My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
25A - AGMT FOR FLEX SPENDING
Clerk
>
Agenda Packets / Staff Reports
>
City Council (2004 - Present)
>
2020
>
10/20/2020
>
25A - AGMT FOR FLEX SPENDING
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
10/14/2020 3:08:32 PM
Creation date
10/14/2020 3:02:14 PM
Metadata
Fields
Template:
City Clerk
Doc Type
Agenda Packet
Agency
Human Resources
Item #
25A
Date
10/20/2020
Destruction Year
2025
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
37
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
DocuSign Envelope ID: CFCE3443-EF37-4FD4-8DCD-D85D559F77AE <br />(2) Identify the individuals whose Unsecured PHI has been, or is reasonably believed to <br />have been, the subject of a Breach; and <br />(3) Include any other available information that the Covered Entity requires in order to <br />complete a risk assessment under 45 CFR § 164.402 with respect to the Individuals <br />affected by the Breach, or in order to notify such Individuals of the Breach, as well as <br />the Secretary and the media, to the extent required under §13402(f) of the HITECH <br />Act, 42 U.S.C. § 17932 and 45 CFR §§ 164.404, 164.406 and 164.408. Business <br />Associate shall provide such information to Covered Entity promptly upon such <br />information becoming available to Business Associate. Covered Entity solely shall be <br />responsible for providing notification to any Individual, the Secretary, or the media <br />with regard to a Breach. <br />(4) Each party shall bear its own costs and expenses required to comply with notification <br />duties resulting from a breach of Unsecured PHI as set forth in 45 CFR §§ 164.404, <br />164.406, and 164.408, with regard to Covered Entity, and as set forth in 45 CFR § <br />164.410, with regard to Business Associate. <br />(5) Each party shall mitigate, to the extent practicable, any harmful effect known to them <br />resulting from a use or disclosure of PHI in violation of this Agreement. <br />i. In accordance with 45 CFR §§ 164.502(e)(1)(ii) and 164.308(b)(2), if applicable, <br />Business Associate agrees to require that any of its Subcontractors that create, <br />receive, maintain or transmit Protected Health Information from or on behalf of <br />Business Associate agree in writing to the same restrictions, conditions, and <br />requirements that apply to Business Associate with respect to such information, <br />including the obligation promptly to notify Business Associate of any use or <br />disclosure of PHI not provided for by the agreement between the Business <br />Associate and the Subcontractor, and to report to Business Associate any Security <br />Incident of which Subcontractor becomes aware, or Breach that Subcontractor <br />discovers. <br />ii. In the event Business Associate becomes aware of a pattern or practice of a <br />Subcontractor that violates the privacy and security safeguard obligations made to <br />Business Associate, Business Associate will take reasonable steps to cure such <br />violation and otherwise will respond to non-compliance by a Subcontractor in the <br />same way that Covered Entity is required to respond to non-compliance by <br />Business Associate. <br />III. Effective as of September 23, 2013, or the Effective Date of this Agreement, if <br />later, Business Associate will refrain from engaging in the sale of any Protected <br />AGUE <br />Document Generated on June 16, 2020 <br />City of Santa Ana Business Associate Agreement <br />Client Initials: <br />Page 8 <br />25A-31 <br />
The URL can be used to link to this page
Your browser does not support the video tag.