My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
2021-018
CBCC
>
Official Documents
>
2020's
>
2021
>
2021-018
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
10/18/2021 10:33:52 AM
Creation date
1/26/2021 1:16:41 PM
Metadata
Fields
Template:
Official Documents
Official Document Type
Agreement
Approved Date
01/25/2021
Control Number
2021-018
Agenda Item Number
6.A.
Entity Name
Luminare Inc.
Subject
Software for Waitlist - COVID-19 Vaccination
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
13
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
A TRUE COPY <br />CERTIFICATION ON LAST PAGE <br />J.R. SMITH, CLERK <br />BUSINESS ASSOCIATE AGREEMENT (FOR HIPAA) <br />If a Customer is a Covered Entity or a Business Associate and includes Protected Health Information in Customer <br />Data (as such terms are defined below), execution of a license agreement that includes Luminare's Terms of use <br />("Agreement") will incorporate the terms of this HIPAA Business Associate Agreement ("BAA") into that agreement. If <br />there is any conflict between a provision in this BAA and a provision in the Agreement, this BAA will control. <br />WHEREAS, Covered Entity and Business Associate have executed the Agreement pursuant to which Business Associate <br />provides services (the "Agreement Services") for Covered Entity that may require Business Associate to access or create <br />health information that is protected by state and/or federal law; <br />WHEREAS, Business Associate and Covered Entity desire that Business Associate obtain access to such information in <br />accordance with the terms specified herein; and <br />NOW THEREFORE, in consideration of the mutual promises set forth in this BAA and other good and valuable <br />consideration, the sufficiency and receipt of which are hereby severally acknowledged, the parties agree as follows: <br />1. Definitions. Unless otherwise specified in this BAA, all capitalized terms not otherwise defined shall have the <br />meanings established in Title 45, Parts 160 and 164, of the United States Code of Federal Regulations, as amended from time <br />to time, and/or in the American Recovery and Reinvestment Act of 2009 ("ARRA"). For purposes of clarification, the <br />following terms shall have the definitions set forth below: <br />1.1 "Privacy Standards" shall mean the Standards for Privacy of Individually Identifiable Health Information as set <br />forth in 45 C.F.R. Parts 160 and 164. <br />1.2 "Security Standards" shall mean the Security Standards for the Protection of Electronic Protected Health <br />Information as set forth in 45 C.F.R. Parts 160 and 164. <br />2. Business Associate Obligations. Business Associate may receive from Covered Entity health information that is <br />protected under applicable state and/or federal law, including without limitation, Protected Health Information ("PHI"). <br />Business Associate agrees not to Use or Disclose (or permit the Use or Disclosure of) PHI in a manner that would violate the <br />requirements of the Privacy Standards or the Security Standards if the PHI were used or disclosed by Covered Entity in the <br />same manner. Business Associate shall use appropriate safeguards to prevent the Use or Disclosure of PHI other than as <br />expressly permitted under this BAA. <br />3. Use of PHI. Business Associate may use PHI as necessary (i) for performing the Agreement Services, (ii) for the <br />proper management and administration of the Business Associate, or (iii) for carrying out its legal responsibilities, provided <br />in each case that such Uses are permitted under federal and state law. Covered Entity shall retain all rights in the PHI not <br />granted herein. <br />4. Disclosure of PHI. Business Associate may Disclose PHI as necessary (i) to perform the Agreement Services, (ii) for <br />the proper management and administration of the Business Associate, or (iii) to carry out its legal responsibilities, provided <br />that either (a) the Disclosure is Required by Law or (b) the Business Associate obtains reasonable assurances from the person <br />to whom the information is Disclosed that the information will be held confidential and further Used and Disclosed only as <br />Required by Law or for the purpose for which it was Disclosed to the person, and such person agrees to immediately notify <br />the Business Associate of any instances of which it is aware that the confidentiality of the information has been breached. <br />5. Reports. Business Associate agrees to report to Covered Entity: <br />5.1 Any Use or Disclosure of PHI not authorized by this BAA within five (5) days of the Business Associate <br />becoming aware of such unauthorized Use or Disclosure; <br />5.2 Any Security Incident within five (5) days of the Business Associate becoming aware of the Security <br />Incident; and <br />5.3 Each report of a Breach of Unsecured PHI Discovered by Business Associate, to the extent Business <br />Associate accesses, maintains, retains, modifies, records, stores, destroys or otherwise holds, Uses or Discloses <br />Unsecured calendar days <br />unless delayed for law enforcement purposes, shall be made without delay and in no case later than thirty ( ) y <br />after Discovery of the Breach, and shall include the identification of each Individual whose Unsecured PHI has been, or is <br />reasonably believed by Business Associate to have been, accessed, acquired or Disclosed during such Breach. Notwithstanding <br />
The URL can be used to link to this page
Your browser does not support the video tag.