|
AFMN Community Grant Application with Assurances (GK203)19
<br />A/section-160.103), on behalf of State for a function or activity regulated by 45 C.F.R. §§ 160 or
<br />164. Accordingly, GRANTEE is not a “business associate” of STATE, as defined in HIPAA, 45 C.F.R.
<br />§ 160.103 (https://www.ecfr.gov/current/title-45/subtitle-A/subchapter-C/part-160/subpart-
<br />A/section-160.103) as a result of, or in connection with, this grant. Therefore, Grantee is not
<br />required to comply with the privacy provisions of HIPAA as a result of, or for purposes of,
<br />performing under this grant. If Grantee has responsibilities to comply with the Data Practices Act or
<br />HIPAA for reasons other than this grant, Grantee will be responsible for its own compliance.
<br />c. Notwithstanding paragraph a. and b., in its capacity as Grantee under this grant, Grantee must
<br />comply with the provisions of the Data Practices Act as though it were a governmental entity as
<br />defined by the Data Practices Act. Grantee will be performing functions of a government entity
<br />under Minn. Stat. § 13.05, subd. 11
<br />(https://www.revisor.mn.gov/statutes/cite/13.05#stat.13.05.11), and thus any data created,
<br />collected, received, stored, used, maintained, or disseminated by Grantee in performing its duties
<br />under this contract is subject to the protections of the Data Practices Act. The civil remedies of
<br />Minn. Stat. § 13.08 (https://www.revisor.mn.gov/statutes/cite/13.08) apply to the release of the
<br />data governed by the Data Practices Act, Minn. Stat. Ch. 13
<br />(https://www.revisor.mn.gov/statutes/cite/13), by either Grantee or State.
<br />d. In its capacity as Grantee under this grant, Grantee is being made an agent of the “welfare system”
<br />as defined in Minn. Stat. § 13.46, subd. 1
<br />(https://www.revisor.mn.gov/statutes/cite/13.46#stat.13.46.1), and any data collected, created,
<br />received, stored, used, maintained or disseminated by Grantee in performing its duties under this
<br />grant is explicitly subject to the protections of Minn. Stat. § 13.46
<br />(https://www.revisor.mn.gov/statutes/cite/13.46#stat.13.46.1).
<br />e. If Grantee receives a request to release data created, collected, received, stored, used, maintained,
<br />or disseminated by Grantee in performing its duties under this grant, Grantee must immediately
<br />notify and consult with State’s Authorized Representative as to how Grantee should respond to the
<br />request.
<br />f.Under this grant, Grantee is performing the functions of a government entity including, but not
<br />limited to, responding appropriately pursuant to Minnesota Statutes, sections § 13.03
<br />(https://www.revisor.mn.gov/statutes/cite/13.03) and § 13.04
<br />(https://www.revisor.mn.gov/statutes/cite/13.04) to requests for data created, collected, received,
<br />stored, used, maintained, or disseminated by Grantee in performing its duties under this grant.
<br />g. Grantee’s obligations while performing the functions of a government entity include, but are not
<br />limited to, complying with Minn. Stat. § 13.05, subd. 5
<br />(https://www.revisor.mn.gov/statutes/cite/13.05#stat.13.05.5) to establish appropriate security
<br />safeguards for all records containing data on individuals.
<br />h. Grantee must comply with Minn. Stat. § 13.055 (https://www.revisor.mn.gov/statutes/cite/13.055)
<br />to investigate and appropriately report or notify regarding any potential unauthorized acquisition of
<br />112
|