1154-Blue Cross and Blue Shield Service Agreementc - k � '_S4
ADMINISTRATIVE SERVICES AGREEMENT
between
BLUE CROSS AND BLUE SHIELD OF FLORIDA, INC.
and
CITY OF SANFORD
This Administrative Services Agreement (hereinafter referred to as the
"Agreement "), made this a'7 day of j �Gie, 2005, is by and between Blue Cross and
Blue Shield of Florida, Inc., a Florida corporation having its principal place of business
at 4800 Deerwood Campus Parkway, Jacksonville, Florida 32246 (hereinafter referred
to as the "BCBSF ") and City of Sanford located at 300 North Park Avenue, Sanford,
Florida 32772 -1788 (hereinafter referred to as the "Employer ").
WHEREAS, the Employer has established and currently sponsors a self- insured
Employee Welfare Benefit Plan, to provide certain benefits (attached hereto as Exhibit
"A" and hereinafter called the "Group Health Plan ") for covered group members and
their covered dependents; and
WHEREAS, except as otherwise specifically provided herein, the Employer is to
retain all liabilities under its Group Health Plan, and BCBSF is to provide the agreed
upon services to the Group Health Plan without assuming any such liability; and
WHEREAS, the Employer desires that, with respect to the Group Health Plan,
BCBSF furnish certain claims processing and administrative services.
NOW, therefore, in consideration of the mutual promises contained herein, and
other good and valuable consideration, the parties agree as follows:
SECTION I
TERM
1.1 Initial Term
r °. The initial term of this Agreement shall be a period of one (1) year
commencing on October 1, 2004 (notwithstanding the date of execution) and
ending on September 30, 2005, and shall be renewable for an additional one
(1) year term, at the option of the Employer, said renewal term commencing
on October 1, 2005 and ending on September 30, 2006.
ASAPPOSTD
1.2 Renewal Terms
This Agreement will automatically renew each anniversary date for
successive one year terms at the renewal rates then in effect, unless either
party notifies the other party of its intent not to extend this Agreement at
least 30 days prior to the applicable anniversary date.
SECTION II
DUTIES AND RESPONSIBILITIES OF THE EMPLOYER
2.1 Final Authority
The Employer retains all final authority and responsibility for the Group
Health Plan including, but not limited to eligibility and enrollment for coverage
under the Group Health Plan, the existence of coverage, the benefits
structure of the Group Health Plan, claims payment decisions, cost
containment program decisions, utilization benefits management,
compliance with the requirements of COBRA (Consolidated Omnibus Budget
Reconciliation Act of 1985, as amended), compliance with the requirements
of ERISA (Employee Retirement Income Security Act of 1974, as amended),
compliance with reporting and remitting abandoned property funds, and
compliance with any other state and federal law or regulation applicable to
the Employer, the Group Health Plan, or the administration of the Group
Health Plan.
The Employer agrees to provide BCBSF with any information BCBSF
reasonably requires in order to perform the administrative services set forth
herein.
2.2 Eligibility and Enrollment
As of the first day of the term of this Agreement, the Employer will have
delivered to BCBSF enrollment information regarding eligible and properly
enrolled members, as determined by the Employer. The Employer shall
deliver to BCBSF all employee and dependent eligibility status changes on a
monthly basis, or more frequently as mutually agreed by the parties.
The Employer shall be responsible for providing each covered employee with
a copy of the plan document which shall include the Group Health Plan.
ASAPPOSTD
2.3 Financial Obligations.
A. Claims Payment
The Employer is financially responsible for the payment of all claims
paid under the Group Health Plan. Financial arrangements regarding
the payment of such claims are set forth in Exhibit "B ".
B. Administrative Fees
The Employer agrees to promptly pay all administrative fees as set
forth in Exhibit "B ". Administrative fees are not subject to change
during the initial term of this Agreement, except as set forth below. The
administrative fees shall be payable to BCBSF within 10 days of written
notification to the Employer of the amount owed.
C. Late Charges
In the event the Employer fails to pay any amount owed in full by the
due date, the Employer shall pay BCBSF, in addition to the amount
due, a late charge as set forth in Exhibit "B ".
D. Modifications
BCBSF may modify the administrative fees contained in Exhibit "B" at
any time on or after the first anniversary of this Agreement's effective
date, upon giving forty -five (45) days prior written notice to the
Employer. Additionally, BCBSF, at any time, may modify the
administrative fee, if the Employer substantially modifies the Group
Health Plan or changes enrollment.
2.4 Use of Names and Logos
The Employer agrees to allow BCBSF to use the Employer's name and logo
on I.D. cards and other forms necessary to effectuate this Agreement, and to
promote the Employer's relationship with BCBSF to potential or existing
providers. BCBSF shall not use the Employer's name or logo for any other
purpose without the prior written consent of the Employer. BCBSF may only
reasonably use the Employer's name for necessary purposes.
The Employer agrees that the names, logos, symbols, trademarks,
tradenames, and service marks of BCBSF, whether presently existing or
hereafter established, are the sole property of BCBSF and BCBSF retains
the right to the use and control thereof. The Employer shall not use
BCBSF's name, logos, symbols, trademarks or service marks in advertising
or promotional materials or otherwise without the prior written consent of
ASAPPOSTD
BCBSF and shall cease any such usage immediately upon written notice by
BCBSF or upon termination of this Agreement, whichever is sooner.
SECTION III
DUTIES AND RESPONSIBILITIES OF BCBSF
3.1 Generally
It is understood and agreed that BCBSF is empowered and required to act
with respect to the Group Health Plan only as expressly stated herein.
The Employer and BCBSF agree that BCBSF's role is to provide
administrative claims payment services, that BCBSF does not assume any
financial risk or obligation with respect to claims, that the services rendered
by BCBSF under this Agreement shall not include the power to exercise
control over the Group Health Plan's assets, if any, or discretionary authority
over the Health Care Plan's operations, and that BCBSF will not for any
purpose, under ERISA or otherwise, be deemed to be the "Plan
Administrator" of the Group Health Plan or a "fiduciary" with respect to the
Group Health Plan. BCBSF's services hereunder are intended to and shall
consist only of ministerial functions. The Group Health Plan's "Administrator"
for purposes of ERISA is the Employer.
3.2 Enrollment: Forms and I.D. Cards
BCBSF shall enroll those individuals who have completed an application and
are identified by the Employer as eligible for benefits under the Group Health
Plan on the effective date of this Agreement, and subsequently during the
continuance of this Agreement. BCBSF shall be entitled to rely on the
information furnished to it by the Employer, and the Employer shall hold
BCBSF harmless for any inaccuracy or failure to provide such information in
a timely manner.
BCBSF shall furnish to the Employer, for distribution to persons participating
in the Group Health Plan, a supply of identification cards, benefit plan
descriptions, forms to be used for submission of claims and enrollment, and
any other forms necessary for the administration of the Group Health Plan,
as determined by BCBSF.
3.3 Claims Processing
BCBSF shall provide claims processing services on behalf of the Employer
for all properly submitted claims, in accordance with the benefits and
procedures set forth in Exhibit "A ", using funds solely supplied by the
4
ASAPPOSTD
Employer, as set forth in Exhibit "B ". BCBSF shall furnish each claimant with
an explanation of each claim that is paid, rejected, suspended or denied.
For purposes of this Agreement, the term "claim(s)" shall be defined as the
amount paid or payable by BCBSF to providers of services and /or covered
group members under this Agreement and the Group Health Plan, and in
conformity with any agreements BCBSF enters into with such providers of
services, and includes capitation, physician incentives, pharmacy, physician,
hospital and other fee - for - service claims expenditures.
Processing services shall be provided in a timely manner by BCBSF and
BCBSF shall adhere to any and all statutory and other guidelines and
requirements of law and shall pay any and all fees and charges that may
result from BCBSF's failure to comply with any and all statutory and other
guidelines and requirements of law when such failure is the fault of BCBSF
3.4 Program Administration
BCBSF shall administer its established cost containment programs and
utilization benefits management programs, as selected by the Employer and
described in the Group Health Plan.
BCBSF shall make available its Preferred Provider Organization Program(s)
to covered group members and their covered dependents, as set forth in the
Group Health Plan. Any agreements between providers of services and
BCBSF are the sole property of BCBSF and BCBSF retains the right to the
use and control thereof.
3.5 Inaccurate Payments
Whenever BCBSF becomes aware that the payment of a claim under the Group Health
Plan to any person was, or may have been, made which was not in accordance with the
terms of the Group Health Plan, whether or not such payment was BCBSF's fault, and
whether not such payment was more than or less than was appropriate under the terms
of the Group Health Plan, BCBSF shall investigate such payment in accordance with its
standard commercial insurance business practices and either 1) for a payment of
$50.00 or more, make a diligent effort to recover any payment which was more than
was appropriate under the Group Health Plan or 2) as the case may be, adjust any
claim the payment of which was less than appropriate under the Group Health Plan.
The Employer delegates to BCBSF the discretion and the authority to determine under
what circumstances to compromise a claim or to settle for less than the full amount of
the claim. BCBSF shall coordinate the payment and compromise of claims with the City
Manager of the Employer or his designee. In the event any part of an inaccurate
payment is recovered, the Employer will receive a refund from BCBSF. BCBSF shall
notify the Employer whenever attempted recovery is unsuccessful. Nothing herein shall
require BCBSF to institute a legal action or suit to recover payments made by BCBSF.
ASAPPOSTD
3.6 Records and Reports
BCBSF agrees to establish, maintain and provide to the Employer, records
and reports generated for the purposes of reporting claims experience and
conducting audits of operations. BCBSF will provide claims information only
accordance with Exhibit C (and Exhibit D, if applicable) to this Agreement.
BCBSF will not provide any information with regard to provider pricing
agreements or any other information which is of a confidential or proprietary
nature, as determined by the Administrator.
3.7 Pharmacy Rebates
In certain circumstances, BCBSF and /or its pharmacy benefit manager
( "PBM ") negotiate(s) and receive(s) formulary rebates, volume discounts,
and /or fees from certain drug manufacturers as a result of the inclusion of
such manufacturer's branded products on BCBSF's formularies ( "Rebates ").
The PBM generally passes Rebates through to BCBSF, less a 12.5%
fee as part of its compensation for its services. At times, the PBM may pass
through a guaranteed minimum amount per prescription that exceeds the
Rebates otherwise payable to BCBSF. In either situation, BCBSF passes
through 100% of the amounts it receives to the Employer.
BCBSF may receive a portion of the Rebates on a prepaid, estimated basis,
before any drug claims are filed and paid. To the extent that BCBSF
receives prepaid, estimated rebate amounts, BCBSF retains, as part of its
compensation, the interest earned on such amounts from the time it
receives such prepayments until it forwards the Employer's Rebates. This
time period is generally nine to twelve months. BCBSF expects to earn
interest at the rate of 1.25% per annum.
BCBSF pays the Employer its Rebates or guaranteed minimum amount after
BCBSF is able to determine the share attributable to the drug claims actually
made by Employer's group members. This typically occurs seven to nine
months after the end of the calendar quarter in which the drugs were
dispensed.
