The URL can be used to link to this page

Home My WebLink AboutR-2014-154 Claim Review and Audit Service Contract with ELAP Services, LLC RESOLUTION NO. R- 2014 -154 A RESOLUTION authorizing the City Manager to enter into a contract with ELAP Services LLC to provide employee medical cost Claim Review and Audit Service for the City's self- funded medical services WHEREAS, the City of Yakima self- funded medical services employer group requires the services of a professional claim review and audit service to control employee health care costs in accord with applicable Federal, State and Local regulations, and WHEREAS, ELAP Services LLC has the professional expertise, experience and support to assist the City's medical service administration to plan, design and cooperatively establish appropriate limits for payment of the City's medical claims that correlate to the providers' actual cost of services; and WHEREAS, ELAP is willing and able to work with the City's stop loss carrier to ensure cohesion between the plan document and stop loss policy, with a special focus on catastrophic claims management; ELAP will professionally support the City's fiduciary duty to prudently manage plan assets, make appropriate coverage determinations and manage potential medical provider appeals in a manner compliant with the Employment Retirement Income Security Act (ERISA); and WHEREAS, ELAP agrees to assume certain defense obligations on behalf of the City's covered personnel in support of this process and will establish direct, transparent contracts on behalf of the City with health care providers on a regional and national level, adhering to the principles of transparent pricing, objectivity and fair reimbursement practices; and WHEREAS, the Agreement between the City and ELAP, attached hereto and incorporated herein by this reference, defines the responsibilities of the parties to provide fair medical cost reimbursement practices for the City's self- funded employer group; and WHEREAS, the City Council has determined that the Agreement between the City and ELAP is in the best interest of the City and will provide the oversight necessary to protect and sustain the City self- funded employer group; now therefore; BE IT RESOLVED BY THE CITY COUNCIL OF THE CITY OF YAKIMA: The City Manager is hereby authorized and directed to execute the attached and incorporated Agreement between the City and ELAP Services LLC to provide necessary analysis, oversight and control of the City's employee health care costs, to provide a cost containment plan design and establish limits for payment of medical claims that correlate to the healthcare provider's cost of services, with a special focus on catastrophic claim management, thereby preserving and sustaining the City's self- funded employer group.. ADOPTED BY THE CITY COUNCIL this 9 day of December, 2014. ATTEST: Micah a ey, Mayor ° fl 4 41 %. Sonya Iaar Tee, City Clerk t.r' j 1 v HIPAA BUSINESS ASSOCIATE AGREEMENT This HIPAA Business Associate Agreement (this "Agreement ") dated December 5, 2014 is by and between City of Yakima having its principal office located at 129 N. Second Street, Yakima, WA 98901 ( "Covered Entity ") and ELAP Services, LLC, located at 961 Pottstown Pike, Chester Springs, Pennsylvania 19425 ( "Business Associate ") related to the work to be performed as described below (Covered Entity and Business Associate, each a "Party" and collectively, the "Parties "). BACKGROUND I. Covered Entity has engaged Business Associate for the purpose of assisting Covered Entity, pursuant to the contract between the Parties made as of December 5, 2014 entitled [ "Claim Review And Audit Service Agreement "] (hereinafter, the "BA Services Contract "), in providing certain functions and activities for and on behalf of Covered Entity (the `BA Services "). II. Covered Entity wishes to disclose information to Business Associate pursuant to the terms of this Agreement, some of which may constitute Protected Health Information ( "PHI "), including electronic protected health information ( "e- PHI ") (PHI and e -PHI are, collectively, referred to hereinafter as "Covered Entity's PHI ") in order for Business Associate to perform the BA Services. III. Covered Entity and Business Associate intend to protect the privacy and provide for the security of PHI disclosed to Business Associate in connection with the BA Services Contract and pursuant to this Agreement in compliance with the Health Insurance Portability and Accountability Act of 1996, Public Law 104 -191, as amended (the "HIPAA Statute "), and its related "Privacy Rule" (45 CFR Parts 160 and 164, Subpart E) and "Security Rule" (45 CFR Part 160 and 164, Subpart C) promulgated by the Secretary of Health and Human Services ( "HHS ") (collectively, the HIPAA Statute, the Privacy Rule and the Security Rule and are referred to, hereinafter, as "HIPAA "), all as amended by the Health Information Technology for Economic and Clinical Health Act enacted on February 17, 2009 (the "HITECH Statute "), and any regulations promulgated thereunder (collectively, the "HITECH Rules," and together with the HITECH Statute, referred to hereinafter as "HITECH "), the Genetic Information Nondiscrimination Act of 2008, as may be amended (hereinafter, "GINA "), as well as any other applicable laws concerning the privacy and security of health information. Together, HIPAA and HITECH are at times referred to hereinafter as "HIPAA and HITECH." IV. Under HIPAA, Covered Entity must document the required satisfactory assurances through a written agreement with Business Associate that meets the applicable requirements of HIPAA, as well as incorporate into such agreement those requirements under HITECH that relate to privacy or security and are applicable to Business Associate, and the Parties now wish to enter into the Agreement in order to comply with such LV l 1182409v2 07/01/10 LV 1 1468200v1 09/16/11 Update for Final Rule 2013 HIPAA Business Associate Agreement Page 2 of 14 requirements and to set forth more specifically each Party's respective obligations in connection therewith. In consideration of the mutual promises below and the exchange of information provided for herein, the Parties agree as follows: TERMS A. Incorporation of Background. The "Background" paragraphs set forth above are incorporated herein and made a part of the terms of this Agreement as if set forth herein in full. B. Effective Date. Except as specifically stated otherwise in this Agreement, the Effective Date shall be the date that first appears above in the introductory paragraph to this Agreement. C. Definitions. Any capitalized terms not otherwise specifically defined in this Agreement shall have the meanings ascribed to them in HIPAA and HITECH. D. Obligations of Covered Entity. Covered Entity shall be responsible for using appropriate safeguards to maintain and ensure the confidentiality, privacy and security of Covered Entity's PHI transmitted to Business Associate pursuant to this Agreement, in accordance with the standards and requirements of HIPAA and HITECH, until such PHI is received by Business Associate. E. Obligations of Business Associate. 1) Permitted Uses and Disclosures. Business Associate may use and/or disclose any and all of Covered Entity's PHI received by Business Associate from Covered Entity, or created or obtained by Business Associate on behalf of Covered Entity as follows: a) Purpose: Business Associate may use Covered Entity's PHI to provide or perform the BA Services, as set forth in the BA Services Contract. b) Type of Information: Business Associate may use any and all information made available by Covered Entity and necessary for Business Associate to provide the BA Services to Covered Entity. c) Scope of Use: Business Associate may use and further disclose Covered Entity's PHI to the extent permitted by and in accordance with this Agreement, HIPAA and HITECH, or as otherwise required by law. d) Minimum Necessary. After the effective date of the HHS guidance document on what constitutes "minimum necessary" (the "Minimum Necessary Guidance "), Business Associate shall use /disclosure /request LV 1 1468200v1 09/16/11 Update for Final Rule 2013 HIPAA Business Associate Agreement Page 3 of 14 only the minimum necessary amount of Covered Entity's PHI as set forth in such Minimum Necessary Guidance. Until such effective date of the Minimum Necessary Guidance, Business Associate shall comply with Covered Entity's policy regarding what constitutes the "minimum necessary" to accomplish the intended purpose of Business Associate's use or disclosure of Covered Entity's PHI. e) Use for Management and Administration: Business Associate may use Covered Entity's PHI for the proper management and administration of Business Associate, if such disclosure is necessary (1) for the proper management and administration of Business Associate or (2) to carry out the legal responsibilities of Business Associate. f) Disclosure for Management and Administration: Business Associate may disclose Covered Entity's PHI for the proper management and administration of Business Associate if: (1) the disclosure is required by law, or (2) Business Associate discloses Covered Entity's PHI to a third party as permitted under the BA Services Agreement, and Business Associate obtains from the third party a written agreement with Business Associate that meets the applicable requirements of HIPAA, as well as incorporate into such agreement those requirements