HomeMy WebLinkAbout2017-08-21-J01L Fire Records Managment System_Image Trend BAATHE CITY OF WAUKEE, IOWA
RESOLUTION 17-
APPROVING BUSINESS ASSOCIATE AGREEMENT (BAA) BETWEEN THE
CITY OF WAUKEE AND IMAGE TREND
IN THE NAME AND BY THE AUTHORITY OF THE CITY OF WAUKEE, IOWA
WHEREAS, the City of Waukee, Dallas County, State of Iowa, is a duly organized Municipal
Organization; AND,
WHEREAS, on August 21, 2017, the Waukee City Council approved an Intergovernmental
Agreement for the Purchase and Operations of a Joint Fire and EMS Records Management
System, pursuant to Chapter 28E of the Iowa Code (Resolution #17-XXX); AND,
WHEREAS, implementation of the records management system requires a confidentiality
agreement related to the transfer of protected health information between the Waukee Fire
Deparment and Image Trend, both of which are HIPAA-covered organizations.
NOW THEREFORE BE IT RESOLVED by the City Council of the City of Waukee, Iowa on
this 21st day of August, 2017 that the Business Associate Agreement (BAA) between the City of
Waukee and Image Trend is hereby approved.
____________________________
William F. Peard, Mayor
Attest:
___________________________________
Rebecca D. Schuett, City Clerk
ROLL CALL VOTE AYE NAY ABSENT ABSTAIN
Anna Bergman
R. Charles Bottenberg
Brian Harrison
Shelly Hughes
Larry R. Lyon
August 9, 2017 www.imagetrend.com P a g e | 1
EXHIBIT C – HIPAA BUSINESS ASSOCIATE AGREEMENT
BUSINESS ASSOCIATE AGREEMENT
This Business Associate Agreement (“Agreement”) dated _______________________, 2017 (the
“Effective Date”), is entered into by and between _____________, an Iowa corporation (the “Covered
Entity”) and ImageTrend, Inc. a Minnesota corporation (the “Business Associate”).
WHEREAS, Covered Entity and Business Associate have entered into, or are entering into, or
may subsequently enter into, agreements or other documented arrangements (collectively, the “Business
Arrangements”) pursuant to which Business Associate may provide products and/or services for Covered
Entity that require Business Associate to access, create and use health information that is protected by
state and/or federal law; and
WHEREAS, pursuant to the Administrative Simplification provisions of the Health Insurance
Portability and Accountability Act of 1996 (“HIPAA”), the U.S. Department of Health & Human Services
(“HHS”) promulgated the Standards for Privacy of Individually Identifiable Health Information (the “Privacy
Standards”), at 45 C.F.R. Parts 160 and 164, requiring certain individuals and entities subject to the
Privacy Standards (each a “Covered Entity”, or collectively, “Covered Entities”) to protect the privacy of
certain individually identifiable health information (“Protected Health Information”, or “PHI”); and
WHEREAS, pursuant to HIPAA, HHS has issued the Security Standards (the “Security
Standards”), at 45 C.F.R. Parts 160, 162 and 164, for the protection of electronic protected health
information (“EPHI”); and
WHEREAS, in order to protect the privacy and security of PHI, including EPHI, created or
maintained by or on behalf of the Covered Entity, the Privacy Standards and Security Standards require a
Covered Entity to enter into a “business associate agreement” with certain individuals and entities
providing services for or on behalf of the Covered Entity if such services require the use or disclosure of
PHI or EPHI; and
WHEREAS, on February 17, 2009, the federal Health Information Technology for Economic and
Clinical Health Act was signed into law (the “HITECH Act”), and the HITECH Act imposes certain privacy
and security obligations on Covered Entities in addition to the obligations created by the Privacy
Standards and Security Standards; and
WHEREAS, the HITECH Act revises many of the requirements of the Privacy Standards and
Security Standards concerning the confidentiality of PHI and EPHI, including extending certain HIPAA
and HITECH Act requirements directly to business associates; and
WHEREAS, Business Associate and Covered Entity desire to enter into this Business Associate
Agreement;
NOW THEREFORE, in consideration of the mutual promises set forth in this Agreement and the
Business Arrangements, and other good and valuable consideration, the sufficiency and receipt of which
are hereby severally acknowledged, the parties agree as follows:
1. Business Associate Obligations. Business Associate may receive from Covered Entity, or create or
receive on behalf of Covered Entity, health information that is protected under applicable state and/or
federal law, including without limitation, PHI and EPHI. All capitalized terms not otherwise defined in this
Agreement shall have the meanings set forth in the Privacy Standards, Security Standards or the HITECH
Act, as applicable (collectively referred to hereinafter as the “Confidentiality Requirements”). All references
to PHI herein shall be construed to include EPHI. Business Associate agrees not to use or disclose (or
permit the use or disclosure of) PHI in a manner that would violate the Confidentiality Requirements if the
PHI were used or disclosed by Covered Entity in the same manner.
