Business Associate Agreement Policy

The parties agree that, when used in this Agreement, the following terms have the following meanings, provided that the terms set forth below are considered modified to reflect changes made from time to time to those Terms, as set forth in the HIPAA Data Protection Rules, hipaa security rules, and HITECH standards (together HIPAA rules). Terms used in this Agreement that are not defined elsewhere have the meaning of those terms in the HIPC rules. Transitional provisions for existing contracts. Covered companies (with the exception of small health plans) that entered into an existing contract (or other written agreement) with counterparty before October 15, 2002 may, under this contract, be permitted for up to an additional year regarding the compliance date of 14 Unless the contract is renewed or amended before April 14, 2003. 2003. This transitional period applies only to written contracts or other written agreements. Oral contracts or other arrangements are not eligible for the transition period. Entities covered by eligible contracts may continue to operate under such contracts with their counterparties until April 14, 2004 or April 14, 2004 or until the renewal or amendment of the contract, whichever is earlier, whether or not the contract meets the applicable contractual requirements under 45 CFR 164.502(e) and 164.504(e). Otherwise, a data subject entity must comply with the data protection rule, for example.B. only make permitted advertisements towards the counterparty and allow individuals to exercise their rights in accordance with the rule. See 45 CFR 164.532 (d) and (e). The functions and activities of counterparties include: claims management or management; data analysis, processing or management; verification of use; quality assurance; settlement of accounts; performance management; practice management; and reassessment.

the counterparty services are: legal; actuarial; accounting; counselling; data aggregation; management; from an administrative point of view; accreditation; and financially. See the definition of „counterparty” in 45 CFR 160.103. Exceptions to the Business Associate Standard. The confidentiality rule contains the following exceptions to the counterparty standard. See 45 CFR 164.502(s). In such situations, the entity concerned shall not be required to enter into a counterparty contract or any other written agreement before the protected health information can be transmitted to the natural or legal person. counterparty contracts. A covered company`s contract or other written agreement with its counterparty must contain the elements referred to in 45 CFR 164.504(e). For example, the contract must: describe the permitted and necessary use of the health information protected by the counterparty; provide that the counterparty does not use or disclose protected health information other than to the extent permitted, prescribed or prescribed by law; and request the counterparty to take appropriate security measures to prevent protected health information from being taken into account other than the contract or contract.

Where a covered undertaking is aware of a breach or material breach of the contract or agreement by the counterparty, the covered undertaking shall be obliged to take appropriate measures to remedy the infringement or to bring the infringement to an end, and if such measures fail to terminate the contract or agreement. . . .