My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
2021-089B
CBCC
>
Official Documents
>
2020's
>
2021
>
2021-089B
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
10/5/2021 10:40:18 AM
Creation date
10/5/2021 10:39:12 AM
Metadata
Fields
Template:
Official Documents
Official Document Type
Agreement
Approved Date
06/22/2021
Control Number
2021-089B
Agenda Item Number
8.D.
Entity Name
P&A Administrative Services, Inc.
Subject
Flexible Benefits Administration Services Agreement
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
19
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
DocuSign Envelope ID: FAA4141C-02DF-41B5-A6D3-14CDB4ABD65B <br />safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability of <br />Electronic Protected Health Information that Business Associate creates, receives, maintains, or <br />transmits on Covered Entity's behalf. <br />(iii) No Transfer of PHI Outside United States. Business Associate will not transfer Protected <br />Health Information outside the United States without the prior written consent of the Covered Entity. <br />In this context, a "transfer' outside the United States occurs if Business Associate's workforce <br />members, agents, or subcontractors physically located outside the United States are able to access, <br />use, or disclose Protected Health Information. <br />d. Subcontractors. Business Associate will require each of its Subcontractors to agree, in a written <br />agreement with Business Associate, to comply with the provisions of the Security Rule; to appropriately <br />safeguard Protected Health Information created, received, maintained, or transmitted on behalf of the <br />Business Associate; and to apply the same restrictions and conditions that apply to the Business Associate <br />with respect to such Protected Health Information. <br />e. Prohibition on Sale of Protected Health Information. Effective immediately, Business Associate <br />shall not engage in any sale (as defined in the HIPAA rules) of Protected Health Information. <br />f. Prohibition on Use or Disclosure of Genetic Information. Effective immediately, Business <br />Associate shall not use or disclose Genetic Information for underwriting purposes in violation of the HIPAA <br />rules. <br />g. Penalties for Noncompliance. Business Associate acknowledges that it is subject to civil and <br />criminal enforcement for failure to comply with the HIPAA Rules, to the extent provided by the HITECH Act <br />and the HIPAA Rules. <br />3. Compliance with Electronic Transactions Rule. If Business Associate conducts in whole or part <br />electronic Transactions on behalf of Covered Entity for which HHS has established standards, Business <br />Associate will comply, and will require any Subcontractor it involves with the conduct of such Transactions to <br />comply, with each applicable requirement of the Electronic Transactions Rule and of any operating rules <br />adopted by HHS with respect to Transactions. <br />4. Individual Rights. <br />a. Access. Business Associate will, within ten calendar days following Covered Entity's request, make <br />available to Covered Entity (or, at Covered Entity's written direction, to an individual or the individual's <br />designee) for inspection and copying Protected Health Information about the individual that is in a Designated <br />Record Set in Business Associate's custody or control, so that Covered Entity may meet its access obligations <br />under 45 CFR § 164.524. If Covered Entity requests an electronic copy of Protected Health Information that <br />
The URL can be used to link to this page
Your browser does not support the video tag.