AGREEMENT PURSUANT TO THE TERMS OF HIPAA ; HITECH ; and FIPA (Business Associate Agreement) (Revised August 2015)

Similar documents
HIPAA BUSINESS ASSOCIATE AGREEMENT BUSINESS ASSOCIATES AND SUBCONTRACTORS

Limited Data Set Data Use Agreement For Research

BUSINESS ASSOCIATE AGREEMENT W I T N E S S E T H:

Business Associate Agreement

Interpreters Associates Inc. Division of Intérpretes Brasil

Business Associate Agreement Health Insurance Portability and Accountability Act (HIPAA)

HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT BUSINESS ASSOCIATE TERMS AND CONDITIONS

SUBCONTRACTOR BUSINESS ASSOCIATE AGREEMENT

UCLA Health System Data Use Agreement

BUSINESS ASSOCIATE AGREEMENT

SUBCONTRACTOR BUSINESS ASSOCIATE ADDENDUM

HIPAA BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT

Business Associate Agreement

HIPAA Business Associate Agreement Passport to Languages

BUSINESS ASSOCIATE AGREEMENT

NETWORK PARTICIPATION AGREEMENT

HIPAA BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT

SUNY DOWNSTATE MEDICAL CENTER UNIVERSITY HOSPITAL OF BROOKLYN POLICY AND PROCEDURE

BUSINESS ASSOCIATE AGREEMENT

HIPAA, 42 CFR PART 2, AND MEDICAID COMPLIANCE STANDARDS POLICIES AND PROCEDURES

HIPAA Information. Who does HIPAA apply to? What are Sync.com s responsibilities? What is a Business Associate?

ARTICLE 1. Terms { ;1}

BUSINESS ASSOCIATE AGREEMENT

Business Associate Agreement

BUSINESS ASSOCIATE AGREEMENT

PATTERSON MEDICAL SUPPLY, INC. HIPAA BUSINESS ASSOCIATE AGREEMENT WITH CUSTOMERS

POLESTAR BENEFITS, INC. ADMINISTRATION AGREEMENT

GROUP HEALTH INCORPORATED SELLING AGENT AGREEMENT

HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT (HIPAA) BUSINESS ASSOCIATE AGREEMENT

Business Associate Agreement For Protected Healthcare Information

ACCESS TO ELECTRONIC HEALTH RECORDS AGREEMENT WITH THE DOCTORS CLINIC, PART OF FRANCISCAN MEDICAL GROUP

ARTICLE 1 DEFINITIONS

RECITALS. In consideration of the mutual promises below and the exchange of information pursuant to this BAA, the Parties agree as follows:

* Corporation General Partnership Limited Partnership LLC Sole Proprietorship Non Profit Other Accounts Payable: Name

BUSINESS ASSOCIATE AGREEMENT

COLLECTION SERVICES AND BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT

HIPAA and ProAssurance

AGREEMENT FOR ACCESS TO PROTECTED HEALTH INFORMATION

REGISTRY PARTICIPATION AGREEMENT

FACT Business Associate Agreement

Palliative Care Quality Network Membership Agreement

PsyBar, LLC 6600 France Avenue South, Suite 640 Edina, MN Telephone: (952) Facsimile: (952)

BUSINESS ASSOCIATE AGREEMENT (for use when there is no written agreement with the business associate)

Determining Whether You Are a Business Associate

BREACH NOTIFICATION POLICY

AMWELL GROUP PRACTICE AGREEMENT

COMMONWEALTH OF PENNSYLVANIA BUSINESS ASSOCIATE ADDENDUM

HIPAA BUSINESS ASSOCIATE AGREEMENT

MEMORANDUM. Health Care Information Privacy The HIPAA Regulations What Has Changed and What You Need to Know

HIPAA BUSINESS ASSOCIATE AGREEMENT

AIUM Ultrasound Practice Accreditation Master Services Agreement & Business Associate Agreement (MSA/BAA)

