My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
ESO Solutions, Inc. 12/8/2016
>
Contracts
>
Agreement
>
Technology
>
ESO Solutions, Inc. 12/8/2016
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
10/12/2020 12:48:49 PM
Creation date
12/27/2016 11:31:42 AM
Metadata
Fields
Template:
Contracts
Contractor's Name
ESO Solutions, Inc.
Approval Date
12/8/2016
Department
Information Technology
Department Project Manager
Dorothy Claymore
Subject / Project Title
ESO Fire Records Management System
Tracking Number
0000406
Total Compensation
$28,599.48
Contract Type
Agreement
Contract Subtype
Technology
Retention Period
6 Years Then Destroy
Document Relationships
ESO Solutions Inc. 10/5/2020 Amendment 1
(Contract)
Path:
\Documents\City Clerk\Contracts\Agreement\Technology
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
15
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
3.1 Subject to any limitations in this Agreement, Vendor may disclose PHI to any third party as necessary to perform its <br /> obligations under the Business Arrangements and as permitted or required by applicable law. Vendor agrees not to <br /> disclose PHI in a manner that would violate the Confidentiality Requirements if the PHI was disclosed by the Covered <br /> Entity in the same manner. Further, Vendor may disclose PHI for the proper management and administration of Vendor; <br /> provided that:(i)such disclosures are required by law; or(ii)Vendor:(a)obtains reasonable assurances from any third <br /> • party to whom the PHI is disclosed that the PHI will be held confidential and used and disclosed only as required by law <br /> or for the purpose for which it was disclosed to third party,and(b)requires the third party to agree to immediately notify <br /> Vendor of any instances of which it is aware that PHI is being used or disclosed for a purpose that is not otherwise • <br /> provided for in this Agreement or for a purpose not expressly permitted by the Confidentiality Requirements. Vendor <br /> shall report to Covered Entity any use or disclosure of PHI not permitted by this Agreement of which it becomes aware. <br /> Such report shall be made within five(5)business days of Vendor becoming aware of such use or disclosure. <br /> 3.2 If Vendor uses or contracts with any agent,including a subcontractor(collectively"Subcontractors")that uses,discloses, <br /> accesses, creates, receives, maintains or transmits PHI on behalf of Vendor, Vendor shall require all Subcontractors to <br /> agree in writing to the same restrictions and conditions that apply to Vendor under this Agreement. In addition to <br /> Vendor's obligations under Section 9, Vendor agrees to mitigate, to the extent practical and unless otherwise requested <br /> by the Covered Entity, any harmful effect that is known to Vendor and is the result of a use or disclosure of PHI by <br /> Vendor or any Subcontractor in violation of this Agreement. Additionally, Vendor shall ensure that all disclosures of <br /> PHI by Vendor and its Subcontractors comply with the principle of"minimum necessary use and disclosure,"(i.e., in <br /> accordance with 45 C.F.R.§164.502(b),only the minimum PHI that is necessary to accomplish the intended purpose may <br /> be disclosed). <br /> 4. Individual Rights Regarding Designated Record Sets. <br /> If Vendor maintains a Designated Record Set on behalf of Covered Entity,Vendor shall:(i)provide access to and permit inspection <br /> and copying of PHI by Covered Entity under conditions and limitations required under 45 C.F.R. §I64.524,as it may be amended from time <br /> to time;and(ii)amend PHI maintained by Vendor as required by Covered Entity. Vendor shall respond to any request from Covered Entity <br /> for access by an individual within ten(10)business days of such request and shall make any amendment requested by Covered Entity within <br /> twenty(20)business days of such request. Any information requested under this Section 4 shall be provided in a form or format requested.if <br /> it is readily producible in such form or format. Vendor may charge a reasonable fee based upon Vendor's labor costs in responding to a <br /> request.for electronic information(or a cost-based fee for the production of non-electronic media copies). Vendor shall notify Covered Entity <br /> within ten(10)business days of receipt of any request for access or amendment by an individual. <br /> 5. Accounting of Disclosures. <br /> Vendor shall make available to Covered Entity within ten (10) business days of a request by Covered Entity the information <br /> required for an accounting of disclosures of PHI in accordance with 45 C.F.R. §164.528(or such shorter time as may be required by state or <br /> federal law). Such accounting must be provided without cost if it is the first accounting requested within any twelve(12)month period. For <br /> subsequent accountings within the same twelve(12)month period,Vendor may charge a reasonable fee based upon Vendor's labor costs in <br /> responding to a request for electronic information(or a cost-based fee for the production of non-electronic media copies)only after Vendor <br /> informs Covered Entity and Covered Entity informs the individual in advance of the fee, and the individual is afforded an opportunity to <br /> withdraw or modify the request. Such accounting obligations shall survive termination or expiration of this Agreement and with respect to <br /> any disclosure,whether on or before the termination of this Agreement,shall continue for a minimum of seven(7)years following the date of <br /> such disclosure. <br /> 6. Withdrawal of Authorization. <br /> If the use or disclosure of PHI under this Agreement is based upon an individual's specific authorization regarding the use of his or <br /> her PHI, and: (i) the individual revokes such authorization in writing; (ii)the effective date of such authorization has expired; or(iii) the <br /> authorization is found to be defective in any manner that renders it invalid for whatever reason,then Vendor agrees, if it has received notice <br /> from Covered Entity of such revocation or invalidity, to cease the use and disclosure of any such individual's PHI except to the extent <br /> Vendor has relied on such use or disclosure,or where an exception under the Confidentiality Requirements expressly applies. <br /> 7. Records and Audit. <br /> Vendor shall make available to HHS or its agents its internal practices,books,and records relating to the compliance of Vendor and <br /> Covered:Entity with the Confidentiality Requirements, such internal practices, books and records to be provided in the time and manner <br /> designated by HHS or its agents. <br /> 8. Implementation of Security Standards;Notice of Security Incidents. <br /> Vendor will comply with the Security Standards and, by way of example and not limitation,use appropriate safeguards to prevent <br /> the use or disclosure of PHI other than as expressly permitted under this Agreement. In accordance with the Security Standards,Vendor will <br /> implement administrative,physical,and technical safeguards that protect the confidentiality, integrity and availability of the PHI that it uses, <br /> ESO Solutions,Inc. <br /> Subscription Agreement 092214 <br /> Page 10 of 13 <br />
The URL can be used to link to this page
Your browser does not support the video tag.