The URL can be used to link to this page

052-20 - Sound Benefit Administration - ContractCOBRA Service Agreement Between: City of Port Orchard Benefit Plan Sponsor and Sound Benefit Administration COBRA Service Provider Effective On: June 1, 2020 Agreement made this First day of June by and between: City of Port Orchard And Sound Benefit Administration 18887 State Hwy 305, #600 Poulsbo, WA 98370 WHEREAS, City of Port Orchard has resolved to retain Sound Benefit Administration to assist with certain compliance requirements of the Consolidated Omnibus Reconciliation Act of 1985 (COBRA) and the Health Insurance Portability and Accountability Act of 1996 (HIPAA), and any amendments thereto, hereinafter referred to as "the Acts"; NOW THEREFORE, in consideration of the premises and mutual promises contained herein, the parties agree as follows: City of Port Orchard hereby retains Sound Benefit Administration to assist its benefit plans Administrator (as defined by the Acts) to provide notifications and services as indicated below: ® Initial Notification by First Class Mail with Proof of Mailing to: ® Employees who first become eligible under Covered Benefit Plans after the effective date of this agreement ® All employees who are participants under Covered Benefit Plans on the effective date of this agreement ® Qualifying Event Notification by First Class Mail with Proof of Mailing Certification by U.S. Postal Service to Qualified Beneficiaries for Qualifying Events occurring after the effective date of this agreement. ® Certificate of Coverage Notification: Certificate included with Termination of COBRA Notice. ® Update Notifications by First Class Mail to Covered Employees, COBRA Participants, and/or Qualified Beneficiaries as may be required by amendments to the Acts and the regulations, or changes to covered benefit plans. ® Termination Notification upon non-payment of premium or end of COBRA term. ® All required COBRA Notifications to qualified beneficiaries such as open enrollment rate change notice and conversion notice. ® Billing, premium collection, and remittance to City of Port Orchard. Sound Benefit Administration will retain any administrative fees added to premiums charged by the insurer. Page 1 of 10 The Agreement between the parties shall consist of the following documents: 1. This Agreement 2. Fee Worksheet 3. Business Associate Agreement regarding privacy issues Services pursuant to this Agreement shall commence on: 06/01/2020 and continue until 12/31/2020 (end of current medical contract). This Agreement shall automatically renew for three one-year terms on the expiration date stated above at the rates stated below unless modified in writing by mutual agreement of both parties prior to the initial expiration date, and any renewal expiration date(s). City of Port Orchard shall pay to Sound Benefit Administration all fees specified on the attached fee worksheet. The Sound Benefit Administration shall complete and return to the City federal tax Form W-9, prior to or along with the first billing invoice, The City shall pay the Sound Benefit Administration for services rendered within ten (10) days after City Council voucher approval. Sound Benefit Administration Responsibilities and Duties in addition to Services Checked Above: • Maintain computer and/or physical records of all notices. • Maintain a database of qualifying beneficiaries to whom any notifications have been sent. • Notify City of Port Orchard of any discrepancies or conditions it discovers during the course of its operations that may require action by City of Port Orchard. • Notify City of Port Orchard of known changes or updates relating to compliance with the Act. Cit_V of Part Orchard R s ronsibilities and Duties: At least two weeks prior to commencement of services under this agreement, City of Port Orchard shall submit to Sound Benefit Administration the following information: • Complete roster of all employees who are active participants in covered health plans. This information may be submitted on forms provided by Sound Benefit Administration; from computer records which contain the same information requested on forms provided by Sound Benefit Administration; or by providing copies of all health plan enrollment forms. • Submit to Sound Benefit Administration a completed and signed questionnaire regarding qualified health plans offered by City of Port Orchard. • Submit to Sound Benefit Administration a completed data sheet (provided by Sound Benefit Administration) for each of the following: COBRA Participants, Qualifying Beneficiaries who have been notified and are in the election period, and Qualifying Beneficiaries who have not been notified. • Following commencement of services under this agreement, City of Port Orchard will notify Sound Benefit Administration in writing within 10 working days of the date it has knowledge of the following: o Employees who have become eligible for and elected a covered benefit. o Qualifying Events (Death of a covered employee; Termination of employment; Reduction of work hours which cause loss of coverage; Divorce or legal separation of a covered employee; A covered employee's entitlement to benefits under title XVIII of the Social Security Act (Medicare); A dependent of a covered employee ceasing to be a dependent; or Changes to covered health plans (including insurers, rates, or benefits). _Representations, Warranties, Rnd Understandings: • City of Port Orchard warrants and represents that it is the legal Plan Administrator and sole fiduciary of the Plan or Plans covered by this agreement, and shall not require any bond or security of Sound Benefit Administration in the performance of its duties under this Agreement. • City of Port Orchard reserves full authority to make all decisions regarding its COBRA administration, including those duties and responsibilities delegated to Sound Benefit Administration by this Agreement. In accordance with this Agreement, Sound Benefit Administration will serve as a Service Provider under the direction of the Plan Administrator, but will not act as the Plan Administrator. • City of Port Orchard, subject to the legislative discretion of the City Council, shall take any and all reasonable and necessary action and execute any and all necessary documents to authorize Sound Benefit Administration to perform its functions and duties pursuant to this Agreement. • City of Port Orchard agrees to provide Sound Benefit Administration with information and/or documentation reasonably requested by Sound Benefit Administration, which is necessary for Sound Benefit Administration to fulfill the terms and conditions of this agreement, within the timeframes set forth in the COBRA laws. Page 2 of 10 City of Port Orchard agrees to indemnify, defend, and hold Sound Benefit Administration, its representatives and employees harmless and to reimburse Sound Benefit Administration for any losses Sound Benefit Administration might suffer, of whatever nature or whatever source, resulting from City of Port Orchard's failure to comply with its representations and warranties and with the terms and conditions of this Agreement, or to otherwise provide Sound Benefit Administration with information and/or documentation reasonably requested by Sound Benefit Administration that is necessary for Sound Benefit Administration to fulfill the terms and conditions of this Agreement, within the timeframes set forth in the COBRA laws. Sound Benefit Administration shall protect, defend, indemnify and hold harmless the City, its officers, officials, employees, agents and volunteers from any and all costs, claims, injuries, damages, suits, losses or liabilities of any nature, including attorneys' fees, arising out of or in connection with the acts, errors or omissions of Sound Benefit Administration, its officers, employees and agents in performing this Agreement. The provisions of this section shall survive the expiration or termination of this Agreement. Insurance. The Sound Benefit Administration shall procure and maintain for the duration of this Agreement, insurance against claims for injuries to persons or damage to property which may arise from or in connection with the performance of the work hereunder by the Consultant, its agents, representatives, or employees. o Commercial General Liability insurance shall be written on ISO occurrence form CG 00 01 and shall cover liability arising from premises, operations, independent Consultants and personal injury and advertising injury. The City shall be named as an additional insured under the Consultant's Commercial General Liability insurance policy with respect to the work performed for the City. Commercial General Liability insurance shall be written with limits no less than $1,000,000 each occurrence, $2,000,000 general aggregate. o Workers' Compensation coverage as required by the Industrial Insurance laws of the State of Washington. o Professional Liability insurance appropriate to the Consultant's profession. Professional Liability insurance shall be written with limits no less than $1,000,000 per claim and $1,000,000 policy aggregate limit. o The Consultant's insurance coverage shall be primary insurance as respects the City. Any insurance, self- insurance or insurance pool coverage maintained by the City shall be in excess of the Consultant's insurance and shall not contribute with it. o The Sound Benefit Administration shall provide thirty (30) days written notice by certified mail, return receipt requested, to the City prior to the cancellation or alteration of coverage. o The City will not waive its right to subrogation against the Consultant. The Consultant's insurance shall be endorsed to waive the right of subrogation against the City, or any self-insurance, or insurance pool coverage maintained by the City. o If coverage is written on a "claims made" basis, then a minimum of a three (3) year extended reporting period shall be included with the claims made policy, and proof of this extended reporting period provided by the City. o The Sound Benefit Administration shall furnish the City with original certificates for all policies and a copy of the amendatory endorsements evidencing the insurance requirements of the Sound Benefit Administration before commencement of the work. Sound Benefit Administration represents to the City that it has no conflict of interest in performing any of the services set forth herein. In the event that the Sound Benefit Administration is asked to perform services for a project with which it may have a conflict, Sound Benefit Administration will immediately disclose such conflict to the City. Termination of this Agreement This Agreement may be terminated by either party for reasonable cause upon 30 days written notice stating such reasonable cause. Reasonable cause shall include, but not be limited to, the following: • Bankruptcy or insolvency of either party; • Change in statutes or regulations which eliminate or substantially modify the requirements for COBRA Notification; • Either party is suspended or restricted from performance by Federal or State regulatory authority; • Either party fails to comply with the provisions of this agreement; • City of Port Orchard fails to pay fees in accordance with fee schedule. Sound Benefit Administration shall not discriminate against any employee, applicant for employment, or any person seeking the services of the Sound Benefit Administration under this Agreement, on the basis of race, color, religion, creed, sex, sexual orientation, age, national origin, marital status, presence of any sensory, mental or physical disability, or other circumstance prohibited by federal, State or local law or ordinance, except for a bona fide occupational qualification. This is the sole agreement between the parties, and shall not be amended or modified except by written agreement between the parties. This agreement shall be binding upon both parties, its successors and assignees. Page 3 of 10 The undersigned signature for City of Port Orchard hereby warrants and represents that he/she is duly authorized by City of Port Orchard to execute this Agreement on behalf of City of Port Orchard, and that he/she as read the Agreement in its entirety. By: _ Title: Mee _ Date: 'S— /24— City of Port Orchard By: _ GiLtL _ Title: President Date: 05/21/2020 �und Benefit Administration Page 4 of 10 18887 State Hwy 305, #600 Poulsbo, WA 98370 (360) 779-7047 Phone (866) 320-1932 Fax Email: sba = soundadmin.com Website: www.soundadmin.com Fee Schedule addendum for COBRA Client Service Agreement with City of Port Orchard: Setup fee - $6.00 Per Benefit -Enrolled Employee Monthly fee - $1.50 Per Benefit -Enrolled Employee Renewal fee - $2.00 Per Benefit -Enrolled Employee All COBRA administrative fees are to be paid to Sound Benefit Administration within 10 days of the invoice date. If the fee schedule changes, a new COBRA Client Service agreement will be necessary with a new fee schedule addendum. a4ru G a Marken, President Page 5 of 10 I. II. Business Associate Agreement Definitions For purposes of this Agreement: • "Business Associate" will mean Sound Benefit Administration. • "Covered Entity" will mean City of Port Orchard. • "Designated Record Set" will have the same meaning given to the term "designated record set" in 45 C.F.R. 164.501. • "Individual" will have the same meaning as the term "individual" in 45 C.F.R. §164.501 and will include a person who qualifies as a personal representative in accordance with 45 C.F.R. § 164.502(g). • "Privacy Rule" will mean the Standards for Privacy of Individually Identifiable Health Information at 45 C.F.R. Part 160 and Part 164, Subparts A and E. • "Protected Health Information" will have the same meaning as the term "protected health information" in 45 C.F.R. §164.501, limited to the information created or received by the Business Associate from or on behalf of the Covered Entity. • "Electronic Protected Health Information" will have the same meaning as the term "electronic protected health information" in 45 CFR § 160.103. • "Representative" will include the Business Associate's managing members (as applicable), trustees, general partners (as applicable) and financial and legal advisors. • "Required by Law" will have the same meaning as the term "required by law" in 45 C.F.R. § 164.501. • "HHS" will mean the Department of Health and Human Services. • "Security Rule" shall mean the Security Standards and Implementation Specifications at 45 CFR Parts 106 and 164, subpart C. Safeguarding Privacy and Security of Protected Health Information (a) Permitted Uses and Disclosures. Business Associate is permitted to use and disclose Protected Health Information that it creates or receives on Covered Entity and to request Protected Health Information on Covered Entity's behalf only: (i) Functions and Activities on Covered Entity's Behalf. To administer COBRA services. (ii) Business Associate's Operations. For Business Associate's proper management or to carry out Business Associate's legal responsibilities, provided that, with respect to disclosure of Covered Entity's Protected Health Information, either: (A) The disclosure is Required By Law (B) Business Associate obtains reasonable assurance from any person or entity to which Business Associate will disclose Covered Entity's Protected Health Information that the person or entity will: (1) Hold Covered Entity's Protected Health Information in confidence and use or further disclose Covered Entity's Protected Health Information only for the purpose for which Business Associate disclosed Covered Entity's Protected Health Information to the person or entity or as Required By Law; and (2) Promptly notify Business Associate (who will in turn notify Covered Entity in accordance with the breach notification provisions) of any instance of which the person or entity becomes aware in which the confidentiality of Covered Entity's Protected Health Information was breached. (iii) Minimum Necessary. Business Associate will, in its performance of the functions, activities, services and operations specified above, make reasonable efforts to use, to disclose, and to request only the minimum amount of Covered Entity's Protected Health Information reasonably necessary to accomplish its intended purpose of the use, disclosure or request, except that Business Associate will not be obligated to comply with this minimum -necessary limitation if neither Business Associate nor Covered Entity is required to limit its use, disclosure or request to the minimum necessary. Business Associate and Covered Entity acknowledge that the phrase "minimum necessary" shall be interpreted in accordance with the Health Information Technology for Economic and Clinical Health Act ("HITECH Act"), passed as part of the American Recovery and Reinvestment Act of 2009, and government guidance on the definition. Page 6 of 10 (b) Prohibition on Unauthorized Use or Disclosure. Business Associate will neither use nor disclose Covered Entity's Protected Health Information, except as permitted or required by this Agreement or in writing by Covered Entity or as Required by Law. This Agreement does not authorize Business Associate to use or disclose Covered Entity's Protected Health Information in a manner that will violate the Privacy Rule if done by Covered Entity. (c) Information Safeguards. i. Privacy of Covered Entity's Protected Health Information. Business Associate will develop, implement, maintain, and use appropriate administrative, technical, and physical safeguards to protect the privacy of Covered Entity's Protected Health Information. The safeguards must reasonably protect Covered Entity's Protected Health Information from any intentional or unintentional use or disclosure in violation of the Privacy Rule and limit incidental uses or disclosures otherwise permitted by this Agreement. ii. Security of Covered Entity's Electronic Protected Health Information. Business Associate will develop, implement, maintain, and use administrative, technical, and physical safeguards that will reasonably and appropriately protect the confidentiality, integrity, and availability of Electronic Protected Health Information that Business Associate creates, receives, maintains, or transmits on Covered Entity's behalf as required by Security Rule. (d) Subcontractors and Agents. Business Associate will require any of its subcontractors and agents, to which Business Associate is permitted by the Agreement or in writing by Covered Entity to disclose Covered Entity's Protected Health Information and/or Electronic Protected Health Information, to provide reasonable assurance that such subcontractor or agent will comply with the same privacy and security safeguard obligations with respect to Covered Entity's Protected Health Information and/or Electronic Protected Health Information that are applicable to Business Associate under the Agreement. (e) Prohibition on Sale of Records. As of the effective date specified by HHS in final regulations to be issued on this topic, Business Associate shall not directly or indirectly receive remuneration in exchange for any Protected Health Information of an individual unless the Covered Entity or Business Associate obtained from the individual, in accordance with 45 CFR § 164.508, a valid authorization that includes a specification of whether the Protected Health Information can be further exchanged for remuneration by the entity receiving the Protected Health Information of that individual, except as otherwise allowed under the HITECH Act. (f) Penalties for Noncompliance. Business Associate acknowledges that it is subject to civil and criminal enforcement for failure to comply with the privacy rule and security rule, as amended by the HITECH Act. III. Compliance with Electronic Transactions Rule. If Business Associate conducts in whole or part electronic Transactions on behalf of Covered Entity for which HHS has established standards, Business Associate will comply, and will require any subcontractor or agent it involves with the conduct of such Transactions to comply, with each applicable requirement of the Electronic Transactions Rule. Business Associate shall also comply with the National Provider Identifier requirements, if and to the extent applicable. IV. Individual Rights. (a) Access. Business Associate will, within 20 calendar days following Covered Entity's request, make available to Covered Entity or, at Covered Entity's direction, to an individual (or the individual's personal representative) for inspection and obtaining copies Covered Entity's Protected Health Information about the individual that is in Business Associate's custody or control, so that Covered Entity may meet its access obligations under 45 CFR § 164.524. Effective as of the date specified by HHS, if Protected Health Information is held in an Electronic Health Record, then the individual shall have a right to obtain from Business Associate a copy of such information in electronic format. Business Associate shall provide such a copy to Covered Entity or, alternatively, to the individual directly, if such alternative choice is clearly, conspicuously, and specifically made by the individual or Covered Entity. (b) Amendment. Business Associate will, upon receipt of written notice from Covered Entity, promptly amend or permit Covered Entity access to amend any portion of Covered Entity's Protected Health Information, so that Covered Entity may meet its amendment obligations under 45 CFR § 164.526. (c) Disclosure Accounting. To allow Covered Entity to meet its disclosure accounting obligations under 45 CFR § 164.528: i. Disclosures Subject to Accounting. Business Associate will record the information specified below ("Disclosure Information") for each disclosure of Covered Entity's Protected Health Information, not accepted from disclosure accounting as specified below, that Business Associate makes to Covered Entity or to a third party. Page 7 of 10 ii. Disclosures Not Subject to Accounting. Business Associate will not be obligated to record Disclosure Information or otherwise account for disclosures of Covered Entity's Protected Health Information if Covered Entity need not account for such disclosures. iii. Disclosure Information. With respect to any disclosure by Business Associate of Covered Entity's Protected Health Information that is not excepted from disclosure accounting, Business Associate will record the following Disclosure Information as applicable to the type of accountable disclosure made: (A) Disclosure Information Generally. Except for repetitive disclosures of Covered Entity's Protected Health Information as specified below, the Disclosure Information that Business Associate must record for each accountable disclosure is (i) the disclosure date, (ii) the name and (if known) address of the entity to which Business Associate made the disclosure, (iii) a brief description of Covered Entity's Protected Health Information disclosed, and (iv) a brief statement of the purpose of the disclosure. (B) Disclosure Information for Repetitive Disclosures. For repetitive disclosures of Covered Entity's Protected Health Information that Business Associate makes for a single purpose to the same person or entity (including Covered Entity), the Disclosure Information that Business Associate must record is either the Disclosure Information specified above for each accountable disclosure, or (i) the Disclosure Information specified above for the first of the repetitive accountable disclosures; (ii) the frequency, periodicity, or number of the repetitive accountable disclosures; and (iii) the date of the last of the repetitive accountable disclosures. iv. Availability of Disclosure Information. Business Associate will maintain the Disclosure Information for at least six years following the date of the accountable disclosure to which the Disclosure Information relates (3 years for disclosures related to an Electronic Health Record, starting with the date specified by HHS). Business Associate will make the Disclosure Information available to Covered Entity within 30 calendar days following Covered Entity's request for such Disclosure Information to comply with an individual's request for disclosure accounting. Effective as of the date specified by HHS, with respect to disclosures related to an Electronic Health Record, Business Associate shall provide the accounting directly to an individual making such a disclosure request, if a direct response is requested by the individual. (d) Restriction Agreements and Confidential Communications. Business Associate will comply with any agreement that Covered Entity makes that either (i) restricts use or disclosure of Covered Entity's Protected Health Information pursuant to 45 CFR § 164.522(a), or (ii) requires confidential communication about Covered Entity's Protected Health Information pursuant to 45 CFR § 164.522(b), provided that Covered Entity notifies Business Associate in writing of the restriction or confidential communication obligations that Business Associate must follow. Covered Entity will promptly notify Business Associate in writing of the termination of any such restriction agreement or confidential communication requirement and, with respect to termination of any such restriction agreement, instruct Business Associate whether any of Covered Entity's Protected Health Information will remain subject to the terms of the restriction agreement. Effective February 17, 2010 (or such other date specified as the effective date by HHS), Business Associate will comply with any restriction request if: (i) except as otherwise required by law, the disclosure is to a health plan for purposes of carrying out payment or health care operations (and is not for purposes of carrying out treatment); and (ii) the Protected Health Information pertains solely to a health care item or service for which the health care provider involved has been paid out-of-pocket in full. V. Breaches and Security Incidents. (a) Reporting (i) Privacy or Security Breach. Business Associate will report to Covered Entity any use or disclosure of Covered Entity's Protected Health Information not permitted by this Agreement along with any Breach of Covered Entity's Unsecured Protected Health Information. Business Associate will treat the Breach as being discovered in accordance with 45 CFR § 164.410. Business Associate will make the report to Covered Entity's Privacy Official not more than 45 calendar days after Business Associate learns of such non -permitted use or disclosure. If a delay is requested by a law -enforcement official in accordance with 45 CFR § 164.412, Business Associate may delay notifying Covered Entity for the applicable time period. Business Associate's report will at least: (A) Identify the nature of the Breach or other non -permitted use or disclosure, which will include a brief description of what happened, including the date of any Breach and the date of the discovery of the Breach; Page 8 of 10 (B) Identify Covered Entity's Protected Health Information that was subject to the non -permitted use or disclosure or Breach (such as whether full name, social security number, date of birth, home address, account number or other information were involved) on an individual basis; (C) Identify who made the non -permitted use or disclosure and who received the non -permitted disclosure; (D) Identify what corrective or investigational action Business Associate took or will take to prevent further non -permitted uses or disclosures, to mitigate harmful effects and to protect against any further Breaches; (E) Identify what steps the individuals who were subject to a Breach should take to protect themselves; (F) Provide such other information including a written report, as Covered Entity may reasonably request. (ii) Security Incidents. Business Associate will report to Covered Entity any attempted or successful (A) unauthorized access, use, disclosure, modification, or destruction of Covered Entity's Electronic Protected Health Information or (B) interference with Business Associate's system operations in Business Associate's information systems, of which Business Associate becomes aware. Business Associate will make this report promptly, except if any such security incident resulted in a disclosure not permitted by this Agreement or Breach of Covered Entity's Unsecured Protected Health Information, Business Associate will make the report in accordance with the provisions set forth in the paragraph above. VI. Term and Termination. (a) Term. The term of this Agreement shall be effective as of June 1, 2020 and shall terminate when all Protected Health Information provided by Covered Entity to Business Associate, or created or received by Business Associate on behalf of Covered Entity, is destroyed or returned to Covered Entity, or, if it is infeasible to return or destroy Protected Health Information, protections are extended to such information, in accordance with the termination provisions in this section. (b) Right to Terminate for Cause. Covered Entity may terminate Agreement if it determines, in its sole discretion, that Business Associate has breached any provision of this Agreement, and upon written notice to Business Associate of the breach, Business Associate fails to cure the breach within 30 calendar days after receipt of the notice. Any such termination will be effective immediately or at such other date specified in Covered Entity's notice of termination. (i) Return or Destruction of Covered Entity's Protected Health Information as Feasible. Except as required by the Washington Public Records Act, Ch. 42.56 RCW, upon termination or other conclusion of Agreement, Business Associate will, if feasible, return to Covered Entity or destroy all of Covered Entity's Protected Health Information in whatever form or medium, including all copies thereof and all data, compilations, and other works derived therefrom that allow identification of any individual who is a subject of Covered Entity's Protected Health Information. This provision shall apply to Protected Health Information that is in the possession of subcontractors or agents of the Business Associate. Further, Business Associate shall require any such subcontractor or agent to certify to Business Associate that it returned to Business Associate (so that Business Associate may return it to the Covered Entity) or destroyed all such information which could be returned or destroyed. Business Associate will complete these obligations as promptly as possible following the effective date of the termination or other conclusion of this Agreement. (ii) Procedure When Return or Destruction Is Not Feasible. Except as required by the Washington Public Records Act, Ch. 42.56 RCW, business Associate will identify any of Covered Entity's Protected Health Information, including any that Business Associate has disclosed to subcontractors or agents as permitted under this Agreement, that cannot feasibly be returned to Covered Entity or destroyed and explain why return or destruction is infeasible. Business Associate will limit its further use or disclosure of such information to those purposes that make return or destruction of such information infeasible. Business Associate will complete these obligations as promptly as possible following the effective date of the termination or other conclusion of this Agreement. (iii) Continuing Privacy and Security Obligation. Business Associate's obligation to protect the privacy and safeguard the security of Covered Entity's Protected Health Information as specified in this Agreement will be continuous and survive termination or other conclusion of this Agreement. Page 9 of 10 VII. General Provisions. (a) Definitions. All terms that are used but not otherwise defined in this Agreement shall have the meaning specified under HIPPA, including its statute, regulations and other official government guidance. (b) Inspection of Internal Practices, Books, and Records. Business Associate will make its internal practices, books, and records relating to its use and disclosure of Covered Entity's Protected Health Information available to Covered Entity and to HHS to determine compliance with the Privacy Rule, or as necessary for the Covered Entity to meet its obligations under the Washington Public Records Act, Ch. 42.56 RCW. (c) Amendment to Agreement. Upon the compliance date of any final regulation or amendment to final regulation promulgated by HHS that affects Business Associate or Covered Entity's obligations under this Agreement, this Agreement will automatically amend such that the obligations imposed on Business Associate or Covered Entity remain in compliance with the final regulation or amendment to final regulation. (d) No Third -Party Beneficiaries. Nothing in this Agreement shall be construed as creating any rights or benefits to any third parties. (e) Interpretation. Any ambiguity in the Agreement shall be resolved to permit Covered Entity and Business Associate to comply with the applicable requirements under HIPPA. Authorized Signature Covered Entity qzr4,!, 7142� Sand Benefit Administration Business Associate S-/Zi f Za Date 05/21/2020 Date Page 10 of 10