The URL can be used to link to this page

Home My WebLink AboutC11-172 Televox Service Agreement Service Agreement Pfizer- Sponsored Vaccine Reminder Program This Service Agreement (hereinafter the "Agreement ") is hereby entered into this day of , 2011 by and between Eagle County Health & Human Services, a department of Eagle County Government, located at 551 Broadway, Eagle, Colorado 81631 (hereinafter "Client "), and TeleVox Software, Incorporated, a Delaware corporation (hereinafter "TeleVox ") located at 1110 Montlimar Drive, Suite 700, Mobile, AL 36609, and Pfizer Inc, located at 500 Arcola Road, Collegeville PA 19426 (hereinafter "Sponsor"). WHEREAS, Client is a provider of medical care and /or medical care related services to members or to individuals served, directly or indirectly by Client (together referred to herein as "patients') , and desires to utilize TeleVox services in the course of providing said services to improve the quality of such services; WHEREAS, TeleVox is a provider of messaging systems and services to a variety of organizations, including healthcare businesses, and has the resources to provide these services as described below; and WHEREAS, Client and Sponsor have a public health and quality assurance interest in encouraging patients to adhere to certain recommended courses of childhood vaccinations, including those patients who have begun a course of vaccination with Sponsor's Prevnar (Pneumococcal 7- valent Conjugate Vaccine (Diphtheria CRM197 Protein)) or Prevnar 13® (Pneumococcal 13- valent Conjugate Vaccine (Diphtheria CRM197 Protein)); and WHEREAS, Sponsor has a separate agreement with TeleVox regarding Sponsor's funding of TeleVox services, which services provide a method of outreach to patients (or their parents and /or guardians) to remind them to adhere to such recommended courses of vaccinations ; NOW, THEREFORE, Client, TeleVox and Sponsor hereby agree to the following terms and conditions; 1. Term of Agreement. This Agreement shall commence upon the date of implementation agreed to by the parties and shall continue for a period of one (1) year from the date of implementation. Either party may terminate this Agreement at any time and for any reason upon thirty (30) days written notice to the other party. 2. Scope of TeleVox Service. TeleVox will contact the Client's patients (each a "Recipient ") using its PostcardPlus member outreach service, utilizing information provided by Client and transmitting a message approved by Client and Sponsor (the "Services "). Services include a mailed reminder followed by an automated phone reminder (each, a "Message "). The Messages indicate that recipient's child may have missed a dose of a routinely recommended vaccination; that the recipient should contact their child's doctor or health services provider to find out if an appointment should be scheduled; the Messages do not direct the recipient to any particular service provider, nor reference any specific recommended course of vaccination. The Messages also communicate that Sponsor has provided financial support for the communication; that Client is the source of the message and that no patient - specific information has been or will be provided to Sponsor. (Collectively, all Messages shall be deemed the "Content "). A report of attempted, completed, and failed calls will be provided to the Client immediately following each campaign of Services. Client's return mail address will be required and added to each postcard before delivery. TeleVox shall maintain a telephone line for Recipients to opt -out of future communications and shall provide other services to Client as necessary to confirm that contact will only be made to Recipients who have not otherwise opted out of communications such as the TeleVox Services. TeleVox HIGH TECH HUMAN TOUCH' 243617425.DOC TeleVox Confidential • 0,11 72 Service Agreement Pfizer- Sponsored Vaccine Reminder Program 3. Antikickback warranties. Sponsor and Client intend to comply with all state and federal laws governing the provision of the Services to Client, including the federal Anti - Kickback Statute, 42 U.S.C.A. 1320a- 7b(b), and Client therefore represents and warrants that it is•one of the following type of entity (check and initial one as applicable to organization type): o A private insurance plan, managed care organization, or health maintenance organization that will obtain services under this agreement only for its own members whose care is not, directly or indirectly, covered under a federal health care program. o A Medicaid Managed Care Organization that has executed either a capitated or risk -based contract with a State Medicaid Agency, that provides services to its