The "Health Information Technology for Economic and Clinical Health Act" ("HITECH Act") was signed into law on February 17, 2009 and takes effect February 17, 2010. It expands HIPAA privacy and security regulations. The two most important changes in the HITECH Act for business associates of HIPAA covered entities are (a) requirement that business associates comply directly with Security Rule provisions directing implementation of administrative, physical and technical safeguards for electronic protected health information and (b) expanded breach notification rules for both covered entities and their business associates.
This agreement is intended to work as a side agreement or collateral agreement to an existing or pending contract with a Business Associate that deals solely with HIPAA privacy issues. It is not intended to be the complete and final written expression of a services agreement between a health care provider and a contractor.
The Hennepin Minnesota Rider or Collateral Agreement to HIPAA Privacy Compliance Agreement for Business Associates HITCHCH Act is a document that outlines the specific requirements and obligations of business associates operating in Hennepin County, Minnesota, with regard to the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health (HITCH) Act. This agreement serves as an addendum to the existing HIPAA Privacy Compliance Agreements between covered entities and their business associates. The Hennepin Minnesota Rider or Collateral Agreement is designed to ensure that business associates in Hennepin County comply with the strict privacy and security standards set forth by HIPAA and HITCH Act. It establishes guidelines and standards for the handling, safeguarding, and disclosure of protected health information (PHI) to ensure the privacy rights of patients. Some key provisions included in the Hennepin Minnesota Rider or Collateral Agreement may cover aspects such as: 1. Definitions: This section defines important terms related to HIPAA and HITCH Act compliance, including PHI, business associate, covered entity, breach, access, and use. 2. Permitted Use and Disclosure: The agreement outlines the permissible uses and disclosures of PHI by the business associate, ensuring compliance with HIPAA and HITCH Act regulations. This may include disclosure of information for treatment, payment, and healthcare operations, as well as any additional purposes as specified by Hennepin County. 3. Safeguards: The agreement requires the business associate to implement appropriate administrative, physical, and technical safeguards to protect PHI from unauthorized access, use, or disclosure. This includes measures such as encryption, firewalls, access controls, and employee training. 4. Breach Notification: The business associate must promptly report any known or suspected breaches of unsecured PHI to the covered entity. This section also outlines the steps to be taken in the event of a breach, including mitigation, notification to individuals, and cooperation with investigations. 5. Subcontractors: If the business associate engages subcontractors to carry out HIPAA-related functions, the agreement may specify that these subcontractors must also comply with the same privacy and security obligations. 6. Term and Termination: This section defines the duration of the agreement and the conditions under which it can be terminated by either party. It may also include provisions for the return or destruction of PHI upon termination. The Hennepin Minnesota Rider or Collateral Agreement may have variations depending on the specific requirements of Hennepin County, but the core focus remains on ensuring compliance with HIPAA and HITCH Act regulations for business associates operating within the county.The Hennepin Minnesota Rider or Collateral Agreement to HIPAA Privacy Compliance Agreement for Business Associates HITCHCH Act is a document that outlines the specific requirements and obligations of business associates operating in Hennepin County, Minnesota, with regard to the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health (HITCH) Act. This agreement serves as an addendum to the existing HIPAA Privacy Compliance Agreements between covered entities and their business associates. The Hennepin Minnesota Rider or Collateral Agreement is designed to ensure that business associates in Hennepin County comply with the strict privacy and security standards set forth by HIPAA and HITCH Act. It establishes guidelines and standards for the handling, safeguarding, and disclosure of protected health information (PHI) to ensure the privacy rights of patients. Some key provisions included in the Hennepin Minnesota Rider or Collateral Agreement may cover aspects such as: 1. Definitions: This section defines important terms related to HIPAA and HITCH Act compliance, including PHI, business associate, covered entity, breach, access, and use. 2. Permitted Use and Disclosure: The agreement outlines the permissible uses and disclosures of PHI by the business associate, ensuring compliance with HIPAA and HITCH Act regulations. This may include disclosure of information for treatment, payment, and healthcare operations, as well as any additional purposes as specified by Hennepin County. 3. Safeguards: The agreement requires the business associate to implement appropriate administrative, physical, and technical safeguards to protect PHI from unauthorized access, use, or disclosure. This includes measures such as encryption, firewalls, access controls, and employee training. 4. Breach Notification: The business associate must promptly report any known or suspected breaches of unsecured PHI to the covered entity. This section also outlines the steps to be taken in the event of a breach, including mitigation, notification to individuals, and cooperation with investigations. 5. Subcontractors: If the business associate engages subcontractors to carry out HIPAA-related functions, the agreement may specify that these subcontractors must also comply with the same privacy and security obligations. 6. Term and Termination: This section defines the duration of the agreement and the conditions under which it can be terminated by either party. It may also include provisions for the return or destruction of PHI upon termination. The Hennepin Minnesota Rider or Collateral Agreement may have variations depending on the specific requirements of Hennepin County, but the core focus remains on ensuring compliance with HIPAA and HITCH Act regulations for business associates operating within the county.
Para su conveniencia, debajo del texto en español le brindamos la versión completa de este formulario en inglés. For your convenience, the complete English version of this form is attached below the Spanish version.
