Or. Admin. Code § 943-014-0435 - Contractor Security Requirements

State Regulations
Compare

(1) Contractors must comply with the Security Rule's business associate requirements for electronic protected health information and must comply with both the Privacy Rule and the Security Rule requirements applicable to a business associate.

(2) Contractors must:

(a) Implement administrative, physical, and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability of the protected health information and electronic protected health information that it creates, receives, maintains, or transmits on behalf of the Authority.

(b) Develop and enforce policies, procedures, and documentation standards (including designation of a security official) related to the administrative, physical, and technical safeguards that protect electronic protected health information.

(c) When required by OAR 943-014-0415(5), enter into a business associate agreement with any agent or subcontractor to ensure the agent or subcontractor agrees to implement reasonable and appropriate safeguards to protect electronic protected health information the contractor provides.

Notes

Or. Admin. Code § 943-014-0435

OHA 1-2013(Temp), f. & cert. ef. 8-23-13 thru 2-18-14; OHA 1-2014, f. 2-12-14, cert. ef. 2-18-14

Stat. Auth.: ORS 413.042

Stats. Implemented: ORS 179.505, 192.553, 192.556 - 192.581, 413.032, 413.042 & 414.065

State regulations are updated quarterly; we currently have two versions available. Below is a comparison between our most recent version and the prior quarterly release. More comparison features will be added as we have more versions to compare.

No prior version found.