members or patients primarily on a capitated or risk based basis and that warrants that nothing in the Client's executed contract with the applicable State Medicaid Agency or any other laws, regulations or guidance issued by that State Medicaid Agency prohibits Client from entering into this Agreement. o A federally qualified health center that receives a grant under Section 330 of the Public Health Service (PHS) Act, 42 U.S.C. §1396d(I)(2)(B), or receives funding from such grant under a contract with the recipient of a grant and meets the requirements to receive a grant under Section 330 of the PHS Act which warrants that 1) it has reviewed the scope of services offered by Sponsor and Televox and such services contribute to the Client's mission to provide quality health care services to the medically underserved; and 2) it will review the appropriateness of such services at regular intervals. o (Circle that which applies) A not - for - profit community health center that has received federal designation as an FQHC "look alike ", a health department or clinic operated by a state, county or municipal entity, a community health clinic, a Rural Health Clinic, or an Indian Health Service Provider which warrants that 1) it has reviewed the scope of services offered by Sponsor and Televox and such services contribute to the Client's mission to provide quality health care services to the medically underserved; and 2) it will review the appropriateness of such services at regular intervals. o A third -party administrator that administers an employee benefit or other health care plan only for individuals whose care is not, directly or indirectly, covered under a federal health care program. Provision of Documents: Sponsor shall have the right as a condition of entering into this Agreement, or during the course of this Agreement, to request documentation confirming the accuracy of Eagle County Health and Human Services representations as to Eagle County's business model and book of business, with respect to any (Insert Account Name) entities covered by this Schedule. Eagle County shall have the obligation to respond to such request promptly within two weeks of the receipt of such request, and shall cooperate with Sponsor in providing documentation that is satisfactory to Sponsor, including but not limited to excerpts from Eagle County certificate of Incorporation, Eagle County public facing or provider facing materials, contracts with providers, or contracts with state Medicaid plans, which may be redacted except as to information pertinent to the above representations. Sponsor may direct Supplier to terminate services to ny such Eagle County entity upon Eagle County's failure to supply such information to the satisfaction of Sponsor, or upon any material misrepresentation by Eagle County made in relation to this Schedule. TeleVox HIGH TECH HUMAN TOUCH" 243617425.DOC TeleVox Confidential • Service Agreement Pfizer- Sponsored Vaccine Reminder Program 4. Data Transfer. The Client will generate and transfer the necessary patient data to TeleVox, where such data will be securely housed only long enough to complete the campaign and generate the necessary reports. The Client will be provided with a HIPAA- compliant method for transferring the data to TeleVox. Client agrees that any patient data supplied to permit patient (or parent or guardian) contact through Televox Services shall be limited solely to data which pertains to those patients for whom a course of childhood vaccination has been initiated, and which permit Services to be provided solely to such patients. Data shall only be pulled from Client's databases where a child has received at least one dose of Prevnar or Prevnar 13 for the 3 and 4th dose filters and 4 doses of Prevnar for supplemental dose filters and where the child is between 17 and 57 months of age. 5. Pricing. There is no cost to the Client for the Services covered by this program. Sponsor will pay fees directly to TeleVox for Services rendered by TeleVox, as agreed separately between Sponsor and TeleVox. 6. Maintenance of Services. Client agrees to provide information reasonably required by TeleVox to perform Services, including as applicable, but not limited to: approval of program content and materials; Client databases; forecasts; routing and network addresses and configurations; and key contacts for problem escalation (collectively the "Client Materials "). 