My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
RECALL TOTAL INFORMATION MANAGEMENT, INC. 1 -2010
Clerk
>
Contracts / Agreements
>
R
>
RECALL TOTAL INFORMATION MANAGEMENT, INC. 1 -2010
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
7/7/2016 2:24:27 PM
Creation date
4/13/2010 11:19:54 AM
Metadata
Fields
Template:
Contracts
Company Name
RECALL TOTAL INFORMATION MANAGEMENT, INC.
Contract #
N-2010-029
Agency
FINANCE & MANAGEMENT SERVICES
Expiration Date
2/9/2012
Insurance Exp Date
6/30/2015
Destruction Year
2017
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
16
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
" BUSINESS ASSOCIATE ADDENDUM TO RECALL DPS SERVICES AGREEMENT <br />Recall Initials .LIII B Customer Initials Of" <br />This addendum ( "A endum ") is incorporated into the Confidentiality section of the Recall DPS Terms and Conditions that constitute Section B of the Recall <br />Services Agreement "Services Agreement ") between Recall Total Information Management, Inc. ( "Recall ") and City of Santa Ana ( "Customer') to the extent that <br />the Services Agreement requires Recall to provide services with respect to Protected Health Information, as defined below. For purposes of this Addendum <br />Recall is identified as "Business Associate" and Customer is identified as "Covered Entity ". <br />1. For purposes of this Addendum, the following terms shall have the meanings ascribed to them below: <br />(a) Electronic Media shall have the same meaning as the term "electronic media" as defined by 45 CFR 160.103. <br />(b) Electronic Protected Health Care Information shall have the same meaning as the term "Electronic Protected Health Information" as defined by 45 <br />CFR 160.103. <br />(c) Individual shall have the same meaning as the term "individual" as defined by 45 C.F.R. 164.501 and shall include a person who qualifies as a personal <br />representative in accordance with 45 CFR § 164.502(g). <br />(d) Parties shall mean BUSINESS ASSOCIATE and COVERED ENTITY. <br />(e) Privacy Rule shall mean the Standards for Privacy of Individually Identifiable Health Information at 45 CFR, Sections 160 and 164, subparts A and E. <br />(f) Protected Health Information shall mean any health information as defined by 45 C.F.R. 164.501 that is provided and /or made available by or on behalf <br />of COVERED ENTITY to BUSINESS ASSOCIATE. <br />(g) Required by law shall have the same meaning as the term "required by laud' as defined by 45 C.F.R. 164.501. <br />(h) Secretary shall mean the Secretary of the Department of Health and Human Services and his /her designee. <br />(i) Security Incident shall have the same meaning as the term "Security Incident" as defined in 45 CFR 164.304. <br />0) Security Rule shall mean the requirements regarding security for the protection of Electronic Protected Health Information as provided in 45CFR part <br />160 and part164, subparts A and C. <br />(k) Transaction Rule shall mean the requirements regarding electronic transactions set forth in 45CFR parts 160 and 162. <br />2. Term. The effective date of this Addendum shall begin as of the Effective Date of the Service Agreement, and shall expire when all of the Health Information <br />provided by COVERED ENTITY to BUSINESS ASSOCIATE is destroyed or returned to COVERED ENTITY pursuant to Section 6 below. <br />3. Obligations and Activities of Business Associate. <br />a. Business Associate agrees to use reasonable care not to use or disclose Protected Health Information other than as permitted or required by the Addendum <br />or as Required By Law. <br />b. Business Associate agrees to use appropriate physical, technical and administrative safeguards to prevent use or disclosure of the Protected Health <br />Information other than as provided for by this Addendum, and to protect the confidentiality, integrity and availability of Electronic Protected Health Information <br />that it creates, receives, maintains or transmits on behalf of Customer. <br />c. Business Associate agrees to mitigate, to the extent practicable, any harmful effect that is known to Business Associate of a use or disclosure of Protected <br />Health Information by Business Associate in violation of the requirements of this Addendum, and to report to Covered Entity any Security Incident of which it <br />becomes aware (whether or not such Security Incident is successful) within two (2) days after the date on which Business Associate becomes aware of such <br />Security Incident.. <br />d. Business Associate agrees to report to Covered Entity any use or disclosure of the Protected Health Information not provided for by this Addendum of which <br />it becomes aware. <br />e. Business Associate agrees to ensure that any agent, including a subcontractor, to whom it provides Protected Health Information received from, or created or <br />received by Business Associate on behalf of Covered Entity agrees to substantially the same restrictions and conditions that apply through this Addendum to <br />Business Associate with respect to such information. <br />f. Business Associate agrees to make internal practices, books, and records, including policies and procedures and Protected Health Information, relating to the <br />use and disclosure of Protected Health Information received from, or created or received by Business Associate on behalf of, Covered Entity available to the <br />Secretary, in a time and manner designated by the Secretary, for purposes of the Secretary determining Covered Entity's compliance with the Privacy Rule. <br />g. Business Associate agrees to document such disclosures of Protected Health Information as would be required for Covered Entity to respond to a request by <br />an Individual for an accounting of disclosures of Protected Health Information in accordance with 45 CFR § 164.528. <br />h. Business Associate agrees to provide to Covered Entity or an Individual, within five (5) business days after receipt of a written request therefore, information <br />collected in accordance with Section 3(g) of this Addendum, to permit Covered Entity to respond to a request by an Individual for an accounting of disclosures <br />of Protected Health Information in accordance with 45 CFR § 164.528. <br />i. Business Associate shall: (A) provide access to Protected Health Information in a Designated Record Set in order to meet the requirements under 45 CFR § <br />164.524 and (B) make any amendment(s) to Protected Health Information in a Designated Record Set pursuant to 45 CFR § 164.526. <br />4. Permitted Uses and Disclosures by Business Associate. Except as otherwise limited in this Agreement, <br />a. Business Associate may use or disclose Protected Health Information to perform services for, or on behalf of, Covered Entity as specified in the Services <br />Agreement, provided that such use or disclosure would not violate the Privacy Rule or the Security Rule if done by Covered Entity. <br />b. Business Associate may use Protected Health Information for the proper management and administration of the Business Associate or to carry out the legal <br />responsibilities of the Business Associate. <br />c. Business Associate may disclose Protected Health Information for the proper management and administration of the Business Associate, provided that <br />disclosures are Required By Law, or Business Associate obtains reasonable assurances from the person to whom the information is disclosed that it will <br />remain confidential and used or further disclosed only as Required By Law or for the purpose for which it was disclosed to the person, and the person notifies <br />the Business Associate of any instances of which it is aware in which the confidentiality of the information has been breached. <br />d. Business Associate may use Protected Health Information to provide Data Aggregation services to Covered Entity as permitted by 42 CFR § <br />164.504(e)(2)(i)(B). <br />e. Business Associate may use Protected Health Information to report violations of law to appropriate Federal and State authorities, consistent with § <br />164.5020)(1). <br />5. Obligations of Covered Entity <br />a. Covered Entity shall notify Business Associate of any limitation(s) in its notice of privacy practices of Covered Entity in accordance with 45 CFR § 164.520, to <br />the extent that such limitation may affect Business Associate's use or disclosure of Protected Health Information. <br />b. Covered Entity shall not request Business Associate to use or disclose Protected Health Information in any manner that would not be permissible under the <br />Privacy Rule if done by Covered Entity. <br />6. Termination <br />a. Termination for Cause. Upon Covered Entity's knowledge of a material breach by Business Associate, Covered Entity shall either: <br />1. Provide an opportunity for Business Associate to cure the breach or end the violation and terminate this Addendum the Services Agreement if Business <br />Associate does not cure the breach or end the violation within the time specified by Covered Entity; <br />2. Immediately terminate this Addendum and the Services Agreement if Business Associate has breached a material term of this Addendum and cure is not <br />possible; or <br />20070809 Short Form DPS Contract 5 of 6 <br />
The URL can be used to link to this page
Your browser does not support the video tag.