The URL can be used to link to this page

Browse Search

Home My WebLink About20210822.tiffRESOLUTION RE: APPROVE AMENDMENT #1 TO CONTRACT FOR JAIL BASED BEHAVIORAL HEALTH SERVICES AND AUTHORIZE CHAIR TO SIGN AND SUBMIT ELECTRONICALLY WHEREAS, the Board of County Commissioners of Weld County, Colorado, pursuant to Colorado statute and the Weld County Home Rule Charter, is vested with the authority of administering the affairs of Weld County, Colorado, and WHEREAS, the Board has been presented with Amendment #1 to the Contract for Jail Based Behavioral Health Services between the County of Weld, State of Colorado, by and through the Board of County Commissioners of Weld County, on behalf of the Sheriffs Office, and the Colorado Department of Human Services, Office of Behavioral Health, commencing December 17, 2020, and ending June 30, 2021, with further terms and conditions being as stated in said amendment, and WHEREAS, after review, the Board deems it advisable to approve said amendment, a copy of which is attached hereto and incorporated herein by reference. NOW, THEREFORE, BE IT RESOLVED by the Board of County Commissioners of Weld County, Colorado, that the Amendment #1 to the Contract for Jail Based Behavioral Health Services between the County of Weld, State of Colorado, by and through the Board of County Commissioners of Weld County, on behalf of the Sheriffs Office, and the Colorado Department of Human Services, Office of Behavioral Health, be, and hereby is, approved. BE IT FURTHER RESOLVED by the Board that the Chair be, and hereby is, authorized to sign and submit said agreement electronically. The above and foregoing Resolution was, on motion duly made and seconded, adopted by the following vote on the 22nd day of March, A.D., 2021, nunc pro tunc December 17, 2020. BOARD OF COUNTY COMMISSIONERS WELD COUNTY, COLORADO ATTEST: ddthAi .�to%(1 Steve Moreno, Chair Weld County Clerk to the Board BY: Deputy Clerk to the Board APPROVED A ounty A"orney Date of signature: 3 /9-S Lori :aine 2021-0822 SO0041 BC0054 CC: SO(57/5K) 05/13(21 Scames, Pro -T Perry L. Bu BOARD OF COUNTY COMMISSIONERS PASS -AROUND REVIEW Pass -Around Title: Intergovernmental Agreement for Jail Based Behavioral Services Between Weld County and State of Colorado, Department of Human Services (21 IHJA 154626) DEPARTMENT: Weld County Sheriff's Office DATE: 3/8/21 PERSON REQUESTING: Stephanie Tornquist, Director of Inmate Services, Weld County Sheriff's Office - Detentions Brief description of the problem/issue: The intergovernmental agreement referenced above between Weld County and the State of Colorado was executed in July of 2017 with a term of one year with three (3) extensions (2018, 2019, 2020). A new contract was finalized on February 17, 2021 for the fiscal year 2020 (July 1st, 2020 through June 30th, 2021) and had been delayed in processing due to challenges created by COVID 19. The state has amended the contract to offer additional funding in the amount of $37,500. This agreement has provided a valuable service to the County and should be considered. It should be of note that this contract has been reviewed and approved by Bob Choate. What options exist for the Board? (Include consequences, impacts, costs, etc. of options) The Board may approve or deny the contract. A denial of this request would result in not receiving the additional funding of $37,500 the State of Colorado is offering for the assessment and treatment individuals in the jail for substance use disorders along with release planning to include continuing services and resources once released into the community. The program provides resources and programming with the objective of establishing stability for individuals in the community and focuses on reducing recidivism in the jail. For the period of July 1st, 2019 to June 30th, 2020, the program had an average of 65% of individuals who were successfully transitioned to the community measured at one (1) month from release from the jail. Weld County operates as a conduit for the reimbursement contracted services between the provider who works in the jail to deliver direct services, and the State of Colorado, who funds the program, by distributing the funds appropriately to the provider to offset the cost of services incurred each month. An approval of this contract request would continue this no cost service and provide additional funding which has proven to be an asset to the Weld County Sheriffs Office and the citizens of Weld County. **Please note this has been reviewed by Weld County Attorney office. Recommendation: It is recommended that the Weld County Board of County Commissioners enter into this contract. Approve Recommendation Perry L. Buck Mike Freeman Scott K. James, Pro-Tem Steve Moreno, Chair Lori Saine Schedule Work Session Other/Comments: 2021-0822 so oo9 a (pG 0059 DocuSign Envelope ID: CE2A29E7-25C7-419F-945C-967101C2D39C CONTRACT AMENDMENT #1 SIGNATURE AND COVER PAGE State Agency Colorado Department of Human Services, Office of Behavioral Health Original Contract Number 21 IHJA 154626 Contractor Weld County Colorado for the use and benefit of Weld County Sheriffs Department Amendment Contract Number 21 IHJA 167641 Current Contract Maximum Amount Initial Term State Fiscal Year 2021 $252,234.00 State Fiscal Year 2021 Aml $37,500.00 Extension