My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
Ellensburg Family Medicine - Complete copy with Amendments
>
Meetings
>
2023
>
02. February
>
2023-02-07 10:00 AM - Commissioners' Agenda
>
Ellensburg Family Medicine - Complete copy with Amendments
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
2/2/2023 12:05:44 PM
Creation date
2/2/2023 12:03:52 PM
Metadata
Fields
Template:
Meeting
Date
2/7/2023
Meeting title
Commissioners' Agenda
Location
Commissioners' Auditorium
Address
205 West 5th Room 109 - Ellensburg
Meeting type
Regular
Meeting document type
Supporting documentation
Supplemental fields
Item
Request to Approve the 2nd Modification of the Professional Services Agreement between Kittitas County and Ellensburg Family Medicine d/b/a CompassDirect Healthcare
Order
14
Placement
Consent Agenda
Row ID
99173
Type
Agreement
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
30
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
compliance with the privacy provisions of law that apply to the Business Associate to the <br />same extent as the Covered Entity. <br />B. Security: implement administrative. physical, and technical safeguards that reasonably <br />and appropriately protect the confidentiality, integrity, and availability of the PHI that it <br />creates, receives, maintains, or transmits on behalf of the Covered Entity as required by <br />law. The Business Associate is directly responsible for compliance with the security <br />provisions of HIPAA and HITECH to the same extent as the Covered Entity. <br />C. Improper Disclosures: Report all unauthorized or otherwise improper disclosures of PHI, <br />or security incident, to the Covered Entity within two (2) days of the Business <br />Associate's knowledge of such event. <br />D. Notice of Breach: Within two (2) business days of the discovery of breach as defined at <br />45 CFR § 164.402 notify the Covered Entity of any breach of unsecured PHI. Notification <br />shall by the most rapid means reasonably possible, such as telephonic notice made <br />directly to an appropriate person within the covered entity and not including a voice mail <br />or similar message. Written notification shall follow within that two (2) period by fax and <br />be confirmed by direct contact with the intended recipient, and include the identification <br />of each individual whose unsecured PHi has been, or is reasonably believed by the <br />Business Associate to have been, accessed, acquired, or disclosed during such breach; a <br />brief description of what happened, including the date of the breach and the date of the <br />discovery of the breach, if known; a description of the types of unsecured PHI that were <br />involved in the breach (such as whether fall name, social security number, date of birth, <br />home address, account number, diagnosis, disability code, or other types of information <br />were involved); any steps individuals should take to protect themselves from potential <br />harm resulting from the breach; a brief description of what the Business Associate is <br />doing to investigate the breach, to mitigate harm to individuals, and to protect against any <br />further breaches; the contact procedures of the Business Associate for individuals to ask <br />questions or learn additional information, which shall include a toll free number, an e- <br />mail address, Web site, or postal address; and any other information required to be <br />provided to the individual by the Covered Entity pursuant to 45 CFR § 164.404, as <br />amended. A breach shall be treated as discovered in accordance with the terms of45 CFR <br />§164.410. The information shall be updated promptly and provided to the Covered Entity <br />as requested by the Covered Entity. <br />E. Mitigation: Mitigate, to the extent practicable, any harmful effect that is known to <br />Business Associate of a use or disclosure of PHI by Business Associate in violation of the <br />requirements of this Addendum or the law. <br />F. Agents. Ensure that any agent, including all of its employees, representatives, and <br />subcontractors, to whom it provides PHI received from, or created or received by <br />Business Associate on behalf of Covered Entity agrees to the same restrictions and <br />B. A. A. Attachment Page 2 of 5 <br />
The URL can be used to link to this page
Your browser does not support the video tag.