Browse
Search
2017-674-E Health - CHC Public School Foundation business associate agreement
OrangeCountyNC
>
Board of County Commissioners
>
Contracts and Agreements
>
General Contracts and Agreements
>
2010's
>
2017
>
2017-674-E Health - CHC Public School Foundation business associate agreement
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
10/3/2018 12:02:45 PM
Creation date
10/2/2018 4:38:45 PM
Metadata
Fields
Template:
Contract
Date
8/24/2017
Contract Starting Date
8/24/2017
Contract Document Type
Agreement
Amount
$0.00
Document Relationships
2017-691-E Health - KidScope CHC Public School Foundation business associate agreement addendum
(Attachment)
Path:
\Board of County Commissioners\Contracts and Agreements\General Contracts and Agreements\2010's\2017
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
10
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
2 <br />October 2013 <br />(c) Electronic Protected Health Information. Protected Health Information that is transmitted <br />by or maintained in Electronic Media (as defined in the HIPAA Security and Privacy Rule). <br /> <br />(d) Protected Health Information. “Protected Health Information” shall have the same <br />meaning as the term in 45 CFR § 160.103, limited to the information created or received by Business <br />Associate from or on behalf of Covered Entity and includes without limitation “Electronic Protected <br />Health Information.” Business Associate acknowledges and agrees that all Protected Health Information <br />that is created or received by Covered Entity and disclosed or made available in any form, including paper <br />record, oral communication, audio recording, and electronic display by Covered Entity or its operating <br />units to Business Associate or is created or received by Business Associate on Covered Entity’s behalf <br />shall be subject to this Agreement. <br /> <br />(e) Required by Law. “Required by Law” shall have the same meaning as the term in 45 <br />CFR § 164.103. <br /> <br /> <br />II. OBLIGATIONS AND ACTIVITIES OF BUSINESS ASSOCIATE <br /> <br /> (a) Use and Disclosure. Business Associate agrees to fully comply with the requirements <br />under the HIPPA Security and Privacy Rule applicable to Business Associates and not to use or disclose <br />Protected Health Information other than as permitted or required by this Agreement, the Service <br />Agreement or as Required by Law. To the extent Business Associate carries out obligations of Covered <br />Entity under the HIPAA Security and Privacy Rule, Business Associate shall comply with the applicable <br />provisions of the HIPAA Security and Privacy Rule as if such use or disclosure were made by Covered <br />Entity. Business Associate agrees to comply with Covered Entity’s policies regarding the minimum <br />necessary use or disclosure of Protected Health Information. <br /> <br /> (b) Appropriate Safeguards. Business Associate agrees to use appropriate safeguards to <br />prevent use or disclosure of Protected Health Information other than as provided for by this Service <br />Agreement(s), this Agreement or as Required by Law. This includes the implementation physical, <br />technical and administrative safeguards to prevent use or disclosure of Protected Health Information other <br />than as permitted in this Agreement or Required by Law and reasonably and appropriately protect the <br />confidentiality, integrity, and availability of any Electronic Protected Health Information that it creates, <br />receives, maintains, or transmits on behalf of Covered Entity as required by the HIPAA Security and <br />Privacy Rule. The Business Associate shall maintain appropriate documentation of its compliance with <br />the HIPPA Security and Privacy Rule, including, but not limited to, its policies, procedures, records of <br />training and sanctions of members in its workforce. <br /> <br />(c) Assurances. Business Associate agrees to provide Covered Entity with written <br />assurances that any Protected Health Information placed on any type of mobile media, including, but by <br />no means limited to, lap top computers, Ipads and mobile phones, is encrypted in accordance with <br />guidance issued by the Secretary. <br /> <br />(d) Agents and Subcontractors. Business Associate shall require any agents, including any <br />subcontractors, to whom it provides Protected Health Information from Covered Entity that is created, <br />received, maintained or transmitted on behalf of Business Associate to agree by written contract with <br />Business Associate to the same (or greater) restrictions, conditions and requirements that apply to <br />Business Associate with respect to such information, and to agree to implement reasonable and <br />appropriate safeguards to protect any of such information that is Electronic Protected Health Information. <br />In addition, Business Associate agrees to take reasonable steps to ensure that its employees’ actions or <br />omissions do not cause Business Associate to breach the terms of this Agreement. <br /> <br />(e) Mitigation of Breach. Business Associate agrees to mitigate, to the extent practicable, <br />any harmful effect that is known to Business Associate of a use or disclosure of Protected Health <br />DocuSign Envelope ID: BE4A10D5-CB37-4BFF-97CB-670A48096F97
The URL can be used to link to this page
Your browser does not support the video tag.