7. Responsibility For Content, Transmitting Messages, and Accounts. Client represents and warrants that: (a) it has reviewed the Content and accepts sole responsibility for the Content and it has the legal right to use all Content and send all Messages to the Recipients (including obtaining any required consents from the Recipients) and the content, timing and purpose of all Messages, and Client's campaigns and programs of Services are in compliance with all applicable laws, rules and regulations; (b) it is the transmitter of all Content and Messages and Televox is merely acting at Client's direction as a technology conduit for the transmission of the Content and the Messages; (c)Televox's' use of the Content in accordance with the terms of this Agreement shall not violate the rights of any third party or any law, rule or regulation; (d) it has obtained prior express consent to contact each cell phone number delivered by Client to Televox in connection with the provision of the Services; (e) it has (1) incorporated an interactive opt -out mechanism as part of any program relating to any Services or (2) the contacts that are the subject of such Services are not initiated to induce the purchase of goods or services or to solicit a charitable contribution ( "Solicitations "); (f) from and after September 1, 2009, it has obtained from the recipient of any Solicitation an express written agreement that meets the requirements set forth in Section 310.4(b)(1)(v)(A) of the FTC's Telemarketing Sales Rule; and (g) Client will not transmit or allow to be transmitted any Content or Messages that: (i) it does not have a right to make available under any law or under contractual or fiduciary relationship; (ii) are false, inaccurate, misleading, unlawful, harmful, threatening, abusive, harassing, tortuous, defamatory, vulgar, obscene, libelous, invasive of another's privacy, hateful, or racially, ethnically, or otherwise objectionable; or are harmful to minors in any way; (iii) infringe any patent, trademark, trade secret, copyright, or other proprietary rights or rights of publicity or privacy of any party; (iv) utilize any unsolicited or unauthorized advertising, promotional materials, "junk mail ", "spam ", or any other forms of solicitation; or (v) interfere with or disrupt the Services or servers or network operator networks. Upon request, Client shall provide reasonable proof of compliance with the provisions set forth in this section; and where Televox reasonably believes that Client may not have complied with such provisions or with all applicable laws, rules and regulations, Televox may, at its option (A) scrub all numbers against any appropriate data base deemed necessary to remove all cell phone numbers, (B) insert an interactive opt -out mechanism TeleVox HIGH TECH HUMAN TOUCH' 24361742_5.DOC TeleVox Confidential Service Agreement Pf Sponsored Vaccine Reminder Program and pass the resulting data to Client or (C) not provide any Services. To the extent permitted by Colorado law, Client shall indemnify, defend and hold Televox and Sponsor, its affiliates and their officers, directors, employees and agents harmless from and against any and all claims of loss, damages, liability, costs, and expenses (including reasonable attorneys' fees and expenses) arising out of or resulting from: (i) Televox following Client's instructions in sending the Messages or any breach of its obligations in this section; (ii) Client's failure to obtain prior express consent to contact each of the cell phone numbers delivered by Client to Televox in connection with the provision of Services or the failure of such consent to comply with any law, rule or regulation; (iii) the failure to provide an opt -out mechanism in connection with any Solicitation or the failure of any opt -out mechanism to comply with any law, rule or regulation; or (iv) Client's failure to comply with any third party rights or law, rules or regulations applicable to Client's systems, materials or programs relating to the Services. 8. Indemnity. To the extent permitted by Colorado law, Client shall indemnify, defend and hold TeleVox and Sponsor and their Affiliates, officers, directors and employees harmless from any and all third -party claims, actions, suits, proceedings, costs, expenses, damages (including punitive, treble and enhanced damages) and liabilities, including reasonable attorneys' fees arising out of, connected with or resulting from: (i) a breach by Client of any term of this Agreement; (ii) the Content ; or (iii) a claim by any customer of Client or any party called on Client's or its customer's behalf relating to any defect in any product or service offered by Client. TeleVox shall indemnify, defend and hold Client and its officers, directors and employees harmless from any and all third - party claims, actions, suits, proceedings, costs, expenses, damages (including punitive, treble and enhanced damages) and liabilities, including reasonable attomeys' fees which arise out of or result from a breach by TeleVox of any term of this Agreement. The party claiming indemnification shall: (i) promptly notify the indemnifying party of any claim in respect of which the indemnity may apply; (ii) relinquish control of the defense of the claim to indemnifying party; and (iii) provide the indemnifying party with all assistance reasonably requested in defense of the claim. The indemnifying party shall be entitled to settle any claim without the written consent of the indemnified party so long as such settlement only involves the payment of money by the indemnifying party and in no way affects any rights of the indemnified party. 