BCBSF will provide more specific information on the amounts retained by
BCBSF or the PBM upon request by the Employer.
3.8 Claims Payments
The source or sources of payment under the Group Health Plan are to be
only the assets of the Employer, and BCBSF will have no liability whatsoever
for providing a source from which payments will be made under the Health
Care Plan.
ASAPPOSTD
'3.9 Providers Outside the State of Florida
A. BlueCard
Administrator participates in a program called "BlueCard." Whenever
member's access health care services outside the geographic area BCBSF
serves, the claim for those services may be processed through BlueCard
and presented to BCBSF for payment in conformity with network access
rules of the BlueCard Policies then in effect ( "Policies "). Under BlueCard,
when members receive covered health care services within the geographic
area served by an on -site Blue Cross and /or Blue Shield Licensee ( "Host
Blue "), BCBSF will remain responsible to Employer for fulfilling BCBSF
contract obligations. However, the Host Blue will only be responsible, in
accordance with applicable BlueCard Policies, if any, for providing such
services as contracting with its participating providers and handling all
interaction with its participating providers. The financial terms of BlueCard
are described generally below.
B. Liability Calculation Method Per Claim
The calculation of member liability on claims for covered health care services
incurred outside the geographic area BCBSF serves and processed through
BlueCard will be based on the lower of the provider's billed charges or the
negotiated price BCBSF pays the Host Blue.
The calculation of Employer's liability on claims for covered health care
services incurred outside the geographic area BCBSF serves and processed
through BlueCard will be based on the negotiated price BCBSF pays the Host
Blue.
The methods employed by a Host Blue to determine a negotiated price will
vary among Host Blues based on the terms of each Host Blue's provider
contracts. The negotiated price paid to a Host Blue by Administrator on a
claim for health care services processed through BlueCard may represent:
(i) the actual price paid on the claim by the Host Blue to the health care
provider ( "Actual Price "), or
(ii) an estimated price, determined by the Host Blue in accordance with
BlueCard Policies, based on the Actual Price increased or reduced to reflect
aggregate payments expected to result from settlements, withholds, any
other contingent payment arrangements and non - claims transactions with all
of the Host Blue's health care providers or one or more particular providers
( "Estimated Price "), or
ASAPPOSTD
(iii) an average price, determined by the Host Blue in accordance with
BlueCard Policies, based on a billed charges discount representing the Host
Blue's average savings expected after settlements, withholds, any other
contingent payment arrangements and non - claims transactions for all of its
providers or for a specified group of providers ( "Average Price "). An Average
Price may result in greater variation to the member and the Employee from
the Actual Price than would an Estimated Price.
Host Blues using either the Estimated Price or Average Price will, in
accordance with BlueCard Policies, prospectively increase or reduce the
Estimated Price or Average Price to correct for over - or underestimation of
past prices. However, the amount paid by the member and the Employer is a
final price and will not be affected by such prospective adjustment. In
addition, the use of a liability calculation method of Estimated Price or
Average Price may result in some portion of the amount paid by the Employer
being held in a variance account by the Host Blue, pending settlement with its
participating providers. Because all amounts paid are final, the fund held in a
variance account, if any, do not belong to the Employer and are eventually
exhausted by provider settlements and through prospective adjustment to the
negotiated prices.
Statutes in a small number of states may require a Host Blue either (1) to use
a basis for calculating the member's liability for covered health care services
that does not reflect the entire savings realized, or expected to be realized,
on a particular claim or (2) to add a surcharge. Should any state statutes
mandate liability calculation methods that differ from the negotiated price
methodology or require a surcharge, the Host Blue would then calculate
member's liability and the Employer liability for any covered health care
services consistent with the applicable state statute in effect at the time the
member received those services.
C. Return of Recoveries
Under BlueCard, recoveries from a Host Blue or from participating providers
of a Host Blue can arise in several ways, including but not limited to anti -fraud
and abuse audits, provider /hospital audits, credit balance audits, utilization
review refunds, and unsolicited refunds. In some cases, the Host Blue will
engage third parties to assist in discovery or collection of recovery amounts.
The fees of such a third party are netted against the recovery. Recovery
amounts, net of fees, if any, will be applied in accordance with applicable
BlueCard Policies, which generally require correction on a claim -by -claim or
prospective basis.
Unless otherwise agreed to by the Host Blue, Home Licensees may request
adjustments from the Host Blue for full provider refunds due to the retroactive
cancellation of membership only for one year after the Inter - Licensee
ASAPPOSTD
financial settlement process date of the original claim. However, recovery of
claim payments associated with a retroactive cancellation may not be
possible if the recovery conflicts with the Host Blue's state law, provider
contracts or jeopardizes its relationship with its providers.
D. BlueCard Fees and Compensation
Employer understands and agrees (1) to pay certain fees and compensation
to BCBSF which BCBSF is obligated under BlueCard to pay to the Host Blue,
to the Blue Cross Blue Shield Association, or to the BlueCard vendors, unless
BCBSF's contract obligations to the Employer require those fees and
compensation to be paid only by Administrator and (2) that fees and
compensation under BlueCard may be revised from time to time without
Employer's prior approval in accordance with the standard procedures for
revising fees and compensation under BlueCard. Some of these fees and
compensation are charged each time a claim is processed through BlueCard
and include, but are not limited to, access fees, administrative expense
allowance fees, Central Financial Agency Fees, and ITS Transaction Fees.
Also, some of these claim -based fees, such as the access fee and the
administrative expense allowance fee may be passed on to the Employer as
an additional claim liability.
E. Inconsistencies
To the extent of any inconsistency between the above provision titled
"Providers Outside the State of Florida" and other terms or conditions of the
Agreement, the above provision controls.
SECTION IV
TERMINATION
4.1 Administration After Termination
The Employer is solely liable and responsible for all claims incurred under
the Group Health Plan by its covered group members and their dependents
during the term of this Agreement, including those incurred claims which are
not presented to the Employer or BCBSF during the term of this Agreement.
BCBSF will adjudicate all claims incurred during the term of this Agreement.
For purposes of this Agreement, the date of an incurred claim is the date the
particular service was rendered or the supply was furnished. After the
effective date of termination of this Agreement, the Employer will continue to
provide BCBSF with funds to pay claims incurred prior to the termination
date and will continue to pay the applicable administrative fees as set forth in
Exhibit "B ".
ASAPPOSTD
4.2 Unilateral Termination
The Employer or BCBSF may unilaterally terminate this Agreement upon 90
days prior written notice to the other after the initial term of this Agreement.
4.3 Termination On Anniversary Date
This Agreement shall automatically terminate as of the date of any
anniversary of the effective date of this Agreement, if either the Employer or
BCBSF has given at least 30 days prior written notice to the other of its
intention not to renew this Agreement as of that anniversary date.
4.4 Termination Upon Default
Upon the occurrence of any of the following events, as determined by
BCBSF, this Agreement will automatically terminate at the end of the 8th
business day following the day upon which the Employer is notified of any of
the events of default set forth hereunder, and then only in the event that the
Employer has not cured the incident of default:
The Employer's failure to provide adequate funds, as set in
Exhibit "B ", as necessary for the payment of claims pursuant to
the Group Health Plan;
2. The Employer's failure to pay any administrative fees or late
penalty as set forth in Exhibit "B" of this Agreement;
3. The Employer ceases to maintain a Group Health Plan;
4. The Employer modifies the Group Health Plan without the prior
written consent of BCBSF;
5. At any time BCBSF has reasonable grounds for insecurity with
respect to the Employer's financial ability to adequately fund the
Group Health Plan, and the Employer has failed to immediately
provide adequate assurances of financial soundness to BCBSF;
6. At any time any judicial or regulatory body determines that this
Agreement, or any provision of this Agreement, is invalid or illegal,
or that this arrangement constitutes an insurance policy or
program which is subject to state and /or federal insurance
regulations and /or taxation;
7. At any time the Employer otherwise materially breaches this
Agreement.
io
ASAPPOSTD
The events listed in this provision must be reasonably determined by
BCBSF.
4.5 Rights and Responsibilities Upon Termination
In the event of termination of this Agreement, the Employer will immediately
notify each covered group member of the termination date.
Termination of this Agreement for any reason shall not affect the rights or
obligations of either party which arise prior to the date of termination.
SECTION V
LEGAL ACTION; INDEMNIFICATION
5.1 Standard of Care
BCBSF and the Employer shall each use the care, skill, prudence and
diligence under the circumstances then prevailing that a prudent person
acting in a like capacity and familiar with such matters would use in the
conduct of an enterprise of like character and with like aims in the
performance of its duties hereunder.
Time is of the essence of the lawful performance of the duties and
obligations contained in this Agreement. The parties covenant and agree
that they shall diligently and expeditiously pursue their respective obligations
set forth in this Agreement.
5.2 Liability; Indemnification
BCBSF shall not be liable to the Employer or any other person for any
mistake of judgment or other action taken in good faith, or for any loss or
damage occasioned thereby, unless the loss or damage is due to BCBSF's
gross negligence, criminal conduct or fraudulent acts.
The Employer hereby agrees to indemnify and hold harmless BCBSF, its
directors, officers, employees and agents against any and all actions, claims,
lawsuits, settlements, judgments, costs, interest, penalties, expenses and
taxes, including but not limited to, attorneys fees and courts costs, resulting
from or arising directly or indirectly out of or in connection with any function
of BCBSF under this Agreement, including the administration of any Cost
Containment or Utilization Benefit Management Programs, or payments
made pursuant to the direction of the Employer, or arising from any legal
action or proceeding to recover benefits under this Agreement, in
consequence of any acts or omissions occurring during the operation of this
Agreement alleged to be a breach of fiduciary duty under ERISA, or arising
ASAPPOSTD
from any allegation of a breach of confidentiality arising out of a release of
confidential information to the Group or a third party unless it is determined
that the direct and sole cause of such liability was the result of gross
negligence, criminal conduct or fraudulent acts on the part of BCBSF or any
of its directors, officers, employees or agents. Further, the Employer agrees
to indemnify and hold harmless BCBSF for any taxes or assessments,
including penalties and interest, or any other amounts legally levied based
on the terms of this Agreement. This provision applies to any amounts
imposed, now or later, under the authority of any federal, state, or local
taxing jurisdiction. This provision will continue in effect after termination of
this Agreement for any reason. Nothing in this Agreement or any action
relating to this Agreement shall be construed as the Employer's waiver of
sovereign immunity beyond the limits set forth in Section 768.28, Florida
Statutes.
5.3 Legal Actions
In the event BCBSF is served with process in any lawsuit or is made a party
to any arbitration proceeding or other legal action relating to any matter for
which indemnification is required under the preceding paragraph, the
Employer shall, upon written request by BCBSF, immediately furnish a
defense to and indemnify and hold harmless BCBSF in any such lawsuit,
proceeding or other action and shall use its best efforts to secure, by motion
or otherwise, the dismissal of BCBSF from such lawsuit, proceeding or other
action. BCBSF will provide the Employer with available data and materials
that are reasonably necessary for the preparation of the defense of such
lawsuit, proceeding or other action.
