Laserfiche WebLink
<br /> <br />BUSINESS ASSOCIATE AGREEMENT <br />Between City of Everett and between Conquer Addiction PLLC DBA Conquer <br /> <br />This Business Associate is between Conquer Addiction PLLC DBA Conquer (“Covered Entity”) and <br />the City of Everett (“City”) is dated as of date of last signature below, <br /> <br />A. Definitions <br />Catch-all Definition. The following terms used in this Agreement shall have the same meaning <br />as those terms in the HIPAA Rules: Breach, Data Aggregation, Designated Record Set, Disclosure, <br />Health Care Operations, Individual, Minimum Necessary, Notice of Privacy Practices, Protected <br />Health Information, Required By Law, Secretary, Security Incident, Subcontractor, Unsecured <br />Protected Health Information, and Use. <br />Specific definitions: <br />(a) Business Associate. “Business Associate” shall generally have the same meaning as the term <br />“business associate” at 45 CFR 160.103, and in reference to the party to this agreement, shall <br />mean between Conquer Addiction PLLC DBA Conquer. <br />(b) Covered Entity. “Covered Entity” shall generally have the same meaning as the term <br />“covered entity” at 45 CFR 160.103, and in reference to the party to this agreement, shall mean <br />the City of Everett as to its activities related to the PSA. <br />(c) HIPAA Rules. “HIPAA Rules” shall mean the Privacy, Security, Breach Notification, and <br />Enforcement Rules at 45 CFR Part 160 and Part 164. <br />(d) Grant Agreement for Delivery of Professional Services. “PSA” will mean that certain Grant <br />Agreement for Delivery of Professional Services Agreement executed by the Parties as of the <br />date hereof. <br />B. Obligations of Business Associate <br />Business Associate agrees to: <br />1. Not use or disclose protected health information other than as permitted or required by the <br />Agreement or as required by law; <br />2. Use appropriate safeguards, and comply with Subpart C of 45 CFR Part 164 with respect to <br />electronic protected health information, to prevent use or disclosure of protected health <br />information other than as provided for by the Agreement; <br />3. Report to Covered Entity any use or disclosure of protected health information not provided <br />for by the Agreement of which it becomes aware, including breaches of unsecured <br />protected health information as required at 45 CFR 164.410, and any security incident of <br />which it becomes aware; <br />4. In accordance with 45 CFR 164.502(e)(1)(ii) and 164.308(b)(2), if applicable, ensure that any <br />subcontractors that create, receive, maintain, or transmit protected health information on <br />behalf of the business associate agree to the same restrictions, conditions, and <br />requirements that apply to the business associate with respect to such information; <br />5. Make PHI and PII in a designated record set available to the Covered Entity and to an <br />individual who has a right of access in a manner that satisfies the Covered Entity’s