9. Limitation of Liability. EXCEPT AS EXPRESSLY PROVIDED HEREIN, TELEVOX MAKES NO EXPRESS OR IMPLIED WARRANTIES, INCLUDING ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON - INFRINGEMENT. TELEVOX EXPRESSLY DENIES ANY REPRESENTATION OR WARRANTY ABOUT THE ACCURACY OR CONDITION OF DATA OR THAT THE SERVICES OR RELATED SYSTEMS WILL OPERATE UNINTERRUPTED OR ERROR -FREE. NO CAUSE OR ACTION RELATING TO THIS AGREEMENT MAY BE ASSERTED MORE THAN TWO (2) YEARS AFTER IT ACCRUED. CLIENT'S SOLE AND EXCLUSIVE REMEDY FOR ANY BREACH OF THIS AGREEMENT BY TELEVOX SHALL BE THE RIGHT TO TERMINATE THE AGREEMENT. UNDER NO CIRCUMSTANCES SHALL TELEVOX BE LIABLE TO CLIENT FOR ANY INDIRECT, EXEMPLARY, DIRECT, SPECIAL, PUNITIVE, CONSEQUENTIAL OR INCIDENTAL DAMAGES OR LOSS OF PROFITS GOODWILL OR DATA, OR COST OF COVER EVEN IF IT HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH. 10. Governing Law This Agreement shall be govemed and construed in accordance with the laws of the State of Colorado without regard to its conflict of law provisions. The parties agree that any legal action involving or related to this Agreement will be heard TeleVox HIGH TECH HUMAN TOUCH` 24361742_5.DOC TeleVox Confidential Service Agreement Pfizer- Sponsored Vaccine Reminder Program exclusively in the state courts located in Eagle County, Colorado, and irrevocably consent to the personal jurisdiction of such courts. 11. Health Insurance Portability and Accountability Act of 1996 ( "HIPAA "). If Client is a Covered Entity (as defined by HIPAA) and provides individually identifiable health information or PHI (each as defined by HIPAA) to TeleVox as a Business Associate (as defined by HIPAA), then the Business Associate Agreement set forth at Exhibit A is hereby incorporated by reference herein. 12. Third Party Beneficiary. Nothing herein expressed or implied is intended or should be construed to confer or give to any person or entity other than the Client or Televox, and their respective successors and assigns, any right, remedy or claim under or by reason hereof of by reason of any covenant or condition herein contained. The remainder of this page is intentionally left blank. Signature page follows. TeleVox HIGH TECH HUMAN TOUCH' 243617425.DOC TeleVox Confidential f Service Agreement Pfizer - Sponsored Vaccine Reminder Program AGREED TO: TeleVox Software, Incorporated CLIENT: County of Eagle, State of Colorado 1110 Montlimar Drive, Suite 700 Mobile, AL 36609 . ... Date (p4,i 1 1 I /L —��.�� Date V:7P/ TeleVox ig - ure Client Signature (*ew 615 _County Manager T itle Title q e _Keith Montag Name Printed l Name Printed Pfizer Inc, SPONSOR: D a tetigdiza Q7QI/ Pfizer Signature ( lJ ' ?ve SrcL1Ai 1 US Hatki k Ti c me la Merv. Name Printed Instructions to Client: Return at least three (3) signed originals to the following address for execution by TeleVox: TeleVox Software, Inc. 1110 Montlimar Drive Suite 700 Mobile, AL 36609 ATTN: Jeff Charnock Te leVox HIGH TECH HUMAN TOUCH' 243617425.DOC TeleVox Confidential Service Agreement Pfizer- Sponsored Vaccine Reminder Program EXHIBIT A Business Associate Agreement This Business Associate Agreement (this `BAA ") is entered into this day of , 2011 (the "Effective Date ") between TeleVox Software, Inc. ( "TeleVox ") who will provide certain services and the undersigned ( "Client ") to benefit from such services pursuant to an agreement between TeleVox and Client (the "Agreement ") and this BAA is incorporated by reference into the Agreement. The parties hereby agree as follows: Definitions The parties agree that the following terms, when used in this BAA, shall have the following meanings provided that the terms set forth below shall be deemed to be modified to reflect any changes made to such terms from time to time as defined in HIPAA, the Privacy Rule, The Security Rule, and the HITECH Standards (all as defined below). Examples of specific definitions: Business Associate. "Business Associate" shall mean TeleVox. Breach "Breach" shall mean the acquisition, access, use, or disclosure of Protected Health Information in a manner not permitted under the Privacy Rule which compromises the security or privacy of the Protected Health Information "Breach" shall not include: (1) Any unintentional acquisition, access, or use of Protected Health Information by a workforce member or person acting under the authority of the Covered Entity or Business Associate, if such acquisition, access, or use was made in good faith and within the scope of authority and does not result in further use or disclosure in a manner not permitted under the Privacy Rule; or (2) Any inadvertent disclosure by a person who is authorized to access Protected Health Information at the Covered Entity or Business Associate to another person authorized to access protected Health Information at the Covered Entity or Business Associate, respectively, or Organized Health Care Arrangement in which the covered Entity participates, and the information received as a result of such disclosure is not further used or disclosed in a manner not permitted under the Privacy rule; or (3) A disclosure of Protected Health Information where the Covered Entity or Business Associate has a good faith belief that an unauthorized person to whom the disclosure was made would not reasonably have been able to retain such information. TeleVox HIGH TECH HUMAN TOUCH' 24361742_5.DOC TeleVox Confidential Service Agreement Pfizer- Sponsored Vaccine Reminder Program Covered Entity. "Covered Entity" shall mean Client. HIPAA. "HIPAA" shall mean the Health Insurance Portability and Accountability Act of 1996, Public Law 104 -191. HITECH Standards. "HITECH Standards" shall mean the privacy, security and security Breach notification provisions applicable to a Business Associate under Subtitle D of the Health Information Technology for Economic and Clinical Health Act ( "HITECH "), which is Title XIII of the American Recovery and Reinvestment Act of 2009 (Public law 111 -5), and any regulations promulgated thereunder. Individual. "Individual" shall have the same meaning as the term "individual" in 45 CFR § 160.103 and shall include a person who qualifies as a personal representative in accordance with 45 CFR § 164.502(g). Privacy Rule. "Privacy Rule" shall mean the regulations promulgated under HIPAA by the United States Department of Health and Human Services to protect the privacy of Protected Health Information, including, but not limited to, 45 C.F.R. part 160 and 45 C.F.R. part 164, Subpart A and Subpart E. Protected Health Information. "Protected Health Information" shall have the same meaning as the term "protected health information" in 45 CFR § 160.103, limited to the information created or received by Business Associate from or on behalf of Covered Entity. Required By Law. "Required By Law" shall have the same meaning as the term "required by law" in 45 CFR § 164.103. Secretary. "Secretary" shall mean the Secretary of the Department of Health and Human Services or his designee. Security Rule "Security Rule" shall mean the regulations promulgated under HIPAA by the United States Department of Health and Human Services to protect the security of Electronic protected Health Information, including, but not limited to 45 C.F.R. part 160 and 45 C.F.R part 164, Subpart A and Subpart C. Any terms capitalized, but not otherwise defined, in the BAA shall have the same meaning as those terms have under HIPAA, the Privacy Rule, the Security Rule, and the HITECH Standards and shall be deemed to be modified to reflect any changes made to such terms from time to time as defined to HIPAA, the Privacy Rule, the Security Rule, and the HITECH Standards. Obligations and Activities of Business Associate Business Associate agrees to not use or. disclose Protected Health Information other than as permitted or required by the Agreement, the BAA or as required by law. Business Associate agrees to use appropriate safeguards to prevent use or disclosure of the Protected Health Information other than as provided for by this BAA. Business Associate further agrees to use appropriate Te1eVox HIGH TECH HUMAN TOUCH" 243617425.DOC TeleVox Confidential �/ Service Agreement Pfizer - Sponsored Vaccine Reminder Program administrative, physical and technical safeguards to protect the confidentiality, integrity and availability of any Electronic Protected Health Information in accordance with the Security Rule. Business Associate agrees to mitigate, to the extent practicable, any harmful effect that is known to Business Associate of a use or disclosure of Protected Health Information by Business Associate in violation of the requirements of this BAA. Business Associate agrees to report to Covered Entity any use or disclosure of Protected Health Information in violation of this BAA or applicable law by Business Associate or by a third party to whom Business Associate disclosed Protected Health Information pursuant to this BAA of which it becomes aware. Notwithstanding the foregoing provisions of this paragraph, Business Associate shall report to Covered Entity any Breach consistent with the regulations promulgated under HITECH by the United States Department of Health and Human Services at 45 C.F.R. part 164, Subpart D. Business Associate agrees to ensure that any agent, including a subcontractor, to whom it provides Protected Health Information received from, or created or received by Business Associate on behalf of Covered Entity agrees to the same restrictions and conditions that apply through this BAA to Business Associate with respect to such information. If applicable, at the request of Covered Entity and in a reasonable time and manner, Business Associate agrees to make available, Protected Health Information about an Individual contained in a. Designated Record Set for so long as information is maintained in a Designated Record Set, to Covered Entity in order to meet the requirements under 45 CFR § 164.524. If applicable, at the request of Covered Entity and in a reasonable time and manner Business Associate agrees to provide information to Covered Entity for the amendment of an individual's Protected Health Information or a record regarding an individual contained in a Designated Record Set (for so long as the Protected Health Information is maintained in the Designated Record Set pursuant to 45 CFR § 164.526 Business Associate agrees to make internal practices, books, and records, including policies and procedures and Protected Health Information, relating to the use and disclosure of Protected Health Information and the security of Electronic Protected Health Information received from, or created or received by Business Associate on behalf of, Covered Entity available to the Covered Entity, or to the Secretary, as agreed upon by the parties or designated by the Secretary, for purposes of the Secretary determining Covered Entity's compliance with HIPAA, the Privacy Rule, the Security Rule and the HITECH Standards. Such information shall be made available in a time and manner designated by the Covered Entity or Secretary of HHS. Business Associate agrees to document such disclosures of Protected Health Information and information related to such disclosures as would be required for Covered Entity to respond to a request by an Individual for an accounting of disclosures of Protected Health Information in accordance with 45 CFR § 164.528. In the event that any individual requests access to, amendment of, or accounting of Protected Health Information directly from Business Associate, Business Associate shall within seven (7) days forward such request to Covered Entity, Covered Entity shall have the responsibility of responding to forwarded request. Te1eVox HIGH TECH HUMAN TOUCH 24361742_5.DOC TeleVox Confidential Service Agreement Pfizer - Sponsored Vaccine Reminder Program However, if forwarding the individual's request to Covered Entity would cause Covered Entity or Business Associate to violate HIPAA, the Privacy Rule, or the HITECH Standards, Business Associate shall instead respond to the individual's request as required by such law and notify Covered entity of such response as soon as practicable. In conducting functions and/or activities under the Agreement and this BAA that involve the use and/or disclosure of Protected Health Information, Business Associate shall make reasonable efforts to limit the use and/or disclosure of Protected Health Information to the minimum amount of information necessary as determined by Covered Entity of accomplish the intended purpose of the use or disclosure. Notwithstanding any other provision in this BAA, no later than February 17, 2010, unless a separate effective date is specified by law or this BAA for a particular requirement (in which case the separate effective date shall be the effective date for that particular requirement), Business Associate shall comply with the HITECH Standards, including, but not limited to: (i) compliance with the requirements regarding minimum necessary under HITECH § 13405(b): (ii) requests for restrictions on use or disclosure to health plans for payment or health care operations purposes when the provider has been paid out of pocket in full consistent with HITECH § 13406(a); (iii) the prohibition of sale of PHI without authorization unless an exception under HITTECH § 13405(d) applies: (iv) the prohibition on receiving remuneration for certain communications that fall within the exceptions to the definition of marketing under 45 C.F.R. § 164.501 unless permitted by this BAA and Section 13406 of HITECH: (v) the requirements relating to the provision of access to certain information in electronic access under HITECH § 13405(e); (vi) compliance with each of the Standards and Implementation Specifications of 45 C.F.R. §§ 164.308 (Administrative Safeguards). 