My WebLink
|
Help
|
About
|
Sign Out
Home
Mid-County Shelters - Operating Subsidies Standard Services Agreement 20230403
CityHall
>
City Clerk
>
City Council
>
Agreements
>
2023
>
Mid-County Shelters - Operating Subsidies Standard Services Agreement 20230403
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
7/17/2023 3:41:29 PM
Creation date
7/17/2023 3:41:15 PM
Metadata
Fields
Template:
CM City Clerk-City Council
CM City Clerk-City Council - Document Type
Agreement
Document Date (6)
4/3/2023
Retention
PERM
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
55
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
Master Contract No. 902012 <br />Procurement Contract No. 24823 <br />Exhibit E <br />Page 4 of 7 <br /> <br /> <br /> <br />Entity in writing within twenty-four (24) hours of any suspected or actual breach of security, intrusion, HIPAA Breach, and/or any actual or suspected use or Disclosure of data in violation of any applicable federal or state laws or regulations. This duty includes the reporting of any Security Incident, of which it becomes aware, affecting the Electronic PHI. Business Associate shall take (i) prompt corrective action to cure any such deficiencies and (ii) any action pertaining to such unauthorized use or Disclosure required by applicable federal and/or state laws and regulations. <br />Business Associate shall investigate such breach of security, intrusion, and/or HIPAA Breach, and provide a written report of the investigation to Covered Entity’s HIPAA Privacy Officer or other designee that is in compliance with 45 C.F.R. section 164.410 and that includes the identification of each individual whose PHI has been breached. The report shall be delivered within fifteen (15) working days of the discovery of the breach or unauthorized use or Disclosure. Business Associate shall be responsible for any obligations under the HIPAA Regulations to notify individuals of such breach, unless Covered Entity agrees otherwise. <br /> <br />G. Agents and Subcontractors. Business Associate agrees to ensure that any agent, including a <br />subcontractor, to whom it provides PHI received from, or created or received by Business Associate on <br />behalf of Covered Entity, agrees to the same restrictions, conditions, and requirements that apply <br />through this Exhibit to Business Associate with respect to such information. Business Associate shall <br />obtain written contracts agreeing to such terms from all agents and subcontractors. Any subcontractor <br />who contracts for another company’s services with regards to the PHI shall likewise obtain written <br />contracts agreeing to such terms. Neither Business Associate nor any of its subcontractors may <br />subcontract with respect to this Exhibit without the advanced written consent of Covered Entity. <br /> <br />H. Review of Records. Business Associate agrees to make internal practices, books, and records relating to <br />the use and Disclosure of PHI received from, or created or received by Business Associate on behalf of <br />Covered Entity available to Covered Entity, or at the request of Covered Entity to the Secretary, in a <br />time and manner designated by Covered Entity or the Secretary, for purposes of the Secretary <br />determining Covered Entity’s compliance with the HIPAA Regulations. Business Associate agrees to <br />make copies of its HIPAA training records and HIPAA business associate agreements with agents and <br />subcontractors available to Covered Entity at the request of Covered Entity. <br />I. Performing Covered Entity’s HIPAA Obligations. To the extent Business Associate is required to carry <br />out one or more of Covered Entity’s obligations under the HIPAA Regulations, Business Associate must <br />comply with the requirements of the HIPAA Regulations that apply to Covered Entity in the <br />performance of such obligations. <br /> <br />J. Restricted Use of PHI for Marketing Purposes. Business Associate shall not use or disclose PHI for <br />fundraising or Marketing purposes unless Business Associate obtains an Individual’s authorization. <br />Business Associate agrees to comply with all rules governing Marketing communications as set forth <br />in HIPAA Regulations and the HITECH Act, including, but not limited to, 45 C.F.R. section 164.508 <br />and 42 U.S.C. section 17936. <br /> <br />K. Restricted Sale of PHI. Business Associate shall not directly or indirectly receive remuneration in <br />exchange for PHI, except with the prior written consent of Covered Entity and as permitted by the <br />HITECH Act, 42 U.S.C. section 17935(d)(2); however, this prohibition shall not affect payment by <br />Covered Entity to Business Associate for services provided pursuant to the Agreement.
The URL can be used to link to this page
Your browser does not support the video tag.