under HITECH that relate to privacy or security and are applicable to Business Associate. In no event, however, shall Business Associate disclose Covered Entity's PHI for the foregoing purposes to any such third party not within the borders and jurisdiction of the United States of America without the prior written consent of Covered Entity, which may be withheld in Covered Entity's sole and unfettered discretion. g) Uses or Disclosures Requiring Prior Authorization: Business Associate agrees and understands that, except as expressly provided in this Agreement, or permitted under HIPAA, HITECH, and state law, it shall not use or disclose Covered Entity's PHI to any other person or entity without first having received a HIPAA- compliant authorization. Business Associate shall retain a copy of each authorization obtained, and the information provided in response to the authorization, for six (6) years. h) Nondisclosure: Business Associate shall not use or further disclose Covered Entity's PHI other than as permitted or required by this Agreement, or as otherwise required or permitted by law. LV 1 1468200v1 09/16/11 Update for Final Rule 2013 HIPAA Business Associate Agreement Page 4 of 14 2) Security Safeguards a) General. Business Associate shall, as of the Effective Date of this Agreement, implement and use appropriate administrative, physical and technical safeguards to provide for the security of Covered Entity's PHI, including: • Implementing policies and procedures to prevent, detect and contain, and correct security violations; • Limiting physical access to electronic information systems that maintain PHI and the facility or facilities in which they are housed, while ensuring that properly authorized access is allowed; and u Implementing technical policies and procedures for electronic information systems that maintain PHI to allow access only to those persons or software programs that have been granted access rights as specified in 45 CFR 164.308(a)(4). b) Compliance Deadline for HITECH. In addition to the foregoing, Business Associate shall meet all of the administrative, technical and physical safeguard Standards as set forth in § 164.308, § 164.310, § 164.312 of the Security Rule and as follows: (i) Administrative Safeguards. Business Associate shall implement and maintain a written security program that includes administrative, technical and physical safeguards appropriate to the size and complexity of Business Associate's operations and the nature and scope of its activities. (ii) Implementation Specifications. Business Associate shall implement all of the "Required" and "Addressable" (as such terms are defined in the Security Rule) Implementation Specifications in the Security Rule, unless Business Associate and Covered Entity agree otherwise, and Business Associate documents: (i) the rationale why a particular Addressable Implementation Specification is not "reasonable and appropriate," and (ii) Business Associate implements an alternative measure agreed to in writing by Covered Entity. (iii) Documentation. Business Associate shall maintain the policies and procedures implemented to comply with the Security Rule in written (which may be electronic) form; and to the extent that an action, activity or assessment that relates to this Agreement is required under the Security Rule to be documented, Business LV 1 1468200v1 09/16/11 Update for Final Rule 2013 HIPAA Business Associate Agreement Page 5of14 Associate shall maintain a written (which may be electronic) record of the action, activity or assessment. Any such documentation created shall be retained by Business Associate and made available to Covered Entity upon request for a period of six (6) years from the date of its creation, or the date when it last was in effect, whichever is later. (iv) Annual HHS Guidance. Business Associate shall, by no later than any applicable deadlines, implement and comply with any requirements set forth in the annual guidance issued by HHS pursuant to § 13401(c) of HITECH concerning the most effective Technical Safeguards for use in carrying out compliance with the Security Rule. 3) Accounting of Disclosures through an EHR. a) Accounting by Business Associate. If Covered Entity receives a request from an individual for an Accounting of disclosures made through an EHR, Covered Entity may furnish Business Associate's contact information (e.g., mailing address, telephone number, and e -mail address) to such individual in order for such individual to obtain an Accounting of Business Associate's disclosures directly from Business Associate. Business Associate shall provide an Accounting directly to the individual in accordance with HIPAA and § 13405(c) of HITECH (including an Accounting for treatment disclosures for the prior 3 years) upon such individual's making the Accounting request directly to Business Associate 4) Access Rights to PHI Maintained in an EHR. a) Electronic Copies. If Covered Entity's PHI is maintained in or used in connection with an EHR, Business Associate shall also make available copies of such information in an electronic format upon an individual's request for access to the same under HIPAA, and, if the individual requests, to transmit such electronic copy of the individual's PHI directly to an entity or person designated by the individual, provided that any such request by the individual is clear, conspicuous and specific. b) Copy Fees. Business Associate's compliance with such "access rights" requirements under HITECH shall be at Business Associate's cost. Notwithstanding the immediately preceding sentence, Business Associate may, with Covered Entity's written consent, which shall not be unreasonably withheld, charge a "copy /labor fee" to the individual as otherwise permitted under HIPAA and HITECH and State law. LV 1 1468200v1 09/16/11 Update for Final Rule 2013 HIPAA Business Associate Agreement Page 6 of 14 5) Requested Restrictions. Business Associate acknowledges that Covered Entity is required under § 13405(a) of HITECH to comply with an individual's requested restriction regarding his or her PHI (unless the disclosure is otherwise required by law) if: a) The disclosure is to a health plan for purposes of carrying out payment or health care operations (but not treatment), and b) Covered Entity's PHI pertains solely to a health care item or service for which the health care provider has been paid out -of- pocket in full by the individual. Business Associate shall comply with any such requested restriction that applies to Business Associate's further use or disclosure of Covered Entity's PHI and of which Business Associate is made aware in writing by Covered Entity. 6) Availability of Information to Covered Entity. Business Associate shall make available to Covered Entity such information as Covered Entity may require to fulfill Covered Entity's obligations to provide access to, provide a copy of, and account for disclosures with respect to Covered Entity's PHI pursuant to HIPAA and HITECH, including, but not limited to, 45 CFR § 164.524 and § 164.528. Nothing in this provision shall be construed to preclude or limit Business Associate's obligations under the law, specifically with respect to the provision of access to individuals of their PHI and the provision of an accounting of disclosures to individuals of their PHI. 7) Amendment of PHI. Business Associate shall make Covered Entity's PHI available to Covered Entity as Covered Entity may require to fulfill Covered Entity's obligations to amend Covered Entity's PHI pursuant to HIPAA and HITECH, including, but not limited to, 45 CFR § 164.526, and Business Associate shall, as directed by Covered Entity, incorporate any amendments to Covered Entity's PHI into copies of such PHI maintained by Business Associate. Nothing in this provision shall be construed to preclude or limit Business Associate's obligations under the law, specifically with respect to the amendment of Covered Entity's PHI by Business Associate. 8) Business Associate's Agents. Business Associate shall ensure that any agents, including subcontractors, to whom it provides Covered Entity's PHI, agree in writing to the same restrictions and conditions that apply to Business Associate with respect to Covered Entity's PHI. Business Associate shall not disclose any of Covered Entity's PHI to any agent or subcontractor that is not within the borders and jurisdiction of the United States of America without the prior written consent of Covered Entity, which may be withheld in Covered Entity's sole and unfettered discretion. LV 1 1468200v1 09/16/11 Update for Final Rule 2013 HIPAA Business Associate Agreement Page 7 of 14 9) Internal Practices. Business Associate shall make its internal practices, books and records relating to the use and disclosure of Covered Entity's PHI available to the HHS for purposes of determining Covered Entity's compliance with HIPAA and HITECH. 