My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
Agreement between DSHS Division of Behavioral Health and Recovery and KCPHD
>
Meetings
>
2018
>
05. May
>
2018-05-15 10:00 AM - Commissioners' Agenda
>
Agreement between DSHS Division of Behavioral Health and Recovery and KCPHD
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
5/14/2018 12:19:26 PM
Creation date
5/14/2018 12:17:16 PM
Metadata
Fields
Template:
Meeting
Date
5/15/2018
Meeting title
Commissioners' Agenda
Location
Commissioners' Auditorium
Address
205 West 5th Room 109 - Ellensburg
Meeting type
Regular
Meeting document type
Supporting documentation
Supplemental fields
Alpha Order
g
Item
Request to Approve an Agreement between the Department of Social and Health Services Division of Behavioral Health and Recovery and the Kittitas County Public Health Department
Order
7
Placement
Consent Agenda
Row ID
44613
Type
Agreement
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
57
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
g. "HIPAK means the Health Insurance Portability and Accountability Act of 1996, Pub. L. 104-191, as <br />modified by the American Recovery and Reinvestment Act of 2009 ("ARRA"), Sec. 13400 — 13424, <br />H.R. 1 (2009) (HITECH Act). <br />h. "HIPAA Rules" means the Privacy, Security, Breach Notification, and Enforcement Rules at 45 CFR <br />Parts 160 and Part 164. <br />"Individual(s)" means the person(s) who is the subject of PHI and includes a person who qualifies <br />as a personal representative in accordance with 45 CFR 164.502(g). <br />j. "Minimum Necessary" means the least amount of PHI necessary to accomplish the purpose for <br />which the PHI is needed. <br />k. "Protected Health Information (PHI)" means individually identifiable health information created, <br />received, maintained or transmitted by Business Associate on behalf of a health care component of <br />the Covered Entity that relates to the provision of health care to an Individual; the past, present, or <br />future physical or mental health or condition of an Individual; or the past, present, or future payment <br />for provision of health care to an Individual. 45 CFR 160.103. PHI includes demographic <br />information that identifies the Individual or about which there is reasonable basis to believe can be <br />used to identify the Individual. 45 CFR 160.103. PHI is information transmitted or held in any form <br />or medium and includes EPHI. 45 CFR 160.103. PHI does not include education records covered <br />by the Family Educational Rights and Privacy Act, as amended, 20 USCA 1232g(a)(4)(B)(iv) or <br />employment records held by a Covered Entity in its role as employer. <br />"Security Incident" means the attempted or successful unauthorized access, use, disclosure, <br />modification or destruction of information or interference with system operations in an information <br />system. <br />m. "Subcontractor" as used in this HIPAA Compliance section of the Contract (in addition to its <br />definition in the General Terms and Conditions) means a Business Associate that creates, receives, <br />maintains, or transmits Protected Health Information on behalf of another Business Associate. <br />n. "Use" includes the sharing, employment, application, utilization, examination, or analysis, of PHI <br />within an entity that maintains such information. <br />15. Compliance. Business Associate shall perform all Contract duties, activities and tasks in compliance <br />with HIPAA, the HIPAA Rules, and all attendant regulations as promulgated by the U.S. Department of <br />Health and Human Services, Office of Civil Rights. <br />16. Use and Disclosure of PHI. Business Associate is limited to the following permitted and required uses <br />or disclosures of PHI: <br />a. Duty to Protect PHI. Business Associate shall protect PHI from, and shall use appropriate <br />safeguards, and comply with Subpart C of 45 CFR Part 164 (Security Standards for the Protection <br />of Electronic Protected Health Information) with respect to EPHI, to prevent the unauthorized Use or <br />disclosure of PHI other than as provided for in this Contract or as required by law, for as long as the <br />PHI is within its possession and control, even after the termination or expiration of this Contract. <br />b. Minimum Necessary Standard. Business Associate shall apply the HIPAA Minimum Necessary <br />standard to any Use or disclosure of PHI necessary to achieve the purposes of this Contract. See <br />45 CFR 164.514 (d)(2) through (d)(5). <br />c. Disclosure as Part of the Provision of Services. Business Associate shall only Use or disclose PHI <br />as necessary to perform the services specified in this Contract or as required by law, and shall not <br />DSHS Central Contract Services <br />1644CS Prevention Services - County (6-26-2015) Page 25 <br />
The URL can be used to link to this page
Your browser does not support the video tag.