My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
2018-075S
CBCC
>
Official Documents
>
2010's
>
2018
>
2018-075S
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
12/29/2020 11:17:01 AM
Creation date
5/1/2018 1:15:57 PM
Metadata
Fields
Template:
Official Documents
Official Document Type
Agreement
Approved Date
04/17/2018
Control Number
2018-075S
Agenda Item Number
12.D.1.
Entity Name
Benefit Express Services, LLC
BenefitExpress
Subject
Technology and Services Agreement
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
18
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
Is <br />•benefitcxpress <br />Benefit Express Services, LLC <br />Technology and Services Agreement <br />iii. Security Incidents. The Business Associate will report to The Covered Entity any Security Incident of which the Business <br />Associate becomes aware. The Business Associate will make this report once per month, except if any such Security Incident <br />resulted in a disclosure not permitted by this Addendum or Breach of Unsecured Protected Health Information, Business <br />Associate will make the report in accordance with the provisions set forth above. <br />(b) Mitigation. The Business Associate shall mitigate, to the extent practicable, any harmful effect known to the Business Associate <br />resulting from a use or disclosure in violation of this Addendum. <br />VIII. Term and Termination <br />(a) Term. The term of this Addendum shall be effective as of the date specified within the Service Agreement, and shall terminate when <br />all Protected Health Information provided by the Covered Entity to the Business Associate, or created or received by the Business <br />Associate on behalf of the Covered Entity, is destroyed or returned to the Covered Entity, or, if it is infeasible to return or destroy <br />Protected Health Information, protections are extended to such information, in accordance with the termination provisions in this <br />section. <br />(b) Right to Terminate for Cause. The Covered Entity may terminate this Addendum if it determines, in its sole discretion, that the <br />Business Associate has breached a material term of this Addendum, and upon written notice to the Business Associate of the breach, <br />the Business Associate fails to cure the breach within thirty (30) calendar days after receipt of the notice. Any such termination will <br />be effective immediately or at such other date specified in the Covered Entity's notice of termination. <br />(c) Treatment of Protected Health Information on Termination. <br />L Return or Destruction of Covered Entity's Protected Health Information as Feasible. <br />Upon termination or other conclusion of the Service Agreement, the Business Associate will, if feasible, return to the Covered <br />Entity or destroy all of the Covered Entity's Protected Health Information in whatever form or medium, including all copies <br />thereof and all data, compilations, and other works derived therefrom that allow identification of any individual who is a subject <br />of the Covered Entity's Protected Health Information. This provision shall apply to Protected Health Information that is in the <br />possession of Subcontractors or agents of the Business Associate. Further, the Business Associate shall, upon request, require <br />any such Subcontractor or agent to certify to the Business Associate that it returned to the Business Associate (so that the <br />Business Associate may return it to the Covered Entity) or destroyed all such information which could be returned or destroyed. <br />ii. Procedure When Return or Destruction Is Not Feasible. The Business Associate will identify any of the Covered Entity's <br />Protected Health Information, including any that the Business Associate has disclosed to subcontractors or agents as permitted <br />under this Addendum, that cannot feasibly be returned to the Covered Entity or destroyed and explain why return or destruction <br />is infeasible. The Business Associate will limit its further use or disclosure of such information to those purposes that make <br />return or destruction of such information infeasible. The Business Associate will complete these obligations as promptly as <br />possible, but not later than thirty (30) calendar days following the effective date of the termination or other conclusion of this <br />Addendum. <br />iii. Continuing Privacy and Security Obligation. The Business Associate's obligation to protect the privacy and safeguard the <br />security of the Covered Entity's Protected Health Information as specified in this Addendum will be continuous and survive <br />termination or other conclusion of this Addendum. <br />IX. Miscellaneous Provisions <br />(a) Definitions. All terms that are used but not otherwise defined in this Addendum shall have the meaning specified under HIPAA, <br />including its statute, regulations and other official government guidance. <br />(b) Inspection of Internal Practices, Books, and Records. The Business Associate will make its internal practices, books, and records <br />relating to its use and disclosure of the Covered Entity's Protected Health Information available to the Covered Entity and to HHS to <br />determine compliance with the HIPAA Rules. <br />(c) Amendment to Agreement. This Addendum may be amended only by a written instrument signed by the parties. In case of a change <br />in applicable law, the parties agree to negotiate in good faith to adopt such amendments as are necessary to comply with the change <br />in law. <br />(d) No Third -Party Beneficiaries. Nothing in this Addendum shall be construed as creating any rights or benefits to any third parties. <br />(e) Regulatory References. A reference in this Business Associate Addendum to a section in the Privacy Rule means the section as in <br />effect or as amended. <br />(f) Survival. The respective rights and obligations of the Business Associate under this Addendum shall survive the termination of this <br />Addendum. <br />(g) Interpretation. Any ambiguity in this Addendum shall be resolved to permit the Covered Entity to comply with the HIPAA Rules. <br />(h) Notices. All notices hereunder shall be in writing and delivered by hand, by certified mail, return receipt requested or by overnight <br />delivery. Notices shall be directed to the parties at their respective addresses or at such other addresses as the parties may from time <br />to time designate in writing. <br />
The URL can be used to link to this page
Your browser does not support the video tag.