10) Security Breach Notification. a) Compliance. Business Associate shall comply with the standards and requirements that relate to notifications required in the event of a breach of information in accordance with the Breach Notification Laws (as defined hereinbelow). For purposes of this Agreement, the term "Breach Notification Laws" shall include, collectively, those provisions concerning breach notification obligations set forth in HITECH and its related regulations, including the Final Rule for Breach Notification for Unsecured Protected Health Information (45 CFR Parts 160 and 164). b) Securing PHI. Business Associate shall secure any and all of Covered Entity's PHI that it accesses, maintains, retains, modifies, records, stores, destroys, or otherwise holds, uses, or discloses for or on behalf of Covered Entity by implementing such technologies and methodologies (e.g., encryption) that are specifically set forth in the Breach Notification Laws and recognized by the Secretary of HHS in its guidance document on such topic released annually pursuant to HITECH, and which render Covered Entity's PHI unusable, unreadable and indecipherable. If Business Associate and Covered Entity otherwise agree that it is not reasonable or possible for Business Associate to implement such technologies and methodologies to secure certain of Covered Entity's PHI, then Business Associate shall implement reasonable alternative methods, as agreed to in writing by Covered Entity in its sole and unfettered discretion, to safeguard the information, and in such instance shall comply in full with the Breach Notification Laws in the event of a Breach (as such tens is defined under the Breach Notification Laws) of any unsecured PHI. c) Business Associate's Obligations In The Event of a Breach. (i) Duty to Discover and Report Breaches to Covered Entity. Business Associate shall promptly notify Covered Entity of any Breach of Covered Entity's PHI, irrespective of the medium in which the Breach occurred (e.g., electronic, paper or oral), that Business Associate discovers, or should reasonably have discovered, including through any employee, agent or contractor of Business Associate. Business Associate shall take all reasonable steps (e.g., audits; anonymous internal reporting, etc.) to allow it to discover Breaches involving Covered Entity's PHI. LV l 1468200v1 09/16/11 Update for Final Rule 2013 HIPAA Business Associate Agreement Page 8 of 14 (ii) Reporting Contact. Business Associate shall notify Covered Entity's Privacy Officer and /or Security Officer, or their designee, either in person or by telephone at a number to be provided by Covered Entity of any discovered Breach. (iii) Information To Be Provided. Business Associate shall provide Covered Entity with the following information in connection with the Breach: • a brief description of what happened; • the date of the Breach and the date of discovery of the Breach, if known; • what type of unsecured PHI was involved in the Breach (e.g., name; SSN, etc.); • identification of each individual whose unsecured PHI has been, or reasonably believed by Business Associate to have been, breached; • what Business Associate is doing to investigate, mitigate and protect against further Breaches of a similar or dissimilar nature; • contact information at Business Associate (specific for the Breach), including toll -free number, e -mail address, Web site, or postal address where individuals may contact Business Associate directly for further information about the Breach; and • any additional information that Covered Entity may require for purposes of furnishing required notices under the Breach Notification Laws. In the event that some or all of the foregoing information is not readily available when the Breach is discovered, Business Associate shall still promptly notify Covered Entity of the Breach and may provide the additional infornuation required under this paragraph (iii) as soon as possible thereafter, but without unreasonable delay and in no case longer than thirty (30) days after the Breach is discovered. d) Agreement to Cooperate and Assist. Business Associate shall cooperate with Covered Entity and provide such assistance as Covered Entity may need in order to comply with the Breach Notification Laws. With respect to any Breach of Covered Entity's PHI that results from an act or omission of Business Associate, including any of Business Associate's employees, owners, directors, agents, independent contractors or affiliates, Business Associate shall provide administrative support and other resources as may be requested by Covered Entity in order to furnish written notices to LV 11468200v 1 09/16/11 Update for Final Rule 2013 HIPAA Business Associate Agreement Page 9of14 individuals affected by the Breach and otherwise comply with the Breach Notification Laws. Covered Entity agrees to consult with Business Associate in the preparation of the written notices to individuals affected by the Breach. In the event that Business Associate does not provide such requested assistance and resources in a timely manner, as determined by Covered Entity in its sole and unfettered discretion, then Business Associate shall reimburse Covered Entity for all costs and expenses (e.g., postage, supplies, administrative staff time, etc.) incurred by Covered Entity in its efforts to comply with the notification requirements under the Breach Notification Laws. 11) Prohibition on "Sale" of PHI. a) Effective Date of Compliance. Business Associate shall comply with § 13405(d) of HITECH, this subparagraph 11) (a), and the additional restrictions HHS promulgates by regulation concerning prohibitions under HIPAA and HITECH on "sale" of PHI. b) General Prohibition. Business Associate shall not directly or indirectly receive remuneration in exchange for any of Covered Entity's PHI unless Business Associate obtained from the individual a valid authorization that includes, in accordance with HITECH, a specification that Covered Entity's PHI can be further exchanged for remuneration by Business Associate, except that Business Associate may accept such remuneration in exchange for Covered Entity's PHI for the following limited purposes: (i) Public Health Activities; (ii) Research, but only if the price charged reflects the costs of preparation and transmittal of the data for such purpose; (iii) Treatment (subject to future HHS regulation restricting inappropriate exchanges under this exception); (iv) Health Care Operations related to the sale, transfer, merger or consolidation of all or part of Business Associate with another Business Associate, but only with the prior written consent of Covered Entity, which shall not be unreasonably withheld; (v) Performance of services or functions by Business Associate for or on behalf of Covered Entity (e.g., pursuant to the BA Services Agreement); (vi) Providing an individual with Access to a copy of his or her PHI; or (vii) As may be determined by HHS in future regulations to be similarly necessary and appropriate. 12) Health Care Operations That Are Not "Marketing ". Business Associate may use or disclose Covered Entity's PHI to make a communication about a product or service and that encourages recipients of the communication to purchase or use LV1 1468200v1 09/16/11 Update for Final Rule 2013 HIPAA Business Associate Agreement Page 10 of 14 the product or service only if the communication is made by Business Associate on behalf of Covered Entity and is consistent with the terms of the BA Services Agreement and is otherwise pursuant to and in accordance with this Agreement, HIPAA and HITECH. F) State Law. Business Associate shall comply with any provision or requirement concerning privacy or security of information under applicable State law that is more stringent than a similar provision or requirement under HITECH and this Agreement. G) Red Flags Rule. With respect to Business Associate's access to, use or handling of information in connection with Covered Entity's "Covered Accounts" (as defined under the Federal Trade Commission's Red Flags Rule (the "Red Flags Rule ") and identified by Covered Entity), Business Associate shall, as of the Effective Date of this Agreement: 1) Implement reasonable administrative, physical and technical policies and procedures to detect, prevent and mitigate the risk of identity theft at Business Associate; 2) Cooperate with and take such steps as are reasonably necessary to assist Covered Entity with compliance with its Identity Theft Prevention Program; and 3) Promptly report to Covered Entity any specific Red Flags, as identified in Covered Entity's Red Flag policies, which Business Associate detects, and, as appropriate, respond to, or reasonably assist Covered Entity in responding to, such Red Flags in accordance with Covered Entity's policies and procedures. H) Audits, Inspection and Enforcement. Covered Entity may, upon reasonable notice, inspect the facilities, systems, books and records of Business Associate to monitor compliance with this Agreement. Business Associate shall promptly remedy any violation of any term of this Agreement and notify Covered Entity of the outcome. I) Termination 1) Noncompliance. If either Party notifies (the "Notifying Party ") the other Party regarding an activity or practice that constitutes a material breach or violation of such other Party's obligation under this Agreement, HIPAA and HITECH (the "Breaching Party "), and such Breaching Party does not take reasonable steps to or otherwise does not successfully cure the breach or end the violation, as applicable, within a reasonable timeframe as agreed to by the Parties, the Notifying Party is permitted to either: (a) If feasible, terminate this Agreement and the BA Services Contract; or (b) If termination is not feasible, report the problem to HHS. LV 1 1468200v1 09/16/11 Update for Final Rule 2013 HIPAA Business Associate Agreement Page 11 of 14 2) Judicial or Administrative Proceedings. Either Party may terminate this Agreement and the BA Services Contract, effective immediately, if (a the other Party is named as a defendant in a criminal proceeding for a violation of HIPAA and HITECH, or (b) a finding or stipulation that the other Party has violated any standard or requirement of HIPAA and HITECH or other security or privacy laws is made in any administrative or civil proceeding in which the Party has been joined. 3) Effect of Termination. Upon termination of the BA Services Contract for any reason, Business Associate shall return to Covered Entity and destroy all of Covered Entity's PHI that Business Associate still maintains in any form, and shall retain no copies of such PHI, or if return or destruction is not feasible, Business Associate agrees, at Covered Entity's reasonable expense, to continue to extend the protections of this Agreement to such information, and limit further use of such PHI to those purposes that make the return or destruction of such PHI infeasible. J) Indemnification. Covered Entity and Business Associate will indemnify, hold harmless and defend the other Party to this Agreement from and against any and all claims, losses, liabilities, costs and other expenses, including court costs and reasonable attorneys fees and disbursements, incurred as a result of, or arising directly or indirectly out of or in connection with: 1) any misrepresentation, breach of warranty or non - fulfillment of any undertaking on the part of the Party under this Agreement; and 2) any claims, demands, awards, judgments, actions and proceedings made by any person or organization arising out of or in any way connected with the Party's performance under this Agreement. Regarding cyber liability claims and errors and omissions claims, Business Associate agrees to protect, defend, indemnify, and hold harmless the Covered Entity, its elected officials, officers, employees and agents from any and all claims, demands, losses, liens, liabilities, penalties, fines, lawsuits, and other proceedings and all judgments, awards, costs and expenses (including reasonable attorneys' fees and disbursements) to the extent caused by any negligent act and /or omission of ELAP, its officers, employees, agents, and /or subcontractors, arising out of the performance of this Agreement. Nothing contained in this Section or this Agreement shall be construed to create a liability or a right of indemnification in any third party K) Disclaimer. Covered Entity makes no warranty or representation that compliance by Business Associate with this Agreement, HIPAA and HITECH will be adequate or L V 1 1468200v1 09/16/11 Update for Final Rule 2013 HIPAA Business Associate Agreement Page 12 of 14 satisfactory for Business Associate's own purposes or that any information in Business Associate's possession or control, or transmitted or received by Business Associate, is or will be secure from unauthorized use or disclosure. Business Associate is solely responsible for all decisions made by Business Associate regarding the safeguarding of PHI. L) Amendment. The Parties acknowledge that state and federal laws relating to electronic data security and privacy are rapidly evolving and that amendment of this Agreement may be required to provide for procedures to ensure compliance with such developments. The Parties specifically agree to take such action as is necessary to implement the standards and requirements of HIPAA and HITECH and other applicable laws relating to the security or confidentiality of PHI. The Parties understand and agree that Covered Entity must receive satisfactory written assurance from Business Associate that Business Associate will adequately safeguard all PHI that it receives or creates pursuant to the delivery of BA Services and this Agreement. Upon either Party's request, both Parties agree to promptly enter into negotiations concerning the terms of an amendment to this Agreement embodying written assurances consistent with the standards and requirements of HIPAA and HITECH or other applicable laws. Either Party may terminate the BA Services upon 30 days written notice in the event 1) the other Party does not promptly enter into negotiations to amend this Agreement when requested by a Party pursuant to this Section or 2) the other Party does not enter into an amendment to this Agreement providing assurances regarding the safeguarding of PHI sufficient to satisfy the standards and requirements of HIPAA and HITECH. M) No Third Party Beneficiaries. Nothing express or implied in this Agreement is intended to confer, nor shall anything herein confer, upon any person other than Covered Entity, the Covered Entity Affiliates and Business Associate and their respective heirs, representatives, successors and assigns, any rights, remedies, obligations or liabilities whatsoever, whether as creditor beneficiary, donor beneficiary or otherwise. N) Interpretation. This Agreement shall be interpreted as broadly as necessary to implement and comply with HIPAA and HITECH and applicable state laws. 0) Independent Contractor. Nothing contained herein shall be deemed or construed by the Parties hereto or by any third party as creating the relationship of employer and employee, principal and agent, partners, joint venturers or any similar relationship, between the Parties hereto. Covered Entity and Business Associate acknowledge and agree that Business Associate is an independent contractor, and not an agent of Covered Entity, and Business Associate shall be solely liable for the payment of all income, unemployment, workers compensation, Social Security insurance or similar taxes or assessments on the fees or other remuneration paid or to be paid to Business Associate by Covered Entity. LV1 1468200v1 09/16/11 Update for Final Rule 2013 HIPAA Business Associate Agreement Page 13 of 14 P) Miscellaneous. 1) Entire Agreement. This Agreement supersedes all previous agreements between Covered Entity and Business Associate and contains the entire understanding and agreement between the Parties with respect to the subject matter hereof. 2) Headings. The headings in this Agreement are for convenience of reference only and shall not be used to interpret or construe its provisions. 3) Governing Law and Venue. This Agreement shall be construed in accordance with and governed by the laws of Washington without regard to conflicts of laws principles. Venue for any action necessary to enforce the terms and conditions of this Agreement shall lie in a court of competent jurisdiction in Yakima County, Washington, specifically for claims with an amount in controversy of $74,999.99 or less in the state court and $75,000.00 or greater in the federal court. 4) Binding Effect. This Agreement shall be binding upon, and inure to the benefit of, each Party hereto and their respective successors and assigns. 5) Mutual Negotiation. Each and every provision of this Agreement has been mutually negotiated, prepared and drafted and, in connection with the construction of any provisions hereof, no consideration shall be given to the issue of which Party actually prepared, drafted, requested or negotiated any provision of this Agreement, or its deletion. 6) Notices. All notices, demands and other communications to be made hereunder ( "Notice ") shall be given in writing and shall be deemed to have been duly given if personally delivered or sent by confirmed facsimile transmission, recognized overnight courier service which provides a receipt against delivery, or certified or registered mail, postage prepaid, return receipt requested, to the other Party at the address set forth in the first paragraph of this Agreement. Notice shall be deemed effective, if personally delivered, when delivered; if sent by confirmed facsimile transmission, when sent; if sent via overnight delivery, on the first business day after being sent, and if mailed, at midnight on the third business day after deposit in the U.S. mail. 7) Modification. This Agreement may be amended, superseded, terminated or extended, and the terms hereof may be waived, only by a written instrument signed by all of the Parties or, in the case of a waiver, signed by the Party waiving compliance. 8) Preservation of Rights. No delay on the part of any Party in exercising any right, power or privilege hereunder shall operate as a waiver thereof, nor shall any waiver on the part of any Party of any such right, power or privilege, nor any single or partial exercise of any right, power or privilege, preclude any further exercise thereof or the exercise of any other such right, power or privilege. The LV 1 1468200v1 09/16/11 Update for Final Rule 2013 HIPAA Business Associate Agreement Page 14 of 14 rights and remedies herein provided are cumulative and are not exclusive of any rights or remedies that any Party may otherwise have at law, in equity or otherwise. 9) Provisions Severable. The provisions of this Agreement are independent of and severable from each other. No provisions will be affected or rendered invalid or unenforceable by virtue of the fact that for any reason any one or more of any of the provisions hereof may be invalid or unenforceable in whole or in part. 10) Counterparts. This Agreement may be executed by the Parties hereto in separate counterparts, each of which when so executed and delivered shall be an original, but all such counterparts shall together constitute one and the same instrument. Each counterpart may consist of a number of copies hereof each signed by less than all, but together signed by all of the Parties hereto. 11) Interpretation. The Parties agree that any ambiguity in this Agreement shall be resolved in favor of a meaning that complies and is consistent with HIPAA and HITECH. IN WITNESS WHEREOF, the P.. ' t hereto have duly executed this Agreement on the day and year below written: City of Yai a ELAP Services, LLC B r By: �1:_ Print N. 0 f u am nit xt Print Ne (Stephen P. Kelly Date: \ � -'(C( [ Date:/, // E1N: EIN:27 53552 CITY CONTRACT NO: a/g RESOLUTION N0: .. • LV 1 1468200v1 09/16/11 Update for Final Rule 2013 ELAP - AUDIT PROGRAM ONLY (NON - ERISA) Page 1 of 9 CLAIM REVIEW AND AUDIT SERVICE AGREEMENT This Claim Review and Audit Service Agreement, made as of December 5, 2014 ( "the Effective Date "), by and between the City of Yakima, a Washington Municipal Corporation, having its principal office at 129 N Second Street, Yakima, Washington 98901 (the "Employer ") and ELAP Services, LLC, having its principal office at Ludwigs Corner Professional Center, 961 Pottstown Pike, Chester Springs, Pennsylvania 19425 ( "ELAP "); When the Employer is acting as the Plan Sponsor under this Agreement, it will be referred to as the "Plan Sponsor," and when it is acting as the Administrator of the Plan under this Agreement, it will be referred to as the "Plan Administrator " As Plan Sponsor, the Company is acting in its capacity as the settlor of the Plan; and, as the Plan Administrator, it is acting in its fiduciary capacity; WITNESSETH: Whereas, the Plan Sponsor has established an employee benefit plan for the purpose of providing certain health benefits to eligible participants (the "Plan "), Whereas, the Plan Administrator desires to have ELAP perform certain claim review and audit services in conjunction with its claim processing duties on behalf of the Plan; Whereas, ELAP desires to provide such services to the Plan Administrator; and Whereas, the parties desire to set forth the terms and conditions upon which ELAP will provide such services. Now, therefore, in consideration of the mutual covenants and agreements hereinafter contained, and other good and valuable consideration, the receipt and sufficiency of which are hereby acknowledged, and intending to be legally bound hereby, the parties hereto agree as follows: 1. Defined Terms. Capitalized terms shall have the meanings set forth in this Agreement. As used herein, the following terms shall be defined as follows (a) "Defense Expenses" shall mean (i) the cost of consultations and/or reviews by experts, if such experts are designated by ELAP; (ii) attorneys' fees incurred by ELAP in connection with a Disputed Audit; (iii) attorneys' fees incurred by the Plan Sponsor, the Plan Administrator and/or the Plan in connection with a Disputed Audit, if such attorneys are designated by ELAP; (iv) other fees, costs and expenses resulting from the investigation, adjudication, and defense (including any appeal) of a Disputed Audit incurred by ELAP or, with prior written consent of ELAP, by the Plan Sponsor, the Plan Administrator and /or the Plan; and (v) attorneys' fees and costs incurred by a Plan participant if a court of competent jurisdiction finally determines that such fees and costs are to be paid by the Plan Sponsor, the Plan Administrator and /or the Plan in connection with a Disputed Audit. "Defense Expenses" shall not include sanctions, fines; penalties; taxes; multiple, exemplary or punitive Defense Expenses; or the amount of any Benefit Claim unless ELAP elects to pay a Benefit Claim as part of a settlement in accordance with Section 2.5 of this Agreement. "Defense Expenses" for payment in settlement of a Benefit Claim shall be limited to the amount of the Benefit Claim to the extent that the payment in settlement exceeds the lesser of (i) the amount of the original benefit determination by ELAP, or (ii) the amount of the "payable charges ". "Payable charges" for purposes of this Section 1(a) are the billed charges that are payable by the Plan minus any PPO or other managed -care discount(s) that are contractually available to the Plan, (b) "Disputed Audit" shall mean a claim for benefits under a Plan for which ELAP has determined the Allowable Claim Limits, and which determination is the subject of (i) an appeal by the Plan participant; (ii) an appeal by the provider of service, (iii) formal collection efforts by the provider of service or its designated agent; or (iv) legal action for payment of denied charges which were found to be in excess of Allowable Claim Limits; ELAP - AUDIT PROGRAM ONLY (NON - ERISA) Page 2 of 9 (c) "Limit of Liability" shall mean an amount equal to One Million Dollars ($1,000,000) per Disputed Audit; (d) "Benefit Claim" shall mean a claim for benefits filed by or on behalf of a participant in a Plan. "Benefit Claim" shall mean only Post - service Claims; (e) "Claims Administrator" shall mean the entity that is currently or was previously engaged by the Plan Administrator to provide certain claims processing and other ministerial services to the Plan at the time of the request for approval of services or the rendering of services that comprises a Benefit Claim; (0 "Plan Documents" shall mean the documents establishing and governing, and setting forth the benefits of, the Plan, including the plan document and the Summary Plan Description or, in the event of a Benefit Claim arising prior to the effective date of the Plan Documents, the Plan Documents in effect at that prior time, and (g) "Post- service Claim" shall mean a claim for a benefit under the Plan after the services have been rendered. (h) "Allowable Claim Limits" shall mean the charges for services and supplies, listed and included as Covered Medical Expenses under the Plan, which are Medically Necessary for the care and treatment of Illness or Injury, but only to the extent that such fees are within the Allowable Claim Limits. Examples of the determination that a charge is within the Allowable Claim Limit include, but are not limited to, the following guidelines: • Hospital. The Allowable Claim Limit for charges by a Hospital facility and for charges by facilities which are owned and operated by a Hospital may be based upon 112% of the Hospital's most recent depaitniental cost ratio, reported to the Centers for Medicare and Medicaid Services ( "CMS ") and published in the American Hospital Directory as the "Medicare Cost Report" (the "CMS Cost Ratio "), or may be based upon the Medicare allowed amount for the services in the geographic region plus an additional 20 %. • Pharmaceuticals. The Allowable Claim Limit for pharmacy charges by a provider which does not report cost ratios to CMS may be determined by applying the Average Wholesale Price (AWP) as defined by REDBOOK at the rate of 1 12% of AWP. • Medical and Surgical Supplies, Implants, Devices. The Allowable Claim Limit for charges for medical and surgical supplies made by a provider may be based upon invoice price to the provider, plus 12 %. The documentation used as the resource for this determination will include, but not be limited to, invoices, receipts, cost lists or other documentation as deemed appropriate by ELAP • Physician Medical and Surgical Care, Laboratory, X -ray, and Therapy. The Allowable Claim Limit for these services may be determined based upon the fees for comparable services in the geographic region at the 90th percentile of the Physician Fee Reference ( "PFR "), which is the highest percentile reflected in the PFR. • Ambulatory Health Care Centers. The Allowable Claim Limit for ambulatory health care centers, including Ambulatory Surgery Centers, which are independent facilities may be based upon the Medicare allowed amount for the services in the geographic region, and/or the Medicare Outpatient Prospective Payment System (OPPS), plus an additional 20 %. • General Medical and /or Surgical Services. The Allowable Claim Limit for services not otherwise listed above may be calculated based upon industry- standard resources including, but not limited to, CMS Cost Ratios, Medicare allowed fees (by geographic region), published and publicly available fee and cost lists and comparisons, any resources listed in the categories above, or any ELAP - AUDIT PROGRAM ONLY (NON - ERISA) Page 3 of 9 combination of such resources that results in the determination of an appropriate and reasonable cost basis. The Allowable Claim Limit for these services will be the cost basis calculated using one or more of the industry- standard resources, plus 12 %. • Unbundling. The Allowable Claim Limit will not include charges for any items billed separately that are customarily included in a global billing procedure code in accordance with American Medical Association's CPT® (Current Procedural Terminology) and/or the Healthcare Common Procedure Coding System (HCPCS) codes used by CMS. • Errors. The Allowable Claim Limits will not include any identifiable billing mistakes including, but not limited to, upcoding, duplicate charges, and charges for services not performed. • Medical Record Review In the event that ELAP, based upon a medical record review and audit, determines that a different treatment or different quantity of a drug or supply was provided which is not supported in the billing, then ELAP may determine the Allowable Claim Limit according to the medical record review and audit results. • Not Able to Identify or Understand. The Allowable Claim Limits will not include any charges for which ELAP cannot identify or understand the item(s) being billed. • Directly Contracted Providers. The Allowable Claim Limits for providers of service who are directly contracted with ELAP will be the negotiated rate as agreed under the direct provider agreement. In the event that the Plan Administrator determines that insufficient information is available to identify the Allowable Claim Limit for a specific service or supply using the listed guidelines above, the Plan Administrator reserves the right, in its sole discretion, to determine any Allowable Claim Limit amount for certain conditions, services and supplies using accepted industry- standard documentation, applied without discrimination to any Plan participant. Notwithstanding any conflicting contracts or agreements, the Plan may consider the Allowable Claim Limits as the maximum amount of Covered Medical Expense that may be considered for reimbursement under the Plan, and may apply this determination in lieu of any PPO network provider hospitals' per diem, DRG rates or PPO discounted rates as the amount considered for reimbursement under the Plan. Additionally, in the event that a determination of an Allowable Claim Limit exceeds the actual charge billed for the service or supply, the Plan will consider the lesser of the actual billed charge or the Allowable Claim Limit determination. (i) "ELAP Direct Agreement" shall mean the complete agreement between a Directly Contracted Provider and ELAP on behalf of the Plan Sponsor which contains the terms and conditions under which the Plan or a Plan participant may access discounted fees and /or negotiated or scheduled reimbursement rates as Allowable Claim Limits for Benefit Claims. (j) "Directly Contracted Provider" shall mean a medical provider which has entered into an ELAP Direct Agreement. A Directly Contracted Provider may also include a medical provider which has established a separate and exclusive agreement directly with the Plan/Employer through which ELAP may perform certain services. 2. Responsibilities of ELAP. 2.1. Selection of Claims. Benefit Claims that are submitted to ELAP in accordance with section 3.1 of this Agreement shall be evaluated by ELAP. ELAP shall use its best judgment in deciding which Benefit Claims are eligible candidates for a claim review and audit and will select, in its sole discretions, eligible candidates from among the Benefit Claims submitted for consideration. Benefit Claims not selected for review and audit will be returned to the Claims Administrator for adjudication within five (5) business days of receipt by ELAP. ELAP - AUDIT PROGRAM ONLY (NON - ERISA) Page 4 of 9 2.2. Maintenance of Records. Records which will be maintained by ELAP for each Benefit Claim selected for audit in accordance with Section 2 1 of this Agreement may include, but are not limited to, the invoices from the providers of service (including detailed itemized bills), medical records such as physician and nurse's notes, medication and supply charge sheets, other related medical records, and records of any verbal or written communication between the Plan, the Claims Administrator, the providers of service, the utilization review program administrators and case managers (if any), and the patient and/or Plan participant. No records will be maintained by ELAP for any Benefit Claim submitted to it which is not selected as a candidate for a claim review and audit. 2.3. Limitation of Responsibility, Liability and Authority of ELAP. It is understood and agreed that ELAP shall have no responsibility, Liability or authority under the Plan other than with respect to its duties under the Plan's claim review and audit program and Disputed Audits. 2.4 Determinations of Disputed Audits. ELAP shall have the responsibility and full discretionary authority to review and decide any and all Disputed Audits. In doing so, it may, in its sole discretion, use the services of such third party consultants as it deems necessary and shall pay any fees associated therewith. ELAP shall make such decisions, and provide notice thereof to the participants, within the timeframes set forth in the Plan. Such notices shall meet the requirements set forth in the Plan. Simultaneously with providing notice to the participant, ELAP shall advise the Claims Administrator and the Plan Administrator of its determination and provide to each of them a copy of the notice. In carrying out its responsibilities under this Section 2.4, ELAP shall be acting as a fiduciary of the Plan and shall adhere to applicable standards of conduct. 2.5 Settlement Authority. ELAP shall have the authority, in its sole discretion, to negotiate the settlement of any Disputed Audit. In doing so, it may use the services of such third party consultants as it deems necessary and shall pay any fees associated therewith. ELAP shall make such decisions, and provide written notice thereof to the Plan Sponsor, Plan Administrator and Claims Administrator. In carrying out its responsibilities under this Section 2.5, ELAP shall be acting as a fiduciary of the Plan and shall adhere to applicable standards of conduct. 2.6 Plan Sponsor and /or Plan Administrator Disagreement. With respect to Determinations of Disputed Audits under Section 2 4 above, in the event the Plan Administrator does not agree with ELAP's determination regarding a Disputed Audit and elects to override such determination, then all obligations of ELAP under this Agreement with respect to such Disputed Audit may terminate. More specifically, ELAP shall have no obligation to indemnify or hold the Plan, the Plan Sponsor and /or the Plan Administrator harmless with respect to such Disputed Audit. With respect to Settlement Authority under Section 2.5 above, in the event that the Plan Sponsor and/or the Plan Administrator do not agree with the terms of any such settlement and elects not to comply, then the Plan Sponsor shall be responsible for Defense Expenses with respect to the Disputed Audit that are in excess of the settlement amount proposed by ELAP, including the cost of litigation and any judgment. Further, the Plan Sponsor and Plan Administrator shall be fully responsible with respect to the outcome of any litigation related to the Disputed Audit. 3. Responsibilities of the Plan Sponsor, Plan Administrator and Claims Administrator. The Plan Sponsor and the Plan Administrator shall perform, and shall cause the Claims Administrator to perform, the following duties. 3.1 Submission of Benefit Claims for Review. Benefit Claims shall be selected by the Plan Administrator, in its sole discretion, as eligible candidates for claim review and audit. Such claims must be submitted to ELAP prior to payment being made to the provider of service, and within three (3) business days of receipt of a "clean claim ". A "clean claim" is a claim for benefits that contains all of the information necessary for ELAP to fulfill its review and audit obligations under this Agreement. The ELAP - AUDIT PROGRAM ONLY (NON - ERISA) Page 5 of 9 Claims Administrator will provide ELAP, at a minimum, with the form UB, including a detailed itemized statement, and/or form HCFA for any claim referred for audit. 3.2. Plan Document and Summary Plan Description. Prior to the execution of this Agreement, the Plan Administrator shall furnish to ELAP a copy of the Plan Document and Summary Plan Description, together with any amendments thereto. Any amendments which are thereafter adopted shall be furnished to ELAP no later than the effective date of such amendment. The Plan Sponsor agrees that it shall ensure that the Plan Document, Summary Plan Description and all amendments thereto (a) are adopted in accordance with any applicable laws and comply with the requirements of any regulations adopted thereunder; and (b) the aforementioned documents must name ELAP as a designated decision maker with maximum discretionary authority with respect to Disputed Audits. The amendment setting forth the provisions of (b) shall be in a form acceptable to ELAP. The Plan Administrator and/or the Claims Administrator shall have full responsibility for ensuring that all Plan Documents and amendments thereto are furnished to participants in such a way and within such a timeframe so as to make the terms of the Plan enforceable. If, in the opinion of ELAP, the terms of the Plan are found to be legally deficient and/or unenforceable due to failure of the Plan Administrator and/or the Claims Administrator to furnish such documents, then ELAP shall have the authority to direct the payment of any related Benefit Claim, and ELAP shall have no further liability in connection therewith, including the liability set forth in Section 5 of the Agreement. 3.3. Compliance and Time Limits. The Plan Administrator and/or Claims Administrator shall provide such notices to Plan participants as may be required for compliance during the course of the claim review and audit, and will at all times remain fully responsible for compliance with the terms of the Plan. 3.4. Adjudication and Payment of Benefit Claims. The Plan Administrator and the Claims Administrator shall comply with all requirements of the Plan in the processing of Benefit Claims, including, but not limited to, the determination of any non - covered expenses, application of any deductible or other cost - sharing features of the Plan. Further, the Plan Administrator and the Claims Administrator shall adjudicate Benefit Claims and appeals of denied claims in accordance with the terms of the Plan Documents and applicable law The Plan Sponsor agrees to provide adequate funding for payment of a Benefit Claim determination under the Plan's claim review and audit program not later than thirty (30) days from the date of notice of such determination. In the event of a breach of this provision by the Plan Sponsor, the Plan Administrator and /or the Claims Administrator, then ELAP shall have the right, in its sole discretion, to direct the payment of any related Benefit Claim, to terminate its obligations hereunder with respect to a Disputed Audit or the Plan's claim review and audit program, or to terminate this Agreement in its entirety The parties expressly agree that ELAP is not responsible for providing any funds for payment of any Benefit Claims (unless ELAP elects to pay a Benefit Claim as part of a settlement in accordance with Section 2.5 of this Agreement). The Plan Sponsor agrees to provide adequate funding for payment of a Benefit Claim under an ELAP Direct Agreement according to the terms and time limits specified in such agreement; 3.5. Submission of Disputed Audits. The Plan and/or Claims Administrator shall provide notice of any Disputed Audit within three (3) business days of receipt of such notices. Such notices include (i) an appeal by the Plan participant; (ii) an appeal by the provider of service; (iii) formal collection efforts by the provider of service or its designated agent; and (iv) legal action for payment of denied charges which were found to be in excess of Allowable Claim Limits. Such notices must be date - stamped to evidence the date received by the Plan and/or the Claims Administrator. The Claims Administrator and the Plan Administrator shall comply with the requirements of this Section 3.5, even if the participant or provider of service has forwarded a copy of the appeal to ELAP. Failure to notify ELAP of such appeals or notices within three (3) business day may cause all obligations of ELAP under this Agreement with respect to such Disputed Audit to terminate. More specifically, ELAP will have no obligation to indemnify or hold the Plan, the Plan Sponsor and /or the Plan Administrator harmless with respect to such Disputed Audit. ELAP - AUDIT PROGRAM ONLY (NON - ERISA) Page 6 of 9 3.6 Administrative Safeguards. The Plan Administrator and the Claims Administrator shall provide ELAP, on its request, with a description of the administrative safeguards which are in place to ensure consistent application of Plan provisions in accordance with the requirements of the terms of the Plan Documents. 3.7 Provisions Applicable to ELAP Direct Agreements. For Benefit Claims under an ELAP Direct Agreement, the Plan Sponsor and Plan Administrator agree, and shall cause the Claims Administrator to agree, to fully comply with the terms and conditions of the ELAP Direct Agreements. ELAP shall provide a complete copy of ELAP Direct Agreements containing the terms and conditions of such agreements that are available to the Plan to the Claims Administrator. The Plan Administrator agrees that the Claims Administrator shall be responsible for providing copies of such agreements to the Plan Administrator and/or Plan Sponsor, as appropriate. ELAP shall provide a complete list of such ELAP Direct Agreement medical providers, updated for additions and terminations, periodically and on request from the Plan Administrator and/or Claims Administrator ELAP shall determine Allowable Claim Limits for eligible Benefit Claims from directly contracted providers in accordance with the terms and conditions set forth in the ELAP Direct Agreement as soon as reasonably possible following receipt, and shall promptly report its determination in the form and manner as agreed between the Plan Administrator, the Claims Administrator and ELAP. 4. Compensation of ELAP. ELAP shall receive, as compensation for services provided under this Agreement: 4.1 For Benefit Claims under the Claim Review and Audit Program which are not for Directly Contracted Providers, an amount equal to 12% of the "payable charges" subjected to the audit. "Payable charges" are the total billed charges minus any PPO or other managed -care discount(s) that are contractually available to the Plan. 4.2 Plan Sponsor acknowledges that ELAP may hire a third party expert on behalf of the Plan to audit Benefit Claim invoices to identify expenses that are not within Allowable Claim Limits. ELAP agrees to pay for fees and costs for services rendered by such experts. Plan Sponsor agrees to pay ELAP for its fees under this Section 4 at the same time that it makes payment for the claim, or, if no benefits are found to be payable for the claim according to the terms of the Plan, at the time of final adjudication of the claim, for which ELAP has performed its services under Agreement. Plan Sponsor further acknowledges that the Third Party Administrator may share (earn) a portion of ELAP's compensation to offset claim - handling, legal compliance, and time- sensitive expenses. Plan Sponsor acknowledges that it retains sole responsibility for determining the reasonableness of the compensation to ELAP. To the extent necessary, Plan sponsor acknowledges that ELAP's total compensation satisfies requirements of applicable law regarding service providers, and has determined that the services provided are helpful and appropriate to the Plan. 4.3 Compensation of ELAP for Services under an ELAP Direct Agreement. For Benefit Claims which are for Directly Contracted Providers under an ELAP Direct Agreement, an amount equal to 6% of the full billed charges for a Benefit Claim subjected to the contracted rate. If the combined amount of the contracted rate and the compensation due to the ELAP is greater than the original billed charges, the compensation for ELAP will default to (15 %) of Savings to the Plan. For purposes of this Section 4.3, "Savings" shall mean the amount of billed charges which are in excess of the Directly Contracted Provider reimbursement rates under the ELAP Direct Agreement. Plan Sponsor agrees to pay ELAP for its fees under this Section 4.3 at the same time that it makes payment for the Benefit Claim, or, if no benefits are found to be payable for such claim, at the time of final adjudication of such claim, for which ELAP has performed its services under this Agreement. FLAP - AUDIT PROGRAM ONLY (NON- ERISA) Page 7 of 9 5. Liability of the Parties. 5.1. Amount of Liability. ELAP shall be responsible for all Defense Expenses related to a Disputed Audit; provided, however, that ELAP's total liability under this provision is limited to the Limit of Liability. The parties agree that responsibility for any claims, demands, awards, judgments, actions, proceedings and Defense Expenses in excess of the Limit of Liability shall be that of the Plan Sponsor, the Plan Administrator and /or the Plan. 5.2 Insurance. ELAP has purchased insurance to cover liability that arises under this Agreement. A layer of the insurance is provided under an insurance policy issued by ELAP Insurance Company, LLC, an affiliate of the ELAP ELAP is the first named insured under the policy, and the Employer is covered as a named insured client. Employer acknowledges and specifically elects that a percentage of the fees that Employer remits as Compensation of ELAP (see Section 4) will be paid as premium to ELAP Insurance Company, LLC. As such, a copy of the policy and /or a certificate of insurance are available upon written request to ELAP At all times during performance of the Services, ELAP shall secure and maintain in effect insurance to protect the Employer and ELAP from and against all covered events, as described in the insurance policies described below, resulting from the performance of this Agreement. ELAP shall provide and maintain in force insurance in limits no less than that stated below, as applicable. The City reserves the right to require higher limits should it deem it necessary in the best interest of the public and in connection with the annual renewal. Cyber Liability Insurance. Before this Agreement is fully executed by the parties, ELAP shall provide the City with a certificate of insurance as evidence of Cyber Liability Insurance with coverage of at least Two Million Dollars ($2,000,000 00) per occurrence and an annual aggregate limit of at least Two Million Dollars ($2,000,000.00). The certificate shall clearly state who the provider is, the amount of coverage, the policy number, and when the policy and provisions provided are in effect. The insurance shall be with an insurance company rated A -VII or higher in Best's Guide. If the policy is on a claims made basis, the retroactive date of the insurance policy shall be on or before the inception date of the Agreement, or shall provide full prior acts. The insurance coverage shall remain in effect during the term of this Agreement and for a minimum of three (3) years following the termination of this Agreement. Professional Liability Insurance Before this Agreement is fully executed by the parties, ELAP shall provide the City with a certificate of insurance as evidence of Professional Errors and Omissions Liability Insurance with coverage of at least Five Million Dollars ($5,000,000.00) per occurrence and an annual aggregate limit of at least Five Million Dollars ($5,000,000 00). The certificate shall clearly state who the provider is, the amount of coverage, the policy number, and when the policy and provisions provided are in effect. The insurance shall be with an insurance company rated A -VII or higher in Best's Guide If the policy is on a claims made basis, the retroactive date of the insurance policy shall be on or before the inception date of the Agreement, or shall provide full prior acts. The insurance coverage shall remain in effect during the term of this Agreement and for a minimum of three (3) years following the termination of this Agreement. ELAP Insurance Company, LLC is incorporated in the State of Delaware, and is regulated by the Delaware Insurance Department. The fact that ELAP has purchased this insurance does not m any way relieve ELAP of its responsibility for Defense Expenses as specified in this Agreement. ELAP shall also maintain, at all times during the period of this Agreement and at its own expense, professional liability insurance coverage to cover Defense Expenses in excess of the limits under the policy issued by ELAP Insurance Company, LLC, up to the Limit of Liability as defined in this Agreement. 5.3 Exclusions. ELAP shall not be liable for any Defense Expenses incurred by the Plan Sponsor, Plan Administrator and/or the Claims Administrator in connection with any Disputed Audit, if and to the extent that such Defense Expenses are (a) the result of negligence or willful misconduct by the Plan Sponsor, the Plan Administrator or the Claims Administrator in performing its duties under this Agreement; (b) the result of language in the Plan Document and/or Summary Plan Description which is not in compliance with applicable law or which otherwise is unenforceable; or (c) the result of the Plan Sponsor's failure to provide timely funding necessary to pay a claim for benefits. ELAP - AUDIT PROGRAM ONLY (NON- ERISA) Page 8 of 9 5.4 Notification. The Plan Sponsor, Plan Administrator and/or the Claims Administrator shall notify ELAP, in writing, of the commencement of any litigation relating to a Disputed Audit, or the occurrence of any event which might give rise to liability under this section, within three (3) business days following such commencement or occurrence In the event the Plan Sponsor, Plan Administrator and/or the Claims Administrator fails to provide such written notice within three (3) business days following such commencement or occurrence, then ELAP shall have no responsibility in connection with such litigation or event. An occurrence, as used in this section, shall refer to a service of complaint, writ of summons, or letter of representation from an attorney for a Plan participant or medical provider. 6. Confidentiality. All information, whether written or oral, furnished by the Plan Sponsor, Plan Administrator and/or the Claims Administrator, or its agents or employees, to ELAP shall be held in confidence by ELAP, unless it is required to disclose such information by statute, regulation or court order. ELAP shall, at all times, comply with regulations under the Health Insurance Portability and Accountability Act of 1996, as amended ( "HIPAA "). The Plan Sponsor and the Plan Administrator expressly agree that the terms of the ELAP Direct Agreements, including, but not limited to, the reimbursement rates and methodology, represent confidential and proprietary information which may not be disclosed except as required for plan management and administration, or unless disclosure is required by statute, regulation or court order When disclosure is required for plan management and administration, o r unless it is required by statute, regulation or court order, the Plan Sponsor and Plan Administrator shall cause the recipients, including but not limited to, agents, consultants and vendors, to keep the terms of this agreement in strictest confidence. The Plan Sponsor and the Plan Administrator further agree that the terms of the ELAP Direct Agreement shall not otherwise be disclosed without the express written consent of ELAP Services, LLC unless required by statute, regulation or court order 7. Exclusivity. The rights granted to the Employer pursuant to this Agreement shall be deemed to be its exclusive rights with respect to the subject matter of this Agreement. 8. Term and Termination. The initial term of this Agreement shall be one (1) year, beginning on January 1 , 2015, through January 1, 2016. This agreement shall renew itself automatically for additional one -year periods of time until terminated by either party in accordance with the provisions of this Section 8 This Agreement shall terminate as follows 8.1. By Either Party with Notice. Either party to this Agreement may terminate it by giving sixty (60) days prior written notice thereof to the other party. 8.2. By ELAP Upon Failure to Pay Fees. ELAP may resign, by written statement of such resignation, without any other prior notice at any time, and this Agreement shall immediately terminate, if the Employer does not pay the fees set forth in Section 4 within ten (10) days of the due date. 8.3. Rights and Duties Upon Termination. As of the date of termination of this Agreement, all rights and obligations of the parties shall termmate, except that (a) ELAP shall continue to perform its obligations under this Agreement with respect to any Disputed Audit of a Benefit Claim provided that the Plan Documents continue to name ELAP as a designated decision maker with maximum discretionary authority with respect to such Disputed Audits; and (b) the Plan Sponsor shall pay all fees which are due and owing under this Agreement as of the date of termination. 9. Binding Effect; Assignment. This Agreement shall be binding upon the parties hereto and their successors and assigns; provided, however, that neither party may assign its rights or obligations hereunder without the prior written consent of the other. 10. Severability. Any provision of this Agreement which is adjudicated to be invalid or unenforceable shall be ineffective to the extent of such invalidity or unenforceability only, and shall be deemed reformed so as to continue to apply to the maximum extent. Any such adjudication shall not invalidate or render unenforceable any of the remaining provisions herein. 11. Notices. All notices hereunder shall be in writing and delivered by hand or by overnight delivery Notice shall be deemed to be given upon receipt. Notices shall be directed to the parties at their respective addresses set forth above, or at such other addresses as the parties may from time to time designate in writing. ELAP - AUDIT PROGRAM ONLY (NON - ERISA) Page 9 of 9 12. Entire Agreement; Modification. This Agreement represents the entire agreement between the parties relating to the subject matter hereof. No provision of this Agreement may be modified, except in writing, signed by the parties. 13. Controlling Law and Venue. This Agreement shall be governed by the laws of the state of Washington, without regard to its conflicts of laws provisions. The venue for any action necessary to enforce or otherwise adjudicate this Agreement shall lie in a court of competent jurisdiction in Yakima County, Washington, specifically for claims with an amount in controversy of $74,999.99 or less in the state court and $75,000.00 or greater m the federal court. In witness whereof, the parties hereto have caused this Agreemen to be executed as of date irst above written. ATTEST: THE EM OYER (. o } S (� Its Duly Authorize s �., • f / .,) . t ATTEST: ELAP Servic LLC / r (If ' .�_ By: ts Duly , J ' /41 y ir /�.J2, CITY CONTRACT NO: sf RESOLUTION NO .:: _!. f� F x .11 4 BUSINESS OF THE CITY COUNCIL YAKIMA, WASHINGTON AGENDA STATEMENT Item No. 8. For Meeting of: December 09, 2014 ITEM TITLE: Resolution authorizing a contract with ELAP Services LLC (ELAP) to review health care claims by hospitals and medical facilities. Based on ELAP's eight year track record we anticipate saving $1.4 million by reviewing and auditing hospital and medical facility claims SUBMITTED BY: Tony O'Rourke, City Manager Lori Durand, Human Resources SUMMARY EXPLANATION: The City of Yakima self- funded healthy plan will work with ELAP Services LLC to control employee health care costs. ELAP shall assist the City in reviewing and auditing hospital and medical facility claims to ensure they correlate to the providers' cost of services. ELAP will work with the City's stop loss carrier to ensure coordination between the medical plan document and stop loss policy, providing a special focus on catastrophic claims management. ELAP will support the City's fiduciary duty to prudently manage plan assets, make appropriate coverage determinations and manage appeals in a manner compliant with the Employment Retirement Income Security Act (ERISA). ELAP will assume legal and financial obligations on behalf of City employees in support of this process, and will establish direct, transparent contracts on behalf of the City with health care providers on a regional and national level. ELAP adheres to the principles of transparent pricing, objectivity and fair reimbursement practices. This service is projected to save the City $1.4 million dollars annually and cost approximately $168,000 dollars. Resolution: X Ordinance: Other (Specify): Contract: Contract Term: 1 Year Start Date: 1/1/2015 End Date: 12/31/15 Item Budgeted: Yes Amount: Funding Source /Fiscal Employee Welfare Benefit Fund Impact: Strategic Priority: Insurance Required? No Mail to: Phone: APPROVED FOR SUBMITTAL: City Manager RECOMMENDATION: Staff respectfully requests City Council approve the Resolution. ATTACHMENTS: Description Upload Date Type ❑ Resolution 12/5/2014 Resolution ❑ Contract 12/5/2014 Contract ❑ Associate Agreement 12/5/2014 Contract