Contract Request Template (Contracts; IGAs; Leases)
Date Submitted: 3/7/22
Requesting Agency: Technology Services
Division:
Subject Matter Expert Name: Joe Saporito
Email Address: joseph.saporito@denvergov.org <mailto:joseph.saporito@denvergov.org>
Phone Number:
Item Title & Description:
(Do not delete the following instructions)
These appear on the Council meeting agenda. Initially, the requesting agency will enter a 2-3 sentence description. Upon bill filling, the City Attorney’s Office should enter the title above the description (the title should be in bold font).
Both the title and description must be entered between the red “title” and “body” below. Do not at any time delete the red “title” or “body” markers from this template.
title
A resolution approving a proposed Third Amendatory Agreement between the City and County of Denver and Carahsoft Technology Corporation by adding a Health Insurance Portability and Accountability Act (HIPAA) Business Associate Addendum for data protection purposes in use of the Salesforce application.
Amends a contract with Carahsoft Technology Corporation by adding a Health Insurance Portability and Accountability Act (HIPAA) Business Associate Addendum for data protection purposes in use of the Salesforce application, citywide. No change to contract amount or duration (TECHS-202262002). The last regularly scheduled Council meeting within the 30-day review period is on 4-18-22. The Committee approved filing this item at its meeting on 3-15-22.
body
Affected Council District(s) or citywide? Citywide
Contract Control Number: TECHS-202262002
Vendor/Contractor Name (including any “DBA”): Carahsoft Technology Corporation
Type and Scope of services to be performed:
Some City and County of Denver agencies are Heath Insurance Portability and Accountability Act (HIPAA) covered entities i.e.- Denver Human Services, Department of Safety. HIPAA covered entities are required to adhere to all applicable HIPAA rules and regulations. These covered entities handle and maintain Protected Health Information (PHI)/Electronic Protected Health Information (ePHI) of the Denver Citizens they serve. Salesforce has the ability to maintain Denver Resident ePHI within its CCD applications.
The HIPAA Privacy Rule requires all covered entities to have a Business Associate Agreement in place with all entities, persons, and vendors which handle PHI/ePHI on their behalf. To ensure compliance with HIPAA standards for safeguarding ePHI a Business Associate Agreement has been created with Salesforce. Salesforce complies with all applicable HIPAA privacy, security regulations. Salesforce has appropriate administrative, technical, and physical safeguards in place and complies with the breach notification requirements of HIPAA.
Location (if applicable):
WBE/MBE/DBE goals that were applied, if applicable (construction, design, Airport concession contracts): N/A
Are WBE/MBE/DBE goals met (if applicable)?
Is the contract new/a renewal/extension or amendment? Amendment
Was this contractor selected by competitive process or sole source? Competitive
For New contracts
Term of initial contract:
Options for Renewal:
How many renewals (i.e. up to 2 renewals)?
Term of any renewals (i.e. 1 year each):
Cost of initial contract term:
Cost of any renewals:
Total contract value council is approving if all renewals exercised:
For Amendments/Renewals Extensions:
Is this a change to cost/pricing; length of term; terms unrelated to time or price (List all that apply)? Adding data protection terms
If length changing
What was the length of the term of the original contract?
What is the length of the extension/renewal?
What is the revised total term of the contract?
If cost changing
What was the original value of the entire contract prior to this proposed change?
What is the value of the proposed change?
What is the new/revised total value including change?
If terms changing
Describe the change and the reason for it (i.e. compliance with state law, different way of doing business etc.)
Supplier will incorporate the HIPAA Business Associate Addendum into the contractual relationship with the City.