The URL can be used to link to this page

Home My WebLink AboutC2020-442 - 9/15/2020 - Approved1 ADMINISTRATIVE SERVICES AGREEMENT This Administrative Services Agreement ("Agreement") between OptumHealth Financial Services, Inc. (“Optum”) and City of Corpus Christi (“Customer”) is effective as of January 1, 2021 (“Effective Date”). This Agreement covers the services Optum is providing to Customer, either directly or in conjunction with one of Optum’s affiliates. For services provided on or after its Effective Date, this Agreement supersedes and replaces any existing agreements between the parties relating to the same subject matter. 1. Definitions When these terms are capitalized in the Agreement they have the meanings set forth below. Defined terms may be used in the singular or plural. Employee: A current or former employee of Customer or an affiliated employer. Participant: Employee or dependent who is covered by the Plan. PHI: Any information Optum receives or provides on behalf of the Plan which is considered Protected Health Information as the term is defined in the privacy regulations of the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations (collectively, “HIPAA”) and American Recovery and Reinvestment Act (“ARRA”), as each is amended from time to time. Plan: The provisions of the plan of employee benefits to which this Agreement applies. Plan Administrator: The current or succeeding person, committee, partnership, or other entity designated by the terms of the instrument under which the Plan is operated who is responsible for the Plan’s operation. Plan Document(s): Means documents provided to Participants that are prepared or provided by the Plan Administrator that describe either: the Services covered by this Agreement; eligibility requirements for participation and benefits offered under the Plan; or any other similar information. Examples of Plan Documents include but are not limited to the following: Summary Plan Description, evidence or certificate of coverage, description of Services or a trust agreement. Services: Means collectively, the products and services Optum provides and performs pursuant to this Agreement as set forth in Exhibit A attached hereto. Tax or Taxes: A charge imposed, assessed or levied by any federal, state, local or other governmental entity. 2. Benefit Plan 2.1. Responsibility for the Plan, Plan Assets and Payment of Plan Benefits. Optum is not the Plan Administrator of the Plan. Any references in this Agreement, or elsewhere, to Optum “administering the Plan” are descriptive only and do not confer upon Optum anything beyond certain agreed upon administrative duties. Customer has the sole responsibility for all obligations of the Plan, the Plan Sponsor, and the Plan Administrator under ERISA and any other applicable laws and regulations, including but not limited to benefit design and preparation, distribution of Plan Documents, content and regulatory compliance of the Plan Documents. Customer shall have absolute authority with respect to any Plan assets, and Optum shall neither have discretion, nor be deemed to exercise any discretion, control or authority with respect to the disposition of any DocuSign Envelope ID: CF6DE7AA-2719-453B-891D-DBCDFF493A38DocuSign Envelope ID: 03B5B451-7003-40A8-A82C-5D46C8078B5D 2 Plan assets. Customer agrees that it is responsible for making determinations on all appeals. Customer shall document and notify Optum of each such decision. Optum does not insure or underwrite the Benefit Plan liability of Plan Administrator and is not financially responsible for the payment of amounts payable under the terms and conditions of the applicable Plan, and as stated in the applicable summary plan description or expenses incident to the Plan(s) (together “Plan Benefits”). It is understood and agreed that the Plan Administrator is responsible for funding Plan Benefits under the Plan and that Optum shall not have any duty to use any of its funds for the payment of such Plan Benefits. Optum will have no obligation to arrange for payment of Plan Benefits under the Plan if the Plan Administrator has not made the requisite funds available to Optum in accordance with this Agreement. Optum has no duty or obligation to defend any legal action or proceeding brought to recover benefits under the Benefit Plans; however, Optum will provide to Plan Administrator or its legal counsel, upon request and subject to any limitations described in this Agreement or applicable law, any documentation in Optum’s possession that may relate to such claim for benefits and/or expenses. 