Orange County NC Website
<br />ORANGE COUNTY GOVERNMENT <br />TRANSPORTATION SERVICES DEPARTMENT <br />BUSINESS ASSOCIATE AGREEMENT <br /> <br />This Business Associate Agreement (the “BAA”) is made and entered into as of December 15, 2025 <br />by and between Orange County, North Carolina , a political subdivision of the State of North <br />Carolina (“Covered Entity”) and Foxster Opco, LLC (“CTS Software”, “CTS”), a corporation organized <br />under the laws of the State of North Carolina (“Business Associate”, in accordance with the meaning <br />given to those terms at 45 CFR §164.501). In this BAA, Covered Entity and Business Associate are <br />each a “Party” and, collectively, are the “Parties”. <br />BACKGROUND <br />I. Covered Entity is either a “covered entity” or “business associate” of a covered <br />entity as each are defined under the Health Insurance Portability and <br />Accountability Act of 1996, Public Law 104 -191, as amended by the HITECH Act <br />(as defined below) and the related regulations promulgated by HHS (as defined <br />below) (collectively, “HIPAA”) and, as such, is required to comply with HIPAA’s <br />provisions regarding the confidentiality and privacy of Protected Health <br />Information (as defined below); <br />II. The Parties have entered into or will enter into one or more agreements under <br />which Business Associate provides or will provide certain specified services to <br />Covered Entity (collectively, the “Agreement”); <br />III. In providing services pursuant to the Agreement, Business Associate will have <br />access to Protected Health Information; <br />IV. By providing the services pursuant to the Agreement, Business Associate will <br />become a “business associate” of the Covered Entity as such term is defined under <br />HIPAA; <br />V. Both Parties are committed to complying with all federal and state laws governing <br />the confidentiality and privacy of health information, including, but not limited to, <br />the Standards for Privacy of Individually Identifiable Health Information found at <br />45 CFR Part 160 and Part 164, Subparts A and E (collectively, the “Privacy Rule”); <br />and <br />VI. Both Parties intend to protect the privacy and provide for the security of Protected <br />Health Information disclosed to Business Associate pursuant to the terms of this <br />Agreement, HIPAA and other applicable laws. <br />AGREEMENT <br />NOW, THEREFORE, in consideration of the mutual covenants and conditions contained herein and <br />the continued provision of PHI by Covered Entity to Business Associate under the Agreement in <br />reliance on this BAA, the Parties agree as follows: <br />Docusign Envelope ID: 570451FC-66D7-4F0D-A133-FD52C5F42668Docusign Envelope ID: 2F0A6F2B-A88D-43A2-97AA-4CF0CF9C3EE6