SECTION VI
MISCELLANEOUS PROVISIONS
6.1 Amendment
Except as otherwise provided for herein, this Agreement may be modified,
amended, renewed, or extended only upon mutual agreement, in writing,
signed by the duly authorized representatives of the Employer and BCBSF.
6.2 Subsidiaries and Affiliates
Any of the functions to be performed by BCBSF under this Agreement may
be performed by BCBSF or any of its subsidiaries, affiliates, or designees.
6.3 Governing Law
12
ASAPPOSTD
This Agreement is subject to and shall be governed by the laws of the State
of Florida, except where those laws are preempted by the laws of the United
States.
All State laws relating to public records to include, but not be limited to,
Chapter 119, Florida Statutes, and Article I, Section 24 of the Constitution of
the State of Florida control as to any and all provisions of this Agreement.
6.4 Venue
All actions or proceedings instituted by the Employer or BCBSF hereunder
shall be brought in a court of competent jurisdiction in Seminole County,
Florida.
6.5 Waiver of Breach
Waiver of a breach of any provision of this Agreement shall not be deemed a
waiver of any other breach of the same or a different provision.
6.6 Inconsistencies
If the provisions of this Agreement are in any way inconsistent with the
provisions of the Group Health Plan, then the provisions of this Agreement
shall prevail and the other provisions shall be deemed modified, but only to
the extent necessary to implement the intent of the parties expressed herein.
6.7 Notices
Any notice required to be given pursuant to this Agreement shall be in
writing, postage pre -paid, and shall be sent by certified or registered mail,
return receipt requested, or by Federal Express or other overnight mail
delivery for which evidence of delivery is obtained by the sender, to BCBSF
or the Employer at the addresses indicated on the first page of this
Agreement, or such other addresses that the parties may hereafter
designate. The notice shall be effective on the date the notice was posted.
6.8 Entire Agreement
This Agreement, including the attachments hereto, contains the entire
agreement between BCBSF and the Employer with respect to the specific
subject matter hereof. Any prior agreements, promises, negotiations or
representations, either verbal or written, relating to the subject matter of this
Agreement and not expressly set forth in this Agreement are of no force and
effect.
This Agreement is the result of bona fide arms length negotiations between
the Employer and BCBSF and all parties have contributed substantially and
13
ASAPPOSTD
materially to the preparation of the Agreement. Accordingly, this Agreement
shall not be construed or interpreted more strictly against any one party than
against any other party.
6.9 Severability
In the event any provision of this Agreement is deemed to be invalid or
unenforceable, all other provisions shall remain in full force and effect.
6.10 Binding Effect of Agreement
The Agreement shall be binding upon and inure to the benefit of the parties,
their agents, servants, employees, successors, and assigns unless
otherwise set forth herein or agreed to by the parties.
6.11 Survival
The rights and obligations of the parties as set forth herein shall survive the
termination of this Agreement to the extent necessary to effectuate the intent
of the parties as expressed herein.
6.12 Independent Relationship
Notwithstanding any other provision of this Agreement, in the performance of
the obligations of this Agreement, each party is at all times acting and
performing as an independent contractor with respect to the other party. It is
further expressly agreed that no work, act, commission or omission of either
party (or any of its agents or employees) pursuant to the terms and
conditions of this Agreement, shall be construed to make or render such
party (or any of its agents or employees) an agent, servant, representative,
or employee of, or joint venture with, such other party.
6.13 Hiring Practices
BCBSF agrees that it will not discriminate against any person because of
race, color, religion, sex, age, national origin or disability and will take
affirmative steps to insure that all persons are treated during employment
without regard to race, color, religion, sex, age, national origin or disability.
This provision shall include, but not be limited to, the following: employment,
upgrading, demotion or transfer; recruitment advertising; layoff or
termination; rates of pay or their forms or compensation; and selection for
training, including apprenticeship. BCBSF, moreover, shall comply with all
the requirements as imposed by the Americans with Disability Act, the
regulations of the Federal government issued thereunder, and any and all
requirements of State law related thereto. BCBSF shall not discriminate on
the grounds of race, color, religion, sex, or national origin in the performance
of work under this Agreement.
14
ASAPPOSTD
BCBSF warrants that it has not employed or retained any company or
person, other than a bona fide employee working solely for BCBSF, to solicit
or secure this Agreement and that BCBSF has not paid or agreed to pay any
person, company, corporation, individual or firm other than a bona fide
employee working solely for BCBSF, any fee, commission, percentage, gift,
or any other consideration, contingent upon or resulting from the award of
making this Agreement.
6.14 Tobacco Litigation Disclosure
The Employer understands and acknowledges that BCBSF is currently a
plaintiff, together with a number of other Blue Cross and /or Blue Shield
organizations, in an action filed in the United States District Court for the
Eastern District of New York on April 29, 1998 against the major tobacco
manufacturers and related entities (the "Tobacco Litigation "). The action is
entitled Blue Cross and Blue Shield of New Jersey, Inc. et al. v. Philip Morris,
Inc. et al. (No. CV98 -3287 (JBW)). The Employer further understands and
acknowledges that: (1) the suit seeks both injunctive relief and
reimbursement of billions of dollars in damages attributable to the payment
of health care costs for tobacco - related illnesses; (2) BCBSF has offered to
its customers who have an Administrative Services Agreement in effect
either (a) as of the date of the filing of the complaint or (b) at a date
subsequent to the filing of the complaint up through December 31, 1998
( "ASO customers "), the opportunity to participate in the Tobacco Litigation;
(3) certain of those ASO customers have decided to participate in the
Tobacco Litigation (those ASO customers of BCBSF that have decided to
participate in the Tobacco Litigation are referred to below as the
"Participating ASO Customers "); (4) BCBSF intends to seek to recover
damages, among other things, for benefits paid for medical care provided to
its insureds, and as claims administrator for its Participating ASO
Customers, additional damages with respect to benefits paid by them for
tobacco - related illnesses during the period that BCBSF served as their
claims administrator; (5) the damages BCBSF intends to seek to recover in
the Tobacco Litigation cover the period both prior to the filing of the
complaint on April 29, 1998 and the period subsequent to the filing of the
complaint; (6) the period subsequent to the filing of the complaint for which
BCBSF intends to seek to recover damages will likely overlap with the time
period during which BCBSF will serve as claims administrator on behalf of
the Employer; (7) if BCBSF recovers money by way of a settlement or
judgment in the Tobacco Litigation, then the Participating ASO Customers
are likely to receive a pro rata share of that monetary recovery and that pro
rata share may be substantial; (8) because the Employer was not an ASO
customer either as of the date of filing the complaint or at a date subsequent
to the filing of the complaint up through December 31, 1998, BCBSF has not
offered the Employer the option of participating in the Tobacco Litigation
is
ASAPPOSTD
and, as a consequence, if BCBSF recovers money by way of a settlement or
judgment in the Tobacco Litigation, the Employer: (a) will not receive any
pro rata share of that monetary recovery, (b) will not be entitled to any pro
rata share of that monetary recovery, and (c) will not assert or interpose any
claim with respect to that monetary recovery; and (9) THE EMPLOYER IS
FREE TO BRING A SEPARATE ACTION (EITHER ALONE OR WITH
OTHER PLAINTIFFS) AGAINST THE MAJOR TOBACCO
MANUFACTURERS AND RELATED ENTITIES IF IT CHOOSES TO DO
SO. The Employer hereby agrees to indemnify and hold harmless BCBSF,
its directors, officers, employees and agents against any and all actions,
claims, lawsuits, settlements, judgments, costs, interest, penalties, expenses
and taxes, including but not limited to, attorney's fees and court costs,
resulting from or arising directly or indirectly out of or in connection with the
participation, or non - participation, by the Employer in the Tobacco Litigation
and /or in any other actions against the major tobacco manufacturers and
related entities.
6.14 Execution of Agreement
This Agreement may be executed in any number of counterparts, each of
which shall be deemed an original and such counterparts shall constitute
one and the same instrument.
IN WITNESS WHEREOF, on the date first written above, the parties have caused
this Agreement to be executed by their duly authorized representatives.
BLUE CROSS AND BLUE SHIELD
FLORIDA, IN
Signature
Name (Printed)
Title
Date
CITY OF SANFORD
Siog6ature
1Cevft, L, Sm /t
Name (Printed)
F; i h Aj, Cc -ii G'ed
Title
Tulle - aDo�
Date
16
ASAPPOSTD
EXHIBIT "A"
to the
ADMINISTRATIVE SERVICES AGREEMENT
between
BLUE CROSS AND BLUE SHIELD OF FLORIDA, INC.
and
CITY OF SANFORD
GROUP HEALTH PLAN
The entire Group Health Plan is attached hereto and made a part of this Agreement.
17
ASAPPOSTD
EXHIBIT "B"
to the
ADMINISTRATIVE SERVICES AGREEMENT
between
BLUE CROSS AND BLUE SHIELD OF FLORIDA, INC.
and
CITY OF SANFORD
FINANCIAL ARRANGEMENTS
Effective Date
The effective date of this Exhibit is October 1, 2004.
II. Monthly Payments
A. Each month, BCBSF will notify the Employer of the amount due to satisfy
the previous month's paid claims liability. BCBSF also will provide the
Employer with a detailed printout of the previous months claim payments.
The Employer agrees to pay the full amount of the bill within ten (10) days
of the written notification. If the payment is not received by BCBSF by the
payment due date, the payment will be considered past due and subject to
a late payment charge, as set forth below. Additionally, BCBSF will
immediately suspend claims until payment is received by BCBSF.
B The Employer agrees to pay to BCBSF, each month during and after the
term of this Agreement, an administrative fee, as set forth below. The
Employer agrees to pay to BCBSF, each month, the administrative fee
within ten (10) days of the written notification of the amount due. If
payment is not received by BCBSF by the due date, the payment will be
considered past due and subject to a late payment charge, as set forth
below. Additionally, BCBSF will immediately suspend claims until payment
is received by BCBSF.
III. Funding Information
A. Method of Funding Transfer: ACH
IV. Administrative Fees
A. Administrative fees during the term of the Agreement:
Exhibit B -B1-
$ 43.00 per enrolled employee per month from October 1, 2004 through
September 30, 2005 and no greater than $48.00 per enrolled employee per
month from October 1, 2005 through September 30, 2006.
B. Administrative fees after the termination of the Agreement: N/A % of
claims paid.
V. Late Payment Penalty
A. A daily charge of .00038 times the amount of overdue payment.
The provisions of the Prompt Payment Act shall apply to this Agreement.
VI. Expected Enrollment
A. The administrative fees referenced above are based on an expected
enrollment of: Single — 319 and Family — 254.
B. If the actual enrollment is materially different from this expected enrollment,
BCBSF reserves the right to adjust the administrative fees as set forth in
the Agreement. Actual administrative fees will be charged based on actual
enrollment.
