My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
2025/04/09 Council Agenda Packet
>
Council Agenda Packets
>
2025
>
2025/04/09 Council Agenda Packet
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
4/10/2025 8:32:47 AM
Creation date
4/10/2025 8:30:23 AM
Metadata
Fields
Template:
Council Agenda Packet
Date
4/9/2025
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
109
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
Download electronic document
View images
View plain text
<br /> <br />11 <br /> <br /> (b) Privacy of Protected Health Information (“PHI”). <br /> <br />(i) Permitted Uses and Disclosures of PHI. Business Associate agrees to <br />create, receive, use, disclose, maintain, or transmit PHI only in a manner that is <br />consistent with this BAA or the HIPAA Requirements and only in connection with <br />providing the services to Covered Entity identified in the Agreement. Accordingly, <br />in providing services to or for the Covered Entity, Business Associate, for example, <br />shall be permitted to use and disclose PHI for “Treatment, Payment, and Health <br />Care Operations,” as those terms are defined in the HIPAA Requirements. Business <br />Associate further agrees that to the extent it is carrying out one or more of the <br />Covered Entity’s obligations under the Privacy Rule (Subpart E of 45 C.F.R. Part 164), <br />it shall comply with the requirements of the Privacy Rule that apply to the Covered <br />Entity in the performance of such obligations. <br /> <br />(ii) Reporting Obligations. Business Associate shall report to Covered Entity <br />any use or disclosure of PHI that is not provided for in this BAA, including reporting <br />Breaches of Unsecured Protected Health Information as required by 45 C.F.R. § <br />164.410 and required by this Business Associate Agreement. <br /> <br />(iii) Minimum Necessary Standard and Creation of Limited Data Set. <br />Business Associate’s use, disclosure, or request of PHI shall utilize a Limited Data Set <br />if practicable. Otherwise, in performing the functions and activities as specified in <br />the Agreement and this BAA, Business Associate agrees to use, disclose, or request <br />only the minimum necessary PHI to accomplish the intended purpose of the use, <br />disclosure, or request. <br /> <br />(iv) Access. In accordance with 45 C.F.R. § 164.524 of the HIPAA <br />Requirements, Business Associate shall make available to the Covered Entity (or as <br />directed by the Covered Entity, to those individuals who are the subject of the PHI <br />(or their designees)), their PHI in the Designated Record Set. Business Associate <br />shall make such information available in an electronic format where directed by the <br />Covered Entity. <br /> <br />(v) Disclosure Accounting. Business Associate shall make available the <br />information necessary to provide an accounting of disclosures of PHI as provided <br />for in 45 C.F.R. § 164.528 of the HIPAA Requirements by making such information <br />available to the Covered Entity or (at the direction of the Covered Entity) making <br />such information available directly to the individual. <br /> <br />(vi) Amendment. Business Associate shall make PHI in a Designated Record <br />Set available for amendment and, as directed by the Covered Entity, incorporate <br />any amendment to PHI in accordance with 45 C.F.R. § 164.526 of the HIPAA <br />Requirements. <br />
The URL can be used to link to this page
Your browser does not support the video tag.