August 9, 2017 www.imagetrend.com P a g e | 2
2. Use of PHI. Except as otherwise required by law, Business Associate shall use PHI in compliance
with 45 C.F.R. § 164.504(e). Furthermore, Business Associate shall use PHI (i) solely for Covered
Entity’s benefit and only for the purpose of performing services for Covered Entity as such services
are defined in Business Arrangements, and (ii) as necessary for the proper management and
administration of the Business Associate or to carry out its legal responsibilities, provided that such
uses are permitted under federal and state law. Covered Entity shall retain all rights in the PHI not
granted herein. Use, creation and disclosure of de-identified health information by Business Associate
are not permitted unless expressly authorized in writing by Covered Entity.
3. Disclosure of PHI. Subject to any limitations in this Agreement, Business Associate may disclose
PHI to any third party persons or entities as necessary to perform its obligations under the Business
Arrangement and as permitted or required by applicable federal or state la w. Further, Business
Associate may disclose PHI for the proper management and administration of the Business
Associate, provided that (i) such disclosures are required by law, or (ii) Business Associate: (a)
obtains reasonable assurances from any third party to whom the information is disclosed that it will be
held confidential and further used and disclosed only as required by law or for the purpose for which it
was disclosed to the third party; (b) requires the third party to agree to immediately notify Business
Associate of any instances of which it is aware that PHI is being used or disclosed for a purpose that
is not otherwise provided for in this Agreement or for a purpose not expressly permitted by the
Confidentiality Requirements. Additionally, Business Associate shall ensure that all disclosures of
PHI by Business Associate and the third party comply with the principle of “minimum necessary use
and disclosure,” i.e., only the minimum PHI that is necessary to accomplish the intended purpose
may be disclosed; provided further, Business Associate shall comply with Section 13405(b) of the
HITECH Act, and any regulations or guidance issued by HHS concerning such provision, regarding
the minimum necessary standard and the use and disclosure (if applicable) of Limited Data Sets. If
Business Associate discloses PHI received from Covered Entity, or created or received by Business
Associate on behalf of Covered Entity, to agents, including a subcontractor (collectively, “Recipients”),
Business Associate shall require Recipients to agree in writing to the same restrictions and conditions
that apply to the Business Associate under this Agreement. Business Associate shall report to
Covered Entity any use or disclosure of PHI not permitted by this Agreement, of which it becomes
aware, such report to be made within three (3) business days of the Business Associate becoming
aware of such use or disclosure. In addition to Business Associate’s obligations under Section 9,
Business Associate agrees to mitigate, to the extent practical and unless otherwise requested by
Covered Entity in writing or as directed by or as a result of a request by Covered Entity to disclose to
Recipients, any harmful effect that is known to Business Associate and is the result of a use or
disclosure of PHI by Business Associate or Recipients in violation of this Agreement.
4. Individual Rights Regarding Designated Record Sets. If Business Associate maintains a
Designated Record Set on behalf of Covered Entity, Business Associate shall (i) provid e access to,
and permit inspection and copying of, PHI by Covered Entity or, as directed by Covered Entity, an
individual who is the subject of the PHI under conditions and limitations required under 45 CFR
§164.524, as it may be amended from time to time, and (ii) amend PHI maintained by Business
Associate as requested by Covered Entity. Business Associate shall respond to any request from
Covered Entity for access by an individual within five (5) days of such request and shall make any
amendment requested by Covered Entity within ten (10) days of such request. Any information
requested under this Section 4 shall be provided in the form or format requested, if it is readily
producible in such form or format. Business Associate may charge a reasonable fee based upon the
Business Associate’s labor costs in responding to a request for electronic information (or a cost -
based fee for the production of non-electronic media copies). Covered Entity shall determine whether
a denial is appropriate or an exception applies. Business Associate shall notify Covered Entity within
five (5) days of receipt of any request for access or amendment by an individual. Covered Entity shall
determine whether to grant or deny any access or amendment requested by the individual. Bus iness
Associate shall have a process in place for requests for amendments and for appending such
requests to the Designated Record Set, as requested by Covered Entity.
August 9, 2017 www.imagetrend.com P a g e | 3
5. Accounting of Disclosures. Business Associate shall make available to Covered Entity in response
to a request from an individual, information required for an accounting of disclosures of PHI with
respect to the individual in accordance with 45 CFR §164.528, as amended by Section 13405(c) of
the HITECH Act and any related regulations or guidance issued by HHS in accordance with such
provision. Business Associate shall provide to Covered Entity such information necessary to provide
an accounting within thirty (30) days of Covered Entity’s request or such shorter time as may be
required by state or federal law. Such accounting must be provided without cost to the individual or to
Covered Entity if it is the first accounting requested by an individual within any twelve (12) month
period. For subsequent accountings within a twelve (12) month per iod, Business Associate may
charge a reasonable fee based upon the Business Associate’s labor costs in responding to a request
for electronic information (or a cost-based fee for the production of non-electronic media copies) so
long as Business Associate informs the Covered Entity and the Covered Entity informs the individual
in advance of the fee, and the individual is afforded an opportunity to withdraw or modify the request.
Such accounting obligations shall survive termination of this Agreement and sha ll continue as long as
Business Associate maintains PHI.
6. Withdrawal of Authorization. If the use or disclosure of PHI in this Agreement is based upon an
individual’s specific authorization for the use of his or her PHI, and (i) the individual revokes suc h
authorization in writing, (ii) the effective date of such authorization has expired, or (iii) the consent or
authorization is found to be defective in any manner that renders it invalid, Business Associate
agrees, if it has notice of such revocation or invalidity, to cease the use and disclosure of any such
individual’s PHI except to the extent it has relied on such use or disclosure, or where an exception
under the Confidentiality Requirements expressly applies.
7. Records and Audit. Business Associate shall make available to the U.S. Department of Health and
Human Services or its agents, its internal practices, books, and records relating to the use and
disclosure of PHI received from, created, or received by Business Associate on behalf of Covered
Entity for the purpose of determining Covered Entity’s compliance with the Confidentiality
Requirements or any other health oversight agency, in a time and manner designated by the
Secretary. Except to the extent prohibited by law, Business Associate agrees to n otify Covered Entity
immediately upon receipt by Business Associate of any and all requests by or on behalf of any and all
federal, state and local government authorities served upon Business Associate for PHI.
8. Implementation of Security Standards; Notice of Security Incidents. Business Associate will use
appropriate safeguards to prevent the use or disclosure of PHI other than as expressly permitted
under this Agreement. Business Associate will implement administrative, physical and technical
safeguards that reasonably and appropriately protect the confidentiality, integrity and availability of
the PHI that it creates, receives, maintains or transmits on behalf of Covered Entity. Business
Associate acknowledges that the HITECH Act requires Business Associate to comply with 45 C.F.R.
§§ 164.308, 164.310, 164.312, 164.314, and 164.316 as if Business Associate were a Covered
Entity, and Business Associate agrees to comply with these provisions of the Security Standards and
all additional security provisions of the HITECH Act. Furthermore, to the extent feasible, Business
Associate will use commercially reasonable efforts to ensure that the technology safeguards
used by Business Associate to secure PHI will render such PHI unusable, unreadable and
indecipherable to individuals unauthorized to acquire or otherwise have access to such PHI in
accordance with HHS Guidance published at 74 Federal Register 19006 (April 17, 2009), or such
later regulations or guidance promulgated by HHS or issued by the National Ins titute for Standards
and Technology (“NIST”) concerning the protection of identifiable data such as PHI. Business
Associate acknowledges and agrees that the HIPAA Omnibus Rule finalized January 25, 2013 at 78
Fed. Reg. 5566 requires Business Associate to comply with new and modified obligations imposed by
that rule under 45 C.F.R. §164.306, 45 C.F.R. § 164.308, 45 C.F.R. § 163.310, 45 C.F.R. § 164.312,
45 C.F.R. § 164.316, 45 C.F.R. § 164.502, 45 C.F.R. § 164.504. Lastly, Business Associate will
promptly report to Covered Entity any successful Security Incident of which it becomes aware. At the
request of Covered Entity, Business Associate shall identify: the date of the Security Incident, the
scope of the Security Incident, the Business Associate’s respo nse to the Security Incident and the
identification of the party responsible for causing the Security Incident, if known . Business Associate
August 9, 2017 www.imagetrend.com P a g e | 4
and Covered Entity shall take reasonable measures to ensure the availability of all affirmative
defenses under the HITECH Act, HIPAA, and other state and federal laws and regulations governing
PHI and EPHI.
9. Data Breach Notification and Mitigation.
a. HIPAA Data Breach Notification and Mitigation. Business Associate agrees to implement
reasonable systems for the discovery and prompt reporting of any “breach” of “unsecured
PHI” as those terms are defined by 45 C.F.R. §164.402 (hereinafter a “HIPAA Breach”). The
parties acknowledge and agree that 45 C.F.R. §164.404, as described below in this Section
9.1, governs the determination of the date of a HIPAA Breach. In the event of any conflict
between this Section 9.1 and the Confidentiality Requirements, the more stringent
requirements shall govern. Business Associate will, following the discovery of a HIPAA
Breach, notify Covered Entity immediately and in no event later than three (3) business days
after Business Associate discovers such HIPAA Breach, unless Business Associate is
prevented from doing so by 45 C.F.R. §164.412 concerning law enforcement investigations.
For purposes of reporting a HIPAA Breach to Covered Entity, the discovery of a HIPAA
Breach shall occur as of the first day on which such HIPAA Breach is known to the Business
Associate or, by exercising reasonable diligence, would have been known to the Business
Associate. Business Associate will be considered to have had knowledge of a HIPAA Breach
if the HIPAA Breach is known, or by exercising reasonable diligence would have been known,
to any person (other than the person committing the HIPAA Breach) who is an employee,
officer or other agent of the Business Associate. No later than seven (7) business days
following a HIPAA Breach, Business Associate shall provide Covered Entity wit h sufficient
information to permit Covered Entity to comply with the HIPAA Breach notification
requirements set forth at 45 C.F.R. §164.400 et seq. Specifically, if the following information
is known to (or can be reasonably obtained by) the Business Associate, Business Associate
will provide Covered Entity with: (i) contact information for individuals who were or who may
have been impacted by the HIPAA Breach (e.g., first and last name, mailing address, street
address, phone number, email address); (ii) a brief description of the circumstances of the
HIPAA Breach, including the date of the HIPAA Breach and date of discovery; (iii) a
description of the types of unsecured PHI involved in the HIPAA Breach (e.g., names, social
security number, date of birth, address(es), account numbers of any type, disability codes,
diagnostic and/or billing codes and similar information); (iv) a brief description of what the
Business Associate has done or is doing to investigate the HIPAA Breach, mitigate harm to
the individual impacted by the HIPAA Breach, and protect against future HIPAA Breaches;
and (v) appoint a liaison and provide contact information for same so that the Covered Entity
may ask questions or learn additional information concerning the HIPAA Breach. Following a
HIPAA Breach, Business Associate will have a continuing duty to inform Covered Entity of
new information learned by Business Associate regarding the HIPAA Breach, including but
not limited to the information described in items (i) through (v), above.
b. Data Breach Notification and Mitigation Under Other Laws. In addition to the requirements of
Section 9.1, Business Associate agrees to implement reasonable systems for the discovery
and prompt reporting of any breach of individually identifiable information (including but not
limited to PHI, and referred to hereinafter as “Individually Identifiable Information”) that, if
misused, disclosed, lost or stolen, Covered Entity believes would trigger an obligation under
one or more State data breach notification laws (each a “State Breach”) to notify the
individuals who are the subject of the information. Business Associate agrees that in the
event any Individually Identifiable Information is lost, stolen, used or disclosed in violation of
one or more State data breach notification laws, Business Associate shall promptly: (i)
cooperate and assist Covered Entity with any investigation into any State Breach or alleged
State Breach; (ii) cooperate and assist Covered Entity with any investigation into any State
Breach or alleged State Breach conducted by any State Attorney General or State Consumer
Affairs Department (or their respective agents); (iii) comply with Covered Entity’s
determinations regarding Covered Entity’s and Business Associate’s obligations to mitigate to
August 9, 2017 www.imagetrend.com P a g e | 5
the extent practicable any potential harm to the individuals impacted by the State Breach; and
(iv) assist with the implementation of any decision by Covered Entity or any State agency,
including any State Attorney General or State Consumer Affairs Department (or their
respective agents), to notify individuals impacted or potentially impacted by a State Breach.
c. Breach Indemnification. Business Associate shall indemnify, defend and hold Covered Entity
and its officers, directors, employees, agents, successors and assigns harmless, from and
against all reasonable losses, claims, actions, demands, liabilities, damages, costs and
expenses (including costs of judgments, settlements, court costs and reasonable attorneys’
fees actually incurred) (collectively, “Information Disclosure Claims”) arising from or related
to: (i) the use or disclosure of Individually Identifiable Information (including PHI) by Business
Associate in violation of the terms of this Agreement or applicable law, and (ii) whether in
oral, paper or electronic media, any HIPAA Breach of unsecured PHI and/or State Breach of
Individually Identifiable Information by Business Associate. If Business Associate assumes
the defense of an Information Disclosure Claim, Covered Entity shall have th e right, at its
expense and without indemnification notwithstanding the previous sentence, to participate in
the defense of such Information Disclosure Claim. Business Associate shall not take any
final action with respect to any Information Disclosure Claim without the prior written consent
of Covered Entity. Covered Entity likewise shall not take any final action with respect to any
Information Disclosure Claim without the prior written consent of Business Associate. To the
extent permitted by law and except when caused by an act of Covered Entity or resulting
from a disclosure to a Recipient required or directed by Covered Entity to receive the
information, Business Associate shall be fully liable to Covered Entity for any acts, failures or
omissions of Recipients in furnishing the services as if they were the Business Associate’s
own acts, failures or omissions.
10. Term and Termination.
a. This Agreement shall commence on the Effective Date and shall remain in effect until
terminated in accordance with the terms of this Section 10, provided, however, that
termination shall not affect the respective obligations or rights of the parties arising under this
Agreement prior to the effective date of termination, all of which shall continue in accordance
with their terms.
b. Covered Entity shall have the right to terminate this Agreement for any reason upon thirty
(30) days written notice to Business Associate.
c. Covered Entity, at its sole discretion, may immediately terminate this Agreement and shall
have no further obligations to Business Associate if any of the following events shall have
occurred and be continuing:
i. Business Associate fails to observe or perform any material covenant or obligation
contained in this Agreement for ten (10) days after written notice thereof has been
given to the Business Associate by Covered Entity; or
ii. A violation by the Business Associate of any provision of the Confidentiality
Requirements or other applicable federal or state privacy law relating to the
obligations of the Business Associate under this Agreement.
d. Termination of this Agreement for either of the two reasons set forth in Section 10.c above
shall be cause for Covered Entity to immediately terminate for cause any Business
Arrangement pursuant to which Business Associate is entitled to receive PHI from Covered
Entity.
e. Upon the termination of all Business Arrangements, either Party may terminate this
Agreement by providing written notice to the other Party.
f. Upon termination of this Agreement for any reason, Business Associate agrees either to
return to Covered Entity or to destroy all PHI received from Covered Entity or otherwise
August 9, 2017 www.imagetrend.com P a g e | 6
through the performance of services for Covered Entity, that is in the possession or control of
Business Associate or its agents. In the case of PHI which is not feasible to “return or
destroy,” Business Associate shall extend the protections of this Agreement to such PHI and
limit further uses and disclosures of such PHI to those purposes that make the return or
destruction infeasible, for so long as Business Associate maintains such PHI. Business
Associate further agrees to comply with other applicable state or federal law, which may
require a specific period of retention, redaction, or other treatment of such PHI.
11. No Warranty. PHI IS PROVIDED TO BUSINESS ASSOCIATE SOLELY ON AN “AS IS” BASIS.
COVERED ENTITY DISCLAIMS ALL OTHER WARRANTIES, EXPRESS OR IMPLIED, INCLUDING,
BUT NOT LIMITED TO, IMPLIED WARRANTIES OF MERCHANTABILITY, AND FITNESS FOR A
PARTICULAR PURPOSE.
12. Ineligible Persons. Business Associate represents and warrants to Covered Entity that Business
Associate (i) is not currently excluded, debarred, or otherwise ineligible to participate in any federal
health care program as defined in 42 U.S.C. Section 1320a-7b(f) (“the Federal Healthcare
Programs”); (ii) has not been convicted of a criminal offense related to the provision of health care
items or services and not yet been excluded, debarred, or otherwise declared ineligible to participate
in the Federal Healthcare Programs, and (iii) is not under investigation or otherwise aware of any
circumstances which may result in Business Associate being excluded from participation in the
Federal Healthcare Programs. This shall be an ongoing representation and warranty during the term
of this Agreement, and Business Associate shall immediately notify Covered Entity of any change in
the status of the representations and warranty set forth in this section. Any breach of this section shall
give Covered Entity the right to terminate this Agreement immediately for cause.
13. Miscellaneous.
a. Notice. All notices, requests, demands and other communications required or permitted to be
given or made under this Agreement shall be in writing, shall be effective upon receipt or attempted
delivery, and shall be sent by (i) personal delivery; (ii) certified or registered United States mail,
return receipt requested; or (iii) overnight delivery service with proof of delivery. Notices shall be
sent to the addresses below. Neither party shall refuse delivery of any notice hereunder.
If to Covered Entity:
Compliance Office
______________________
______________________
______________________
______________________
If to Business Associate:
ImageTrend, Inc.
Attn: Michael J. McBrady
20855 Kensington Blvd.
Lakeville, MN 55044
14. Waiver. No provision of this Agreement or any breach thereof shall be deemed waived unless such
waiver is in writing and signed by the Party claimed to have waived such provision or breach. No
waiver of a breach shall constitute a waiver of or excuse any different or subsequent breach.
15. Assignment. Neither Party may assign (whether by operation or law or otherwise) any of its rights or
delegate or subcontract any of its obligations under this Agreement without the prior written consent
of the other Party. Notwithstanding the foregoing, Covered Entity shall have the right to assign its
rights and obligations hereunder to any entity that is an affiliate or successor of Covered Entity,
August 9, 2017 www.imagetrend.com P a g e | 7
without the prior approval of Business Associate.
16. Severability. Any provision of this Agreement that is determined to be invalid or unenforceable will
be ineffective to the extent of such determination without invalidating the remaining provisions of this
Agreement or affecting the validity or enforceability of such remaining provisions.
17. Entire Agreement. This Agreement constitutes the complete agreement between Business
Associate and Covered Entity relating to the matters specified in this Agreement, and supersedes all
prior representations or agreements, whether oral or written, with respect to such matters. In the
event of any conflict between the terms of this Agreement and the terms of the Business
Arrangements or any such later agreement(s), the terms of this Agreement shall control unless the
terms of such Business Arrangements are more strict with respect to PHI and comply with the
Confidentiality Requirements, or the parties specifically otherwise agree in writing. No oral
modification or waiver of any of the provisions of this Agreement shall be binding on either Party;
provided, however, that upon the enactment of any law, regulation, court decision or relevant
government publication and/or interpretive guidance or policy that the Covered Entity believes in good
faith will adversely impact the use or disclosure of PHI under this Agreement, Covered Entity may
amend the Agreement to comply with such law, regulation, court decision or government publication,
guidance or policy by delivering a written amendment to Business Associate which shall be effective
thirty (30) days after receipt. No obligation on either Party to enter into any transaction is to be
implied from the execution or delivery of this Agreement. This Agreement is for the benefit of, and
shall be binding upon the parties, their affiliates and respective successors and assigns. No third
party shall be considered a third-party beneficiary under this Agreement, nor shall any third party
have any rights as a result of this Agreement.
18. Governing Law. This Agreement shall be governed by and interpreted in accordance with the laws
of the state in which CLIENT is located, excluding its conflicts of laws provisions. Jurisdiction and
venue for any dispute relating to this Agreement shall exclusively rest with the state and federal
courts in the county in which CLIENT is located.
19. Equitable Relief. The parties understand and acknowledge that any disclosure or misappropriation
of any PHI in violation of this Agreement will cause the other irreparable harm, the amount of which
may be difficult to ascertain, and therefore agrees that the injured party shall have the right to apply to
a court of competent jurisdiction for specific performance and/or an order restraining and enjoining
any such further disclosure or breach and for such other relief as the injured party shall deem
appropriate. Such right is to be in addition to the remedies otherwise available to the parties at law or
in equity. Each party expressly waives the defense that a remedy in damages will be adequate and
further waives any requirement in an action for specific performance or injunction for the posting of a
bond.
20. Nature of Agreement; Independent Contractor. Nothing in this Agreement shall be construed to
create (i) a partnership, joint venture or other joint business relationship between the parties or any of
their affiliates, or (ii) a relationship of employer and employee between the parties. Business
Associate is an independent contractor, and not an agent of Covered Entity. This Agreement does
not express or imply any commitment to purchase or sell goods or services.
21. Counterparts. This Agreement may be executed in one or more counterparts, each of which shall
be deemed an original, but all of which together shall constitute one and the same document. In
making proof of this Agreement, it shall not be necessary to produce or account for more than one
such counterpart executed by the party against whom enforcement of this Agreement is sought.
Signatures to this Agreement transmitted by facsimile transmission, by electronic mail in portable
document format (“.pdf”) form, or by any other electronic means intended to preserve the original
graphic and pictorial appearance of a document, will have the same force and effect as physical
execution and delivery of the paper document bearing the original signature.
August 9, 2017 www.imagetrend.com P a g e | 8
IN WITNESS WHEREOF, the parties have executed this Agreement as of the Effective Date.
APPROVED AS:
“CLIENT” "IMAGETREND"
By: By:
Name: Name: Michael J. McBrady
Title: Title: President
Dated: Dated: