My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
2018-075S
CBCC
>
Official Documents
>
2010's
>
2018
>
2018-075S
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
12/29/2020 11:17:01 AM
Creation date
5/1/2018 1:15:57 PM
Metadata
Fields
Template:
Official Documents
Official Document Type
Agreement
Approved Date
04/17/2018
Control Number
2018-075S
Agenda Item Number
12.D.1.
Entity Name
Benefit Express Services, LLC
BenefitExpress
Subject
Technology and Services Agreement
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
18
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
benefitc,x1)ress <br />•,,� l.rnr(it wisr rrlahomhil� di ...��: <br />Benefit Express Services, LLC <br />Technology and Services Agreement <br />(g) Penalties for Noncompliance. The Business Associate acknowledges that it is subject to civil and criminal enforcement for failure to <br />comply with the privacy rule and security rule under the HIPAA Rules, as amended by the HITECH Act. <br />III. Compliance with Electronic Transactions Rule <br />If the Business Associate conducts in whole or part Electronic Transactions on behalf of the Covered Entity for which HHS has <br />established standards, the Business Associate will comply, and will require any Subcontractor or agent it involves with the conduct of <br />such Transactions to comply, with each applicable requirement of the Electronic Transactions Rule. The Business Associate shall also <br />comply with the National Provider Identifier requirements, if and to the extent applicable. <br />IV. Obligations of the Covered Entity <br />(a) Notice of Privacy Practices. Client shall provide BE with the notice of privacy practices that it produces in accordance with 45 CFR <br />Section 164.520, as well as any changes to such notice. BE shall not be responsible for the content of the Notice nor any error or <br />omission in the notice. <br />(b) Notification of Changes and Restrictions. The Covered Entity shall notify the Business Associate of: <br />i. Any limitation(s) in its notice of privacy practices of the Covered Entity in accordance with 45 CFR §164.520, to the extent that <br />such limitation may affect the Business Associate's use or disclosure of Protected Health Information; <br />ii. Any changes in, or revocation of, permission by the Individual to use or disclose Protected Health Information, to the extent that <br />such changes may affect the Business Associate's use or disclosure of Protected Health Information; and <br />iii. Any restriction to the use or disclosure of Protected Health Information that the Covered Entity has agreed to in accordance <br />with 45 CFR §164.522, to the extent that such restriction may affect the Business Associate's use or disclosure of Protected <br />Health Information. <br />(c) Responsibility for Further Disclosures. Client shall be responsible for ensuring that further disclosure by Client of PHI (including, but <br />not limited to, disclosures to employers, plan sponsors, agents, vendors and group health plans) complies with the requirements of <br />HIPAA and applicable federal and state laws. <br />V. Permissible Requests by the Covered Entity <br />The Covered Entity shall not request the Business Associate to use or disclose Protected Health Information in any manner that would <br />not be permissible under the Privacy Rule if done by the Covered Entity. <br />VI. Individual Rights <br />(a) Access. The Business Associate will, within twenty-five (25) calendar days following the Covered Entity's request, make available to <br />the Covered Entity or, at the Covered Entity's direction, to an individual (or the individual's personal representative) for inspection <br />and obtaining copies of the Covered Entity's Protected Health Information about the individual that is in the Business Associate's <br />custody or control, so that the Covered Entity may meet its access obligations under 45 CFR §164.524. Effective as of the date <br />specified by HHS, if the Protected Health Information is held electronically in a designated Record Set in the Business Associate's <br />custody or control. The Business Associate will provide an electronic copy in the form and format specified by the Covered Entity if it <br />is readily producible in such format; if it is not readily producible in such format, the Business Associate will work with the Covered <br />Entity to determine an alternative form and format as specified by the Covered Entity to meet its electronic access obligations under <br />45 CFR 164.524. <br />(b) Amendment. The Business Associate will, upon receipt of written notice from the Covered Entity, promptly amend or permit the <br />Covered Entity access to amend any portion of the Covered Entity's Protected Health Information in a designated record set as <br />directed or agreed to by the Covered Entity, so that the Covered Entity may meet its amendment obligations under 45 CFR §164.526. <br />(c) Disclosure Accounting. The Business Associate will maintain and make available the information required to provide an accounting <br />of disclosures to the Covered Entity as necessary to satisfy the Covered Entity's obligations under 45 CFR §164.528. <br />L Disclosures Subject to Accounting. The Business Associate will record the information specified below ("Disclosure <br />Information") for each disclosure of the Covered Entity's Protected Health Information, not excepted from disclosure accounting <br />as specified below, that the Business Associate makes to the Covered Entity or to a third party. <br />ii. Disclosures Not Subject to Accounting. The Business Associate will not be obligated to record Disclosure Information or <br />otherwise account for disclosures of the Covered Entity's Protected Health Information if the Covered Entity need not account <br />for such disclosures under the HIPAA Rules. <br />iii. Disclosure Information. With respect to any disclosure by the Business Associate of the Covered Entity's Protected Health <br />Information that is not excepted from disclosure accounting under the HIPAA Rules, the Business Associate will record the <br />following Disclosure Information as applicable to the type of accountable disclosure made: <br />1. Disclosure Information Generally. Except for repetitive disclosures of the Covered Entity's Protected Health <br />Information as specified below, the Disclosure Information that the Business Associate must record for each <br />accountable disclosure is (1) the disclosure date, (2) the name and (if known) address of the entity to which the Business <br />
The URL can be used to link to this page
Your browser does not support the video tag.