164.310(Physical Safeguards). 164.312 (Technical Safeguards) and 164316 (Policies and Procedures and Documentation Requirements); and (vii) the requirements regarding accounting of certain disclosures of PHI maintained in an Electronic Health Record under HITECH § 13405(c) to the extent that Business Associate discloses any PHI maintained in an Electronic Health Record on behalf of the Covered Entity pursuant to this BAA. The parties acknowledge that HIPAA, The Privacy Rule and the HITECH Standards contain provisions relating to marketing. Each party agrees it will not engage in any marketing activities that are not permitted under HIPAA, the Privacy Rule and the HITECH Standards. If applicable, Business Associate agrees to provide to Covered Entity or an Individual, in a reasonable time and manner, information collected in accordance with the above Sections of this BAA, to permit Covered Entity to respond to a request by an Individual for an accounting of disclosures of Protected Health Information in accordance with 45 CFR § 164.528. Permitted Uses and Disclosures by Business Associate Except as otherwise limited in this BAA, Business Associate may use or disclose Protected Health Information to perform functions, activities, or services for, or on behalf of, Covered Entity as specified in the Agreement if such use or disclosure would not violate HIPAA, the Privacy Rule or the HITECH Standards if done by Covered Entity or the minimum necessary policies and procedures of the Covered Entity Or such use or disclosure is permitted under this BAA. TeleVox HIGH TECH HUMAN TOUCH' 243617425.DOC _ TeleVox Confidential Service Agreement Pfizer- Sponsored Vaccine Reminder Program Except as otherwise limited in this BAA, Business Associate may use Protected Health Information for the proper management and administration of the Business Associate or to carry out the legal responsibilities of the Business Associate. Except as otherwise limited in this BAA, Business Associate may disclose Protected Health Information for the proper management and administration of the Business Associate, provided that Protected Health Information may only be disclosed for such purposes if the disclosures are Required By Law, or Business Associate obtains reasonable assurances from the person to whom the information is disclosed that it will remain confidential and will be used or further disclosed only as Required By Law or for the purpose for which it was disclosed to the person, and the person notifies the Business Associate of any instances of which it is aware in which the confidentiality of the information has been breached. Except as otherwise limited in this BAA, Business Associate may use Protected Health Information to provide Data Aggregation services to Covered Entity as permitted by 45 CFR § 164.504(e)(2)(i)(B). Business Associate may use Protected Health Information to report violations of law to appropriate Federal and State authorities, consistent with 45 C.F.R § 164.502(j)(1). Obligations of Covered Entity Provisions for Covered Entity to Inform Business Associate of Privacy Practices and Restrictions Covered Entity shall notify Business Associate of any limitation(s) in its notice of privacy practices of Covered Entity in accordance with 45 CFR § 164.520, to the extent that such limitation may affect Business Associate's use or disclosure of Protected Health Information. Covered Entity shall notify Business Associate of any changes in, or revocation of, permission by Individual to use or disclose Protected Health Information, to the extent that such changes may affect Business Associate's use or disclosure of Protected Health Information. Covered Entity shall notify Business Associate of any restriction to the use or disclosure of Protected Health Information that Covered Entity has agreed to in accordance with 45 CFR § 164.522, to the extent that such restriction may affect Business Associate's use or disclosure of Protected Health Information. Permissible Requests by Covered Entity Covered Entity shall not request Business Associate to use or disclose Protected Health Information in any manner that would not be permissible under the Privacy Rule or the HITECH Standards if done by Covered Entity or that is not otherwise permitted pursuant to this BAA.. Term and Termination Term. The Term of this BAA