Laserfiche WebLink
d. use or disclose PHI in connection with any other benefit or employee benefit plan of Deleted: Not <br />the Employer unless authorized by an individual; <br />e. to the any PHI use or disclosure, that is inconsistent with the uses or Deleted: Report <br />disclosures provided for, of which it becomes aware; Deleted: Plan <br />f. PHI available for amendment and incorporate any amendments to PHI in Deleted: Make available to an individual for <br />accordance with HIPAA; inspection and copying PHI about the individual <br /> as allowed by and in accordance with HIPAA;¶ <br />g. available the information required to provide an accounting of disclosures; Make <br /> Deleted: Make <br />h. internal practices, books and records relating to the use and disclosure of PHI Deleted: Make <br />received from the available to the HHS Secretary for the purposes of determining peleted: Plan <br />the compliance with HIPAA; and <br />' <br /> Deleted: Plan <br />s <br />i. feasible, return or destroy all PHI received for the that the Employer still maintains Deleted: , <br />in any form, and retain no copies of such PHI when no longer needed for the purpose for Deleted: If <br />which disclosure was made (or if return or destruction is not feasible, limit further uses Deleted: Plan <br />and disclosures to those purposes that make the return or destruction infeasible). <br />13.3 Employer's Obligations under Security If the Employer creates, receives, maintains, Deleted: the <br />or transmits ePHI (other than enrollment and disenrollment information and Summary Health Deleted: Rule. <br />Information, which are not subject to these restrictions), the Employer will: <br /> Deleted: (a) Implement <br />administrative, physical, and technical safeguards that reasonably and <br />appropriately protect the confidentiality, integrity, and availability of ePHI; <br />that any agents, including subcontractors, who create, receive, maintain, or Deleted: (b) Ensure <br />transmit ePHI on behalf of the implement reasonable and appropriate security Deleted: Plan <br />measures to protect the ePHI; <br />to the any Security Incident of which it becomes aware; and Deleted: (c) Report <br /> Deleted: Plan <br />reasonable and appropriate security measures to ensure that only those <br /> <br />persons identified have access to ePHI and that such access is limited to the Deleted: (d) Implement <br />purpOSeS Identified Deleted: in Section 13.4 <br /> Deleted: in Section 13.5. <br />13.4 Adequate separation between the and the Employer must be maintained. In Deleted: Plan <br />accordance with HIPAA, only the following employees or classes of employees may be given <br />access to PHI: <br />Deleted: (a) The benefit manager; and,¶ <br />Deleted: Staff <br />(b) designated by the <br />Deleted: beneftr manager. <br />13.5 Limitation of PHI Access and Disclosure. The described above may only have Deleted: For this purpose, "benefits manager" <br />access to and use and disclose PHI for administration functions that the Employer performs is a designation made by me employer. ¶ <br />fOr the Deleted: persons <br />Deleted: in Section 13.4 <br />13.6 Noncompliance Issues. If person described above does not comply with this Deleted: Plan <br />document, the Employer shall provide a mechanism for resolving issues of noncompliance Deleted: Plan. <br />including, but not limited to, disciplinary sanctions. <br />Deleted: a <br />Deleted: in Section 13.4 <br />Deleted: Plan <br />© 2009 Hitesman & Associates, P.A. 35 Elk River Municipal Utilities <br />Flexible Benefitr Plan (No. 8.0.0.0) <br />