Browse
Search
2021-071-E Health - Everbridge vaccination software
OrangeCountyNC
>
Board of County Commissioners
>
Contracts and Agreements
>
General Contracts and Agreements
>
2020's
>
2021
>
2021-071-E Health - Everbridge vaccination software
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
2/19/2021 3:58:09 PM
Creation date
2/19/2021 2:18:22 PM
Metadata
Fields
Template:
Contract
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
20
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
DocuSign Envelope ID: 16086DFC-1613-4024-BF92-DD86916E213E <br /> 13. General Uses and Disclosures. Pursuant to the Underlying Agreement, Business Associate provides <br /> services("Services")for the Covered Entity that involve the use and disclosure of PHI and/or ePHI. Except as otherwise specified <br /> herein, the Business Associate may make any and all uses of PHI and/or ePHI necessary to perform its obligations under the <br /> Underlying Agreement,this BAA or as Required By Law, provided that any such use or disclosure would not violate the Privacy and <br /> Security Rules if done by Covered Entity. All other uses not authorized by the Underlying Agreement, this BAA or by law are <br /> prohibited. <br /> 14. Business Activities of the Business Associate. Unless otherwise limited herein, the Business Associate <br /> may: <br /> (a) use the PHI in its possession within its workforce for its proper management and administration and to fulfill <br /> any present or future legal responsibilities of the Business Associate provided that such uses are permitted under state and <br /> federal confidentiality laws. <br /> (b) disclose the PHI in its possession to third parties for the purpose of its proper management and <br /> administration or to fulfill any present or future legal responsibilities of the Business Associate, provided that(i)the disclosures <br /> are required by law, as provided for in 45 C.F.R. §164.501, or(ii)the Business Associate has received from the third party <br /> satisfactory written assurances regarding its confidential handling of such PHI as required under 45 C.F.R. §164.504(e)(4). <br /> 15. Other Activities of Business Associate. In addition to using the PHI to perform the Services set forth in <br /> Section 14 above, Business Associate may: <br /> (a) Use PHI to provide Data Aggregation Services to Covered Entity as permitted by HIPAA. Under no <br /> circumstances may the Business Associate disclose PHI of one covered entity to another covered entity absent the explicit <br /> authorization of the Covered Entity or as required by law. <br /> (b) de-identify any and all PHI provided that the de-identification conforms to the requirements of 45 C.F.R. <br /> §164.514(b), and further provided that the Covered Entity maintains the documentation required by 45 C.F.R. §164.514(b) <br /> which may be in the form of a written assurance from the Business Associate. Pursuant to 45 C.F.R. §164.502(d)(2), de- <br /> identified information does not constitute PHI and is not subject to the terms of this Business Associate Agreement. <br /> 16. Obligations of Covered Entity. Covered Entity shall: <br /> (a) Provide Business Associate with the Notice of Privacy Practices that Covered Entity produces in accordance <br /> with the Privacy Rule, and any changes or limitations to such notice under 45 C.F.R. 164.520, to the extent that such changes <br /> or limitations may affect Business Associate's use or disclosure of PHI. <br /> (b) Notify Business Associate of any restriction to the use or disclosure of PHI that Covered Entity has agreed to <br /> or is required to abide by under 45 C.F.R. 164.522, to the extent that such restriction may affect Business Associate's use or <br /> disclosure of PHI under this BAA. <br /> (c) Notify Business Associate of any changes in or revocation of permission by an individual to use or disclose <br /> PHI, if such change or revocation may affect Business Associate's permitted or required uses and disclosures of PHI under <br /> this BAA. <br /> 17. No Impermissible Request. Covered Entity shall not request Business Associate to use or disclose PHI in <br /> any manner that would not be permissible under the Privacy and Security Rule if done by Covered Entity, except as provided <br /> under Section 14-15 of this BAA. <br /> 18. Compliance with Security Rule. Effective April 20, 2005, Business Associate shall comply with the HIPAA <br /> Security Rule, which shall mean the Standards for Security of Electronic Protected Health Information at 45 C.F.R. Part 160 <br /> and Subparts A and C of Part 164, as amended by ARRA and the HITECH Act. The term "Electronic Health Record" or <br /> "EHR" as used in this BAA shall mean an electronic record of health-related information on an individual that is created, <br /> gathered, managed and consulted by authorized health care clinicians and staff. <br /> 3 <br />
The URL can be used to link to this page
Your browser does not support the video tag.