OAR 125-055-0100
Purpose — HIPAA Privacy and Security Rule Implementation; HITECH Act Implementation.

(1)

The purpose of these rules is to set forth the requirements that a contractor who is a Business Associate of an Agency must abide by in order to comply with the Business Associate provisions of HIPAA and the implementing Privacy Rule and Security Rule and of the HITECH Act. The Privacy Rule and Security Rule, as amended by the HITECH Act, require an Agency, to obtain certain written assurances from a Business Associate, that the Business Associate will comply with the Business Associate requirements set forth in 45 CFR 164.502(e) and 164.504(e). The Privacy Rule requires that a Covered Entity obtain certain written assurances before the Business Associate may create, receive, maintain or transmit Protected Health Information. The requirements contained in this Rule apply both to Contracts for trade services and personal services, as defined in OAR 125-246-0110 (Definitions).

(2)

This Rule will be interpreted as broadly as necessary to implement and comply with HIPAA, the Privacy Rule and the Security Rule, and the HITECH Act. Any ambiguity in this Rule shall be resolved in favor of a meaning that complies and is consistent with HIPAA, the Privacy Rule and the Security Rule, and the HITECH Act.

Source: Rule 125-055-0100 — Purpose — HIPAA Privacy and Security Rule Implementation; HITECH Act Implementation., https://secure.sos.state.or.us/oard/view.action?ruleNumber=125-055-0100.

125‑055‑0005
Definitions 125‑055‑0010
Policy 125‑055‑0015
Application for Oregon Forward Qualified Nonprofit Agency Participation 125‑055‑0016
OFC Status and Annual Reporting 125‑055‑0017
Record Keeping 125‑055‑0020
Determination of Suitability of Product or Service 125‑055‑0025
Review of Suitability Determinations 125‑055‑0030
Determination of Price 125‑055‑0035
Direct Labor Audits 125‑055‑0037
OFC Contract Termination and Successor Contractor Requirements 125‑055‑0040
General Provisions 125‑055‑0045
Purchases under ORS 279.855 125‑055‑0100
Purpose — HIPAA Privacy and Security Rule Implementation 125‑055‑0105
Definitions 125‑055‑0115
Business Associate Contract Provisions 125‑055‑0120
Order of Precedence 125‑055‑0125
Methods of Compliance 125‑055‑0130
Standards in Individual Contracts

Last Updated

Jun. 8, 2021

Rule 125-055-0100’s source at or.us

Stay Connected

Join thousands of people who receive monthly site updates.

Get Legal Help

The Oregon State Bar runs a service for finding an attorney in good standing. Initial consultations are usually free or discounted: Lawyer Referral Service

Committed to Public Service

We will always provide free access to the current law. In addition, we provide special support for non-profit, educational, and government users. Through social entrepreneurship, we’re lowering the cost of legal services and increasing citizen access.

Navigate

California:	Codes
Colorado:	C.R.S.
Nevada:	NRS
New York:	Laws
Oregon:	OAR, ORS
Texas:	Statutes
World:	Rome Statute, International Dictionary

Location: https://oregon.public.law/rules/oar_125-055-0100

Original Source: Rule 125-055-0100 — Purpose — HIPAA Privacy and Security Rule Implementation; HITECH Act Implementation., https://secure.sos.state.or.us/oard/view.action?ruleNumber=125-055-0100 (last accessed Jun. 8, 2021).

OAR 125-055-0100 Purpose — HIPAA Privacy and Security Rule Implementation; HITECH Act Implementation.

(1)

(2)

OAR 125-055-0100
Purpose — HIPAA Privacy and Security Rule Implementation; HITECH Act Implementation.