Browse
Search
2021-071-E Health - Everbridge vaccination software
OrangeCountyNC
>
Board of County Commissioners
>
Contracts and Agreements
>
General Contracts and Agreements
>
2020's
>
2021
>
2021-071-E Health - Everbridge vaccination software
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
2/19/2021 3:58:09 PM
Creation date
2/19/2021 2:18:22 PM
Metadata
Fields
Template:
Contract
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
20
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
DocuSign Envelope ID: 16086DFC-1613-4024-BF92-DD86916E213E <br /> Aleverbridge <br /> Everbridge, Inc. <br /> HIPAA Business Associate Agreement <br /> Pursuant to the Health Insurance Portability and Accountability Act of 1996, as amended ("HIPAA"), <br /> Orange County Health Department ("Covered Entity") and Everbridge, Inc. a Delaware corporation, or any of its corporate <br /> affiliates ("Business Associate"), enter into this Business Associate Agreement ("BAA") as of February 8 , 2021 <br /> (the "Effective Date"). This BAA addresses the HIPAA requirements with respect to "business associates," as defined under <br /> the privacy, security, breach notification and enforcement rules at 45 C.F.R. Part 160 and Part 164 ("HIPAA Rules"). A <br /> reference in this BAA to a section in the HIPAA Rules means the section as in effect or as amended. Both parties are <br /> committed to complying with the HIPAA Rules and associated regulations. This BAA is intended to ensure such compliance <br /> and that the appropriate safeguards are established for Protected Health Information ("PHI") (as defined under the HIPAA <br /> Rules) that Business Associate may receive, create, maintain, use or disclose in connection with the functions, activities and <br /> services that Business Associate performs for Covered Entity. The functions, activities and services that Business Associate <br /> performs for Covered Entity are defined in the underlying services agreement (the "Underlying Agreement"). Pursuant to <br /> changes required under the Health Information Technology for Economic and Clinical Health Act of 2009 (the "HITECH Act") <br /> and under the American Recovery and Reinvestment Act of 2009 ("ARRA"), this BAA also reflects federal breach notification <br /> requirements imposed on Business Associate when "Unsecured PHI" (as defined under the HIPAA Rules) is acquired by an <br /> unauthorized party and the expanded privacy and security provisions imposed on business associates. <br /> 1. Definitions. All capitalized terms used in this BAA but not defined herein shall have the meanings set forth <br /> in the HIPAA Rules. <br /> 2. General Obligations of Business Associate. Business Associate agrees not to use or disclose PHI, other <br /> than as permitted or required by this BAA or as Required By Law, or if such use or disclosure does not otherwise cause a <br /> Breach of Unsecured PHI. Business Associate agrees to use appropriate safeguards, and comply with Subpart C of 45 C.F.R. <br /> Part 164 with respect to ePHI, to prevent use or disclosure of PHI other than as provided for by the BAA. <br /> 3. Mitigation. Business Associate agrees to mitigate, to the extent practicable, any harmful effect that is <br /> known to Business Associate as a result of a use or disclosure of PHI by Business Associate in violation of this BAA's <br /> requirements or that would otherwise cause a Breach of Unsecured PHI. <br /> 4. Safeguards. Business Associate agrees to use appropriate safeguards and comply with security standards <br /> for the protection of Electronic Protected Health Information ("ePHI")to prevent Use or Disclosure of ePHI other than as <br /> provided for by this BAA, pursuant to the Standards for Security of Electronic Protected Health Information in the HIPAA Rules, <br /> including those specified in 45 CFR Parts 160 and 164, subparts A and C respectively(collectively, the"Security Rule"). <br /> Business Associate further agrees to implement appropriate Administrative, Physical, and Technical Safeguards to protect the <br /> confidentiality, integrity and availability of any ePHI in accordance with the HIPAA Rules, including the use of written policies <br /> and procedures. <br /> 5. Breach Notification. Effective as of the Compliance Date, Business Associate will comply with Section <br /> 13402 of the HITECH Act and the regulations implementing such provisions, currently 45 CFR part 164, subpart D, as such <br /> regulations may be in effect from time to time. <br /> (a) Except as provided in 45 CFR§ 164.412, Business Associate will give Covered Entity notice of any Breach <br /> of Unsecured PHI promptly, and in any case no later than five(5)business days after the first day on which the Breach is <br /> known to Business Associate. <br /> (b) The notice required by Business Associate in Section 5(a)above shall adhere to the same Content Of <br /> Notification standards as set forth in 45 CFR§ 164.404(c)(1)and (2). <br /> Business Associate Agreement v.7 7.7.15 <br />
The URL can be used to link to this page
Your browser does not support the video tag.