Business Associate Contract A. GENERAL PROVISIONS AND RECITALS
Provisions for Covered Entity to Inform Business Associate of Privacy Practices and Restrictions (a) Covered Entity shall notify Business Associate of any limitation(s) in the notice of privacy practices of Covered Entity under 45 CFR 164.520, to the extent that such limitation may affect Business Associate’s use or disclosure of protected health information.
Business Associate Agreement This Agreement may require the exchange of information covered by the U.S. Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). A Business Associate Agreement (“BAA”) executed by the Parties is attached as Appendix [Letter C/D/E etc.].
ATTACHMENT E BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement (“Agreement”) is entered into by and between the State of Vermont Agency of Human Services, operating by and through its Department of Vermont Health Access (“Covered Entity”) and OptumInsight, Inc. (“Business Associate”) as of June 6, 2014 (“Effective Date”). This Agreement supplements and is made a part of the contract/grant to which it is attached. Covered Entity and Business Associate enter into this Agreement to comply with standards promulgated under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), including the Standards for the Privacy of Individually Identifiable Health Information, at 45 CFR Parts 160 and 164 (“Privacy Rule”), and the Security Standards, at 45 CFR Parts 160 and 164 (“Security Rule”), as amended by Subtitle D of the Health Information Technology for Economic and Clinical Health Act (HITECH), and any associated federal rules and regulations. The parties agree as follows:
Business Associate Obligations Business Associate agrees to comply with applicable federal confidentiality and security laws, specifically the provisions of the HIPAA Rules and the HITECH Act applicable to business associates, including:
OBLIGATIONS AND ACTIVITIES OF CONTRACTOR AS BUSINESS ASSOCIATE 1. Contractor agrees not to use or further disclose PHI County discloses to Contractor other than as permitted or required by this Business Associate Contract or as required by law.
Contractor Certification regarding Business with Certain Countries and Organizations Pursuant to Subchapter F, Chapter 2252, Texas Government Code], Contractor certifies Contractor is not engaged in business with Iran, Sudan, or a foreign terrorist organization. Contractor acknowledges this Agreement may be terminated and payment withheld if this certification is inaccurate.
Certification Regarding Business with Certain Countries and Organizations Pursuant to Subchapter F, Chapter 2252, Texas Government Code, PROVIDER certifies it is not engaged in business with Iran, Sudan, or a foreign terrorist organization. PROVIDER acknowledges this Purchase Order may be terminated if this certification is or becomes inaccurate.
PROHIBITION ON CONTRACTS WITH COMPANIES BOYCOTTING ISRAEL CERTIFICATION As required by Chapter 2271 of the Texas Local Government Code the Contractor must verify that it 1) does not boycott Israel; and 2) will not boycott Israel during the term of the Contract. Pursuant to Section 2271.001, Texas Government Code:
CERTIFICATION REGARDING CERTAIN FOREIGN-OWNED COMPANIES IN CONNECTION WITH CRITICAL INFRASTRUCTURE (Texas law as of September 1, 2021) By submitting a proposal to this Solicitation, you certify that you agree to the following required by Texas law as of September 1, 2021: Proposing Company is prohibited from entering into a contract or other agreement relating to critical infrastructure that would grant to the company direct or remote access to or control of critical infrastructure in this state, excluding access specifically allowed by the Proposing Company for product warranty and support purposes. Company, certifies that neither it nor its parent company nor any affiliate of company or its parent company, is (1) owned by or the majority of stock or other ownership interest of the company is held or controlled by individuals who are citizens of China, Iran, North Korea, Russia, or a designated country; (2) a company or other entity, including governmental entity, that is owned or controlled by citizens of or is directly controlled by the government of China, Iran, North Korea, Russia, or a designated country; or (3) headquartered in China, Iran, North Korea, Russia, or a designated country. For purposes of this contract, “critical infrastructure” means “a communication infrastructure system, cybersecurity system, electric grid, hazardous waste treatment system, or water treatment facility.” See Tex. Gov’t Code § 2274.0101(2) of SB 1226 (87th leg.). The company verifies and certifies that company will not grant direct or remote access to or control of critical infrastructure, except for product warranty and support purposes, to prohibited individuals, companies, or entities, including governmental entities, owned, controlled, or headquartered in China, Iran, North Korea, Russia, or a designated country, as determined by the Governor.
