My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
6.5. ERMUSR 01-15-2008
ElkRiver
>
City Government
>
Boards and Commissions
>
Utilities Commission
>
Packets
>
2003-2013
>
2008
>
01-15-2008
>
6.5. ERMUSR 01-15-2008
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
1/28/2009 12:21:46 PM
Creation date
1/28/2009 12:09:30 PM
Metadata
Fields
Template:
City Government
type
ERMUSR
date
1/15/2008
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
41
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
(f) Make available to an individual for inspection and copying PHI about the individual as <br />allowed by and in accordance with HIPAA; <br />(g) Make PHI available for amendment and incorporate any amendments to PHI in <br />accordance with HIPAA; <br />(h) Make available the information required to provide an accounting of disclosures; <br />(i) Make internal practices, books and records relating to the use and disclosure of PHI <br />received from the Plan available to the HHS Secretary for the purposes of determining <br />the Plan's compliance with HIPAA; and, <br />(j) If feasible, return or destroy all PHI received for the Plan that the Employer still <br />maintains in any form, and retain no copies of such PHI when no longer needed for the <br />purpose for which disclosure was made (or if return or destruction is not feasible, limit <br />further uses and disclosures to those purposes that make the return or destruction <br />infeasible). <br />13.3 Employer's Obligations under the Security Rule. If the Employer creates, receives, <br />maintains, or transmits ePHI (other than enrollment and disenrollment information and Summary <br />Health Information, which are not subject to these restrictions), the Employer will: <br />(a) Implement administrative, physical, and technical safeguards that reasonably and <br />appropriately protect the confidentiality, integrity, and availability of ePHI; <br />(b) Ensure that any agents, including subcontractors, who create, receive, maintain, or <br />transmit ePHI on behalf of the Plan implement reasonable and appropriate security <br />measures to protect the ePHI; <br />(c) Report to the Plan any Security Incident of which it becomes aware; and <br />(d) Implement reasonable and appropriate security measures to ensure that only those <br />persons identified in Section 13.4 have access to ePHI and that such access is limited to <br />the purposes identified in Section 13.5. <br />13.4 Adequate separation between the Plan and the Employer must be maintained. In <br />accordance with HIPAA, only the following employees or classes of employees may be given <br />access to PHI: <br />(a) The benefit manager; and, <br />(b) Staff designated by the benefits manager. <br />For this purpose, "benefits manager" is a designation made by the Employer. <br />13.5 Limitation of PHI Access and Disclosure. The persons described in Section 13.4 above may <br />only have access to and use and disclose PHI for Plan administration functions that the Employer <br />performs for the Plan. <br />13.6 Noncompliance Issues. If a person described in Section 13.4 above does not comply with this <br />Plan document, the Employer shall provide a mechanism for resolving issues of noncompliance <br />including, but not limited to, disciplinary sanctions. <br />©2007 Hitesman & Associates, P.A. 34 Elk River Municipal Utilities <br />122707 Flexible Benefits Plan <br />
The URL can be used to link to this page
Your browser does not support the video tag.