My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
BASIC HR SERVICES
Clerk
>
Contracts / Agreements
>
B
>
BASIC HR SERVICES
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
11/1/2018 12:39:04 PM
Creation date
11/1/2018 12:36:43 PM
Metadata
Fields
Template:
Contracts
Company Name
BASIC HR SERVICES
Contract #
A-2018-219
Agency
HUMAN RESOURCES
Council Approval Date
9/18/2018
Destruction Year
0
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
9
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
164.416, and. any Security Incident of which It becomes aware. The Business Associate will make the report to <br />the Covered Entity's Privacy Official not more than twenty-five (25) calendar days after the Business Associate <br />becomes aware of such non -permitted use or disclosure. If a delay is requested by a law-enforcement official In <br />accordance with 45 CFR §164.412, the Business Associate may delay notifying the Covered Entity for the <br />applicable time period. The Business Associate's report will at least: <br />(A) Identify the nature of the Breach or other non -permitted use or disclosure, which will include a brief <br />description of what happened, including the date of any Breach and the date of the discovery of the <br />Breach; <br />(B) Identify the Covered Entity's Protected Health Information that was sub)eot to the non -permitted use or <br />disclosure Or Breach (such as whether full name, social security number, date of birth, home address, <br />account number or other information were involved) on an individual basis; <br />(C) Identify who made the non -permitted use or disclosure and who received the non -permitted use or <br />disclosure; <br />(R) Identify what corrective or investigational action the Business Associate took or will take to prevent <br />further non -permitted uses or disclosures; to mitigate harmful effects and to protect against any further <br />Breaches; <br />(E) Identify what steps the individuals who were subject to a Breach should take to protect themselves; and <br />(F) Provide such other information, Including a written report and risk assessment under 45 CFR §164.462, <br />as the Covered Entity may reasonably request. <br />(III) Security Incidents, The Business Associate will report to The Covered Entity any Security Incident of <br />which the Business Associate becomes aware. The Business Associate will make this report once per month, <br />except. If any such Security Incident resulted in a disclosure not permitted by this Agreement or Breach of <br />Unsecured Protected Health Information, Business Associate will make the report in accordance with the <br />provisions set forth above. <br />(b) Mitigation. The Business Associate shall mitigate; to the extent practicable, any harmful effect known to the <br />Business Associate resulting from a use or disclosure in violation of this Agreement. <br />VIII. Term and Termination <br />(a) Term. The term of this Agreement shall be effective as of the date specified below, and shall terminate when all <br />Protected Health Information provided by the Covered Entity to the Business Associate, or created or received by <br />the Business Associate on behalf of the Covered Entity; is destroyed or returned to the Covered Entity, or, if it is <br />Infeasible to return or destroy Protected Health Information, protections are extended to such information, in <br />accordance with the termination provisions in this section. <br />(b) Right to Terminate for Cause. The Covered Entity may terminate this Agreement if it determines, in Its sole <br />discretion that the Business Associate has breached a material term of this Agreement, and upon written notice to <br />the Business Associate of the breach, the Business Associate fails to cure the breach within thirty (36) calendar <br />days after receipt of the notice. Any such termination will be effective immediately or at such other date specified in <br />the Covered Entity's notice of termination. <br />(c) Treatment of Protected Health Information on Termination. <br />(i) Return or Destruction of Covered Entity's Protected Health Information as Feasible. Upon <br />termination or other conclusion Of this Agreement, the Business Associate will, if feasible, return to the Covered <br />Entity or destroy all of the Covered Entity's Protected Health Information In whatever form or medium, Including <br />all copies thereof and all data, compilations, and other works derived there from that allow Identification of any <br />individual who is a subject of the Covered. Entity's Protected Health Information. This provision shall apply to <br />Protected Health Information that Is in the possession of Subcontractors or agents of the Business Associate. <br />Further, the Business Associate shall require any such Subcontractor or agent to certify to the Business <br />Associate that it returned to the Business Associate (so that the Business Associate may return it to the <br />Covered Entity) or destroyed all such Information which could be returned or destroyed. The Business <br />
The URL can be used to link to this page
Your browser does not support the video tag.