shall be effective as of the Effective Date, and shall continue until terminated in accordance with this BAA, or until the Agreement terminates. TeleVox HIGH TECH HUMAN TOUCH' 24361742_5.DOC _ TeleVox Confidential Service Agreement Pfizer - Sponsored Vaccine Reminder Program • Termination for Cause. Upon Covered Entity's knowledge of a material breach by Business Associate, Covered Entity shall either: Provide an opportunity for Business Associate to cure the breach or end the violation and terminate this BAA if Business Associate does not cure the breach or end the violation within 30 days of written notice; or Immediately terminate this BAA if Business Associate has breached a material term of this BAA and cure is not possible. If termination is not feasible, Covered Entity shall report the violation to the Secretary. Upon Business Associate's knowledge of a material breach by Covered Entity, Business Associate shall either: Provide an opportunity for Covered Entity to cure the breach or end the violation and terminate this BAA if Covered Entity does not cure the breach or end the violation within 30 days of written notice; or Immediately terminate this BAA if Covered Entity has breached a material term of this BAA and cure is not possible. If termination is not feasible, Business Associate shall report the violation to the Secretary. Effect of Termination. Except as provided in this BAA, upon termination of this BAA, for any reason, Business Associate shall return or destroy all Protected Health Information received from Covered Entity, or created or received by Business Associate on behalf of Covered Entity. This provision shall apply to Protected Health Information that is in the possession of subcontractors or agents of Business Associate. Except as provided in this BAA, Business Associate shall retain no copies of the Protected Health Information. In the event that Business Associate determines that returning or destroying the Protected Health Information is infeasible, Business Associate shall provide to Covered Entity notification of the conditions that make return or destruction infeasible. In such case, Business Associate shall extend the protections of this BAA to such Protected Health Information and limit further uses and disclosures of such Protected Health Information to those purposes that make the return or destruction infeasible, for so long as Business Associate maintains such Protected Health Information. Miscellaneous Regulatory References. A reference in this BAA to a section in HIPAA, the Privacy Rule, the Security Rule or the HITECH Standards means the section as in effect or as amended, from time to time. Amendment. Covered Entity and Business Associate agree that amendment of this BAA may be required to ensure that Covered Entity and Business Associate comply with changes to the privacy, security and confidentiality of Protected Health Information, including, but not limited to, changes under the Privacy Rule, the Security Rule and the HITECH Standards. TeleVox HIGH TECH HUMAN TOUCH" 24361742_5.DOC - TeleVox Confidential • Service Agreement Pfizer- Sponsored Vaccine Reminder Program Survival. The respective rights and obligations of Business Associate under Section the "Effect of Termination" Section of this BAA shall survive the termination of this BAA. Interpretation. Any ambiguity in this BAA shall be resolved in favor of a meaning that permits Covered Entity to comply with HIPPA, the Privacy Rule, the Security Rule, and the HITECH Standards. State Law. Nothing in this BAA shall be construed to require Business Associate to use or disclose Protected Health Information without a written authorization from an individual who is a subject of the Protected Health Information, or written authorization from any other person, where such authorization would be required under state law for such use or disclosure. No Third Party Beneficiaries. Nothing express or implied in this BAA is intended or shall be deemed to confer upon any person other than Covered Entity, Business Associate, and their respective successors and assigns, any rights, obligations, remedies or liabilities. Primacy. To the extent that any provisions of this BAA conflict with the provisions of any other agreement or understanding between the Parties, this BAA shall control with respect to the subject matter of this BAA. IN WITNESS WHEREOF, the parties hereby execute and authorize this BAA as of the date first set forth above. TELEVOX SOFTWARE, INC. CLIENT: County of Eagle, State of Colorado. TeleVox Signature Client Signature County Manager Title Title Keith Montag Name Printed Name Printed Te1eVox HIGH TECH HUMAN TOUCH` 24361742_s.DOC _ TeleVox Confidential