Texas Tech University Health Sciences Center HIPAA Privacy Policies

NOTIFICATION OF PRIVACY AND SECURITY BREACHES

COLUMBIA UNIVERSITY DATA CLASSIFICATION POLICY

HIPAA STUDENT ASSOCIATE AGREEMENT

Hayden W. Shurgar HIPAA: Privacy, Security, Enforcement, HITECH, and HIPAA Omnibus Final Rule

Texas Tech University Health Sciences Center El Paso HIPAA Privacy Policies

JOTFORM HIPAA BUSINESS ASSOCIATE AGREEMENT

The Guild for Exceptional Children HIPAA Breach Notification Policy and Procedure

SCHEDULE D HIPPA BUSINESS PARTNER AGREEMENT

JEFFERSON HEALTH CARE LINK ACCESS AGREEMENT

Business Associate Agreement RECITALS AGREEMENT

HIPAA ADDENDUM TO SERVICE AGREEMENT

ELECTRONIC MEDICAL RECORD ACCESS AGREEMENT

HIPAA Omnibus Rule. Critical Changes for Providers Presented by Susan A. Miller, JD. Hosted by

This form cannot act as an authorization to assign commissions. Appointment Form Only. Steps to obtain an Appointment:

RECITALS. NOW THEREFORE, in consideration of the terms, covenants and agreements set forth in this Agreement, the Parties agree as follows:

Partnership & Corporation Professional Liability Application

COBRA Setup Fact Sheet for Oswald agent

UNDERSTANDING HIPAA & THE HITECH ACT. Heather Deixler, Esq. Associate, Morgan, Lewis & Bockius LLP

HOW TO COMPLETE A BUSINESS ASSOCIATE AGREEMENT (BAA)

HIPAA COMPLIANCE ROADMAP AND CHECKLIST FOR BUSINESS ASSOCIATES

HRA Administration - SummaCare Plan Getting Started Checklist

HPHConnect for Providers Enrollment Form

University of Mississippi Medical Center Data Use Agreement Protected Health Information

HARVARD CATALYST DATA USE AGREEMENT FOR LIMITED DATA SETS

Regenstrief Center for Healthcare Engineering HIPAA Compliance Policy

HIPAA Privacy Compliance Plan for Research. University of South Alabama IRB Guidance and Procedures

Payment Example 2

HIPAA Business Associate Agreement

THE CITY AND COUNTY OF SAN FRANCISCO SECTION 125 CAFETERIA PLAN HIPAA PRIVACY POLICIES & PROCEDURES

HIPAA BUSINESS ASSOCIATE ADDENDUM

CHRONIC CARE MANAGEMENT SERVICES AGREEMENT

BUSINESS ASSOCIATE AGREEMENT Between THE NORTH CENTRAL TEXAS COUNCIL OF GOVERNMENTS and

Medical Transcription Service Agreement (Applicable to you if you signed up for DRT service)

Interim Date: July 21, 2015 Revised: July 1, 2015

UAMS ADMINISTRATIVE GUIDE NUMBER: 2.1

HIPAA PRIVACY AND SECURITY RULES APPLY TO YOU! ARE YOU COMPLYING? RHODE ISLAND INTERLOCAL TRUST LINN F. FREEDMAN, ESQ. JANUARY 29, 2015.

LICENSE AGREEMENT. Security Software Solutions

Terms used, but not otherwise defined, in this Addendum shall have the same meaning as those terms in 45 CFR and

COMPLIANCE TRAINING 2015 C O M P L I A N C E P R O G R A M - F W A - H I P A A - C O D E O F C O N D U C T

Compliance Steps for the Final HIPAA Rule

Health Insurance Portability and Accountability Act (HIPAA) Terms and Conditions For Business Associates

2016 Business Associate Workforce Member HIPAA Training Handbook

HIPAA The Health Insurance Portability and Accountability Act of 1996

Benefits Consultant' s Agreement

HIPAA TRANSACTION 837 INSTITUTIONAL STANDARD COMPANION GUIDE

Transcription:

AGREEMENT PURSUANT TO THE TERMS OF HIPAA ; HITECH ; and FIPA (Business Associate Agreement) (Revised August 2015) THIS AGREEMENT made the day of, 20, by and between HOSPICE OF MARION COUNTY, INC., a Florida not-for profit corporation doing business in Marion County, Florida (hereinafter referred to as HOSPICE ) and, a (hereinafter referred to as BUSINESS ASSOCIATE) W I T N E S S E T H : WHEREAS HOSPICE and BUSINESS ASSOCIATE have previously entered into an agreement whereby BUSINESS ASSOCIATE agrees to provide, which agreement is (oral) (written and dated ). WHEREAS the parties wish to comply with the terms of the federal Health Insurance Portability and Accountability Act of 1996 (hereinafter referred to as HIPAA), as modified by the Health Information Technology for Economic and Clinical Health Act (hereinafter referred to as HITECH) Florida Information Protection Act of 2014 (hereinafter referred to as FIPA) Section 501-171 Florida Statute the regulations promulgated thereunder, as all may be amended, as well as to continue the terms of the previously entered agreement, according to its terms; NOW THEREFORE and in consideration of the mutual covenants and conditions as hereinafter set forth, as well as Ten and no/100 Dollars ($10.00) and other good and valuable consideration, the parties hereto agree as follows: 1. The above recitals are true and correct. 2. Protected health information is defined as information in written, oral, or electronic format including but not limited to past health status, diagnosis, genetic information, treatment, payments, and demographics as well as any individually identifiable information concerning a patient, including but not limited to the patient s name, address, relatives, employers, birth date, phone number, fax number, electronic mail address, URL, SSN, medical record number, health plan number, account number, certificate/license number, vehicle or other device serial number, internet protocol address number, finger or voice prints, photographic image or any unique identifying number, characteristic or code. Unsecured protected health information means protected health information that is not secured through the use of a technology or methodology specified by the Secretary of the U.S. Department of Health and Human Services. 3. Personal information under FIPA is defined as data in electronic form that includes: 1. Personal information means either of the following: a. An individual s first name or first initial and last name in combination with any one or more of the following data elements for that individual: (I) A social security number;

(II) A driver license or identification card number, passport number, military identification number, or other similar number issued on a government document used to verify identity; (III) A financial account number or credit or debit card number, in combination with any required security code, access code, or password that is necessary to permit access to an individual s financial account; (IV) Any information regarding an individual s medical history, mental or physical condition, or medical treatment of diagnosis by a health care professional; or (V) An individual s health insurance policy number or subscriber identification number and any unique identifier used by a health insurer to identify the individual. b. A user name or e-mail address, in combination with a password or security question and answer that would permit access to an online account. 2. The term does not include information about an individual that has been made publicly available by a federal, state, or local governmental entity. The term also does not include information that is encrypted, secured, or modified by any other method or technology that removes elements that personally identify an individual or that otherwise renders the information unusable. 4. BUSINESS ASSOCIATE agrees that a) it will not use or further disclose protected health information or personal information other than as permitted or required by its contractual obligations with HOSPICE or by law, b) it will use appropriate safeguards to prevent use or disclosure of the protected health information, or personal information other than as provided for by its contractual obligations with HOSPICE, c) it will ensure that any agents, or subcontractors to whom it provides protected health information, or personal information will agree to the same restrictions contained herein respecting such information, and d) it will enter written agreements with its agents and subcontractors that create, receive, maintain, or transmit protected health information, or personal information that bind these agents and subcontractors to adhere to the provisions, restrictions, condition, and requirements of HIPAA, HITECH and/or FIPA and the regulations promulgated thereunder as they may be amended. 5. BUSINESS ASSOCIATE agrees that it will adopt surety policies and training, as well as physical and technical security safeguards appropriate for its business to protect protected health information, or personal information pursuant to the requirements of HIPAA, as modified by HITECH and/or FIPA the regulations promulgated thereunder, as all may be amended, as well as Florida security breach laws, to the extent the Florida laws exceed the federal security breach notifications. 6. BUSINESS ASSOCIATE agrees it will report to the HOSPICE any use or disclosure of information not provided for by its contractual obligations with HOSPICE, and will, also report to HOSPICE any security incident or security breach, as defined by the HIPAA Security Rule, as modified by HITECH and/or FIPA the regulations promulgated thereunder, as all may be amended, regarding the unauthorized acquisition, access, use, or disclosure of HOSPICE s protected health information, or personal information (the attempted or successful unauthorized access, use, disclosure, modification, or

