Orange County NC Website
DocuSign Envelope ID: B368014E- 191B- 48DC- B144- E5DF6E9FA4E2 <br />BUSINESS ASSOCIATE AGREEMENT <br />This Business Associate Agreement ( "Agreement ") is made effective the 14t' day of August, <br />2018, by and between Orange County Government through its Orange County Health Department <br />( "Covered Entity "), and Randolph Kelly Faulk, Jr., DDS, ( "Business Associate "). Covered Entity and <br />Business Associate may be referred herein individually as a "Party" or collectively as the "Parties ". This <br />Agreement supersedes any previously executed Business Associate Agreement between the Parties. <br />WITNESSETH: <br />WHEREAS, Sections 261 through 264 of the federal Health Insurance Portability and <br />Accountability Act of 1996 ( "HIPAA "), Public Law 104 -191, as modified by the Health Information <br />Technology for Economic and Clinical Health Act ( "HITECH "), Public Law 111 -5, known as "the <br />Administrative Simplification provisions," direct the Department of Health and Human Services to <br />develop standards to protect the security, confidentiality and integrity of health information; and <br />WHEREAS, pursuant to the Administrative Simplification provisions, the Secretary of Health and <br />Human Services ( "Secretary ") has issued regulations modifying the Privacy, Security, Breach <br />Notification, and Enforcement Rules at 45 CFR Parts 160 and 164, as the same may be amended from <br />time to time (the " HIPAA Security and Privacy Rule "); and <br />WHEREAS, the Parties wish to enter into or have entered into an arrangement whereby Business <br />Associate will provide certain services to Covered Entity, and, pursuant to such arrangements, Business <br />Associate may be considered a "Business Associate" of Covered Entity as defined in the HIPAA Security <br />and Privacy Rule (the agreement evidencing such arrangement is detailed below and hereinafter referred <br />to as the "Service Agreement(s)"); and <br />WHEREAS, Business Associate may have access to Protected Health Information (as defined below) in <br />fulfilling its responsibilities under such arrangement; <br />THEREFORE, in consideration of the Parties' continuing obligations under the Service Agreement, <br />compliance with the HIPAA Security and Privacy Rule, and other good and valuable consideration, the <br />receipt and sufficiency of which is hereby acknowledged, the Parties agree to the provisions of this <br />Agreement in order to address the requirements of the HIPAA Security and Privacy Rule and to protect <br />the interests of both Parties. <br />I. DEFINITIONS <br />(a) Service Agreement. Agreement(s) for services affected by this HIPAA Business <br />Associate Agreement, which this Business Associate Agreement shall be attached to, and is (are) hereby <br />incorporated by reference, and which shall be taken and considered as a part of this document the same as <br />if fully set out herein: <br />Dental Services <br />(b) Catch -all Provision. Except as otherwise defined herein, any and all capitalized terms in <br />this Agreement shall have the definitions set forth in the HIPAA Security and Privacy Rule, 45 CFR Parts <br />160 and 164, subparts A and E. In the event of an inconsistency between the provisions of this Agreement <br />and mandatory provisions of the HIPAA Security and Privacy Rule, as amended, the HIPAA Security and <br />Privacy Rule shall control. Where provisions of this Agreement are different than those mandated in the <br />HIPAA Security and Privacy Rule, but are nonetheless permitted by the HIPAA Security and Privacy <br />Rule, the provisions of this Agreement shall control. <br />(c) Electronic Protected Health Information. Protected Health Information that is transmitted <br />by or maintained in Electronic Media (as defined in the HIPAA Security and Privacy Rule). <br />October 2013 <br />