Terms Total for All State Fiscal Years $289,734.00 Contract Performance Beginning Date December 17, 2020 Current Contract Expiration Date June 30, 2021 THE PARTIES HERETO HAVE EXECUTED THIS AMENDMENT Each person signing this Amendment represents and warrants that he or she is duly authorized to execute this Amendment and to bind the Party authorizing his or her signature. CONTRACTOR Weld County Colorado for the use and benefit of Weld County Sheriffs Office l"-DocuSigned by: Ste- he►n, a \--E74B-813-1 By: WIFkAtil'e@ilf#1iPChair, Board of County Chair Date: Commissioners 5/3/2021 STATE OF COLORADO Jared Polis, Governor Department of Human Services Michelle Barnes, Executive Director DocuSigned by: L �avit, atul>tAIA. By: ar eCiaytan Director of Finance, Office of Behavioral Health 5/4/2021 Date: In accordance with §24-30-202 C.R.S., this Amendment is not valid until signed and dated below by the State Controller or an authorized delegate. STATE CONTROLLER Robert Jaros, CPA, MBA, JD r— DDocuSigned sbsy: By: ` o-� DENtpc49 . Andrea Eurich /Janet Miks / Toni Williamson Amendment Effective Date: 5/6/2021 Amendment Contract Number: 21 IHJA 167641 Page 1 of 3 Rev. 1/14/19 �. PARTIES This Amendment (the "Amendment") to the Original Contract shown on the Signature and Cover Page for this Amendment (the "Contract") is entered into by and between the Contractor, and the State. 2. TERMINOLOGY Except as specifically modified by this Amendment, all terms used in this Amendment that are defined in the Contract shall be construed and interpreted in accordance with the Contract. 3. AMENDMENT EFFECTIVE DATE AND TERM A. Amendment Effective Date This Amendment shall not be valid or enforceable until the Amendment Effective Date shown on the Signature and Cover Page for this Amendment. The State shall not be bound by any provision of this Amendment before that Amendment Effective Date, and shall have no obligation to pay Contractor for any Work performed or expense incurred under this Amendment either before or after of the Amendment term shown in §3.B of this Amendment. B. Amendment Term The Parties' respective performances under this Amendment and the changes to the Contract contained herein shall commence on the Amendment Effective Date shown on the Signature and Cover Page for this Amendment and shall terminate on the termination of the Contract. 4. PURPOSE The Purpose of this Contract is for the Contractor to provide substance abuse and mental health treatment in the Weld County jail. The Purpose of this Amendment is to increase the FY 2021 budget by $37,500 resulting in a new FY 2021 budget of $289,734. 5. MODIFICATIONS The Contract and all prior amendments thereto, if any, are modified as follows: A. The Contract Maximum Amount table on the Contract's Signature and Cover Page is hereby deleted and replaced with the Current Contract Maximum Amount table shown on the Signature and Cover Page for this Amendment. B. REPLACE Exhibit B, Budget, with Exhibit B-1, attached and incorporated by reference. C. REPLACE Exhibit D, HIPAA BAA, with Exhibit D-1, HIPAA BAA /QSOA, attached and incorporated by reference. 6. LIMITS OF EFFECT AND ORDER OF PRECEDENCE This Amendment is incorporated by reference into the Contract, and the Contract and all prior amendments or other modifications to the Contract, if any, remain in full force and effect except as specifically modified in this Amendment. Except for the Special Provisions contained in the Contract, in the event of any conflict, inconsistency, variance, or contradiction between the provisions of this Amendment and any of the provisions of the Contract or any prior modification to the Contract, the provisions of this Amendment shall in all respects supersede, govern, and control. The provisions of this Amendment shall only supersede, govern, and control over the Amendment Contract Number: 21 IHJA 167641 Page 2 of 3 Rev. 1/14/19 Special Provisions contained in the Contract to the extent that this Amendment specifically modifies those Special Provisions. Amendment Contract Number: 21 IHJA 167641 Page 3 of 3 Rev. 1/14/19 Exhibit B-1 COLORADO @ .: Office of Behavioral Health CDHS Department of Human Services FY21 ANNUAL BUDGET EXHIBIT B- 1 OBH Program JBBS Program Contact Stephanie Tornquist Agency Name Weld County Sheriffs Office Phone (970) 400-3937 Email stornquist@weldgov.com Fiscal Contract Stephanie Tornquist Budget Period 7/ 1 /2020 - 6/30/2021 Phone (970) 400-3937 Email stornquist@weldgov.com Project Name JBBS Date Completed 2 /23/2021 SERVICE CATEGORIES Services (Fixed Price per Rate Schedule) I Funding Source Total Substance Use Disorder Treatment State General Fund 289, 734.00 Total Contract 289, 734. 00 General Accounting Encumbrance - Medication Assisted Treatment Total - All Jails Naloxone 138,434.00 008 MAT Services 735 ,000.00 GAE TOTAL 873,434.00 GAE total for all Contractors is $873,434. No minimum amount is guaranteed to Contractor. Funds are invoiced as earned per the terms of Exhibit A and the following Rate Schedule. Potential Performance Payment Total Substance Use Disorder Treatment 28,973 .00 Potential Payment 28,973 .00 GAE total for all Contractors is $522,260. No minimum amount is guaranteed to Contractor. Funds are invoiced as earned per the terms of Exhibit A. JBBS RATE SCHEDULE Statewide Maximum Salaries Positions should be hired at salary levels indicative of qualifications, experience, and organization pay schedules. This table indicates a maximum salary only. It is understood that many positions will be hired at lower salary levels than the state maximum. Licensed Therapist (LPC)* $65,794/year I Licensed Clinical Social Worker (LCSW) * $76,648/year Unlicensed Therapist or Substance Abuse Counselor (CAC II and above) * $60,500/year Case Manager (CM) * $68,415/year Nurse Practitioner * $ 119,353/year Physician Assistance (PA) * $ 119, 171 /year MD/DO * _ $251 ,267/year Administrator (Lieutenant, Sergeant, etc) * $97,594/year Pre-sentence Coordinator * $75,000/year Registered Nurse * _ $68, 797/year *OBH will reimburse salaries up to the state maximum *OBH may consider rates 10% above statewide maximum salaries pending justification from jails and written pre-approval by OBH Travel Mileage (IRS rate) $0. 58/mile Operating Expenses Maximum total percentage of contract budget 10% Any training and continuing education for jail employees may be included in the operating expenses FY21 JBBS Budget Page 1 of 2 Exhibit B-1 FY21 ANNUAL BUDGET EXHIBIT B- 1 OBH may consider operating expenses above 10% of total contract budget pending justification from jails and written pre-approval by OBH Indirect Expenses Maximum total percentage of contract budget I 10% OBH may consider operating expenses above 10% of total contract budget pending justification from jails and written pre-approval by OBH RECOVERY SUPPORT SERVICES Allowed Services* Additional Notes Application Fees ID / Birth Certificates One time per client Backpacks Basic Hygiene Items Limit of $ 15 .00 per person Bicycles May be provided if client is engaged in treatment services for 2 or more Bus Pass — Daily, Monthly One time per client for monthly and 3 booklets for one-time passes Child Care 1 month limit per client Clothing Vouchers Limit of $ 100.00 per person Educational Costs ( books, supplies, and fees) Emergency Housing 90 days limit per person Food Assistance Gas Vouchers Limit of $30.00 per person GED Program / Testing Job Placement Training Life Skills Training Medical Assistance — copays / infectious disease testing Limit of $250.00 per person Medications 30 days limit per person Personal Hygiene Care (eg. haircuts) Limit of $20. 00 per person Phone Cards Limit of $ 15 .00 per person Pre-paid Cell Phones the community. Printed Resources Taxi Only if no public transportation is available in the area Transportation to Residential Treatment Limit of $ 1 ,200.00 per contract (for the whole catchment area) UA / BAs Limit of $ 100.00 per person Utilities 1 month limit per client *OBH may consider other expenses pending justification from jails and written pre-approval by OBH MEDICATIONS Medication reimbursement will be based on a) providers established rate or b) jail purchase agreement rate or c) in the absence of an established rate or jail purchase agreement rate the following OBH rate schedule. Psychotropic Medication will be reimbursed at rate established on Preferred Drug List (PDL) which can be found at https: //www.colorado.gov/hcpf/pharmacy resources Medication Rate Methadone $ 18/day. Methodone treatment, including medication and integrated Naltrexone (oral) Monthly Medication Rate: $85. Monthly Prescriber Rate: $150 Depot-naltrexone (injectable) (Vivitrol) $1,376/unit; 38omg injection (extended release) per month Buprenorphine (pregnancy) - 8mg $4i/month Buprenorphine (pregnancy) - 2 m $31/month Buprenorphine/naloxone sublingual film (suboxone) - 12mg/3mg $275/month Buprenorphine/naloxone sublingual film (suboxone) - 8mg/2mg $14o/month Buprenorphine/naloxone sublingual film (suboxone) - 4mg/ img $14o/month Buprenorphine/naloxone sublingual film (suboxone) - 2mg/o.5mg $80/month Naloxone (Narcan) Unit Cost: $75. Prescriber Rate: $35 Suboxone and generics $5.55 / unit @3o days = $ 166.5o for a 2mg-o.5mg dose; range can increase Buprenorphine - 8mg $4i/month Buprenorphine - 2mg $31/month Sublocade (injectable) $1,376/unit; 38omg injection (extended release) per month FY21 JBBS Budget Page 2 of 2 Exhibit D-1 EXHIBIT D-1 - HIPAA BUSINESS ASSOCIATE AGREEMENT This HIPAA Business Associate Agreement ("Agreement") between the State and Contractor is agreed to in connection with, and as an exhibit to, the Contract. For purposes of this Agreement, the State is referred to as "Covered Entity" and the Contractor is referred to as "Business Associate". Unless the context clearly requires a distinction between the Contract and this Agreement, all references to "Contract" shall include this Agreement. 1. PURPOSE Covered Entity wishes to disclose information to Business Associate, which may include Protected Health Information ("PHI"). The Parties intend to protect the privacy and security of the disclosed PHI in compliance with the Health Insurance Portability and Accountability Act of 1996 ("HIPAA"), Pub. L. No. 104-191 (1996) as amended by the Health Information Technology for Economic and Clinical Health Act ("HITECH Act") enacted under the American Recovery and Reinvestment Act of 2009 ("ARRA") Pub. L. No. 111-5 (2009), implementing regulations promulgated by the U.S. Department of Health and Human Services at 45 C.F.R. Parts 160, 162 and 164 (the "HIPAA Rules") and other applicable laws, as amended. Prior to the disclosure of PHI, Covered Entity is required to enter into an agreement with Business Associate containing specific requirements as set forth in, but not limited to, Title 45, Sections 160.103, 164.502(e) and 164.504(e) of the Code of Federal Regulations ("C.F.R.") and all other applicable laws and regulations, all as may be amended. 2. DEFINITIONS The following terms used in this Agreement shall have the same meanings as in the HIPAA Rules: Breach, Data Aggregation, Designated Record Set, Disclosure, Health Care Operations, Individual, Minimum Necessary, Notice of Privacy Practices, Protected Health Information, Required by Law, Secretary, Security Incident, Subcontractor, Unsecured Protected Health Information, and Use. The following terms used in this Agreement shall have the meanings set forth below: a. Business Associate. "Business Associate" shall have the same meaning as the term "business associate" at 45 C.F.R. 160.103, and shall refer to Contractor. b. Covered Entity. "Covered Entity" shall have the same meaning as the term "covered entity" at 45 C.F.R. 160.103, and shall refer to the State. c. Information Technology and Information Security. "Information Technology" and "Information Security" shall have the same meanings as the terms "information technology" and "information security", respectively, in §24-37.5-102, C.R.S. Capitalized terms used herein and not otherwise defined herein or in the HIPAA Rules shall have the meanings ascribed to them in the Contract. 3. OBLIGATIONS AND ACTIVITIES OF BUSINESS ASSOCIATE a. Permitted Uses and Disclosures. i. Business Associate shall use and disclose PHI only to accomplish Business Associate's obligations under the Contract. Page 1 of 10 Exhibit D-1 i. To the extent Business Associate carries out one or more of Covered Entity's obligations under Subpart E of 45 C.F.R. Part 164, Business Associate shall comply with any and all requirements of Subpart E that apply to Covered Entity in the performance of such obligation. ii. Business Associate may disclose PHI to carry out the legal responsibilities of Business Associate, provided, that the disclosure is Required by Law or Business Associate obtains reasonable assurances from the person to whom the information is disclosed that: A. the information will remain confidential and will be used or disclosed only as Required by Law or for the purpose for which Business Associate originally disclosed the information to that person, and; B. the person notifies Business Associate of any Breach involving PHI of which it is aware. iii. Business Associate may provide Data Aggregation services relating to the Health Care Operations of Covered Entity. Business Associate may de -identify any or all PHI created or received by Business Associate under this Agreement, provided the de -identification conforms to the requirements of the HIPAA Rules. b. Minimum Necessary. Business Associate, its Subcontractors and agents, shall access, use, and disclose only the minimum amount of PHI necessary to accomplish the objectives of the Contract, in accordance with the Minimum Necessary Requirements of the HIPAA Rules including, but not limited to, 45 C.F.R. 164.502(b) and 164.514(d). c. Impermissible Uses and Disclosures. i. Business Associate shall not disclose the PHI of Covered Entity to another covered entity without the written authorization of Covered Entity. ii. Business Associate shall not share, use, disclose or make available any Covered Entity PHI in any form via any medium with or to any person or entity beyond the boundaries or jurisdiction of the United States without express written authorization from Covered Entity. d. Business Associate's Subcontractors. i. Business Associate shall, in accordance with 45 C.F.R. 164.502(e)(1)(ii) and 164.308(b)(2), ensure that any Subcontractors who create, receive, maintain, or transmit PHI on behalf of Business Associate agree in writing to the same restrictions, conditions, and requirements that apply to Business Associate with respect to safeguarding PHI. ii. Business Associate shall provide to Covered Entity, on Covered Entity's request, a list of Subcontractors who have entered into any such agreement with Business Associate. iii. Business Associate shall provide to Covered Entity, on Covered Entity's request, copies of any such agreements Business Associate has entered into with Subcontractors. e. Access to System. If Business Associate needs access to a Covered Entity Information Technology system to comply with its obligations under the Contract or this Agreement, Business Associate shall request, review, and comply with any and all policies applicable to Covered Entity regarding such Page 2 of 10 Exhibit D-1 system including, but not limited to, any policies promulgated by the Office of Information Technology and available at http://oit.state.co.us/about/policies. f. Access to PHI. Business Associate shall, within ten days of receiving a written request from Covered Entity, make available PHI in a Designated Record Set to Covered Entity as necessary to satisfy Covered Entity's obligations under 45 C.F.R. 164.524. g• Amendment of PHI. i. Business Associate shall within ten days of receiving a written request from Covered Entity make any amendment to PHI in a Designated Record Set as directed by or agreed to by Covered Entity pursuant to 45 C.F.R. 164.526, or take other measures as necessary to satisfy Covered Entity's obligations under 45 C.F.R. 164.526. ii. Business Associate shall promptly forward to Covered Entity any request for amendment of PHI that Business Associate receives directly from an Individual. h. Accounting Rights. Business Associate shall, within ten days of receiving a written request from Covered Entity, maintain and make available to Covered Entity the information necessary for Covered Entity to satisfy its obligations to provide an accounting of Disclosure under 45 C.F.R. 164.528. i. Restrictions and Confidential Communications. J• i. Business Associate shall restrict the Use or Disclosure of an Individual's PHI within ten days of notice from Covered Entity of: A. a restriction on Use or Disclosure of PHI pursuant to 45 C.F.R. 164.522; or B. a request for confidential communication of PHI pursuant to 45 C.F.R. 164.522. ii. Business Associate shall not respond directly to an Individual's requests to restrict the Use or Disclosure of PHI or to send all communication of PHI to an alternate address. iii. Business Associate shall refer such requests to Covered Entity so that Covered Entity can coordinate and prepare a timely response to the requesting Individual and provide direction to Business Associate. Governmental Access to Records. Business Associate shall make its facilities, internal practices, books, records, and other sources of information, including PHI, available to the Secretary for purposes of determining compliance with the HIPAA Rules in accordance with 45 C.F.R. 160.310. k. Audit, Inspection and Enforcement. i. Business Associate shall obtain and update at least annually a written assessment performed by an independent third party reasonably acceptable to Covered Entity, which evaluates the Information Security of the applications, infrastructure, and processes that interact with the Covered Entity data Business Associate receives, manipulates, stores and distributes. Upon request by Covered Entity, Business Associate shall provide to Covered Entity the executive summary of the assessment. Page 3 of 10 Exhibit D-1 ii. Business Associate, upon the request of Covered Entity, shall fully cooperate with Covered Entity's efforts to audit Business Associate's compliance with applicable HIPAA Rules. If, through audit or inspection, Covered Entity determines that Business Associate's conduct would result in violation of the HIPAA Rules or is in violation of the Contract or this Agreement, Business Associate shall promptly remedy any such violation and shall certify completion of its remedy in writing to Covered Entity. 1. Appropriate Safeguards. i. Business Associate shall use appropriate safeguards and comply with Subpart C of 45 C.F.R. Part 164 with respect to electronic PHI to prevent use or disclosure of PHI other than as provided in this Agreement. ii. Business Associate shall safeguard the PHI from tampering and unauthorized disclosures. Business Associate shall maintain the confidentiality of passwords and other data required for accessing this information. iv. Business Associate shall extend protection beyond the initial information obtained from Covered Entity to any databases or collections of PHI containing information derived from the PHI. The provisions of this section shall be in force unless PHI is de -identified in conformance to the requirements of the HIPAA Rules. m. Safeguard During Transmission. i. Business Associate shall use reasonable and appropriate safeguards including, without limitation, Information Security measures to ensure that all transmissions of PHI are authorized and to prevent use or disclosure of PHI other than as provided for by this Agreement. ii. Business Associate shall not transmit PHI over the internet or any other insecure or open communication channel unless the PHI is encrypted or otherwise safeguarded with a FIPS- compliant encryption algorithm. n. Reporting of Improper Use or Disclosure and Notification of Breach. i. Business Associate shall, as soon as reasonably possible, but immediately after discovery of a Breach, notify Covered Entity of any use or disclosure of PHI not provided for by this Agreement, including a Breach of Unsecured Protected Health Information as such notice is required by 45 C.F.R. 164.410 or a breach for which notice is required under §24-73-103, C.R.S. ii. Such notice shall include the identification of each Individual whose Unsecured Protected Health Information has been, or is reasonably believed by Business Associate to have been, accessed, acquired, or disclosed during such Breach. Business Associate shall, as soon as reasonably possible, but immediately after discovery of any Security Incident that does not constitute a Breach, notify Covered Entity of such incident. Page 4 of 10 Exhibit D-1 iv. Business Associate shall have the burden of demonstrating that all notifications were made as required, including evidence demonstrating the necessity of any delay. o. Business Associate's Insurance and Notification Costs. i. Business Associate shall bear all costs of a Breach response including, without limitation, notifications, and shall maintain insurance to cover: A. loss of PHI data; B. Breach notification requirements specified in HIPAA Rules and in §24-73-103, C.R.S.; and C. claims based upon alleged violations of privacy rights through improper use or disclosure of PHI. ii. All such policies shall meet or exceed the minimum insurance requirements of the Contract or otherwise as may be approved by Covered Entity (e.g., occurrence basis, combined single dollar limits, annual aggregate dollar limits, additional insured status, and notice of cancellation). iii. Business Associate shall provide Covered Entity a point of contact who possesses relevant Information Security knowledge and is accessible 24 hours per day, 7 days per week to assist with incident handling. iv. Business Associate, to the extent practicable, shall mitigate any harmful effect known to Business Associate of a Use or Disclosure of PHI by Business Associate in violation of this Agreement. p. Subcontractors and Breaches. i. Business Associate shall enter into a written agreement with each of its Subcontractors and agents, who create, receive, maintain, or transmit PHI on behalf of Business Associate. The agreements shall require such Subcontractors and agents to report to Business Associate any use or disclosure of PHI not provided for by this Agreement, including Security Incidents and Breaches of Unsecured Protected Health Information, on the first day such Subcontractor or agent knows or should have known of the Breach as required by 45 C.F.R. 164.410. q• ii. Business Associate shall notify Covered Entity of any such report and shall provide copies of any such agreements to Covered Entity on request. Data Ownership. i. Business Associate acknowledges that Business Associate has no ownership rights with respect to the PHI. ii. Upon request by Covered Entity, Business Associate immediately shall provide Covered Entity with any keys to decrypt information that the Business Association has encrypted and maintains in encrypted form, or shall provide such information in unencrypted usable form. Page 5 of 10 Exhibit D-1 r. Retention of PHI. Except upon termination of this Agreement as provided in Section 5, below, Business Associate and its Subcontractors or agents shall retain all PHI throughout the term of this Agreement, and shall continue to maintain the accounting of disclosures required under Section 3.h, above, for a period of six years. 4. OBLIGATIONS OF COVERED ENTITY a. Safeguards During Transmission. Covered Entity shall be responsible for using appropriate safeguards including encryption of PHI, to maintain and ensure the confidentiality, integrity, and security of PHI transmitted pursuant to this Agreement, in accordance with the standards and requirements of the HIPAA Rules. b. Notice of Changes. i. Covered Entity maintains a copy of its Notice of Privacy Practices on its website. Covered Entity shall provide Business Associate with any changes in, or revocation of, permission to use or disclose PHI, to the extent that it may affect Business Associate's permitted or required uses or disclosures. ii. Covered Entity shall notify Business Associate of any restriction on the use or disclosure of PHI to which Covered Entity has agreed in accordance with 45 C.F.R. 164.522, to the extent that it may affect Business Associate's permitted use or disclosure of PHI. 5. TERMINATION a. Breach. i. In addition to any Contract provision regarding remedies for breach, Covered Entity shall have the right, in the event of a breach by Business Associate of any provision of this Agreement, to terminate immediately the Contract, or this Agreement, or both. ii. Subject to any directions from Covered Entity, upon termination of the Contract, this Agreement, or both, Business Associate shall take timely, reasonable, and necessary action to protect and preserve property in the possession of Business Associate in which Covered Entity has an interest. b. Effect of Termination. i. Upon termination of this Agreement for any reason, Business Associate, at the option of Covered Entity, shall return or destroy all PHI that Business Associate, its agents, or its Subcontractors maintain in any form, and shall not retain any copies of such PHI. ii. If Covered Entity directs Business Associate to destroy the PHI, Business Associate shall certify in writing to Covered Entity that such PHI has been destroyed. If Business Associate believes that returning or destroying the PHI is not feasible, Business Associate shall promptly provide Covered Entity with notice of the conditions making return or destruction infeasible. Business Associate shall continue to extend the protections of Page 6 of 10 Exhibit D-1 Section 3 of this Agreement to such PHI, and shall limit further use of such PHI to those purposes that make the return or destruction of such PHI infeasible. 6. INJUNCTIVE RELIEF Covered Entity and Business Associate agree that irreparable damage would occur in the event Business Associate or any of its Subcontractors or agents use or disclosure of PHI in violation of this Agreement, the HIPAA Rules or any applicable law. Covered Entity and Business Associate further agree that money damages would not provide an adequate remedy for such Breach. Accordingly, Covered Entity and Business Associate agree that Covered Entity shall be entitled to injunctive relief, specific performance, and other equitable relief to prevent or restrain any Breach or threatened Breach of and to enforce specifically the terms and provisions of this Agreement. 7. LIMITATION OF LIABILITY Any provision in the Contract limiting Contractor's liability shall not apply to Business Associate's liability under this Agreement, which shall not be limited. 8. DISCLAIMER Covered Entity makes no warranty or representation that compliance by Business Associate with this Agreement or the HIPAA Rules will be adequate or satisfactory for Business Associate's own purposes. Business Associate is solely responsible for all decisions made and actions taken by Business Associate regarding the safeguarding of PHI. 9. CERTIFICATION Covered Entity has a legal obligation under HIPAA Rules to certify as to Business Associate's Information Security practices. Covered Entity or its authorized agent or contractor shall have the right to examine Business Associate's facilities, systems, procedures, and records, at Covered Entity's expense, if Covered Entity determines that examination is necessary to certify that Business Associate's Information Security safeguards comply with the HIPAA Rules or this Agreement. 10. AMENDMENT a. Amendment to Comply with Law. The Parties acknowledge that state and federal laws and regulations relating to data security and privacy are rapidly evolving and that amendment of this Agreement may be required to provide procedures to ensure compliance with such developments. i. In the event of any change to state or federal laws and regulations relating to data security and privacy affecting this Agreement, the Parties shall take such action as is necessary to implement the changes to the standards and requirements of HIPAA, the HIPAA Rules and other applicable rules relating to the confidentiality, integrity, availability and security of PHI with respect to this Agreement. ii. Business Associate shall provide to Covered Entity written assurance satisfactory to Covered Entity that Business Associate shall adequately safeguard all PHI, and obtain Page 7 of 10 Exhibit D-1 written assurance satisfactory to Covered Entity from Business Associate's Subcontractors and agents that they shall adequately safeguard all PHI. iii. Upon the request of either Party, the other Party promptly shall negotiate in good faith the terms of an amendment to the Contract embodying written assurances consistent with the standards and requirements of HIPAA, the HIPAA Rules, or other applicable rules. iv. Covered Entity may terminate this Agreement upon 30 days' prior written notice in the event that: A. Business Associate does not promptly enter into negotiations to amend the Contract and this Agreement when requested by Covered Entity pursuant to this Section; or B. Business Associate does not enter into an amendment to the Contract and this Agreement, which provides assurances regarding the safeguarding of PHI sufficient, in Covered Entity's sole discretion, to satisfy the standards and requirements of the HIPAA, the HIPAA Rules and applicable law. b. Amendment of Appendix. The Appendix to this Agreement may be modified or amended by the mutual written agreement of the Parties, without amendment of this Agreement. Any modified or amended Appendix agreed to in writing by the Parties shall supersede and replace any prior version of the Appendix. 11. ASSISTANCE IN LITIGATION OR ADMINISTRATIVE PROCEEDINGS Covered Entity shall provide written notice to Business Associate if litigation or administrative proceeding is commenced against Covered Entity, its directors, officers, or employees, based on a claimed violation by Business Associate of HIPAA, the HIPAA Rules or other laws relating to security and privacy or PHI. Upon receipt of such notice and to the extent requested by Covered Entity, Business Associate shall, and shall cause its employees, Subcontractors, or agents assisting Business Associate in the performance of its obligations under the Contract to, assist Covered Entity in the defense of such litigation or proceedings. Business Associate shall, and shall cause its employees, Subcontractor's and agents to, provide assistance, to Covered Entity, which may include testifying as a witness at such proceedings. Business Associate or any of its employees, Subcontractors or agents shall not be required to provide such assistance if Business Associate is a named adverse party. 12. INTERPRETATION AND ORDER OF PRECEDENCE Any ambiguity in this Agreement shall be resolved in favor of a meaning that complies and is consistent with the HIPAA Rules. In the event of an inconsistency between the Contract and this Agreement, this Agreement shall control. This Agreement supersedes and replaces any previous, separately executed HIPAA business associate agreement between the Parties. 13. SURVIVAL Provisions of this Agreement requiring continued performance, compliance, or effect after termination shall survive termination of this contract or this agreement and shall be enforceable by Covered Entity. Page 8 of 10 Exhibit D-1 APPENDIX TO HIPAA BUSINESS ASSOCIATE AGREEMENT This Appendix ("Appendix") to the HIPAA Business Associate Agreement ("Agreement") is s an appendix to the Contract and the Agreement. For the purposes of this Appendix, defined terms shall have the meanings ascribed to them in the Agreement and the Contract. Unless the context clearly requires a distinction between the Contract, the Agreement, and this Appendix, all references to "Contract" or "Agreement" shall include this Appendix. 1. PURPOSE This Appendix sets forth additional terms to the Agreement. Any sub -section of this Appendix marked as "Reserved" shall be construed as setting forth no additional terms. 2. ADDITIONAL TERMS a. Additional Permitted Uses. In addition to those purposes set forth in the Agreement, Business Associate may use PHI for the following additional purposes: i. Reserved. b. Additional Permitted Disclosures. In addition to those purposes set forth in the Agreement, Business Associate may disclose PHI for the following additional purposes: i. Reserved. c. Approved Subcontractors. Covered Entity agrees that the following Subcontractors or agents of Business Associate may receive PHI under the Agreement: i. Subcontractors with Patient Consent. d. Definition of Receipt of PHI. Business Associate's receipt of PHI under this Contract shall be deemed to occur, and Business Associate's obligations under the Agreement shall commence, as follows: i. Reserved. e. Additional Restrictions on Business Associate. Business Associate agrees to comply with the following additional restrictions on Business Associate's use and disclosure of PHI under the Contract: i. Covered Entity is a Business Associate of certain other Covered Entities and, pursuant to such obligations of Covered Entity, Associate shall comply with the following restrictions on the use and disclosure of Protected Information: ii. The Associate: Page 9 of 10 Exhibit D-1 A. Acknowledges this agreement qualifies as a Qualified Service Organization Addendum as the agreement is between a Substance Abuse Program ("Program") and a Qualified Service Organization as defined by 42 C.F.R. Part 2. B. Acknowledges that in receiving, transmitting, transporting, storing, processing or otherwise dealing with any information received from the Program identifying or otherwise relating to the patient in the Program ("protected information'), it is fully bound by the provisions of the federal regulations governing the Confidentiality of Substance Use Disorder Abuse Patient Records, 42 C.F.R. Part 2. Protected information encompasses protected health information ("PHI") and references to PHI shall be understood to include protected information. C. Agrees to resist any efforts in judicial proceeding to obtain access to the protected information except as expressly provided for in the regulations governing the Confidentiality of Substance Use Disorder patient Records, 42 C.F.R. Part 2. D. Agrees that if the Associate enters into a contract with any agent or subcontractor, the agent or subcontractor will agree to comply with 42 C.F.R Part 2. E. Agrees to ensure that any agent or subcontractor to whom the Associate provides protected information received from the Program, or creates or receives on behalf of the Program, agrees to the same restrictions and conditions that apply through this agreement to the Associate with respect to such information. F. Agrees that redisclosure of protected information is prohibited unless permitted by 42 C.F.R. Part 2. f. Additional Terms. Business Associate agrees to comply with the following additional terms under the Agreement: i. Reserved. Page 10 of 10 Contract Farm Entity Information New Contract Request Entity Name* Entity ID* COLORADO DEPARTMENT OF HUMAN a.00003650 SERVICES Contract Name* Contract ID JAIL BASED BEHAVIORAL HEALTH SERVICES OBBS) 2020- 4567 2021 AMENDMENT Contract Status CTB REVIEW Contract MELBE ❑ New Entity? Parent Contract ID 4187 Requires Board Approval YES Contract Lead Email Department Project # melbegco.weld.co.us,skohl grafq-weldgov.com Contract Description* STATE OF CO DEPT OF HS IS FUNDING BEHAVIORAL HEALTH SERVICES TO INMATES PROVIDED BY NRBH. 1006 STATE FUNDED. MONTHLY INVOICE SUBMITTED TO THE STATE OF CO. AMENDMENT TO EXISTING AGREEMENT FOR ADDT. 537.500. Contract Description 2 Contract Type* CONTRACT Amount* S37,500.00 Renewable* NO Automatic Renewal Grant IGA Department SHERIFF Department Email CM -Sheriff weldgov.com Departrnent Head Email CM -Sheriff- Does Contract require Purchasing Dept. to be included? DeptHeadgweldgov.com NO Requested BOCC Agenda Date* 03J22i2021 Due Date 03 18 2021 Will a work session with BOCC be required?* NO County Attorney GENERAL COUNTY ATTORNEY EMAIL County Attorney Email CM- COUNTYA I 1 ORNEYg'WELDG OV.COM If this is a renewal enter previous Contract ID If this is part of a MSA enter MSA Contract ID Note: the Previous Contract Number and Master Services Agreement Number should be left blank if those contracts are not in OnBase Contract Dates Effective Date Termination Notice Period Coltact Information Contact Info Contact ' e Purchasing Review haze 10 01 ,+2021 Committed Delivery [late Contact Type Contact Email Renewal [irate Expiration Date* 12(31x`2021 Contact Phone i Contact Phone 2 Purchasing Approver Purchasing Approved Date Approval Process Department Head D©NNIE PATCH DH Approved Date 03;'16/2021 Final Approval BOCC Approved BOCC Signed Date BOCC Agenda Date 03/22/2021 Originator SKOHLGRAF Dnance Approver CHRIS D'OVIDIO Legal Counsel BOB CHOATE Finance Approved Date Legal Counsel Approved Date 03/17/2021 03;•1712021 Tyler Ref # AG 032221 Hello