destruction of information or interference with system operations in an information system). Such notification shall be made without unreasonable delay and in no case later than ten (10) calendar days after discovery of a security incident or security breach, and shall include the identification of the individual whose unsecured protected health information, or personal information has been or is reasonably believed by the BUSINESS ASSOCIATE to have been accessed, acquired, or disclosed during such breach, a brief description of what happened as well as the type of unsecured protected health information, or personal information involved in the breach, the date of the breach, the steps recommended to protect from potential harm due the breach, the activities taken to investigate, the activities taken to assess the risk that the protected health information, or personal information was compromised, mitigate losses and protect against further breaches. BUSINESS ASSOCIATE shall presume all breaches do compromise the protected health information, or personal information and shall report all such breaches to HOSPICE as provided herein. 7. BUSINESS ASSOCIATE agrees that it will make protected health information, or personal information available for amendment and will incorporate any such amendments in the records it maintains. 8. BUSINESS ASSOCIATE will only request, use and disclose the minimum amount of protected health information, or personal information necessary to accomplish the purpose of the request, use or disclosure. 9. BUSINESS ASSOCIATE will make available to HOSPICE the information required to provide an accounting of disclosures, and will maintain and make available to HOSPICE and to the Secretary of the U.S. Department of Health and Human Services its internal practices, books, and records relating to such use and disclosure of protected health information, or personal information for the purpose of determining the BUSINESS ASSOCIATE s compliance with the HIPAA as amended and as applicable to BUSINESS ASSOCIATE. 10. Any requests for amendment, access, accountings or otherwise received by BUSINESS ASSOCIATE directly from the person whose protected health information, or personal information BUSINESS ASSOCIATE has will be immediately referred to HOSPICE for handling. 11. At termination of the parties contract, previously described, the protected health information, or personal information will be returned to the HOSPICE or destroyed. 12. Either party may terminate this agreement and the agreement previously described if a material term of this contract is breached. 13. Nothing herein to the contrary shall prevent the BUSINESS ASSOCIATE to use and disclose protected health information, or personal information for the proper management and administration of its business, and to carry out its legal responsibilities. 14. BUSINESS ASSOCIATE agrees, throughout its contractual relationship with HOSPICE, to comply with all terms and provisions (applicable to Business Associates) of HIPAA, as modified by HITECH and/or FIPA the regulations promulgated thereunder, as all may be amended. 15. The parties hereto agree to indemnify and hold harmless the other party from and against any acts, claims, demand, judgments, damages, fines, penalties, liabilities and expense (including reasonable attorney fees and court costs) resulting from or arising out of any claimed willful or negligent

act or omission of that party, pertaining to the obligations under this Agreement Pursuant to the Terms of HIPAA, as modified by HITECH and/or FIPA the regulations promulgated thereunder, as all may be amended. 16. The parties hereto agree to execute any and all documents necessary to ratify and effectuate the intent and purpose of this Agreement. Should either party breach this agreement, they shall be entitled to any and all remedies provided by Florida law. 17. This Agreement shall be binding and inure to the benefit of the parties hereto and their respective heirs, legal representatives, designees, successors, personal representatives, and assigns. 18. This Agreement shall be construed in accordance with the laws of the State of Florida. 19. Should any dispute develop concerning the enforcement or interpretation of this Agreement, the prevailing party shall be entitled to attorney s fees both prior to litigation, during litigation, and pending appeal. IN WITNESS WHEREOF the parties have executed this Agreement the year and date aforesaid. HOSPICE OF MARION COUNTY, INC. BUSINESS ASSOCIATE _ By: Michael Knox Chief Financial Officer _, WITNESS, WITNESS, WITNESS, WITNESS

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback