. <br /> (k) Identity Theft. Business Associate shall implement Identity Theft Monitoring Policies <br /> and Procedures to protect any patient information that may be breached by the Business Associate to the <br /> extent applicable under the Federal Trade Commission's Red Flag Rules. <br /> (1) HITECH Compliance. Business Associate shall: <br /> A. Not receive, directly or indirectly, any impermissible remuneration in exchange <br /> for Protected Health Information or Electronic Protected Health Information, <br /> except as permitted by HITECH § 13405(d) or the HIPPA Regulations; <br /> B. Comply with the marketing and other restrictions applicable to Business <br /> Associates contained in HITECH § 13406 and the HIPPA Regulations; <br /> 3 <br /> October 2013 <br />
The URL can be used to link to this page
Your browser does not support the video tag.