HomeMy WebLinkAboutC-2916Ilc0 -ZO
ANCILLARY SERVICES AGREEMENT
This Ancillary Services Agreement ( "Agreement ") is made and entered into as of July,
1, 2014 ( "Effective Date "), by and between Methodist Hospital of Southern California,
a California Non - Profit Corporation ( "Hospital "), and City of Arcadia ( "CITY ").
RECITALS
1. Hospital is a 501(c)(3) California Non - Profit Corporation, which provides acute care
hospital services.
2. CITY is desirous to obtain the health care services contracted for under this
Agreement.
3. Hospital and CITY desire to enter into an Agreement under which Hospital agrees to
provide contracted Services to CITY employees.
Now therefore, in consideration of the recitals, covenants, conditions and promises
contained herein, and for such other good and valuable consideration, the receipt and
sufficiency of which is hereby acknowledged, the parties agree as follows:
• ' 1[6111
HOSPITAL RESPONSIBILITIES
1. Hospital shall provide annual physical examinations to Arcadia sworn Police and
Fire Employees.
2. Hospital agrees to provide biennial physical examinations to City Management
employees as listed on Exhibit B which is hereby incorporated into this
Agreement. Management positions may be subject to change within terms of this
agreement.
3. Physical examinations of employees designated above shall be performed by a
qualified Nurse Practitioner at no charge to CITY. CITY shall pay the cost only of
all lab and diagnostic tests. Exams will be scheduled according to the staffing
availability in the Occupational Health Department.
4. Specific services to be offered to each eligible employee included in physical
examinations are set forth in Attachment "B" which is hereby incorporated into
this Agreement by reference.
IWOV,
5. Those examinations shall be conducted consistent with the Descriptions outlined
in Exhibit "C" which is hereby incorporated into this Agreement by reference.
6. Hospital shall properly register all CITY employees prior to providing hospital
physical examinations.
7. Hospital shall be available to provide physical examinations during regular office
hours, Monday through Friday, 7:30 am to 4:00 pm.
8. Hospital shall maintain medical records in such form and containing such
information as required by State and Federal laws, regulations and regulatory
agencies. Hospital shall maintain the confidentiality of such records in
accordance with all applicable laws. Hospital shall retain all original medical
records.
9. For Fire personnel only, Hospital shall provide CITY with completed DMV
medical examination report (DL51 and DL 546A form).
10. Hospital is duly licensed, certified or accredited to provide the physical
examinations, and shall ensure that the physical examinations are provided by
duly licensed, certified or otherwise authorized or accredited personnel. Physica
examinations shall be provided in accordance with (i) generally accepted
standards prevailing in the applicable professional community; and (ii) all federal,
state, and local statutes, regulations, ordinances and requirements and
accreditation requirements applicable to CITY and Hospital.
11. Hospital shall comply with all applicable State and Federal Laws, Rules and
Regulations.
12. Hospital shall not discriminate in the provision of Covered Services to CITY
employees on the basis of race, color, creed, national origin, ancestry, religion,
sex, marital status, sexual orientation, age, medical condition, medical history,
genetics, handicap, disability, health status, claims history, or evidence of
insurability.
ARTICLE II
CITY RESPONSIBILITIES
1. CITY shall notify covered employees of benefits available to them under this
Agreement and will provide contact information to Methodist Hospital
Occupational Health Department for covered employees to call to schedule
physical examinations.
_ �r
2. CITY shall provide its employees with written instructions about Hospital office
hours, appointment scheduling, referrals, registration process, and registration
forms.
3. CITY's employees shall register through Hospital's admitting department before
services are provided. All CITY's employees shall provide a valid form of
identification.
4. After registration in the Hospital's admitting department, CITY's employees shall
report to Occupational Health Department (OHD).
5. CITY and Hospital shall comply with all applicable State and Federal Laws, Rules
and Regulations including but not limited to regulatory agency guidelines, and
accreditation requirements.