2.2. Plan Consistent with the Agreement. Customer represents that Plan Documents are consistent with this Agreement. Customer will provide Optum with copies of Plan Documents or any communications describing Plan Documents prior to distributing these materials to Participants or third parties. Customer will amend Plan Documents or communications related thereto if Optum reasonably determines that references to Optum are not accurate, or a Plan provision is not consistent with this Agreement or the Services. Customer shall be responsible for printing, maintaining a supply of and distributing to Participants, within a reasonable period of time before coverage begins, the Plan Documents and all other information and forms necessary for Participants’ enrollment and continued eligibility for Services under the Plan. 2.3. Plan Changes. Customer will provide Optum with notice of any changes to the Plan and/or Plan Documents within a reasonable period of time prior to the effective date of the change to allow Optum to determine if the change will impact the Services. Optum will notify Customer if: (i) the change increases Optum’s cost of providing Services which would result in an increase in fees; or if in Optum’s reasonable discretion it is unable to implement or administer the change. If the parties cannot agree to a new fee within thirty (30) days of the notice of the new fee, or if Optum notifies Customer that Optum is unable to reasonably implement or administer the change, Optum shall have no obligation to implement or administer the change, and Customer may terminate this Agreement upon sixty (60) days written notice. 2.4. Affiliated Employers. Customer represents that together, Customer and any of Customer’s affiliates covered under the Plan make up a single “controlled group” as defined by ERISA. Upon request by Optum, Customer agrees to provide Optum with a list of Customer’s affiliates covered under the Plan. 3. Customer Responsibilities 3.1. Information Customer Provides to Optum. Customer, either directly or indirectly through its benefits broker or other third-party agent(s) (each such benefits broker or agent an "Agent"), will provide Optum a complete and accurate list of all Participants in a timely manner. Customer will notify Optum of any Participant changes as soon as reasonably possible. Optum will accept eligibility data from Customer in a frequency and format mutually agreed upon by the parties. Deviations in format or frequency may result in additional fees to Customer. Customer agrees DocuSign Envelope ID: CF6DE7AA-2719-453B-891D-DBCDFF493A38DocuSign Envelope ID: 03B5B451-7003-40A8-A82C-5D46C8078B5D 3 that it will not provide Optum eligibility data until after this Agreement along with the Business Associate Addendum attached hereto and incorporated herein by reference are active and in effect. Optum will be entitled to rely on the most current information in Optum’s possession regarding eligibility of Participants when providing Services under this Agreement. Optum will not be required to make retroactive eligibility changes, process or reprocess claims, but if Optum agrees to do so, additional fees may apply. Customer will provide Optum with any additional information reasonably requested by Optum. 3.2. Reliance on Data. Optum is not liable for any acts or omissions it makes in reliance on the direction or consent from an authorized representative or other Agent of Customer. Optum is not responsible or liable for any acts or omissions made in reliance on erroneous data provided by Customer or Agents, or the failure of Customer to perform its obligations under this Agreement. Customer understands that Optum cannot timely or accurately perform its duties under this Agreement without complete, accurate, and timely information and that Optum shall have no liability to Customer or any Participant as a consequence of incomplete, inaccurate, or untimely information provided to Optum by Customer or its Agents. Customer understands that an additional fee, and/or a recalculation of performance standards may be required if Optum is required to take corrective action as a result of such incomplete, inaccurate, or untimely information. Prior to the change of any fee, said fee must be negotiated and agreed to by Customer. 3.3. Authorizations, Data Integrity, and Disclosures. Customer is responsible for obtaining, prior to furnishing any data or information to Optum (either directly or indirectly through an Agent), any necessary permissions, consents, or releases, including entering into business associate agreements if required by applicable federal, state or local laws and/or regulations, to allow Customer to deliver Customer data to Optum and to allow Optum to use and disclose Customer data or Records (as defined in Section 8.1 below) as set forth under this Agreement or required by law, including without limitation, providing Customer data or Records to Customer's Agents. Optum shall not be responsible or liable for (a) errors in Customer data or data entry done by Customer or its Agents, or (b) errors in services, programs, hardware, data files, or output Optum provides to or maintains for Customer pursuant to this Agreement, if the Optum errors resulted from errors in Customer's or Customer’s Agents' input data, or from Customer's failure to comply with this Agreement. During and after the Term of this Agreement, Optum may use, reproduce, transfer and combine Customer data and any derivatives of that data for preparing commercially available normative and benchmark data and databases, and for internal and external research and analysis purposes. 