My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
Agreements - Business Associate and Confidentiality for HIPAA Compliance and Confidential Data Transfer, Maintenance & Disclosure for SBFD - enFocus
sbend
>
Public
>
Public Works
>
Board of Works Documents
>
2019
>
Agreements/Contracts/Proposals
>
Agreements - Business Associate and Confidentiality for HIPAA Compliance and Confidential Data Transfer, Maintenance & Disclosure for SBFD - enFocus
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
4/4/2025 1:16:50 PM
Creation date
12/12/2019 9:31:21 AM
Metadata
Fields
Template:
Board of Public Works
Document Type
Contracts
Document Date
12/10/2019
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
17
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
Show annotations
View images
View plain text
manner consistent with 45 C.F.R. § 164.528 and related guidance issued by the <br />Secretary from time to time; provided that an individual shall have the right to receive <br />an accounting of disclosures of EHR by the Business Associate made on behalf of the <br />Covered Entity only during the three years prior to the date on which the accounting is <br />requested from Covered Entity. <br />2.12 Business Associate agrees to comply with the "Prohibition on Sale of Electronic <br />Health Records or Protected Health Information," as provided in Section 13405(d) of Subtitle <br />D (Privacy) of ARRA, and the "Conditions on Certain Contacts as Part of Health Care <br />Operations," as provided in Section 13406 of Subtitle D (Privacy) of ARRA and related <br />guidance issued by the Secretary from time to time. <br />2.13 Business Associate acknowledges that, effective on the Effective Date of this <br />BAA, it shall be liable under the civil and criminal enforcement provisions set forth at 42 <br />U.S.C. § 1320d-5 and 1320d-6, as amended, for failure to comply with any of the use and <br />disclosure requirements of this BAA and any guidance issued by the Secretary from time to <br />time with respect to such use and disclosure requirements. <br />Permitted Uses and Disclosures b Business Associate. <br />3.1 General Uses and Disclosures. Business Associate agrees to receive, create, use, <br />or disclose PHI only in a manner that is consistent with this BAA, the Privacy Rule, or Security <br />Rule (as defined in Section 5) and only in connection with providing services to Covered <br />Entity; provided that the use or disclosure would not violate the Privacy Rule, including 45 <br />C.F.R. § 164.504(e), if the use or disclosure would be done by Covered Entity. <br />3.2 Business Associate may use or disclose PHI as Required By Law. <br />3.3 When using or disclosing PHI or when requesting PHI from Covered Entity, <br />Business Associate agrees to make reasonable efforts to limit PHI to the minimum necessary <br />to accomplish the intended purpose of the use, disclosure, or request. <br />3.4 Business Associate may not use or disclose PHI in a manner that would violate <br />Subpart E of 45 C.F.R. Part 164 if done by the Covered Entity. <br />4. Obli ations of"Covered Egity. <br />4.1 Covered Entity shall: <br />(a) Notify Business Associate of any restriction to the use or disclosure of <br />PHI that Covered Entity has agreed to or is required to abide by under 45 C.F.R. § <br />164.522, to the extent that such restriction may affect Business Associate's use or <br />disclosure of PHI under this BAA. <br />(b) Notify Business Associate of any changes in or revocation of permission <br />by an individual to use or disclose PHI, if such change or revocation may affect Business <br />Associate's permitted or required uses and disclosures of PHI under this BAA. <br />4 <br />
The URL can be used to link to this page
Your browser does not support the video tag.