Exhibit B -B2-
EXHIBIT "C"
to the
ADMINISTRATIVE SERVICES AGREEMENT
between
BLUE CROSS AND BLUE SHIELD OF FLORIDA, INC.
and
CITY OF SANFORD
HIPAA -AS ADDENDUM TO ADMINISTRATIVE SERVICES AGREEMENT
This addendum ( "Addendum ") is effective upon execution and amends that Administrative Services
Agreement ( "Agreement ") made as of October 1, 2004 by and among Blue Cross and Blue Shield of
Florida, Inc. ( "Administrator "); City of Sanford ( "Employer ") and City of Sanford Health Plan ( "GHP ").
WHEREAS, Employer has established and maintains GHP as a self - insured employee welfare benefit
plan, as described in GHP's Plan Document (referred to in the Agreement as the Group Health Plan); and
WHEREAS, Employer and GHP desire to retain Administrator to provide certain claim processing and
administrative services with respect to GHP; and
WHEREAS, Employer, GHP, and Administrator agree to modify the Agreement to incorporate the
provisions of this Addendum to address applicable requirements of the implementing regulations, codified
at 45 Code of Federal Regulations ( "C.F.R. ") Parts 160 -64, for the Administrative Simplification
provisions of Title II, Subtitle F of the Health Insurance Portability and Accountability Act of 1996
(collectively, "HIPAA -AS "), so that GHP may meet its compliance obligations under HIPAA -AS, and to
include additional provisions that Employer, GHP, and Administrator desire to have as part of the
Agreement;
NOW, THEREFORE, in consideration of the mutual promises contained herein, Employer, GHP, and
Administrator hereby agree as follows:
PART 1— DEFINITIONS
I. DEFINITIONS
All capitalized terms in this Addendum that are not defined by this Addendum will have the meaning
ascribed to them by 45 C.F.R. Parts 160 -64. The following terms have the following meanings when used
in this Addendum:
A. "Covered Employee" means the person to whom coverage under GHP has been extended
by Employer.
B. "Covered Person" means the Covered Employee and any other persons to whom coverage
has been extended under GHP as specified by GHP's Plan Document.
C. "Creditable Coverage Certificate" means a certificate disclosing information relating to an
individual's creditable coverage under a health care benefit program for purposes of
reducing any preexisting condition limitation or exclusion imposed by any group health
plan coverage.
Cl
HIPAA \BA
D. "Disclose" and "disclosure" mean, with respect to Protected Health Information, release,
transfer, providing access to or divulging to a person or entity not within Administrator.
E. "Electronic Protected Health Information" means Protected Health Information that is
(1) transmitted by electronic media or (2) maintained in electronic media.
F. "Protected Health Information" means the Protected Health Information, as that term is
defined in 45 C.F.R. § 160.103, that Administrator creates or receives for, on behalf of, or
from GHP (or from a GHP Business Associate) in the performance of Administrator's
duties under the Agreement and this Addendum. For purposes of this Addendum,
Protected Health Information encompasses Electronic Protected Health Information.
G. "Plan Document" means GHP's written documentation that informs Covered Persons of
the benefits to which they are entitled from GHP and describes the procedures for (1)
establishing and carrying out funding of the benefits to which Covered Persons are entitled
under GHP, (2) allocating and delegating responsibility for GHP's operation and
administration, and (3) amending the Plan Document. Employer and GHP represent and
warrant that GHP's Plan Document provides for the allocation and delegation of the
responsibilities assigned to Administrator under the Agreement.
I. "Use" means, with respect to Protected Health Information, utilization, employment,
examination, analysis or application within Administrator.
PART 2-- ADMINISTRATOR'S RESPONSIBILITIES
II. SERVICES PROVIDED BY ADMINISTRATOR
During the continuance of the Agreement, Administrator will perform the services set forth in the
Agreement with respect to the benefits offered to Covered Persons by GHP.
III. PRIVACY AND SECURITY OF PROTECTED HEALTH INFORMATION
A. Preservation of Privacy
Administrator will keep confidential all Protected Health Information that Administrator creates or
receives on GHP's behalf or receives from GHP (or another Business Associate of GHP) in the
performance of its duties under the Agreement and this Addendum.
B. Prohibition on Non - Permitted Use or Disclosure
Administrator will neither use nor disclose Protected Health Information (including any Protected
Health Information that Administrator may receive from a GHP Business Associate) except (1) as
permitted or required by this Addendum, (2) as permitted or required in writing by GHP, or (3) as
Required by Law.
C. Permitted Uses and Disclosures
Administrator will be permitted to use or disclose Protected Health Information only as follows:
C2
HIPAA \BA
1. Functions and Activities on GHP's Behalf
Administrator will be permitted to use and disclose Protected Health Information for the
performance of services set forth in the Agreement, which the parties agree are intended to
include, but are not limited to, Payment activities and Health Care Operations, and which
shall hereby also include Data Aggregation.
2. Payment Activities and Health Care Operations
Administrator will be permitted to disclose Protected Health Information in accordance
with 45 C.F.R. § 164.506(c) for the Payment activities of another Covered Entity or Health
Care Provider and for the qualifying Health Care Operations of another Covered Entity.
3. Covered Person Permission
Administrator will be permitted to use or disclose Protected Health Information in
accordance with an authorization or other permission granted by an Individual (or the
Individual's Personal Representative) in accordance with 45 C.F.R. § 164.508 or 45 C.F.R.
§ 164.510, as applicable.
4. Administrator's Own ManaEement and Administration
a. Protected Health Information Use
Administrator will be permitted to use Protected Health Information as necessary
for Administrator's proper management and administration or to carry out
Administrator's legal responsibilities.
b. Protected Health Information Disclosure
Administrator will be permitted to disclose Protected Health Information as
necessary for Administrator's proper management and administration or to carry
out Administrator's legal responsibilities only (i) if the disclosure is Required by
Law, or (ii) if before the disclosure, Administrator obtains from the entity to which
the disclosure is to be made reasonable assurance, evidenced by written contract,
that the entity will (1) hold Protected Health Information in confidence, (2) use or
further disclose Protected Health Information only for the purposes for which
Administrator disclosed it to the entity or as Required by Law; and (3) notify
Administrator of any instance of which the entity becomes aware in which the
confidentiality of any Protected Health Information was breached.
5. De- Identified Health Information
Administrator may use Protected Health Information to create De- Identified Health
Information in conformance with 45 C.F.R. § 164.514(b). Administrator may use and
disclose De- Identified Health Information for any purpose, including after any termination
of the Agreement and this Addendum.
C3
HIPAA \BA
6. Limited Data Set
a. Creation of Limited Data Set Administrator may use Protected Health
Information to create a Limited Data Set:
i. that contains the minimum amount of Protected Health Information
reasonably necessary to accomplish the purposes set out in Paragraph b of
this Section III.C.6, below; and
ii. from which have been removed all of the direct identifiers, as specified in
45 C.F.R. § 164.514(e)(2), of the Individuals whose Protected Health
Information is included in the Limited Data Set and of the relatives,
household members and employers of those Individuals.
b. Administrator's Permitted Uses and Disclosures Administrator may use and
disclose the Limited Data Set for only Health Care Operations permitted by this
Addendum.
c. Prohibition on Unauthorized Use or Disclosure
i. Administrator will neither use nor disclose the Limited Data Set for any
purpose other than as permitted by Paragraph b of this Section III.C.6, as
otherwise permitted in writing by GHP, or as Required by Law.
ii. Administrator is not authorized to use or disclose the Limited Data Set in a
manner that would violate the Privacy Rule, 45 C.F.R. Part 164, Subpart E,
if done by GHP.
iii. Administrator will not attempt to identify the information contained in the
Limited Data Set or contact any Individual who may be the subject of
information contained in the Limited Data Set.
d. Information Safeguards Administrator will adopt and use appropriate
administrative, physical, and technical safeguards to preserve the integrity and
confidentiality of the Limited Data Set and to prevent its use or disclosure other
than as permitted by this Section III.C.6.
e. Permitted Subcontractors, and Agents Administrator will require any agent or
subcontractor to which it discloses the Limited Data Set, to agree to comply with
the same restrictions and conditions that apply to Administrator's use and
disclosure of the Limited Data Set pursuant to this Section III.C.6.
C Breach of Privacy Obligations Administrator will report to GHP any use or
disclosure of the Limited Data Set that is not permitted by this Section III.C.6 of
which Administrator becomes aware.
D. Minimum Necessary
Administrator will, in the performance of its functions and activities on GHP's behalf under the
Agreement and this Addendum, make reasonable efforts to use, to disclose, or to request of a
Covered Entity only the minimum necessary amount of Protected Health Information to
C4
HIPAA \BA
accomplish the intended purpose of the use, the disclosure, or the request, except that
Administrator will not be obligated to comply with this minimum necessary limitation with
respect to:
Disclosures to GHP, as distinguished from disclosures to Employer;
2. Disclosure to or request by a health care provider for Treatment;
3. Use with or disclosure to a Covered Person who is the subject of Protected Health
Information, or that Covered Person's Personal Representative;
4. Use or disclosure made pursuant to an authorization compliant with 45 C.F.R.
§ 164.508 that is signed by an Individual who is the subject of Protected Health
Information to be used or disclosed, or by that Individual's Personal
Representative, as defined in 45 C.F.R. § 164.502(g);
5. Disclosure to the United States Department of Health and Human Services
( "DHHS ") in accordance with Section VIII below;
6. Use or disclosure that is Required by Law; or
7. Any other use or disclosure that is excepted from the minimum necessary limitation
as specified in 45 C.F.R. § 164.502(b)(2).
E. Disclosure to GHP and GHP's Business Associates
Other than disclosures permitted by Section III.C. above, Administrator will not disclose Protected
Health Information to GHP, a GHP Business Associate, or a GHP Vendor, except as directed by
GHP in writing.
F. Disclosure to Administrator's Subcontractors and Ap_ents
Administrator may disclose Protected Health Information to a subcontractor or agent.
Administrator will require each subcontractor and agent to which Administrator may disclose
Protected Health Information to provide reasonable assurance, evidenced by written contract, that
such subcontractor or agent will comply with the same privacy and security obligations with
respect to Protected Health Information as this Addendum applies to Administrator.
G. Disclosure to Employer
Administrator will not disclose any Protected Health Information to Employer, except as permitted
by and in accordance with PART 3 below.
H. Reporting Non - Permitted Use or Disclosure and Security Incidents
1. Privacy Breach
Administrator will report to GHP any use or disclosure of Protected Health Information not
permitted by this Addendum or in writing by GHP of which Administrator becomes aware.
C5
HIPAA \BA
2. Security Incidents
Administrator will report to GHP any incident of which Administrator becomes aware that
is (a) a successful unauthorized access, use or disclosure of Electronic Protected Health
Information; or (b) a successful major (i) modification or destruction of Electronic
Protected Health Information or (ii) interference with system operations in an Information
System containing Electronic Protected Health Information. Upon GHP's request,
Administrator will report any incident of which Administrator becomes aware that is a
successful minor (a) modification or destruction of Electronic Protected Health
Information or (b) interference with system operations in an Information System
containing Electronic Protected Health Information.
I. Duty to Mitip-ate
Administrator will mitigate to the extent practicable any harmful effect of which Administrator is
aware that is caused by any use or disclosure of Protected Health Information in violation of this
Addendum.
J. Termination of Addendum
GHP will have the right to terminate the Agreement and this Addendum if Administrator has
engaged in a pattern of activity or practice that constitutes a material breach or violation of
Administrator's obligations regarding Protected Health Information under this Addendum and, on
notice of such material breach or violation from GHP, fails to take reasonable steps to cure the
breach or end the violation. If Administrator fails to cure the material breach or end the violation
within 90 days after receipt of GHP's notice, GHP may terminate the Agreement and this
Addendum by providing Administrator written notice of termination, stating the uncured material
breach or violation that provides the basis for the termination and specifying the effective date of
the termination.
K. Disposition of Protected Health Information
1. Return or Destruction Feasible
Upon termination of the Addendum, Administrator will, if feasible, return to GHP or
destroy, all Protected Health Information in Administrator's custody or control (or in the
custody or control of any subcontractor or agent to which Administrator disclosed
Protected Health Information). Administrator will complete such return or destruction as
promptly as practical after termination of the Addendum.
2. Return or Destruction Not Feasible
Administrator will identify for GHP any Protected Health Information that Administrator
(or any subcontractor or agent to which Administrator disclosed Protected Health
Information) cannot feasibly return to GHP or destroy upon termination of the Addendum
and will describe the purposes that make the return to GHP or destruction infeasible.
Administrator will limit its (and, by its written contract pursuant to Section III.F. above,
any subcontractor's or agent's) further use or disclosure of Protected Health Information
after termination of the Addendum to the purposes that make return to GHP or destruction
infeasible and to those uses or disclosures Required by Law.
C6
HIPAA \BA
r }
3. Ongoing Privacy and Security Obligations
Administrator's obligations to preserve the privacy and safeguard the security of Protected
Health Information as specified in this Addendum will survive termination or other
conclusion of the Agreement and this Addendum.
IV. ACCESS, AMENDMENT, AND DISCLOSURE ACCOUNTING FOR PROTECTED
HEALTH INFORMATION
A. Access
Administrator will, consistent with 45 C.F.R. § 164.524(b)(2), make available to the Covered
Person (or the Covered Person's Personal Representative) for inspection and copying any of the
Protected Health Information about the Covered Person that qualifies as part of a Designated
Record Set that Administrator has in its custody or control, and that is not exempted from access
by 45 C.F.R. § 164.524(a), so that GHP can meet its access obligations under 45 C.F.R. § 164.524.
B. Amendment
Administrator will, consistent with 45 C.F.R. § 164.526(b)(2), amend, pursuant to a Covered
Person's written request to amend (or a written request to amend by the Covered Person's
Personal Representative), any portion of Protected Health Information about the Covered Person
that qualifies as part of a Designated Record Set that Administrator has in its custody or control,
so that GHP can meet its amendment obligations under 45 C.F.R. § 164.526.
C. Disclosure Accounting
So that GHP may meet its disclosure accounting obligations under 45 C.F.R. § 164.528,
Administrator will do the following:
1. Disclosure Trackin
Starting April 14, 2003, Administrator will, consistent with 45 C.F.R. § 164.528(b), record
each disclosure of Protected Health Information that is not excepted from disclosure
accounting under 45 C.F.R. § 164.528(a) that Administrator makes to GHP or to a third
party ( "Accountable Disclosures ").
2. Disclosure Tracking Time Periods
Administrator will have available for Covered Person the disclosure information for each
Accountable Disclosure for at least six (6) years immediately following the date of the
Accountable Disclosure (except Administrator will not be required to have disclosure
information for disclosures occurring before April 14, 2003).
3. Provision of Disclosure Information
Administrator will, consistent with 45 C.F.R. § 164.528(c)(1), make available to the
Covered Person (or the Covered Person's Personal Representative) the disclosure
information regarding the Covered Person, so that GHP can meet its disclosure accounting
obligations under 45 C.F.R. § 164.528.
C7
HIPAA\BA
D. Restriction Reauests
GHP will direct a Covered Person to promptly notify Administrator in the manner designated by
Administrator of any request for restriction on the use or disclosure of Protected Health
Information about a Covered Person that may affect Administrator. Consistent with 45 C.F.R. §
164.522(a), and on behalf of GHP, Administrator will agree to or deny any such restriction
request. Administrator will not be in breach of the Agreement or this Addendum for failure to
comply with a restriction request on the use or disclosure of Protected Health Information about a
Covered Person unless GHP or the Covered Person (or the Covered Person's Personal
Representative) notifies Administrator in the manner designated by Administrator of the terms of
the restriction and Administrator agrees to the restriction request in writing.
E. Confidential Communications
Administrator will provide a process for a Covered Person to request that Administrator
communicate with the Covered Person about Protected Health Information about the Covered
Person by confidential alternative location, and Covered Person to provide Administrator with the
information that Administrator needs to be able to evaluate that request. Consistent with 45
C.F.R. § 164.522(b) and on behalf of GHP, Administrator will agree to or deny any confidential
communication request. Furthermore, Administrator will develop policies and procedures
consistent with 45 C.F.R. § 164.522(b) to fulfill its obligations under this paragraph.
Administrator will provide a process for termination of any requirement to communicate with the
Covered Person about Protected Health Information about the Covered Person by confidential
alternative location.
F. Complaint Process
Administrator will, consistent with 45 C.F.R. § 164.530(d) and on behalf of GHP, provide a
process for Covered Persons (or Covered Person's Personal Representative) to make complaints
concerning Administrator's policies and procedures, which policies and procedures GHP hereby
adopts as its own so that GHP can meet its compliance obligations under 45 C.F.R. Part 164.
V. GHP'S PRIVACY PRACTICES NOTICE
A. Preparation of GHP's Privacy Practices Notices
Administrator will prepare Privacy Practices Notices appropriate for the benefit plans that
Administrator administers for GHP under the Agreement and reflective of the requirements of 45
C.F.R. Part 164 pertaining to use and disclosure of Protected Health Information and Covered
Person's rights with respect to Protected Health Information. The Privacy Practices Notices will
address whether GHP discloses or authorizes Administrator to disclose to Employer enrollment
data, Summary Health Information that may include Covered Persons' Individually Identifiable
Health Information, or Protected Health Information for plan administration functions. Unless
otherwise agreed upon by the Parties, GHP hereby adopts Administrator's Privacy Practices
Notice attached as EXHIBIT 1, and any future revisions thereof, as its own.
HIPAA \BA
B. Distribution of GHP's Privacy Practices Notice
Administrator will distribute GHP's then effective and appropriate Privacy Practices Notice to
each new Covered Employee upon the Covered Employee's enrollment in GHP and to any
Covered Employee upon request. Administrator will distribute any GHP revised Privacy Practices
Notice to each Covered Employee then enrolled in GHP, and may distribute any GHP revised
Privacy Practices Notice to any other Covered Person over the age of 18 then enrolled in GHP,
within sixty (60) days after any material change in GHP's Privacy Practices Notice.
Administrator will distribute GHP's Privacy Practices Notice to any Covered Person requesting it.
Additionally, every three (3) years after April 14, 2003, Administrator will notify each Covered
Employee then enrolled in GHP, and may notify any other Covered Person over the age of 18 then
enrolled in GHP, of the availability of GHP's Privacy Practices Notice upon request.
C. Administrator to Comply with Notices
Administrator will neither use nor disclose Protected Health Information in any manner
inconsistent with the content of GHP's then current Privacy Practices Notice applicable to the
benefit plans that Administrator administers for GHP under the Agreement.
VI. ISSUANCE OF CERTIFICATE OF CREDITABLE COVERAGE
At the written or electronic direction of Employer or GHP, Administrator may use and disclose Protected
Health Information to issue to each Covered Person, whose coverage under a benefits plan administered
pursuant to the Agreement terminates during the term of the Agreement, a Certificate of Creditable
Coverage. The Certificate of Creditable Coverage will be based upon the coverage that the Covered
Person had under the benefits plan administered pursuant to the Agreement and the information that
Employer or GHP provides to Administrator regarding the Covered Person's coverage eligibility and
coverage termination under that benefits plan.
VII. SAFEGUARDING PROTECTED HEALTH INFORMATION
A. Privacy of Protected Health Information
Administrator will maintain reasonable and appropriate administrative, physical, and technical
safeguards, consistent with 45 C.F.R. § 164.530(c) and any other implementing regulations issued
by DHHS that are applicable to Administrator as GHP's Business Associate, to protect against
reasonably anticipated threats or hazards to and to ensure the security and integrity of Protected
Health Information, to protect against reasonably anticipated unauthorized use or disclosure of
Protected Health Information, and to reasonably safeguard Protected Health Information from any
intentional or unintentional use or disclosure in violation of this Addendum.
B. Security of Electronic Protected Health Information
Administrator will develop, implement, maintain, and use administrative, technical, and physical
safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability
of Electronic Protected Health Information that Administrator creates, receives, maintains, or
transmits on behalf of GHP consistent with the Security Rule, 45 C.F.R. Part 164, Subpart C.
C9
HIPAA \BA
VIII. INSPECTION OF INTERNAL PRACTICES, BOOKS, AND RECORDS
Administrator will make its internal practices, books, and records relating to its use and disclosure of
Protected Health Information available to GHP and to DHHS to determine GHP's compliance with 45
C.F.R. Part 164, Subpart E "Privacy of Individually Identifiable Health Information."
PART 3— EMPLOYER'S RESPONSIBILITIES
IX. DATA EXCHANGE BETWEEN EMPLOYER AND ADMINISTRATOR
A. Enrollment Data
Administrator may disclose to Employer the minimum necessary information regarding whether
an individual is a Covered Person participating in GHP or enrolled or disenrolled from coverage
under the GHP.
Employer may electronically exchange data with Administrator regarding the enrollment and
disenrollment of Covered Persons as participants in GHP using the Enrollment and Disenrollment
in Health Plan Standard Transaction (ASC X12N 834 - Benefit Enrollment and Maintenance) as
specified in 45 C.F.R. Part 162, Subpart O.
B. Other Data Exchanges and Notifications
Employer will exchange with Administrator all data not otherwise addressed in this Section IX
and any notification by using such forms, tape formats, or electronic formats as Administrator may
approve. Employer will furnish all information reasonably required by Administrator to effect
such data exchanges or notifications.
X. SUMMARY HEALTH INFORMATION
Upon Employer's written request for the purpose either (A) to obtain premium bids for providing health
insurance coverage under GHP, or (B) to modify, amend, or terminate GHP, Administrator will provide
Summary Health Information regarding the Covered Persons participating in GHP to Employer.
XI. EMPLOYER'S CERTIFICATION
Employer hereby makes the certification specified in EXHIBIT 2 so that Employer may request and
receive the minimum necessary Protected Health Information from Administrator for those plan
administration functions that Employer will perform for GHP. GHP therefore authorizes Administrator to
disclose the minimum necessary Protected Health Information to those authorized representatives of
Employer as specified in EXHIBIT 3 for the plan administration functions that Employer will perform
for GHP as specified in GHP's Plan Document as amended and in EXHIBIT 3. Administrator may rely
on Employer's certification and GHP's authorization that Employer has provided the requisite
certification and will have no obligation to verify (1) that GHP's Plan Document has been amended to
comply with the requirements of 45 C.F.R. § 164.504(f)(2), 45 C.F.R. § 164.314(b)(2), or this Section XI,
or (2) that Employer is complying with GHP's Plan Document as amended.
C10
HIPAA \BA
PART 4— MISCELLANEOUS
XIY. AUTOMATIC AMENDMENT TO CONFORM TO APPLICABLE LAW
Upon the compliance date of any final regulation or amendment to final regulation with respect to
Protected Health Information, Standard Transactions, the security of Health Information, or other aspects
of HIPAA -AS applicable to this Addendum or to the Agreement, this Addendum will automatically
amend such that the obligations imposed on Employer, GHP, and Administrator remain in compliance
with such regulations, unless Administrator elects to terminate the Agreement by providing Employer and
GHP notice of termination in accordance with the Agreement at least 90 days before the compliance date
of such final regulation or amendment to final regulation.
XIII. CONFLICTS
The provisions of this Addendum will override and control any conflicting provision of the Agreement.
All nonconflicting provisions of the Agreement will remain in full force and effect.
XIV. ADD GHP AS A PARTY TO AGREEMENT
Notwithstanding Section 3.1 of the Agreement, in order to make clear the respective HIPAA -AS
compliance obligations of Administrator, GHP, and Employer, as set forth in this Addendum, GHP shall
hereby be added as a separate party to the Agreement.
XV. REVISION TO SECTION 3.3
The first sentence of Section 3.3 of the Agreement shall be deleted and replaced as follows: "The
Administrator shall provide claims processing services on behalf of the Group Health Plan."
XVI. REVISION TO SECTION 3.6
In order for GHP to be able to comply with its obligations under the HIPAA -AS Privacy and Security
Rules and for Employer and Administrator to be able to comply with their obligations hereunder, the
terms and conditions of Section 3.6 of the Agreement, and any subsequent amendments made thereto by
the parties, shall be made subject to this Addendum.
XVIL REVISION TO SECTION 6.6
Section 6.6 of the Agreement shall be given effect except with respect to the subject matter of this
Addendum, in which case Section XIII of this Addendum shall control.
XVIII. COMPLIANCE DATE FOR SECURITY OBLIGATIONS
Administrator's security obligations as set forth in Sections III.F, III.H.2, and VII.B herein shall take
effect the later of (A) the last date set forth in PART 5 below or (B) the compliance deadline of the
HIPAA -AS Security Rule (which is, as of the date hereof, April 20, 2005 or April 20 2006 for Small
Health Plans).
C11
HIPAA\BA
PART 5— SIGNATURES
ADMINISTRATOR: GROUP HEALTH PLAN:
Blue Cross a i 1 of Florida, Inc. City of Sanford Health Vlan
By: By:
Title: Title: FiaA`Ice .Qi U "2c4
Date: Date: J6,11C
EMPLOYER:
City of Sanford
By:
Title: � hwj ce j)) k A>y
Date: JUP7 a?., A 005 -
C12
HIPAA \BA
EXHIBIT 1— SAMPLE NOTICE OF PRIVACY PRACTICES
THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED
AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE
REVIEW IT CAREFULLY.
Si usted desea una copia de esta notificacion en espanol, por favor comunfquese con un
representante de servicio al cliente utilizando el numero telefonico indicado en su tarjeta de
asegurado.
Health Insurance Portability and Accountability Act -
Administrative Simplification (HIPAA -AS)
Notice of Privacy Practices
for your group health plan Sponsored by your employer and for which Blue
Cross and Blue Shield of Florida, Health Options, Inc. and /or Florida
Combined Life Insurance Company, Inc. provides claim administration and
other services.
Our Legal Duty
As your health plan, we are required by applicable federal and state laws to maintain the privacy
of your protected health information (PHI). We want you to be aware of our privacy practices,
our legal duties, and your rights concerning your PHI. We will follow the privacy practices that
are described in this notice while it is in effect. This notice took effect April 14, 2003, and will
remain in effect until a revised notice is issued.
We reserve the right to change our privacy practices and the terms of this notice at any time and
to make the terms of our notice effective for all PHI that we maintain.
Before we make a significant change in our privacy practices, we will change this notice and
send the new notice to you.
How we can use or disclose PHI without a specific authorization
To You: We must disclose your PHI to you, as described in the Individual Rights section of this
notice.
For Treatment: For example: we may disclose your PHI to a doctor, dentist or a hospital when
requested, in order for the treating provider to provide treatment to you.
For Payment: For example: we may use and disclose PHI to pay claims for services provided
to you by doctors, dentists or hospitals. We may also disclose your PHI to a health care
provider or another health plan so that the provider or plan may obtain payment of a claim or
engage in other payment activities.
C13
HIPAA\BA
For Health Care Operations: For example: we may use or disclose PHI to conduct quality
assessment and improvement activities, to conduct fraud and abuse investigations, to engage in
care coordination or case management or to communicate with you about health related
benefits and services or about treatment alternatives that may be of interest to you. We may
also disclose PHI to another health plan or a health care provider subject to federal privacy
laws, as long as the plan provider has or had a relationship with you and the PHI is disclosed
only for certain health care operations of that plan or provider.
For Public Health and Safety: We may use or disclose PHI to the extent necessary to avert a
serious and imminent threat to the health or safety of you or others. We may also disclose PHI
for public health and government health care oversight activities and to report suspected abuse,
neglect or domestic violence to government authorities.
As Required by Law: We may use or disclose PHI when we are required to do so by law.
For Process and Proceedings: We may disclose PHI in response to a court or administrative
order, subpoena, discovery request, or other lawful process.
For Law Enforcement: We may disclose PHI to a law enforcement official with regard to crime
victims and criminal activities.
Special Government Functions: We may disclose the PHI of military personnel or inmates or
other persons in lawful custody under certain circumstances. We may disclose PHI to
authorized federal officials for lawful national security activities.
To Plan Sponsors (including employers who act as Plan Sponsors): We may disclose
certain PHI to the Sponsor of your group health plan to perform plan administration functions.
We may also disclose enrollment and disenrollment information, or summary health information
to the Plan Sponsor so that the Plan Sponsor may:
• Obtain premium bids
• Decide whether to amend, modify or terminate your group health plan
For Research, Death, and Organ Donation: We may use or disclose PHI in certain
circumstances related to research, death or organ donation.
For Workers Compensation: We may disclose PHI as permitted by workers' compensation
and similar laws.
Uses and Disclosures of PHI permitted only after Authorization received
Authorization: You may give us written authorization to use your PHI or to disclose it to
anyone for any purpose not otherwise permitted or required by law. If you give us an
authorization, you may revoke it in writing at any time. Your revocation will not affect any use or
disclosure permitted by your authorization while it was in effect.
To Family and Friends: While the law permits us in certain circumstances to disclose your PHI
to family, friends and others, we will do so only with your authorization. In the event you are
unable to authorize such disclosure, but emergency or similar circumstances indicate that
disclosure would be in your best interest, we may disclose your PHI to family, friends or others
to the extent necessary to help with your health care coverage arrangements.
C14
HIPAA \BA
Individual Rights
To exercise any of these rights, please call the customer service number on your ID card.
Access: With limited exceptions, you have the right to review in person, or obtain copies of
your PHI. We reserve the right to impose reasonable fees associated with this access request
as allowed by law.
Amendment: With limited exceptions, you have the right to request that we amend your PHI
that we have on file.
Disclosure Accounting: You have the right to request and receive a list of certain disclosures
made of your PHI. If you request this list more than once in a 12 -month period, we may charge
you a reasonable, cost -based fee to respond to any additional request.
Use /Disclosure Restriction: You have the right to request that we place certain additional
restrictions on our use or disclosure of your PHI. We are not required to agree to a requested
restriction.
Confidential Communication: You have the right to request that we communicate with you in
confidence about your PHI at an alternative address. To receive confidential communications at
an alternative address, please ask for a PHI address when you call the customer service
number located on your ID card.
Provider Services and Confidential Communications: If you receive services from any
health care providers, you are responsible for notifying those providers directly if you would like
to request a PHI address from them.
Privacy Notice: You may request a copy of our notice at any time. For more information about
our privacy practices, or for additional copies of or questions about this notice, please contact us
using the information listed at the end of this notice.
Organizations Covered by this Notice
This Notice applies to the privacy practices of the organizations listed below:
Your group health plan sponsored by your employer and for which Blue Cross and Blue
Shield of Florida, Health Options, Inc. or Florida Combined Life Insurance Company, Inc.
provides claim administration and other services.
Complaints
If you are concerned that we may have violated your privacy rights, you may complain to us
using the contact information listed at the end of this Notice. You also may submit a written
complaint to the U.S. Department of Health and Human Services. We will provide you with the
C15
HIPAA \BA
address to file your complaint with the U.S. Department of Health and Human Services upon
request.
We support your right to protect the privacy of your PHI. We will not retaliate in any way if you
choose to file a complaint with us or with the U.S. Department of Health and Human Services.
Contact Office: The Corporate Compliance Office of Blue Cross and Blue Shield of Florida,
administrative service provider for your group health plan.
Telephone: 888 - 574 -2583
Address: P.O. Box 44283, Jacksonville, FL 32203 -4283
Si usted desea una copia de esta notificaci6n en espanol, por favor comuniquese con un
representante de servicio al cliente utilizando el ndmero telef6nico indicado en su tarjeta
de asequrado.
C16
HIPAA\BA
EXHIBIT 2— EMPLOYER'S CERTIFICATION
PART 1 – Employer to Amend Plan Documents for Privacy provisions
Employer certifies that Employer has amended GHP's Plan Document to incorporate the provisions
required by 45 C.F.R. § 164.504(f)(2), as set forth below, and agrees to comply with GHP's Plan
Document as amended.
1. Neither use nor further disclose Protected Health Information, except as permitted or required by
GHP's Plan Document or as required by law.
2. Neither use nor disclose Protected Health Information for any employment- related action or
decision, or in connection with any other benefit or employee benefit plan of Employer.
3. Ensure adequate separation between Employer and GHP by (a) describing those employees or
classes of employees or other persons under Employer's control who will be given access to
Protected Health Information to perform plan administration functions for GHP, (b) restricting the
access to and use of Protected Health Information by such employees or other persons to the plan
administration functions that Employer will perform for GHP, and (c) instituting an effective
mechanism for resolving any noncompliance with GHP's Plan Document by such employees or
other persons.
4. Ensure that any subcontractor or agent to which Employer provides Protected Health Information
agrees to the restrictions and conditions of GHP's Plan Document with respect to Protected Health
Information.
5. Report to GHP any use or disclosure of Protected Health Information of which Employer becomes
aware that is inconsistent with the uses and disclosures allowed by GHP's Plan Document.
6. Make Protected Health Information available to GHP or, at GHP's direction, to the Covered
Person who is the subject of Protected Health Information (or the Covered Person's Personal
Representative) so that GHP can meet its access obligations under 45 C.F.R. § 164.524.
7. Make Protected Health Information available to GHP for amendment and, on notice from GHP,
amend Protected Health Information, so that GHP can meet its amendment obligations under 45
C.F.R. § 164.526.
8. Record Disclosure Information as defined above for each disclosure that Employer makes of
Protected Health Information that is not excepted from disclosure accounting and provide that
Disclosure Information to GHP on request so that GHP can meet its disclosure accounting
obligations under 45 C.F.R. § 164.528.
9. Make its internal practices, books, and records relating to its use and disclosure of Protected
Health Information available to GHP and to DHHS to determine GHP's compliance with 45
C.F.R. Part 164, Subpart E "Privacy of Individually Identifiable Health Information."
10. Return to GHP or destroy if feasible all Protected Health Information in whatever form or medium
that Employer (and any subcontractor or agent of Employer) received from GHP or Administrator,
C17
HIPAA \BA
including all copies thereof and all data, compilations, and other works derived there from that
allow identification of any present or past Covered Person who is the subject of Protected Health
Information, when Employer no longer needs Protected Health Information for the plan
administration functions for which the Employer received Protected Health Information.
Employer will limit the use or disclosure of any of Protected Health Information that Employer (or
any subcontractor or agent of Employer) cannot feasibly return to GHP or destroy to the purposes
that make its return to GHP or destruction infeasible.
PART 2 - Employer to Amend Plan Documents for Security provisions
Employer further certifies that Employer has amended GNP's Plan Document to incorporate the
provisions required by 45 C.F.R. § 164.314(b)(2), as set forth below, and agrees to comply with GHP's
Plan Document as amended.
1. Implement administrative, physical and technical safeguards that reasonably and appropriately
protect the confidentiality, integrity and availability of Electronic Protected Health Information
that Employer creates, receives, maintains or transmits on GHP's behalf.
2. Ensure that the adequate separation between Employer and GHP required by 45 C.F.R. §
164.504(f)(2)(iii) (as described in item 3 above) is supported by reasonable and appropriate
Security Measures.
3. Ensure that any subcontractor or agent to which Employer provides Electronic Protected Health
Information agrees to implement reasonable and appropriate Security Measures to protect the
Electronic Protected Health Information.
4. Report to GHP any incident of which Employer becomes aware that is (a) a successful
unauthorized access, use or disclosure of Electronic Protected Health Information; or (b) a
successful major (i) modification or destruction of Electronic Protected Health Information or (ii)
interference with system operations in an Information System containing Electronic Protected
Health Information. Upon GHP's request, Employer will report any incident of which Employer
becomes aware that is a successful minor (a) modification or destruction of Electronic Protected
Health Information or (b) interference with system operations in an Information System
containing Electronic Protected Health Information.
C18
HIPAA \BA
EXHIBIT 3— DISCLOSURE OF PROTECTED HEALTH INFORMATION
FOR PLAN ADMINISTRATION
Group Health Plan ( "GHP ") must promptly notify Administrator in writing if any of the information contained in
EXHIBIT 3 changes.
PART 1
Name(s) and Title(s) of Employer representatives (i.e. employees of Employer) authorized to request and receive
the minimum necessary Protected Health Information from Administrator:
Jo ce Ri ins - McCo H.R. Administrator kf 0, �► N �+t�cc J rUecf oV
herY C �rh�li i ; We��ov - ire W,rossorl� ;sY
for the performance of the following plan administration functions for GHP unless otherwise indicated by GHP:
• Actuarial and statistical analysis
• Claims /membership inquiries
• Procurement of reinsurance or stop loss coverage
• Quality assessment and improvement activities
• Performance monitoring
• Other health care operations
• Payment activities
PART 2
Identify the name(s), title(s) and company name(s) of any individual(s) from organizations other than Employer or
Group Health Plan ( "GHP ") (examples of such "GHP Vendor" types of services include, but are not limited to,
stop -loss carriers; reinsurers; agents, brokers or consultants; or external auditors) that Employer or GHP hereby
authorizes to request and receive the minimum necessary Protected Health Information to perform plan
administration functions and/or assist with the procurement of reinsurance or stop -loss coverage:
Company Name
Type of Service Performed
(Example: stop -loss carrier,
reinsures agent, broker
Name of Individual
Performing Service
Title of Individual
Performing Service
T r h ,c1i'cC
i'0+�c
et fcrce
c Vefet�
C19
HIPAA \BA
EXHIBIT "D"
to the
ADMINISTRATIVE SERVICES AGREEMENT
between
BLUE CROSS AND BLUE SHIELD OF FLORIDA, INC.
and
CITY OF SANFORD
CONFIDENTIALITY AND INDEMNITY AGREEMENT
This Agreement, effective October 1, 2004 is entered into between Blue Cross and
Blue Shield of Florida, Inc. (hereinafter "Administrator "), and City of Sanford (hereinafter
"Employer "), and McLain, Pierce and Associates (hereinafter "Consultant ") and '
( hereinafter "Reinsures'). 6LfmeA44 0� -DF 5Ut -AAC&� eavy"Ly
WHEREAS, Employer has established and maintains a self - insured Employee
Welfare Benefit Plan pursuant to the Employee Retirement Income Security Act of 1974 to
provide certain benefits as its Group Health Plan (hereinafter "Plan ") for covered group
members and their covered dependents; and
WHEREAS, Administrator and Employer have entered into an agreement for the
administration of the Group Health Plan (hereinafter "Administrative Services Agreement ");
and
WHEREAS, Employer has directed Administrator to provide Consultant and /or
Reinsurer access to certain Confidential Information (hereinafter defined) for cases which
meet the criteria set forth in attached Exhibit 1, which Employer has determined is necessary
for Consultant and/or Reinsurer to perform the certain services for the Employer; and
WHEREAS, Administrator desires to safeguard the confidentiality of the medical
claims and other information acquired with regard to the covered group members and their
covered dependents and to safeguard information regarding Administrator's policies and
procedures which are regarded as confidential and proprietary; and
WHEREAS, Employer, Consultant, and Reinsurer recognize the legitimate interests
of Administrator and the individuals whose health benefits are administered by
Administrator in the proprietary, confidential, and private nature of such Confidential
Information, and Administrator is willing to provide the Confidential Information only if its
use is restricted to the purpose for which it is released and its confidentiality is maintained;
NOW, THEREFORE, for good and valuable consideration, the parties hereby agree
as follows:
1. For the purposes of this Agreement, "Confidential Information" means the information
listed below in this Paragraph 1, any information that Consultant and/or Reinsurer learns
or becomes aware of, directly or indirectly, through the disclosure of Confidential
ASA Conf
D1
Information, and any and all summaries, distillations, excerpts, work product or other
documents utilizing or incorporating same, whether in whole or in part.
— Medical claim record information concerning individuals covered under the Plan,
— Administrator's provider contract information, e.g., allowances, fee schedules,
etc., and
— any other information designated by Administrator as confidential, trade secret,
or proprietary.
2. Consultant and /or Reinsurer shall only request, use and disclose the minimum amount of
Confidential Information necessary for Consultant and /or Reinsurer to perform the
services for Employer.
3. Confidential Information shall not include information that (i) is already known to
Consultant and /or Reinsurer on effective date of this Agreement; (ii) is or becomes
known to the general public other than as a direct or indirect result of any act or omission
of Employer, Consultant, Reinsurer, or the affiliates, officers, directors, partners,
employees, or agents (collectively, the "Related Parties ") of Employer, Consultant or
Reinsurer; (iii) is lawfully received by Consultant and /or Reinsurer from a third party
that Consultant and/or Reinsurer has verified is free to disclose the information without
restriction on disclosure; or (iv) is independently developed by Consultant and /or
Reinsurer without use of Confidential Information.
4. Subject to applicable laws, Administrator will release to Consultant and /or Reinsurer
certain Confidential Information for purposes of. 1) monitoring designated cases for
which reinsurance coverage may be available to Employer; and /or 2) auditing claims
payments made by Administrator; provided that Employer is in compliance with all other
terms and conditions of this Agreement and the Administrative Services Agreement, and
Consultant and Reinsurer are in compliance with all other terms and conditions of this
Agreement.
5. Consultant and Reinsurer each acknowledge that Administrator will provide Confidential
Information to Consultant and /or Reinsurer in confidence and solely for Consultant's
and /or Reinsurer's use in performing the services for Employer. Accordingly,
Consultant and Reinsurer each agree (i) to protect any and all Confidential Information
Consultant or Reinsurer receives from unauthorized access, use and disclosure; (ii) not to
use the Confidential Information for any purpose other than performing the services for
Employer; (iii) not to record, copy, or reproduce any Confidential Information in any
form, except to the extent necessary to perform the services for Employer; (iv) not to
disclose the Confidential Information to, or otherwise permit to access the Confidential
Information, any third party, including without limitation Consultant's or Reinsurer's
Related Parties, except as expressly provided herein or with Administrator's prior
written consent; (v) to limit access to and use of the Confidential Information to those of
Consultant's or Reinsurer's employees who have a need to know such information for
the purpose of performing the services and have acknowledged, in a writing which will
be made available to Administrator upon request, their individual agreement to the terms
hereof; and (vi) to take any and all other steps necessary to safeguard Confidential
ASA Conf D2
Information against unauthorized access, use, and disclosure to at least the extent
Consultant or Reinsurer maintains the confidentiality of its most proprietary and
confidential information.
6. Consultant and/or Reinsurer shall ensure that its agents, contractors and vendors to
whom it discloses Confidential Information agree to abide by those provisions within
this Agreement that govern the use, disclosure, and protection of all Confidential
Information obtained from Administrator. This provision shall not be construed to
permit any delegation or assignment of Consultant's or Reinsurer's obligations otherwise
prohibited by this Agreement.
7. Consultant and /or Reinsurer shall promptly report in writing to Administrator any use or
disclosure of Confidential Information not provided for under this Agreement, of which
Consultant and /or Reinsurer becomes aware, but in no event later than within five
business days of first learning of any such use or disclosure. Consultant and /or Reinsurer
shall mitigate, to the extent practicable, any harmful effect that is known to Consultant
and /or Reinsurer of a use or disclosure of Confidential Information by Consultant and /or
Reinsurer in violation of this Agreement.
8. Consultant and /or Reinsurer may disclose Confidential Information if required to do so
under any federal, state, or local law, statute, rule or regulation; provided, however, that
(i) Consultant and /or Reinsurer will provide Administrator with immediate written notice
of any request that Consultant and/or Reinsurer disclose Confidential Information, so
that Administrator may object to the request and /or seek an appropriate protective order
or, if such notice is prohibited by law, Consultant and/or Reinsurer shall disclose the
minimum amount of Confidential Information required to be disclosed under the
applicable legal mandate; and (ii) in no event shall Consultant and /or Reinsurer disclose
Confidential Information to a party other than a government agency except under a valid
order from a court having jurisdiction requiring the specific disclosure.
9. By disclosing Confidential Information to Consultant and /or Reinsurer under this
Agreement (including but not limited to information incorporated in computer software
or held in electronic storage media), Administrator grants Consultant and /or Reinsurer
no ownership right or interest in the Confidential Information. When Consultant and /or
Reinsurer no longer need Confidential Information for the purpose for which it was
disclosed but no later than the expiration or termination of this Agreement, Consultant
and /or Reinsurer shall collect and return to Administrator or destroy all Confidential
Information received from or on behalf of Administrator that Consultant and /or
Reinsurer has in its control or custody in any form and shall retain no copies of such
information. Consultant and /or Reinsurer shall complete these obligations as promptly as
possible. Upon request, an authorized officer of Consultant and /or Reinsurer shall
certify on oath to Administrator that all Confidential Information has been returned or
destroyed and deliver such certification to Administrator within ten (10) business days of
its request. If return or destruction of any Confidential Information is not feasible,
Consultant and /or Reinsurer shall limit further uses and disclosures of such Confidential
Information to those purposes making return or destruction infeasible and continue to
apply the protections of this Agreement to such Confidential Information for so long as
Consultant and /or Reinsurer retains such Confidential Information. Consultant and /or
ASA Conf D3
i
' Reinsurer may, subject to its continued adherence to its obligations of confidentiality as
defined in this Agreement, retain one copy of documents containing Confidential
Information to defend its work product and to comply with applicable insurance record -
keeping laws and regulations.
10. In the event that Consultant and /or Reinsurer perform any of the services on
Administrator's premises, Consultant and /or Reinsurer agree not to remove from
Administrator's premises any Confidential Information that is provided to or obtained by
the Consultant and /or Reinsurer on such premises, without the prior written consent of
Administrator.
11. In any report or transmittal to Employer by Consultant and /or Reinsurer that contains or
pertains to oral or written Confidential Information, no medical information or dates of
service will be identifiably attributed to any particular employee, dependent, or provider.
Furthermore, any such report or transmittal shall not contain any information designated
by Administrator as confidential, trade secret, or proprietary.
12. As the administrative simplification provisions of the Health Insurance Portability and
Accountability Act of 1996 (HIPAA -AS) and certain of its implementing regulations
(HIPAA -AS Regulations) are now effective, Employer, Consultant, and Reinsurer agree
to institute any additional procedures and/or agreements required to ensure the parties'
compliance with that law and those regulations. Employer represents and warrants that
Employer (i) has amended each Plan's plan document to permit Employer to perform
plan administration for the Plans (including the activity(ies) described in the recital
clauses above) in accordance with 45 C.F.R. § 164.504(f) and 45 C.F.R. § 164.314(b) of
the HIPAA -AS Regulations ( "HIPAA Amendment "); (ii) has delivered to each Plan and
Administrator a written statement, certifying its amendment of the Plan's plan document
as required by the HIPAA -AS Regulations and its agreement to comply with that
amendment; and (iii) has obtained each Plan's permission to receive individually
identifiable health information from Administrator for the purposes and subject to the
restrictions and protections described in the HIPAA Amendment. Consultant and
Reinsurer each agree to be bound, and to cause any agent or subcontractor to be bound,
by the same restrictions and protections agreed to by Employer in the HIPAA
Amendment with respect to any individually identifiable health information
encompassed within the Confidential Information Consultant and /or Reinsurer receives.
13. No health insurance records or information, or claims information, shall be disclosed
without the prior written authorization of the individual whose records or information
would be disclosed; provided, however, that Consultant and Reinsurer may release
information provided pursuant to this Agreement to subsidiaries of Consultant and
Reinsurer so long as any and all such subsidiaries agree to abide by all terms and
conditions of this Agreement.
14. Employer, Consultant and Reinsurer shall comply with all applicable federal, state or
local laws, rules, or regulations or any other order of any authorized court, agency, or
regulatory commission, and all applicable professional standards and practices,
concerning the handling and /or safekeeping of information and /or other records of the
ASA Conf D4
• nature disclosed by Administrator hereunder and shall use such information only for
proper and lawful purposes.
15. Employer, Consultant and Reinsurer shall comply with all state and federal laws
regulating the disclosure of patient records or private and medically sensitive information
released pursuant to this Agreement, including without limitation, alcohol and drug
abuse patient records, information relating to treatment of alcohol or drug dependency,
HIV testing results, and psychological or psychiatric evaluation.
16. To the extent permitted by law now or hereinafter enacted, Employer agrees to
indemnify, defend, and hold Administrator and each of its officers, directors, employees,
agents, and other representatives (collectively, "Administrator's Related Parties ")
harmless from any actual or threatened legal or administrative action, claim, liability,
penalty, fine, assessment, lawsuit, litigation, or other loss, expense, or damage, including
without limitation reasonable attorneys' fees and costs (collectively, "Liability "), that
Administrator or Administrator's Related Parties may incur arising out of or relating to
the disclosure of Confidential Information to Employer, Consultant, or Reinsurer,
including without limitation any Liability incurred as a result of any actual or alleged
breach by Employer, Consultant, Reinsurer or any Related Parties of Employer,
Consultant, or Reinsurer of any applicable law, regulation, or other legal mandate or any
provision of this Agreement.
17. Consultant agrees to indemnify, defend, and hold Administrator and Administrator's
Related Parties harmless from any actual or threatened legal or administrative action,
claim, liability, penalty, fine, assessment, lawsuit, litigation, or other loss, expense, or
damage, including without limitation reasonable attorneys' fees and costs (collectively,
"Liability "), that Administrator or Administrator's Related Parties may incur arising out
of or in connection with any actual or alleged breach by Consultant or any of
Consultant's Related Parties of any applicable law, regulation, or other legal mandate or
any provision of this Agreement.
18. Reinsurer agrees to indemnify, defend, and hold Administrator and Administrator's
Related Parties harmless from any actual or threatened legal or administrative action,
claim, liability, penalty, fine, assessment, lawsuit, litigation, or other loss, expense, or
damage, including without limitation reasonable attorneys' fees and costs (collectively,
"Liability "), that Administrator or Administrator's Related Parties may incur arising out
of or in connection with any actual or alleged breach by Reinsurer or any of Reinsurer's
Related Parties of any applicable law, regulation, or other legal mandate or any provision
of this Agreement.
19. Administrator shall have the option to either provide its own legal counsel or arrange for
outside counsel for the defense of such matters referenced above, and the costs of either
shall be borne by the indemnifying party in the event of indemnification.
20. Employer, Consultant, and Reinsurer acknowledge and agree that Administrator operates
in a highly regulated and competitive environment and that the unauthorized use or
disclosure of Confidential Information will cause irreparable harm and significant injury
to Administrator, which will be difficult to measure with certainty or to compensate
through money damages. Accordingly, Administrator shall be entitled to seek injunctive
ASA Conf
D5
y
or other equitable relief, without bond, and /or specific performance as a remedy for any
breach of this Agreement. Such remedy shall not be deemed to be the exclusive remedy
for a breach of this Agreement, but shall be in addition to all other remedies available at
law or in equity.
21. It is understood and agreed that no failure or delay by Administrator in exercising any
right, power or privilege hereunder shall operate as a waiver thereof, nor shall any single
or partial exercise thereof preclude any other or further exercise thereof or the exercise of
any right, power or privilege hereunder.
22. Upon occurrence of any of the following, this Agreement shall terminate without notice,
unless notice is specifically required:
a. Termination of the Administrative Services Agreement.
b. If Administrator determines at its own discretion that the Confidential Information
released pursuant to this Agreement is not being adequately protected by either
Employer, Consultant or Reinsurer for confidentiality purposes.
c. Upon fifteen (15) days notice to Employer, Consultant or Reinsurer, as appropriate.
Such notice shall be given without need for cause.
d. Upon any attempt by Employer, Consultant or Reinsurer (which attempts shall be
null and void) to assign this Agreement or the right to receive information, without
the prior express consent of Administrator.
e. Upon enactment of or the effective date of, whichever first occurs, any applicable
state or federal law or any rule or regulation of any agency having applicable
jurisdiction, which law, rule or regulation shall prohibit (in part or in full)
Administrator from fulfilling its obligations hereunder. No penalty, liability or
damage shall be applicable or claimed by Employer, Consultant or Reinsurer against
Administrator in such event.
23. The relationship between the parties is that of independent contractors. Nothing in this
Agreement shall be construed to create a partnership or joint venture between the parties
and neither party shall have the right to bind the other to any contracts, agreements, or
other obligations without the express, written consent of an authorized representative of
the other.
24. This Agreement shall be governed and construed by the laws of the State of Florida
(irrespective of its choice of law principles). It constitutes the entire Agreement between
the parties in reference to all matters expressed in the Agreement. All previous
discussions, promises, representations, and understandings between the parties pertaining
thereto, if any, being merged herein.
25. This Agreement may not be assigned, nor any obligations delegated, by Employer,
Consultant, and /or Reinsurer, without the prior written consent of Administrator, and any
such non - permitted assignment or delegation shall be void.
ASA Conf D6
r y .
'26. In the event any provision of this Agreement is rendered invalid or unenforceable by any
valid act of Congress or the Florida Legislature or by any regulation duly promulgated by
the officers of the United States or the State of Florida acting in accordance with law, or
if declared null and void by any court of competent jurisdiction, the remainder of this
Agreement shall remain in full force and effect.
27. Waiver of breach of any provision of this Agreement shall not be deemed a waiver of
any other breach of the same or a different provision.
28. The obligation of Employer, Consultant and /or Reinsurer to protect the privacy of
Confidential Information as specified in this Agreement shall be continuous and survive
the expiration or termination of this Agreement. In addition, the rights and obligations
of the parties set forth in Sections 9, 11, 16 - 20 and of this paragraph 28 of this
Agreement shall survive its expiration or termination.
29. This Agreement may be amended by mutual agreement of the parties, but no such
amendment shall become effective until it is reduced to writing and signed by duly
authorized representatives of each party.
IN WITNESS WHEREOF, the parties have caused this Agreement to be executed by their
duly authorized representative as set forth below.
EMPLOYER
CITY OF SANFORD
By:
Title: 1"i ;74tki� AV �G -
Date: Lae 9Z o w.5
ADMINISTRATOR
BLUE CROSS AND BLUE SHIELD
OF FLORIDA, INC.
By:
Title:
Date: Z �� \o
CONSULTANT
MCLAI , RCE AND ASSOCIATES
By:
Title:
Date:
W(�'—
REINSURER
By:
Title:
Date:
ASA Conf D7
! q
EXHIBIT 1
Administrator shall release confidential information to Consultant and /or Reinsurer
for cases which meet the following criteria: