Browse
Search
Agenda - 03-20-2018 8-e - University of North Carolina Health Care System Electronic Medical Record System Access Agreement
OrangeCountyNC
>
Board of County Commissioners
>
BOCC Agendas
>
2010's
>
2018
>
Agenda - 03-20-2018 Regular Meeting
>
Agenda - 03-20-2018 8-e - University of North Carolina Health Care System Electronic Medical Record System Access Agreement
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
3/16/2018 3:07:25 PM
Creation date
3/16/2018 3:20:39 PM
Metadata
Fields
Template:
BOCC
Date
3/20/2018
Meeting Type
Regular Meeting
Document Type
Agenda
Agenda Item
8-e
Document Relationships
Agenda - 03-20-2018 Regular Meeting
(Message)
Path:
\Board of County Commissioners\BOCC Agendas\2010's\2018\Agenda - 03-20-2018 Regular Meeting
Minutes 03-20-2018
(Message)
Path:
\Board of County Commissioners\Minutes - Approved\2010's\2018
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
40
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
Exhibit C - 5 <br /> <br />complaints, as Required By Law. If permitted, without unreasonable delay and, in any event, no <br />more than 48 hours of receipt of the request or notification, Business Associate will notify <br />Covered Entity in writing of any request by any governmental entity, or its designee, to review <br />Business Associate’s compliance with law or this BAA, to pursue a complaint, or to conduct an <br />audit or assessment of any kind involving Protected Health Information received from Covered <br />Entity or created on Covered Entity’s behalf. <br /> <br /> (h) Business Associate shall report to Covered Entity (see Exhibit B) any use or <br />disclosure of Protected Health Information that is not in compliance with the terms of this <br />Agreement as well as any Breach of which it becomes aware, without unreasonable delay, and in <br />no event later than forty-eight (48) hours of such Discovery. Such notification shall contain the <br />elements required by 45 C.F.R. § 164.410. In addition, Business Associate agrees to mitigate, to <br />the extent practicable, any harmful effect that is known to Business Associate of a use or <br />disclosure of Protected Health Information by Business Associate in violation of the <br />requirements of this Agreement, as well as to reasonably cooperate with Covered Entity should <br />Covered Entity elect to review or investigate such noncompliance or Breach. Business Associate <br />shall reasonably cooperate in Covered Entity’s Breach analysis and/or risk assessment, if <br />requested. Furthermore, Business Associate shall reasonably cooperate with Covered Entity in <br />the event that Covered Entity determines that any third parties must be notified of a Breach, <br />provided that Business Associate shall not provide any such notification except at the direction <br />of Covered Entity. Business Associate shall indemnify and hold harmless Covered Entity for any <br />direct injury or damages arising from any noncompliance with this Agreement or any Breach <br />attributable to the negligence of Business Associate, including the failure to execute the terms of <br />this Agreement. <br /> <br />(i) Business Associate shall permit Covered Entity, after providing ten (10) business days’ <br />written notice, to conduct an audit of Business Associate’s compliance with this BAA and the <br />HIPAA Rules, provided that such audit does not unreasonably interfere with Business <br />Associate’s operations. Such audit may consist of an onsite visit, a series of inquiries that <br />require written responses, or both. Business Associate shall promptly and completely respond to <br />Covered Entity’s reasonable requests for information in support of the audit, which shall not be <br />conducted more than once annually except in cases of an actual Breach or noncompliance with <br />this BAA or the HIPAA Rules. Each Party shall bear its own costs associated with the audit. <br /> <br />IV. AVAILABILITY OF PHI <br /> <br /> (a) Business Associate agrees to make available within ten (10) days of a request by <br />Covered Entity Protected Health Information in a Designated Record Set to Covered Entity to <br />the extent and in the manner required by 45 C.F.R. § 164.524. <br /> <br /> (b) Business Associate agrees to make available Protected Health Information in a <br />Designated Record Set for amendment and to incorporate any amendments to Protected Health <br />36
The URL can be used to link to this page
Your browser does not support the video tag.