Business Associate Contract GENERAL PROVISIONS AND RECITALS
Business Associate Agreement This Agreement may require the exchange of information covered by the U.S. Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). A Business Associate Agreement (“BAA”) executed by the Parties is attached as Appendix [Letter C/D/E etc.].
Business Associate “Business Associate” shall have the same meaning as the term “business associate” at 45 C.F.R. 160.103, and shall refer to Contractor.
CERTIFICATION REGARDING CERTAIN FOREIGN-OWNED COMPANIES IN CONNECTION WITH CRITICAL INFRASTRUCTURE (Texas law as of September 1, 2021) By submitting a proposal to this Solicitation, you certify that you agree to the following required by Texas law as of September 1, 2021: Proposing Company is prohibited from entering into a contract or other agreement relating to critical infrastructure that would grant to the company direct or remote access to or control of critical infrastructure in this state, excluding access specifically allowed by the Proposing Company for product warranty and support purposes. Company, certifies that neither it nor its parent company nor any affiliate of company or its parent company, is (1) owned by or the majority of stock or other ownership interest of the company is held or controlled by individuals who are citizens of China, Iran, North Korea, Russia, or a designated country; (2) a company or other entity, including governmental entity, that is owned or controlled by citizens of or is directly controlled by the government of China, Iran, North Korea, Russia, or a designated country; or (3) headquartered in China, Iran, North Korea, Russia, or a designated country. For purposes of this contract, “critical infrastructure” means “a communication infrastructure system, cybersecurity system, electric grid, hazardous waste treatment system, or water treatment facility.” See Tex. Gov’t Code § 2274.0101(2) of SB 1226 (87th leg.). The company verifies and certifies that company will not grant direct or remote access to or control of critical infrastructure, except for product warranty and support purposes, to prohibited individuals, companies, or entities, including governmental entities, owned, controlled, or headquartered in China, Iran, North Korea, Russia, or a designated country, as determined by the Governor.
Contractor Certification for Contractor Employees Introduction Texas Education Code Chapter 22 requires entities that contract with school districts to provide services to obtain criminal history record information regarding covered employees. Contractors must certify to the district that they have complied. Covered employees with disqualifying criminal histories are prohibited from serving at a school district. Definitions: Covered employees: Employees of a contractor or subcontractor who have or will have continuing duties related to the service to be performed at the District and have or will have direct contact with students. The District will be the final arbiter of what constitutes direct contact with students. Disqualifying criminal history: Any conviction or other criminal history information designated by the District, or one of the following offenses, if at the time of the offense, the victim was under 18 or enrolled in a public school: (a) a felony offense under Title 5, Texas Penal Code; (b) an offense for which a defendant is required to register as a sex offender under Chapter 62, Texas Code of Criminal Procedure; or (c) an equivalent offense under federal law or the laws of another state. I certify that: NONE (Section A) of the employees of Contractor and any subcontractors are covered employees, as defined above. If this box is checked, I further certify that Contractor has taken precautions or imposed conditions to ensure that the employees of Contractor and any subcontractor will not become covered employees. Contractor will maintain these precautions or conditions throughout the time the contracted services are provided. OR SOME (Section B) or all of the employees of Contractor and any subcontractor are covered employees. If this box is checked, I further certify that: (1) Contractor has obtained all required criminal history record information regarding its covered employees. None of the covered employees has a disqualifying criminal history.
OBLIGATIONS AND ACTIVITIES OF CONTRACTOR AS BUSINESS ASSOCIATE 1. CONTRACTOR agrees not to use or further disclose PHI COUNTY discloses to CONTRACTOR other than as permitted or required by this Business Associate Contract or as required by law.
2. XXXXXXXXXX agrees to use appropriate safeguards, as provided for in this Business Associate Contract and the Agreement, to prevent use or disclosure of PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY other than as provided for by this Business Associate Contract.
3. XXXXXXXXXX agrees to comply with the HIPAA Security Rule at Subpart C of 45 CFR Part 164 with respect to electronic PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY.
4. CONTRACTOR agrees to mitigate, to the extent practicable, any harmful effect that is known to CONTRACTOR of a Use or Disclosure of PHI by CONTRACTOR in violation of the requirements of this Business Associate Contract.
5. XXXXXXXXXX agrees to report to COUNTY immediately any Use or Disclosure of PHI not provided for by this Business Associate Contract of which CONTRACTOR becomes aware. CONTRACTOR must report Breaches of Unsecured PHI in accordance with Paragraph E below and as required by 45 CFR § 164.410.
6. CONTRACTOR agrees to ensure that any Subcontractors that create, receive, maintain, or transmit PHI on behalf of CONTRACTOR agree to the same restrictions and conditions that apply through this Business Associate Contract to CONTRACTOR with respect to such information.
