My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
25A - AGMT EMPLOYEE TRACKING SVCS
Clerk
>
Agenda Packets / Staff Reports
>
City Council (2004 - Present)
>
2018
>
09/18/2018
>
25A - AGMT EMPLOYEE TRACKING SVCS
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
9/13/2018 5:00:05 PM
Creation date
9/13/2018 4:55:51 PM
Metadata
Fields
Template:
City Clerk
Doc Type
Agenda Packet
Agency
Personnel Services
Item #
25A
Date
9/18/2018
Destruction Year
2023
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
24
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
(111) Disclosure Information. With respect to any disclosure by the Business Associate of the Covered Entity's <br />Protected Health Information that is not excepted from disclosure accounting under the HIPAA Rules, the <br />Business Associate will record the following Disclosure Information as applicable to the type of accountable <br />disclosure made: <br />(A) Disclosure Information Generally. Except for repetitive disclosures of the Covered Entity's Protected <br />Health Information as specified below, the Disclosure Information that the Business Associate must record <br />for each accountable disclosure Is (1) the disclosure date, (2) the name and (if known) address of the entity <br />to which the Business Associate made the disclosure, (3) a brief description of the Covered Entity's <br />Protected Health Information disclosed, and (4) a brief statement of the purpose of the disclosure. <br />(B) Disclosure Information for Repetitive Disclosures. For repetitive disclosures of the Covered Entity's <br />Protected Health Information that the Business Associate makes for a single purpose to the same person <br />or entity (Including the Covered Entity), the Disclosure Information that the Business Associate must record <br />Is either the Disclosure Information specified above for each accountable disclosure, or (1) the Disclosure <br />Information specified above for the first of the repetitive accountable disclosures; (2) the frequency, <br />periodicity, or number of the repetitive accountable disclosures; and (3) the date of the last of the repetitive <br />accountable disclosures. <br />(iv) Availability of Disclosure Information. The Business Associate will maintain the Disclosure Information <br />for at least 6 years following the date of the accountable disclosure to which the Disclosure Information relates <br />(3 years for disclosures related to an Electronic Health Record, starting with the date specified by HHS). The <br />Business Associate will make the Disclosure Information available to the Covered Entity within twenty-five (25) <br />calendar days following the Covered Entity's request for such Disclosure Information to comply with an <br />individual's request for disclosure accounting. Effective as of the date specified by HHS, with respect to <br />disclosures related to an Electronic Health Record, the Business Associate shall provide the accounting directly <br />to an individual making such a disclosure request, if a direct response is requested by the individual. To the <br />extent the Business Associate is to carry out one or more of Covered Entity's obligation(s) under Subpart E of <br />45 CFR Part 164, comply with the requirements of Subpart E that apply to the covered entity in the <br />performance of such obligation(s); and make its Internal practices, books, and records available to the <br />Secretary for purposes of determining compliance with the HIPAA Rules. <br />(d) Restriction Agreements and Confidential Communications. The Covered Entity shall notify the Business <br />Associate of any limitations in the notice of privacy practices of Covered Entity under 45 CFR §164.520, to the <br />extent that such limitation may affect the Business Associate's use or disclosure of Protected Health Information. <br />The Business Associate will comply with any agreement that the Covered Entity makes that either (1) restricts use <br />or disclosure of the Covered Entity's Protected Health Information pursuant to 45 CFR §164.522(a), or (ii) requires <br />confidential communication about the Covered Entity's Protected Health Information pursuant to 45 CFR <br />§164.522(b), provided that the Covered Entity notifies the Business Associate in writing of the restriction or <br />confidential communication obligations that the Business Associate must follow. The Covered Entity will promptly <br />notify the Business Associate in writing of the termination of any such restriction agreement or confidential <br />communication requirement and, with respect to termination of any such restriction agreement, instruct the <br />Business Associate whether any of the Covered Entity's Protected Health Information will remain subject to the <br />terms of the restriction agreement. Effective February 17, 2010 (or such other date specified as the effective date <br />by HHS), the Business Associate will comply with any restriction request If: (1) except as otherwise required by law, <br />the disclosure is to a health plan for purposes of carrying out payment or health care operations (and is not for <br />purposes of carrying out treatment); and (ii) the Protected Health Information pertains solely to a health care item or <br />service for which the health care provider involved has been paid out-of-pocket in full. <br />VII. Breaches and Security Incidents <br />(a) Reporting. <br />(1) Impermissible Use or Disclosure. The Business Associate will report to Covered Entity any use or <br />disclosure of Protected Health Information not permitted by this Agreement not more than twenty-five <br />(25) calendar days after Business Associate becomes aware of such non -permitted use or disclosure. <br />(11) Privacy or Security Breach. The Business Associate will report to the Covered Entity any use or <br />disclosure of the Covered Entity's Protected Health Information not permitted by this Agreement of which it <br />becomes aware, including breaches of Unsecured Protected Health Information as required by 45 CFR <br />25A-17 <br />
The URL can be used to link to this page
Your browser does not support the video tag.