My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
ESO Solutions, Inc. 12/8/2016
>
Contracts
>
Agreement
>
Technology
>
ESO Solutions, Inc. 12/8/2016
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
10/12/2020 12:48:49 PM
Creation date
12/27/2016 11:31:42 AM
Metadata
Fields
Template:
Contracts
Contractor's Name
ESO Solutions, Inc.
Approval Date
12/8/2016
Department
Information Technology
Department Project Manager
Dorothy Claymore
Subject / Project Title
ESO Fire Records Management System
Tracking Number
0000406
Total Compensation
$28,599.48
Contract Type
Agreement
Contract Subtype
Technology
Retention Period
6 Years Then Destroy
Document Relationships
ESO Solutions Inc. 10/5/2020 Amendment 1
(Contract)
Path:
\Documents\City Clerk\Contracts\Agreement\Technology
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
15
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
discloses, accesses, creates, receives, maintains or transmits. To the extent feasible, Vendor will use commercially reasonable efforts to <br /> ensure that the technology safeguards used by Vendor to secure PHI will render such PHI unusable, unreadable and indecipherable to <br /> individuals unauthorized to acquire or otherwise have access to such PHI. Vendor will promptly report to Covered Entity any Security <br /> Incident of which it becomes aware;provided,however,that Covered Entity acknowledges and shall be deemed to have received notice from <br /> Vendor that there are routine occurrences of:(i)unsuccessful attempts to penetrate computer networks or services maintained by Vendor;and <br /> (ii)immaterial incidents such as"pinging"or"denial of services"attacks. At the request of Covered Entity,Vendor shall identify:the date of <br /> the Security Incident,the scope of the Security Incident,Vendor's response to the Security Incident,and to the extent permitted by law,the <br /> identification of the party responsible for causing the Security Incident,if known. <br /> 9. Data Breach Notification and Mitigation. <br /> 9.1 HIPAA Data Breach Notification and Mitigation. Vendor agrees to implement reasonable systems for the discovery and <br /> prompt reporting of any"breach"of"unsecured PHI" as those terms are defined by 45 C.F.R. §164.402("HIPAA Breach"). The Parties <br /> acknowledge and agree that 45 C.F.R.§§164.404 and 164.410.as describe below in this Section 9.1,govern the determination of the date of <br /> a HIPAA Breach. In the event of any conflict between this Section 9.1 and the Confidentiality Requirements, the more stringent <br /> requirements shall govern. Following the discovery of a HIPAA Breach, Vendor will notify Covered Entity immediately and in no event <br /> later than five (5) business days after Vendor discovers such HIPAA Breach unless Vendor is prevented from doing so by 45 C.F.R. <br /> §164.412 concerning law enforcement investigations. For purposes of reporting a HIPAA Breach to Covered Entity, the discovery of a <br /> HIPAA Breach shall occur as of the first day on which such HIPAA Breach is known to Vendor or, by exercising reasonable diligence, <br /> would have been known to Vendor. Vendor will be considered to have had knowledge of a HIPAA Breach if the HIPAA Breach is known, <br /> or by exercising reasonable diligence would have been known,to any person(other than the person committing the HIPAA Breach)who is <br /> an employee, officer or other agent of Vendor. No later than ten (10) business days following a HIPAA Breach, Vendor shall provide <br /> Covered Entity with sufficient information to permit Covered Entity to comply with the HIPAA Breach notification requirements set forth at ' <br /> 45 C.F.R. §164.400 et. seq. This Section 9.1 shall survive the expiration or termination of this Agreement and shall remain in effect for so <br /> long as Vendor maintains PHI. <br /> 9.2 Data Breach Notification and Mitigation Under Other Laws. In addition to the requirements of Section 9.1, Vendor <br /> agrees to implement reasonable systems for the discovery and prompt reporting of any breach of individually identifiable information <br /> (including,but not limited to, PH1 and referred to hereinafter as"Individually Identifiable Information")that, if misused,disclosed, lost or <br /> stolen would trigger an obligation under one or more State data breach notification laws(each a"State Breach") to notify the individuals <br /> who are the subject of the information. Vendor agrees that in the event any Individually Identifiable Information is lost, stolen, used or <br /> disclosed in violation of one or more State data breach notification laws, Vendor shall promptly: (i) notify Covered Entity within five(5) <br /> business days of such misuse, disclosure, loss or theft; and (ii) cooperate and assist Covered Entity with any investigation into any State <br /> Breach or alleged State Breach.This Section 9.2 shall survive the expiration or termination of this Agreement and shall remain in effect for <br /> so long as Vendor maintains PHI or Individually Identifiable Information. <br /> 10. Obligations of Covered Entity. <br /> 10.1 Notification Requirement. Covered Entity shall notify Vendor of: <br /> a. Any limitation(s) in Covered Entity's notice of privacy practices in accordance with 45 CFR 164.520 to the extent <br /> that such changes may affect Vendor's use or disclosure of PHI; <br /> b. Any changes in, or revocation of, permission by Individual to use or disclose PHI, to the extent that such changes <br /> may affect Vendor's use or disclosure of PHI;and <br /> • <br /> c. Any restriction to the use or disclosure if PHI that Covered Entity has agreed to in accordance with 45 CFR 164.522, <br /> to the extent that such restriction may affect Vendor's use or disclosure of PHI. <br /> 10.2 Permissible Requests. Covered Entity agrees that it will not request Vendor to use or disclose PHI in any manner that <br /> would not be permissible under the Confidentiality Requirements if done by Covered Entity. <br /> 11. Terms and Termination. <br /> 11.1 Termination. This Agreement shall remain in effect until terminated in accordance with the terms of this Section 11; <br /> provided,however,that termination shall not affect the respective obligations or rights of the Parties arising under this Agreement prior to the <br /> effective date of termination,all of which shall continue in accordance with their terms. <br /> 11.2 Termination with Cause. Either Party may immediately terminate this Agreement if either of the following events have <br /> occurred and are continuing to occur: <br /> ESO Solutions,Inc. <br /> Subscription Agreement 092214 <br /> Page II of 13 <br />
The URL can be used to link to this page
Your browser does not support the video tag.