ARTICLE III
COMPENSATION
Hospital shall use its best efforts to bill CITY for services rendered within ninety
(90) days following the provision of the physical examinations.
2. CITY shall reimburse Hospital within forty -five (45) days of receipt of bill in
accordance with those rates set forth in Exhibit D for those Covered Services
provided to CITY's employees under the terms and conditions of this
Agreement.
3. Hospital shall not under any circumstances, including without limitation, breach of
this Agreement, bill, charge, collect a deposit from, or receive any form of
payment, compensation or reimbursement, or have any recourse against a CITY
employee for physical examinations provided under this Agreement.
/_1 :49IQ4:1A
INSURANCE
Hospital shall maintain, at its sole cost and expense, (i) self- insurance covering
professional liability with limits in a minimum amount of $1,000,000 per claim and
$3,000,000 in the aggregate, (ii) workers compensation insurance as required by
law, and (iii) general liability insurance or self- insurance, including premises and
personal injury, in the minimum amount of $1,000,000 per occurrence, combined
single limit bodily injury and property.
sit"
ARTICLE V
TERM AND TERMINATION OF THE AGREEMENT
This Agreement shall commence on July 1, 2014 and shall continue for three
years ending on June 30, 2017, unless sooner terminated in accordance with
the terms of this Agreement.
2. Either party may terminate this Agreement without cause by either party by giving
thirty (30) days' prior written notice to the other party.
3. Either party may terminate this Agreement in the event that either party breaches
a material term or condition of this Agreement and the breaching party fails to
cure such breach within thirty (30) days after written notice of such breach from
the non - breaching party.
ARTICLE VI
INDEMNIFICATION
Each party indemnifies and holds the other party, its parents and subsidiaries,
officers, directors, attorneys, employees, and agents harmless, individually and
collectively, from and against and with respect to any and all claims, demands,
judgments, settlements, losses, costs, expenses, liabilities, actions, damages,
penalties, attorneys' fees and other costs incurred, directly or indirectly, as a
result of the acts or failure to act of the indemnifying party.
I_1:49[N0 *Ti I
FORCE MAJEURE
Neither party hereto shall be liable for any delay or failure in the performance of
any obligation under this Agreement or for any loss or damage (including indirect
or consequential damage) to the extent that such nonperformance, delay, loss or
damage results from any contingency which is beyond the control of such party,
provided such contingency is not caused by the fault or negligence of such party.
A contingency for purposes of this Agreement shall be Acts of God, fires, floods,
earthquakes, explosions, storms, wars, hostilities, blockades, public disorders,
quarantine restrictions, embargoes, strikes or other labor disturbances, and
compliance with any law, order or control of, or insistence by any governmental
or military authority.
OP"I
ARTICLE VIII
MISCELLANEOUS PROVISIONS
The parties are independent contractors and each is solely responsible for all
compensation, withholdings and benefits for its own employees and agents.
2. Hospital and CITY shall comply with all applicable state and federal laws
regarding privacy and confidentiality of medical information and records,
including without limitation, mental health records. Hospital and CITY shall
develop policies and procedures to ensure medical records are not disclosed in
violation of California Civil Code Section 56, et. seq., or any other applicable
state or federal law. To the extent Hospital or CITY receives, maintains, or
transmits medical or personal information electronically, Hospital and CITY shall
comply with all state and federal laws relating to protection of such information
including, without limitation, the Health Insurance Portability & Accountability Act
( "HIPAX) provisions on security and confidentiality and any Centers for
Medicare and Medicaid Services ( "CMS ") regulations or directives relating to
CITY's Employees.
3. This Agreement constitutes the entire written agreement between the parties with
respect to the subject matter hereof. This Agreement may be amended by the
parties only upon mutual written consent.
4. The validity, interpretation and performance of this Agreement shall be governed
by and construed in accordance with the laws of the State of California and the
United States.
