My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
Professional Services Agreement - SEMMA Health Inc - 2020 City Benefit Plan
sbend
>
Public
>
Public Works
>
Board of Works Documents
>
2018
>
Agreements, Contracts, Proposals
>
Professional Services Agreement - SEMMA Health Inc - 2020 City Benefit Plan
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
4/2/2025 9:49:20 AM
Creation date
10/25/2018 9:33:06 AM
Metadata
Fields
Template:
Board of Public Works
Document Type
Contracts
Document Date
10/23/2018
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
16
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
Show annotations
View images
View plain text
C. Ci61i atiasrSs on a:half of hovered Emit . To the extent Business Associate carries out on obligation for <br />which Covered Entity is responsible under the Privacy Rule, Business Associate must comply with the <br />requirements of the Privacy Rule that apply to Covered Entity in the performance of such obligation. <br />D. HiP kA Safeguards <br />1. Business Associate shall use appropriate safeguards to prevent use or disclosure of PHI other than <br />as permitted by this Agreement. <br />2. Business Associate shall comply with the Security Rule and implement reasonable and appropriate <br />Administrative, Physical, and Technical Safeguards to protect the Confidentiality, Integrity, and <br />Availability of EPHI and to prevent the use or disclosure of EPHI other than as permitted by the <br />Agreement. <br />3. Business Associate shall not disclose or maintain PHI outside of the United States and shall not <br />allow anyone outside the United States to have access to PHI without the express, prior written <br />consent of Covered Entity. <br />E. ffp-gd nca of Disclosures of Protected Health Information in Violation of HIP A. Business Associate <br />shall report to Covered Entity in writing any use or disclosure of PHI not permitted by this Agreement <br />promptly after becoming aware of such use or disclosure. <br />F. Reoortina of Securitv Incidents. Business Associate shall report to Covered Entity any successful Security <br />Incident promptly, but no later than ten (10) days, upon becoming aware of such incident. For purposes <br />of this Agreement, an "unsuccessful" Security Incident is an unsuccessful attempt to breach the security of <br />Business Associate's systems that Business Associate determines was targeted at Business Associate's <br />systems storing Covered Entity's EPHI, and includes general "pinging" or "denial of service" attacks that <br />are not determined to have been directed at such EPHI, and such unsuccessful Security Incidents shall be <br />deemed as having been reported. <br />G. Reporting of Breaches of Unsecured PHI. <br />i. Notification Requirement. Business Associate shall report any Breach of Unsecured PHI known or <br />suspected by Business Associate to Covered Entity without unreasonable delay and in no case <br />later than ten (10) days after discovery of the Breach. <br />2. Discovery of Breach. For purposes of reporting a Breach to Covered Entity, the discovery of a <br />Breach shall occur on the first day on which such Breach is known to Business Associate or, by <br />exercising reasonable diligence, would have been known to or suspected by the Business <br />Associate. Business Associate will be considered to have had knowledge of a Breach if the Breach <br />is known, or by exercising reasonable diligence would have been known to any person (other <br />than the person committing the Breach) who is an employee, officer or agent of the Business <br />Associate. <br />3. Contents of Notification. Any notice referenced above in Section II(C)(1) of this Agreement will <br />include, to the extent known to the Business Associate, the identification of each individual whose <br />Unsecured PHI has been, or is reasonably believed by Business Associate to have been accessed, <br />acquired, used, or disclosed during such Breach. Business Associate will also provide to Covered <br />Entity other available information that the Covered Entity is required to include in its notification to <br />the individual pursuant to the Breach Notification Rule. <br />Page 3 1 14 <br />
The URL can be used to link to this page
Your browser does not support the video tag.