7. CONTRACTOR agrees to provide access, within fifteen (15) calendar days of receipt of a written request by COUNTY, to PHI in a Designated Record Set, to COUNTY or, as directed by COUNTY, to an Individual in order to meet the requirements under 45 CFR § 164.524. If CONTRACTOR maintains an Electronic Health Record with PHI, and an individual requests a copy of such information in an electronic format, CONTRACTOR shall provide such information in an electronic format.
8. CONTRACTOR agrees to make any amendment(s) to PHI in a Designated Record Set that COUNTY directs or agrees to pursuant to 45 CFR § 164.526 at the request of COUNTY or an Individual, within thirty (30) calendar days of receipt of said request by COUNTY. XXXXXXXXXX agrees to notify COUNTY in writing no later than ten (10) calendar days after said amendment is completed.
9. CONTRACTOR agrees to make internal practices, books, and records, including policies and procedures, relating to the use and disclosure of PHI received from, or created or received by CONTRACTOR on behalf of, COUNTY available to COUNTY and the Secretary in a time and manner as determined by COUNTY or as designated by the Secretary for purposes of the Secretary determining COUNTY’S compliance with the HIPAA Privacy Rule.
10. CONTRACTOR agrees to document any Disclosures of PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY, and to make information related to such Disclosures available as would be required for COUNTY to respond to a request by an Individual for an accounting of Disclosures of PHI in accordance with 45 CFR § 164.528.
11. CONTRACTOR agrees to provide COUNTY or an Individual, as directed by COUNTY, in a time and manner to be determined by COUNTY, that information collected in accordance with the Agreement, in order to permit COUNTY to respond to a request by an Individual for an accounting of Disclosures of PHI in accordance with 45 CFR § 164.528.
12. XXXXXXXXXX agrees that to the extent CONTRACTOR carries out COUNTY’s obligation under the HIPAA Privacy and/or Security rules CONTRACTOR will comply with the requirements of 45 CFR Part 164 that apply to COUNTY in the performance of such obligation.
13. If CONTRACTOR receives Social Security data from COUNTY provided to COUNTY by a state agency, upon request by COUNTY, CONTRACTOR shall provide COUNTY with a list of all employees, subcontractors and agents who have access to the Social Security data, including employees, agents, subcontractors and agents of its subcontractors.
14. CONTRACTOR will notify COUNTY if CONTRACTOR is named as a defendant in a criminal proceeding for a violation of HIPAA. COUNTY may terminate the Agreement, if CONTRACTOR is found guilty of a criminal violation in connection with HIPAA. COUNTY may terminate the Agreement, if a finding or stipulation that CONTRACTOR has violated any standard or requirement of the privacy or security provisions of HIPAA, or other security or privacy laws are made in any administrative or civil proceeding in which CONTRACTOR is a party or has been joined. COUNTY will consider the nature and seriousness of the violation in deciding whether or not to terminate the Agreement.
Changes to Privacy Policy Agreement Passive Plus, Inc. reserves the right to update and/or change the terms of our privacy policy, and as such we will post those change to our website homepage at xxx.xxxxxxxxxxx.xxx, so that our users and/or visitors are always aware of the type of information we collect, how it will be used, and under what circumstances, if any, we may disclose such information. If at any point in time Passive Plus, Inc. decides to make use of any personally identifiable information on file, in a manner vastly different from that which was stated when this information was initially collected, the user or users shall be promptly notified by email. Users at that time shall have the option as to whether or not to permit the use of their information in this separate manner.
Certification Regarding Business with Certain Countries and Organizations Pursuant to Subchapter F, Chapter 2252, Texas Government Code, PROVIDER certifies it is not engaged in business with Iran, Sudan, or a foreign terrorist organization. PROVIDER acknowledges this Purchase Order may be terminated if this certification is or becomes inaccurate.
Certification Regarding Prohibition of Boycotting Israel (Tex Gov. Code 2271)
Data Privacy Consent In order to administer the Plan and this Agreement and to implement or structure future equity grants, the Company, its subsidiaries and affiliates and certain agents thereof (together, the “Relevant Companies”) may process any and all personal or professional data, including but not limited to Social Security or other identification number, home address and telephone number, date of birth and other information that is necessary or desirable for the administration of the Plan and/or this Agreement (the “Relevant Information”). By entering into this Agreement, the Grantee (i) authorizes the Company to collect, process, register and transfer to the Relevant Companies all Relevant Information; (ii) waives any privacy rights the Grantee may have with respect to the Relevant Information; (iii) authorizes the Relevant Companies to store and transmit such information in electronic form; and (iv) authorizes the transfer of the Relevant Information to any jurisdiction in which the Relevant Companies consider appropriate. The Grantee shall have access to, and the right to change, the Relevant Information. Relevant Information will only be used in accordance with applicable law.