5. Any notice required or permitted to be given hereunder by either party to the
other shall be in writing and shall be deemed delivered upon personal delivery;
or twenty -four (24) hours following deposit with a bonded courier for overnight
delivery; or three (3) days after deposit in the U.S. Mail, registered or certified
mail, postage prepaid, return - receipt requested, addressed to the parties at the
following addresses or to such other addresses as the parties may specify in
writing to the other in the manner provided herein:
To HOSPITAL:
Methodist Hospital of Southern California
Chief Executive Officer
300 West Huntington Drive
Arcadia, CA 91007 -3402
To CITY:
City of Arcadia
Attention: Human Resources Administrator
240 West Huntington Drive
tot,
Arcadia, California 91007
6. If at any time during the term of this Agreement any changes in legislative,
regulatory, or legal requirements require a modification to this Agreement, this
Agreement shall be deemed to be automatically amended to conform to the
requirements of such statutes or regulations. Hospital shall notify CITY in writing
of such amendments to this Agreement as soon as is practicable thereafter.
7. This Agreement including the recitals, exhibits and any other attachments hereto
constitutes the entire agreement between the parties with respect to the subject
matter hereof, supersedes all other and prior agreements on the same subject
whether written or oral, and contains all of the covenants and agreements
between the parties with respect to the subject matter herein.
8. The recitals, exhibits, schedules and other attachments to this Agreement are
hereby incorporated herein by this reference as though fully set forth herein.
Signature Page to Follow
s ��
Signature Page to Ancillary Agreement
IN WITNESS WHEREOF, the parties hereto have caused this Agreement to be
executed by their duly authorized representatives effective as of the date first written
above.
Methodist Hospital of Southern C lifornia .
By: ,
Name: William Grigg
Title: SVP & Chief Financial Officer
Date: 2`7
City of Arcadia
By:
Name: Dominic Lazzaretto
Title: City Manager
Date: �vrE,..,c� 2A, 20 It
Approved as to form:
Stephen P. Deitsch
City Attorney
City of Arcadia
7
wtv,
EXHIBIT A
BUSINESS ASSOCIATE ADDENDUM
This Business Associate Addendum ( "Addendum ") supplements and is made a part of
the Agreement ( "Contract ") by and between Methodist Hospital of Southern California, a
California nonprofit corporation ( "Covered Entity" or "CE ") and City of Arcadia
( "Business Associate" or "BA "), dated July 1, 2014. This Addendum is effective as of
the Effective Date of the Contract (the "Addendum Effective Date ").
A. CE wishes to disclose certain information to BA pursuant to the terms of the
Contract, some of which may constitute Protected Health Information ( "PHI ")
(defined below).
B. CE and BA intend to protect the privacy and provide for the security of PHI disclosed
to BA pursuant to the Contract in compliance with the Health Insurance Portability
and Accountability Act of 1996, Public Law 104 -191 ( "HIPAA "), the Health
Information Technology for Economic and Clinical Health Act, Public Law 111 -005
( "the HITECH Act "), and regulations promulgated thereunder by the U.S.
Department of Health and Human Services (the " HIPAA Regulations ") and other
applicable laws.
C. As part of the HIPAA Regulations, the Privacy Rule and the Security Rule (defined
below) require CE to enter into a contract containing specific requirements with BA
prior to the disclosure of PHI, as set forth in, but not limited to, Title 45, Sections
164.314(a), 164.502(e) and 164.504(e) of the Code of Federal Regulations
( "C.F.R. ") and contained in this Addendum.
In consideration of the mutual promises below and the exchange of information
pursuant to this Addendum, the parties agree as follows:
1) Definitions
a) Breach shall have the meaning given to such term under the HITECH Act.
b) Business Associate shall have the meaning given to such term under the
Privacy Rule, the Security Rule, and the HITECH Act, including, but not limited
to, 42 U.S.C. Section 17938 and 45 C.F.R. Section 160.103.
c) Covered Entity shall have the meaning given to such term under the Privacy
Rule and the Security Rule, including, but not limited to, 45 C.F.R. Section
160.103.
d) Data Aggregation shall have the meaning given to such term under the Privacy
Rule, including but not limited to, 45 C.F.R. Section 164.501.
e) Designated Record Set shall have the meaning given to such term under the
Privacy Rule, including, but not limited to, 45 C.F.R. Section 164.501.
f) Electronic Protected Health Information means Protected Health Information
that is maintained in or transmitted by electronic media.
g) Electronic Health Record shall have the meaning given to such term in the
HITECH Act, including, but not limited to, 42 U.S.C. Section 17921.
h) Health Care Operations shall have the meaning given to such term under the
Privacy Rule, including, but not limited to, 45 C.F.R. Section 164.501.
i) HITECH Compliance Date shall mean February 17, 2010, unless a separate
effective date is specified by law for a particular requirement, in which case such
effective date shall apply for that particular requirement.
j) Privacy Rule shall mean the HIPAA Regulation that is codified at 45 C.F.R.
Parts 160 and 164, Subparts A and E.
k) Protected Health Information or PHI means any information, whether oral or
recorded in any form or medium: (i) that relates to the past, present or future
physical or mental condition of an individual; the provision of health care to an
individual; or the past, present or future payment for the provision of health care
to an individual; and (ii) that identifies the individual or with respect to which there
is a reasonable basis to believe the information can be used to identify the
individual, and shall have the meaning given to such term under the Privacy
Rule, including, but not limited to, 45 C.F.R. Section 160.103. Protected Health
Information includes Electronic Protected Health Information.
1) Security Rule shall mean the HIPAA Regulation that is codified at 45 C.F.R.
Parts 160 and 164, Subparts A and C.
m) Unsecured PHI shall have the meaning given to such term under the HITECH
Act and any guidance issued pursuant to such Act including, but not limited to, 42
U.S.C. Section 17932(h).
2) Obligations of Business Associate
a) Permitted Uses. BA shall not use PHI except for the purpose of performing BA's
obligations under the Contract and as permitted under the Contract and
Addendum. Further, BA shall not use PHI in any manner that would constitute a
violation of the Privacy Rule or the HITECH Act if so used by CE. However, BA
may use PHI (i) for the proper management and administration of BA, (ii) to carry
out the legal responsibilities of BA, (iii) for Data Aggregation purposes for the
Health Care Operations of CE, or (iv) as required by law.
tot,
b) Permitted Disclosures. BA shall not disclose PHI except for the purpose of
performing BA's obligations under the Contract and as permitted under the
Contract and Addendum. BA shall not disclose PHI in any manner that would
constitute a violation of the Privacy Rule or the HITECH Act if so disclosed by
CE. However, BA may disclose PHI (i) for the proper management and
administration of BA; (ii) to carry out the legal responsibilities of BA; (iii) as
required by law; or (iv) for Data Aggregation purposes for the Health Care
Operations of CE. If BA discloses PHI to a third party, BA must obtain, prior to
making any such disclosure, (i) reasonable written assurances from such third
party that such PHI will be held confidential as provided pursuant to this
Addendum and only disclosed as required by law or for the purposes for which it
was disclosed to such third party, and (ii) a written agreement from such third
party to immediately notify BA of any breaches of confidentiality of the PHI, to the
extent it has obtained knowledge of such breach.
c) Prohibited Uses and Disclosures under HITECH. Notwithstanding any other
provision in this Addendum, no later than the HITECH Compliance Date, BA shall
comply with the following requirements: (i) BA shall not use or disclose PHI for
fundraising or marketing purposes, except as provided under the Contract and
consistent with the requirements of 42 U.S.C. 17936; (ii) BA shall not disclose
PHI to a health plan for payment or health care operations purposes if the patient
has requested this special restriction, and has paid out of pocket in full for the
health care item or service to which the PHI solely relates, 42 U.S.C. Section
17935(a); (iii) BA shall not directly or indirectly receive remuneration in exchange
for PHI, except with the prior written consent of CE and as permitted by the
HITECH Act, 42 U.S.C. Section 17935(d)(2); however, this prohibition shall not
affect payment by CE to BA for services provided pursuant to the Contract.
