1/15/2024 0 Comments Banner thunderbird hospital![]() In consideration of and conditioned upon Banner’s performance of its obligations under this Agreement, HHS releases Banner from any actions it may have against Banner under the HIPAA Rules arising out of or related to the Factual Background and Covered Conduct associated with the compliance review identified in paragraph I. If Banner breaches the CAP and fails to cure the breach as set forth in the CAP, then Banner will be in breach of this Agreement and HHS will not be subject to the Release set forth in paragraph II.8 of this Agreement. Banner has entered into and agrees to comply with the Corrective Action Plan (“CAP”), attached as Appendix B, which is incorporated into this Agreement by reference. Banner agrees to pay the Resolution Amount on the Effective Date of this Agreement as defined in paragraph II.14 pursuant to written instructions to be provided by HHS. HHS has agreed to accept, and Banner has agreed to pay HHS, the amount of $1,250,000. In consideration of the Parties’ interest in avoiding the uncertainty, burden, and expense of further investigation and formal proceedings, the Parties agree to resolve this matter according to the Terms and Conditions below. This Agreement is intended to resolve OCR Transaction Number: 16-245464 and any potential violations of the HIPAA Rules related to the Covered Conduct associated with the compliance review and investigation specified in paragraph I.2 of this Agreement. Intention of Parties to Effect Resolution.This Agreement is not a concession by HHS that Banner is not in violation of the HIPAA Rules and not liable for civil money penalties (“CMPs”). ![]() This Agreement is not an admission, concession or evidence of liability by Banner. The requirement to implement technical security measures to guard against unauthorized access to electronic protected health information that is being transmitted over an electronic communications network.The requirement to implement procedures to verify that a person or entity seeking access to electronic protected health information is the one claimed (see 45 CFR § 164.312(d)).The requirement to implement sufficient procedures to regularly review records of information system activity (see 45 C.F.R. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |