My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
2018-075S
CBCC
>
Official Documents
>
2010's
>
2018
>
2018-075S
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
12/29/2020 11:17:01 AM
Creation date
5/1/2018 1:15:57 PM
Metadata
Fields
Template:
Official Documents
Official Document Type
Agreement
Approved Date
04/17/2018
Control Number
2018-075S
Agenda Item Number
12.D.1.
Entity Name
Benefit Express Services, LLC
BenefitExpress
Subject
Technology and Services Agreement
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
18
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
'Is <br />�. benefit����>l <br />Benefit Express Services, LLC <br />Technology and Services Agreement <br />Exhibit C - Business Associate Addendum <br />This Health Insurance Portability & Accountability Act Business Associate Addendum ("HIPAA Addendum") is an <br />addendum to this Agreement (and incorporated therein by reference) by and between Benefit Express Services, LLC ("BE" or <br />"Business Associate") and Employer ("Client" or "Covered Entity"). In order, to provide such services to Employer, the Business <br />Associate must have access to certain protected health information ("Protected Health Information" or "PHI"), as defined in the <br />Standards for Privacy of Individually Identifiable Health Information (the "Privacy Standards") set forth by the U.S. Department of <br />Health and Human Services ("HHS") pursuant to the Health Insurance Portability and Accountability Act of 1996, ("HIPAA") and <br />amended by the Health Information Technology for Economic and Clinical Health Act ("HITECH Act'), part of the American Recovery <br />and Reinvestment Act of 2009 ("ARRA"), the Genetic Information Nondiscrimination Act of 2008 ("GINA"), and the final regulations <br />to such Acts promulgated in January 2013; <br />To comply with the requirements of the Privacy Standards, the Covered Entity must enter into this Business Associate Addendum <br />with the Business Associate. Now, therefore, in consideration of the mutual covenants and agreements hereinafter contained, and <br />other good and valuable consideration, the receipt and sufficiency of which are hereby acknowledged, and intending to be legally <br />bound hereby, the parties hereto agree as follows: <br />Definitions <br />The following terms used in this Addendum shall have the same meaning as those terms in the Privacy Rules: Breach, Data <br />Aggregation, Designated Record Set, Disclosure, Health Care Operations, Individual, Minimum Necessary, Notice of Privacy Practices, <br />Secretary, Subcontractor, and Use. If other terms are used, but not otherwise defined under this Business Associate Addendum, such <br />terms shall then have the same meaning as those terms in the Privacy Rule. <br />(a) Business Associate. 'Business Associate" shall generally have the same meaning as the term "business associate" at 45 CFR <br />160.103. <br />(b) Covered Electronic Transactions. "Covered Electronic Transactions" shall have the meaning given the term "transaction"" in 45 <br />CFR §160.103. <br />(c) Covered Entity. "Covered Entity" shall generally have the same meaning as the term "covered entity" at 45 CFR 160.103. <br />(d) Electronic Protected Health Information. "Electronic Protected Health Information" shall have the same meaning as the term <br />"electronic protected health information" in 45 CFR §160.103. <br />(e) Genetic Information. "Genetic Information" shall have the same meaning as the term "genetic information" in 45 CFR §160.103 <br />(f) HIPAA Rules. "HIPAA Rules" shall mean the Privacy, Security, Breach Notification, and Enforcement Rules at 45 CFR Part 160 and <br />Part 164. <br />(g) Individual. "Individual' shall have the same meaning as the term "individual' in 45 CFR §160.103 and shall include a person who <br />qualifies as a personal representative in accordance with 45 CFR §164.502(8). <br />(h) Privacy Rule. "Privacy Rule" shall mean the Standards for Privacy of Individually Identifiable Health Information at 45 CFR Part <br />160 and Part 164, subparts A and E. <br />(i) Protected Health Information (PHI). "Protected Health Information (PHI)' shall have the same meaning as the term "protected <br />health information" in 45 CFR §160.103, limited to the information created or received by Business Associate from or on behalf <br />of a Covered Entity pursuant to this Addendum. <br />0) Required By Law. "Required By Law" shall have the same meaning as the term "required bylaw" in 45 CFR §164.103. <br />(k) Secretary. "Secretary" shall mean the Secretary of the Department of Health and Human Services or his designee. <br />(1) Standards for Electronic Transactions Rule. "Standards for Electronic Transactions Rule" means the final regulations issued by <br />HHS concerning standard transactions and code sets under the Administration Simplification provisions of HIPAA, 45 CFR Part <br />160 and Part 162. <br />(m) Security Incident. "Security Incident' shall have the same meaning as the term "security incident' in 45 CFR §164.304. <br />(n) Security Rule. "Security Rule" shall mean the Security Standards and Implementation Specifications at 45 CFR Part 160 and Part <br />164, subpart C. <br />(o) Subcontractor. "Subcontractor" shall have the same meaning as the term subcontractor in 45 CFR §160.103. <br />(p) Transaction. "Transaction" shall have the meaning given the term "transaction" in 45 CFR §160.103 <br />(q) Unsecured Protected Health Information. "Unsecured Protected Health Information" shall have the meaning given the term <br />"unsecured protected health information" in 45 CFR §164.402. <br />II. Safeguarding Privacy and Security of Protected Health Information <br />(a) Permitted Uses and Disclosures. The Business Associate is permitted to use and disclose Protected Health Information that it creates or <br />receives on the Covered Entity's behalf or receives from the Covered Entity (or another business associate of the Covered Entity) and to <br />
The URL can be used to link to this page
Your browser does not support the video tag.