d) Appropriate Safeguards. BA shall implement appropriate safeguards as are
necessary to prevent the use or disclosure of PHI other than as permitted by the
Contract or Addendum. BA further agrees to use administrative, physical and
technical safeguards that reasonably and appropriately protect the confidentiality,
integrity and availability of Electronic PHI, and security measures that are
consistent with the highest industry standards (including ISO 27002, standards
set forth and maintained by the National Institute of Standards and Technology
( "NIST "), and to the extent applicable, PCI DSS), and practices in the health
information technology industries and otherwise meet the requirements of
applicable federal, state and local law, including HIPAA, and state data privacy
laws, to (i) protect Client Confidential Information against unauthorized
destruction, loss, alteration, access, misuse or disclosure, and (ii) ensure the
availability, integrity and confidentiality of Client Confidential Information that BA
receives, transmits, has access to, stores or maintains including data at rest and
data in transit.. No later than the HITECH Compliance Date, BA shall comply
with each of the requirements of 45 C.F.R. Sections 164.308, 164.310, and
164.312 and the policies and procedures and documentation requirements of the
HIPAA Security Rule, including, but not limited to, 45 C.F.R. Section 164.316.
e) Right to Audit. BA agrees that, MHSC authorized personnel, or other agencies
as designated by MHSC, shall have the option to perform a security assessment
of the outsourced service /operations or request security related reports of the
entity. Records pertaining to the service(s) shall be made available to MHSC
and /or its representatives during normal working hours for this purpose.
f) Mitigation. BA agrees to mitigate, to the extent practicable, any harmful effect
that is known to BA of a use or disclosure of PHI in violation of this Addendum.
g) Reporting of Improper Access, Use or Disclosure. BA shall promptly report to
CE in writing, without unreasonable delay but in no event later than three (3)
days after it becomes aware, of any access, use or disclosure of PHI not
permitted by the Contract and Addendum or applicable law and any security
incident, as defined in the Security Rule. BA shall, following the discovery of any
Breach of Unsecured PHI, notify CE in writing of such breach without
unreasonable delay and in no case later than three (3) days after discovery. BA
shall have primary responsibility (in consultation with CE) and solely bear the
costs of investigating any such access, use or disclosure of PHI not permitted by
the Contract and Addendum or applicable law, any security incident or any
Breach. In addition, BA agrees to (a) reimburse the actual, reasonable costs of
CE to provide the required notifications and to cure or mitigate any access, use
or disclosure of PHI not permitted by the Contract and Addendum or applicable
law, any security incident or any Breach; or (b) if requested by CE, BA shall
directly pay the actual, reasonable costs to provide the required notifications and
to cure or mitigate any access, use or disclosure of PHI not permitted by the
Contract and Addendum or applicable law, any security incident or any Breach.
h) Business Associate's Subcontractors and Agents. BA shall ensure that any
agents or subcontractors to whom it provides PHI, agree in writing to the same
restrictions and conditions that apply to BA with respect to such PHI. To the
extent that BA creates, maintains, receives or transmits Electronic PHI on behalf
of the CE, BA shall implement the safeguards required by paragraph 2.c above
with respect to Electronic PHI.
i) Access to PHI. To the extent BA maintains a Designated Record Set on behalf
of the CE, BA shall make PHI maintained by BA or its agents or subcontractors in
Designated Record Sets available to CE for inspection and copying within fifteen
(15) days of a request by CE to enable CE to fulfill its obligations under the
Privacy Rule, including, but not limited to, 45 C.F.R. Section 164.524. No later
than the Compliance Date, if BA maintains an Electronic Health Record, BA shall
provide such information in electronic format to enable CE to fulfill its obligations
under the HITECH Act, including, but not limited to, 42 U.S.C. Section 17935(e).
j) Amendment of PHI. To the extent BA maintains a Designated Record Set on
behalf of CE, within thirty (30) days of receipt of a request from the CE or an
individual for an amendment of PHI or a record about an individual contained in a
11 0%, t; �
Designated Record Set, BA or its agents or subcontractors shall make any
amendments that CE directs or agrees to in accordance with the Privacy Rule.
k) Accounting Rights. Within thirty (30) days of notice by CE of a request for an
accounting of disclosures of PHI, BA and its agents or subcontractors shall make
available to CE the information required to provide an accounting of disclosures
to enable CE to fulfill its obligations under the Privacy Rule, including, but not
limited to, 45 C.F.R. Section 164.528, and, no later than the HITECH Compliance
Date, its obligations under the HITECH Act, including but not limited to 42 U.S.C.
Section 17935(c), as determined by CE. The provisions of this subparagraph 2.i
shall survive the termination of this Addendum.
1) Governmental Access to Records. BA shall make its internal practices, books
and records relating to the use and disclosure of PHI available to CE and to the
Secretary of the U.S. Department of Health and Human Services (the
"Secretary") for purposes of determining BA's compliance with the Privacy Rule.
m) Minimum Necessary. No later than the HITECH Compliance Date, BA (and its
agents or subcontractors) shall request, use and disclose only the minimum
amount of Protected Information necessary to accomplish the purpose of the
request, use or disclosure. To the extent practicable, BA shall not request, use
or disclose any direct identifiers (as described in the limited data set standard of
HIPAA). BA understands and agrees that the definition of "minimum necessary"
is in flux and shall keep itself informed of guidance issued by the Secretary with
respect to what constitutes "minimum necessary.
n) Trading Partner Agreement. BA shall not take any of the following actions.. (a)
change the definition, data condition or use of a data element or segment in a
standard; (b) add any data elements or segments to the maximum defined data
set; (c) use any code or data elements that are either marked "not used" in the
standards' implementation specification or are not in the standard's
implementation specification(s); or (d) change the meaning or intent of the
standard's implementation specification(s). For purposes of this Addendum, the
terms data condition, data element, segment, standard and standard
implementation specification shall have the same meanings set forth in 45 C.F.R.
Section 162.103.]
3) Termination
a) Material Breach by BA. A breach by BA of any provision of this Addendum, as
determined by CE, shall constitute a material breach of the Contract and shall
provide grounds for termination of the Contract, any provision in the Contract to
the contrary notwithstanding, with or without an opportunity to cure the breach. If
termination of the Contract is not feasible, CE will report the problem to the
Secretary of DHHS.
�r
b) Material Breach by CE. As of the HITECH Compliance Date, pursuant to 42
U.S.C. Section 17934(b), if the BA knows of a pattern of activity or practice of the
CE that constitutes a material breach or violation of the CE's obligations under
the Contract or Addendum or other arrangement, the BA must take reasonable
steps to cure the breach or end the violation. If the steps are unsuccessful, the
BA must terminate the Contract or other arrangement if feasible, or if termination
is not feasible, report the problem to the Secretary of DHHS.
c) Effect of Termination. Upon termination of the Contract for any reason, BA
shall, at the option of CE, return or destroy all PHI that BA or its agents or
subcontractors still maintain in any form, and shall retain no copies of such PHI.
If return or destruction is not feasible, as determined by CE, BA shall continue to
extend the protections of Section 2 of this Addendum to such information, and
limit further use of such PHI to those purposes that make the return or
destruction of such PHI infeasible. If CE elects destruction of the PHI, BA shall
certify in writing to CE that such PHI has been destroyed.
4) Indemnification; Limitation of Liability. To the extent permitted by law, BA shall
indemnify, defend and hold harmless CE from any and all liability, claim, lawsuit,
injury, loss, expense or damage resulting from or relating to the acts or omissions of
BA in connection with the representations, duties and obligations of BA under this
Addendum. Any limitation of liability contained in the Contract shall not apply to the
indemnification requirement of this provision. This provision shall survive the
termination of the Addendum.
5) Assistance in Litigation. BA shall make itself and any subcontractors, employees
or agents assisting BA in the performance of its obligations under the Contract or
Addendum available to CE, at no cost to CE, to testify as witnesses, or otherwise, in
the event of litigation or administrative proceedings being commenced against CE,
its directors, officers or employees based upon a claim of violation of HIPAA, the
HITECH Act, or other laws related to security and privacy, except where BA or its
subcontractor, employee or agent is named as an adverse party.
6) Amendment to Comply with Law. The parties acknowledge that state and federal
laws relating to data security and privacy are rapidly evolving and that amendment of
the Contract or Addendum may be required to provide for procedures to ensure
compliance with such developments. The parties specifically agree to take such
action as is necessary to implement the standards and requirements of HIPAA, the
HITECH Act, the Privacy Rule, the Security Rule and other applicable laws relating
to the security or confidentiality of PHI. The parties understand and agree that CE
must receive satisfactory written assurance from BA that BA will adequately
safeguard all PHI. Upon the request of either party, the other party agrees to
promptly enter into negotiations concerning the terms of an amendment to this
Addendum embodying written assurances consistent with the standards and
requirements of HIPAA, the HITECH Act, the Privacy Rule, the Security Rule or
other applicable laws. CE may terminate the Contract upon thirty (30) days written
notice in the event (i) BA does not promptly enter into negotiations to amend the
13 "JC
Contract or Addendum when requested by CE pursuant to this Section or (ii) BA
does not enter into an amendment to the Contract or Addendum providing
assurances regarding the safeguarding of PHI that CE, in its sole discretion, deems
sufficient to satisfy the standards and requirements of applicable laws.
7) No Third -Party Beneficiaries. Nothing express or implied in the Contract or
Addendum is intended to confer, nor shall anything herein confer upon any person
other than CE, BA and their respective successors or assigns, any rights, remedies,
obligations or liabilities whatsoever.
8) Interpretation. The provisions of this Addendum shall prevail over any provisions in
the Contract that may conflict or appear inconsistent with any provision in this
Addendum. This Addendum and the Contract shall be interpreted as broadly as
necessary to implement and comply with HIPAA, the HITECH Act, the Privacy Rule
and the Security Rule. The parties agree that any ambiguity in this Addendum shall
be resolved in favor of a meaning that complies and is consistent with HIPAA, the
HITECH Act, the Privacy Rule and the Security Rule. Except as specifically required
to implement the purposes of this Addendum, or to the extent inconsistent with this
Addendum, all other terms of the Contract shall remain in force and effect.
9) Regulatory References. A reference in this Addendum to a section of regulations
means the section as in effect or as amended, and for which compliance is required.
10)ldentity Theft Program Compliance. To the extent that CE is required to comply
with the final rule entitled "Identity Theft Red Flags and Address Discrepancies
under the Fair and Accurate Credit Transactions Act of 2003," as promulgated and
enforced by the Federal Trade Commission (16 C.F.R. Part 681) (the "Red Flags
Rule ") and that BA is performing an activity in connection with one or more "covered
accounts," as that term is defined in the Red Flags Rule, pursuant to the Contract,
BA shall establish and comply with its own reasonable policies and procedures
designed to detect, prevent, and mitigate the risk of identity theft, which shall be
consistent with and no less stringent than those required under the Red Flags Rule
or the policies and procedures of Hospital's Red Flags Program. BA shall provide its
services pursuant to the Contract in accordance with such policies and procedures.
BA shall report any detected "red flags," as that term is defined in the Red Flags
Rule, to CE and shall, in cooperation with Hospital, take appropriate steps to prevent
or mitigate identity theft.
14 %OV,
EXHIBIT B
PHYSICAL EXAMINATIONS
CITY MANAGEMENT POSITIONS
Management positions may be subject to change within the term of the Agreement
Accounting Supervisor
Administrative Service Director
Assistant City Manager /Development Services Director
Assistant Director of Recreation and Community Services
Building Official
Chief Deputy City Clerk /Records Manager
City Manager
Communications, Marketing & Special Projects Manager
Community Development Administrator
Crime Analyst
Deputy Director of Development Services /City Engineer
Deputy Fire Chief
Deputy Public Works Services Directors
Director of Library & Museum Services
Director of Recreation & Community Services
Economic Development Manager
Environmental Services Officer
Financial Services Manager/Treasurer
Fire Battalion Chief
Fire Chief
Fire Marshal
General Services Superintendent
Human Resources Administrator
Human Resources Analyst
Library Services Manager
Maintenance Contracts Officer
Management Aide
Management Analyst
Police Captain
Police Chief
Police Lieutenant
Police Records Manager
Principal Civil Engineer
Public Works Services Director
Purchasing Officer
Recreation Supervisor
Senior Human Resources Analyst
Senior Management Analyst
Transportation Services Manager
Utilities Superintendent
15 Q0ft
%WTV31 )
*:/:11:3941
DESCRIPTION OF HOSPITAL SERVICES
PHYSICAL TYPE: SWORN POLICE
Procedure:
Physical Exam & Questionnaire
Audiogram
Simple Spirometry
Eye Exam
TB Skin Test
Urinalysis
CBC
SMA 18
Total Cholesterol
Chest X -Ray (1 view)
Tetanus Toxoid (if needed)
Hepatitis "B" screening
PHYSICAL TYPE: SWORN FIRE
Over 40
Add: EKG
Occult Stool
Prostate Specific Antigen (PSA)
Mammogram- woman
(symptomatic men)
Procedure Over 40
Physical Exam & Questionnaire Add: EKG
Audiogram Occult Stool
Loop Spirometry Prostate Specific Antigen (PSA)
Eye Exam Mammogram- woman
TB Skin Test (symptomatic men)
Urinalysis
CBC
SMA18
Total Cholesterol
Chest X -Ray (2 views)
Hepatitis "B" screening
DMV Physician's Health Report (DL51 and DL 546A form)
PHYSICAL TYPE: MANAGEMENT
Procedure
Physical Exam & Questionnaire
Eye Exam
TB Skin Test
Urinalysis
CBC
SMA 18
Total Cholesterol
Chest X -Ray (1 view)
Over 40
Add: EKG
Occult Stool
Prostate Specific Antigen (PSA)
Mammogram- woman
(symptomatic men)
sxsh
EXHIBIT D
CITY'S REIMBURSEMENT SCHEDULE
EFFECTIVE DATE 7/1/2014 to 6/30/2017
Service Description
Code
Rates
CBC. COMPLETE BLOOD COUNT
85025
$42.00
CD- EKG:ROUTINE
93005
$111.00
COMPR METABOLIC PANEL W /GFR
80053
$100.00
HEPATITIS B SURFACE ANTIBODY
86706
$10.00
LEAD, BLOOD
83655
$9.00
LIPID PANEL
80061
$72.00
OCCULT BLOOD
82271
$16.00
PSA PROSTATIC SPECIFIC ANTIGE
84153
$60.00
SPIROMETRY PRE /POST BRONCH ADM
94060
$100.00
URIC ACID BLOOD
84550
$38.00
URINALYSIS, ROUTINE
81001
$29.00
VENIPUNCTURE
36415
$8.00
XR -CHEST 1 VW -AP
71010
$95.00
XR -CHEST 2 VW -AP & LATERAL
71020
$100.00
AUDIOMETRIC TESTING
$50.00
VISION
$25.00
TB SKIN TEST (TST)
$25.00
HOSPITAL PAYMENT ADDRESS: Methodist Hospital of Southern California
File 42428
Los Angeles, CA 90074
17
�h