3.4. Use of Optum Systems; System Protection. If Customer or its Agents use or access any information or communication systems owned or operated by Optum or an affiliate or subcontractor of Optum (“Optum Systems”), Customer agrees (and shall require its Agents to agree) to access or use Optum Systems only as authorized in this Agreement. Customer and its Agents shall comply with all security controls, policies, standards and guidelines applicable to Optum Systems, which are disclosed as part of implementation, log-in or otherwise. Neither Customer nor its Agents shall (i) knowingly introduce any virus or disabling code into the Optum Systems; (ii) attempt to access any portions of the Optum System that are not required for Customer’s performance under this Agreement; or (iii) attempt to circumvent or bypass Optum’s security systems or procedures with respect to the Optum Systems. Optum retains sole discretion to terminate any user’s access to Optum Systems. DocuSign Envelope ID: CF6DE7AA-2719-453B-891D-DBCDFF493A38DocuSign Envelope ID: 03B5B451-7003-40A8-A82C-5D46C8078B5D 4 3.5. Notices to Participants. In the event this Agreement terminates, Customer will notify all Participants that the Services Optum is providing under this Agreement are discontinued. 3.6. Providing Funds for Benefits. Customer is solely responsible for providing funds for payment for all Plan benefits payable to Participants. Optum is not responsible for providing funds for Plan benefits even if Optum or an affiliate of Optum provides stop loss insurance to Customer. Customer shall comply with any regulatory obligations, including prompt pay requirements, as applicable. 3.7. Escheat. Customer is solely responsible for complying with all applicable abandoned property or escheat laws, making any required payments, and filing any required reports. 4. Services 4.1. Administrative Services. Optum will provide the administrative services described in Exhibit A. 4.2. Customer Reporting Services. Optum will provide standard summaries of program activities to Customer as part of the Services. Optum reserves the right, from time to time, to change the content, format and/or type of its reports. Ad-hoc and non-standard reporting shall be mutually agreed upon by the parties and may be subject to additional fees. 5. Service Fees 5.1. Service Fees. Customer will pay Optum fees for the Services as set forth in Exhibit A of this Agreement. In addition to the Service fees specified in Exhibit A, Customer must also pay Optum any additional fee that is authorized by a provision elsewhere in this Agreement or is otherwise agreed to by the parties. If Customer delegates payment of Services fees to an Agent, it remains Customer’s obligation to pay Optum, and payment to an Agent will not relieve Customer of that obligation in the event an Agent fails to pay Optum or a payment is untimely. FSA Fees are payable for the entire plan year, regardless of an Employee’s employment status. For example, if an employee opens an account (Jan-Dec), but their employment is terminated with Customer, Customer shall continue to pay Optum the fee for that Employee for the remainder of the plan year. 5.2. Changes in Service Fees. Optum reserves the right to change the Service fees set forth in any Fee Schedule upon sixty (60) days prior written notice of revised Service fees. Service fee changes will be effective at the end of the notice period. If applicable, Optum will provide Customer with a new Exhibit A reflecting the revised Service fees that will replace the existing Exhibit A. If Customer objects to a change in Service fees, Customer may terminate this Agreement by providing written notice to Optum within ninety (90) days after Customer receives written notice of the new fees. Customer must still pay any amounts due for the periods during which the Agreement is in effect and during post-termination transition services. 5.3. Payments. Optum will bill Customer on a monthly basis for the actual or estimated fees Customer owes to Optum. In these cases, the amounts owed are due and payable on the due date shown on the bill. 5.4. Penalties. Payment will be made timely in accordance with the Texas Prompt Payment Act. Failure to make timely payments will be subject to interest in accordance with the Texas Prompt Payment Act. DocuSign Envelope ID: CF6DE7AA-2719-453B-891D-DBCDFF493A38DocuSign Envelope ID: 03B5B451-7003-40A8-A82C-5D46C8078B5D 5 5.5. Reconciliation. Optum may periodically reconcile the total amounts Customer has paid Optum with the total amounts Customer owes Optum. If the reconciliation indicates that Optum owes Customer money, Customer’s next payment will be credited. If the reconciliation indicates that Customer owes Optum money, Optum will invoice Customer for the amount due. All adjustments to over and under payments, except when arising from misrepresentation or fraud by the other party, must be reconciled no later than 180 days after the month in question and any reconciliation greater than 180 days shall be deemed waived. Any such variances occurring during the last four months of the Term will be reconciled within 180 days after the Agreement's termination. 6. Term of the Agreement 6.1. Term. This Agreement will commence on the Effective Date and continue for a 36 month period (“Initial Term”). The Agreement will auto-renew after the Initial Term for additional one (1) year periods (each such renewal, a “Renewal Term”) unless and until this Agreement is terminated. The Initial Term and each subsequent Renewal Term are referred to herein as (the “Term”). 6.2. Services End. Services under this Agreement stop on the date this Agreement terminates, regardless of the date claims are incurred. If Optum agrees to continue providing certain services beyond the termination date, those services will be governed by the terms of this Agreement. 7. Termination 7.1. Termination Events. This Agreement will terminate under the following circumstances: (i) the Plan terminates; (ii) either party gives the other party at least ninety (90) days prior written notice; (iii) Optum gives Customer notice of termination because Customer did not pay the fees or other amounts Customer owed Optum when due under the terms of this Agreement; (iv) Customer fails to provide the required funds for payment of claims under the terms of this Agreement; (v) a party elects to terminate because the other party is in material breach of this Agreement, other than by non-payment or late payment of fees owed by Customer or the failure to provide sufficient funds with which to pay claims, and does not correct the breach within thirty (30) days after being notified in writing; (vi) any state or other jurisdiction prohibits a party from administering the Plan under the terms of this Agreement, or imposes a penalty on the Plan or Optum and such penalty is based on the Services specified in this Agreement, or (vii) as otherwise specified in this Agreement. In a Section 7.1(vi) event, the impacted party may immediately discontinue the Agreement’s application in such state or jurisdiction and the Agreement will continue to apply in all other states or jurisdictions or terminate the entire agreement. In all circumstances, notice shall be given to the other party when reasonably practical. 7.2. Post-Termination Transition Services. When the Agreement is terminated Customer and Optum may mutually agree upon any transition services required and fees to Optum for such transition services. 8. Records, Information, Audits 8.1. Records. Optum will keep records relating to the Services provided under this Agreement (“Records”) for the later of Optum’s record retention policy or requirements under applicable law. 8.2. Access to Records. If Customer needs Records in order to administer the Plan, Optum will provide Customer access to those Records, if (a) it is legally permissible, (b) the Records relate to Services DocuSign Envelope ID: CF6DE7AA-2719-453B-891D-DBCDFF493A38DocuSign Envelope ID: 03B5B451-7003-40A8-A82C-5D46C8078B5D 6 under this Agreement, and (c) Customer gives Optum reasonable advance notice and an explanation of the need for such Records. Optum will provide Records to Customer, only while this Agreement is in effect and for a period of six (6) months after the Agreement terminates, unless Customer demonstrates that the Records requested are required by law or for Plan administration purposes in which case such Records will continue to be available until the later of Optum’s record retention policy or requirements under applicable law. Upon request by Customer, Optum will provide reasonable access to Records to an entity providing Plan administrative services to Customer other than an entity providing audit services, which will be governed by Section 8.3. 8.3. Audits. During the term of the Agreement, and at any time within six (6) months following its termination, Customer or a mutually agreeable independent auditor may audit Optum Records once each calendar year. Customer must provide sixty (60) days prior written notice to Optum of Customer’s intent to audit. The scope, place, time, duration, and frequency of each audit must be reasonable and agreed to by Optum. All auditors shall agree to sign confidentiality agreements prior to conducting such audits. Audits will be limited to Records relating to the calendar year in which the audit is conducted, and/or the immediately preceding calendar year and be performed during normal business hours in accordance with generally accepted auditing procedures. In addition to Customer’s expenses and any applicable fees, Customer will also pay any extraordinary expenses Optum incurs in connection with the audit. For any audit initiated after this Agreement is terminated, Customer will pay all expenses incurred by Optum. Customer will provide Optum with a copy of all audit reports within ten (10) days after Customer receives the audit report(s) from the auditor. 8.4. Confidential Information. Each party acknowledges that in the course of performing under this Agreement, or in the course of discussing or negotiating this Agreement it may learn confidential, trade secret, or proprietary information concerning the other party or third parties to whom the other party has an obligation of confidentiality (“Confidential Information”). Without limiting the foregoing, Optum’s Confidential Information shall include, without limitation, the terms of this Agreement, financial information, employee information, information regarding products, marketing plans, business plans, customer names and lists, software and associated algorithms, developments, improvements, know-how, code (object and source), programs, software architecture, technology and trade secrets, reports generated by or for Optum, Optum's methods of database creation, and Optum's translation, standardization, enhancement, and health data analysis techniques, health data reporting and profiling methods and formats. Without limiting the foregoing, Customer’s Confidential Information shall include information regarding Customer’s business, and information regarding Customer's premiums and claims data. Confidential Information shall not include PHI, which is subject to the Business Associate Addendum attached hereto. This provision shall survive the termination of this Agreement. Each party agrees that: (a) it will use the other party’s Confidential Information only as may be necessary in the course of performing duties, receiving services or exercising rights under this Agreement; (b) it will treat such information as confidential and proprietary; (c) it will not disclose such information orally or in writing to any third party without the prior written consent of the other party; and (d) it will not otherwise appropriate such information to its own use or to the use of any other person or entity. Without limiting the foregoing, each party agrees to take at least such precautions to protect the other party’s Confidential Information as it takes to protect its own Confidential Information. Each party is solely responsible for all use of the other party’s Confidential Information by anyone who gains access to the Confidential Information under such party’s authorization. Upon termination or expiration (without renewal) of this Agreement, each party will return to the other party, or certify as destroyed, all tangible items containing any of DocuSign Envelope ID: CF6DE7AA-2719-453B-891D-DBCDFF493A38DocuSign Envelope ID: 03B5B451-7003-40A8-A82C-5D46C8078B5D 7 the other party’s Confidential Information that are held by that party or its employees, agents or contractors, other than one archival copy. Each party agrees to notify the other party if it becomes aware of any unauthorized use or disclosure of the other party’s Confidential Information. If either party believes it is required by law or by a subpoena or court order to disclose any of the other party’s Confidential Information, it shall, if legally permissible, promptly notify the other party and shall make all reasonable efforts to allow the other party an opportunity to seek a protective order or other judicial relief prior to any disclosure. Nothing in this Agreement shall be construed to restrict disclosure or use of information that was in the possession of or rightfully known by the recipient, without an obligation to maintain its confidentiality, prior to receipt from the other party; is or becomes generally known to the public without violation of this Agreement; is obtained by the recipient in good faith from a third party having the right to disclose it without an obligation of confidentiality; or is independently developed by the receiving party without reference to the other party’s Confidential Information. The Parties acknowledge that the Customer is a Texas governmental entity subject to the Texas Public Information Act (the “Act”). Nothing in this Agreement shall be construed to prohibit the Customer from complying with the Act and compliance with the Act shall not be considered a violation or breach of this Agreement. Should Customer receive a request for disclosure of Confidential Information pursuant to the Act, Customer will promptly provide Optum notice of such request so that Optum may avail itself of any opportunities to establish reasons why the information should be withheld prior to disclosing such Confidential Information. The burden of establishing the applicability of exceptions to the disclosure of Information under the Act resides with Optum. Should Optum be unable to establish a valid exception from disclosure or exclusion from the Act, then Customer may release the information, solely to the extent necessary to comply with the Act. 8.5. PHI. The parties agree will comply with all applicable requirements set forth in HIPAA and ARRA. The parties' obligations with respect to the use and disclosure of PHI are outlined in the Business Associate Addendum attached to this Agreement and incorporated herein by reference as Exhibit B. 9.Indemnification 9.1. Indemnification by Optum. Optum will indemnify Customer and hold Customer, its officers, directors, employees, agents, successors and assigns harmless from and against any and all losses, liabilities, penalties, fines, costs, damages (including Taxes), and related costs and expenses, that Customer may incur, including reasonable attorneys’ fees and costs (collectively “Losses”), arising as a result of a third party claim to the extent such Losses are directly caused by: (i) the gross negligence or willful misconduct of Optum or its vendors, subcontractors, and representatives in the performance of their obligations under this Agreement; or (ii) Optum’s material breach of this Agreement. Notwithstanding the foregoing, Customer will remain solely responsible for payment of all Plan benefits and Optum’s indemnification will not extend to indemnification of Customer or the Plan against any claims, liabilities, damages, judgments or expenses that constitute payment of Plan benefits. 9.2. Indemnification by Customer. To the extent authorized under the Constitution and laws of the State of Texas or otherwise permitted by applicable law, Customer will indemnify, Optum and hold Optum, its officers, directors, employees, agents, successors and assigns harmless from and against any and all Losses which arise out of or related to: (i) the gross negligence or willful misconduct of Customer or Customer’s vendors, subcontractors, and representatives in the DocuSign Envelope ID: CF6DE7AA-2719-453B-891D-DBCDFF493A38DocuSign Envelope ID: 03B5B451-7003-40A8-A82C-5D46C8078B5D 8 performance of their obligations under this Agreement; or (ii) Customer’s material breach of this Agreement 9.3. LIABILITY. EACH PARTIES’ AGGREGATE LIABILITY TO EACH OTHER IN ACTIONS BETWEEN THE PARTIES BROUGHT UNDER THIS AGREEMENT OR ANY ATTACHMENT HERETO SHALL NOT EXCEED THE TOTAL MONTHLY FEE CUSTOMER HAS PAID OR OWES OPTUM PURSUANT TO THIS AGREEMENT OR EACH RESPECTIVE SCHEDULE AS APPLICABLE TO WHICH THE INCIDENT PERTAINS FOR THE THREE (3) MONTH PERIOD IMMEDIATELY PRIOR TO THE INCIDENT GIVING RISE TO THE CAUSE OF ACTION. NEITHER PARTY, REGARDLESS OF THE CAUSE, SHALL BE LIABLE TO THE OTHER FOR ANY INDIRECT, INCIDENTAL, CONSEQUENTIAL, PUNITIVE, OR SPECIAL DAMAGES, EVEN IF SUCH PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES ARISING FROM PERFORMANCE OR FAILURE TO PERFORM UNDER THIS AGREEMENT. CONSEQUENTIAL DAMAGES INCLUDE, BUT ARE NOT LIMITED TO, LOST PROFITS, LOST REVENUES, AND LOST BUSINESS OPPORTUNITIES, WHETHER OR NOT THE OTHER PARTY WAS OR SHOULD HAVE BEEN AWARE OF THE POSSIBILITY OF SUCH DAMAGES. NOTWITHSTANDING THE ABOVE, THE LIMITATIONS STATED ABOVE DO NOT APPLY TO THE EXTENT SUCH LIABILITY IS DIRECTLY ARISING FROM: (A) A BREACH OF CONFIDENTIALITY OBLIGATIONS; (B) AN OBLIGATION OF INDEMNIFICATION; (C) ANY INFRINGEMENT CLAIM OR ACTION; (D) VIOLATION OF LAW, INCLUDING BUT NOT LIMITED TO A HIPAA BREACH; AND/OR (E) CUSTOMER’S LIABILITY TO OPTUM FOR FAILURE TO PAY AMOUNTS DUE UNDER THIS AGREEMENT OR ANY ATTACHMENT HERETO. 9.4. Indemnification Procedures. The indemnification obligations in Sections 9.1 and 9.2 herein are subject to the indemnified party (Indemnified Party): (a) notifying the indemnifying party (Indemnifying Party) promptly and in writing of the Loss, although the failure or delay to so notify by the Indemnified Party will not relieve the Indemnifying Party of its obligations under Section 9 of this Agreement so long as the failure or delay does not prejudice the defense of such claim; (b) providing reasonable assistance in defending the claim; and (c) consenting to the Indemnifying Party’s sole authority to defend or settle such claim, provided that the Indemnifying Party will not agree to any stipulation, admission, or acknowledgement of fault, guilt, wrongdoing or liability on the part of the Indemnified Party without the Indemnified Party's prior written consent. An indemnified party may not assert any claims against the Indemnifying Party more than two (2) years after the expiration or termination of this Agreement 9.5. Insurance. During the term of this Agreement, Optum shall maintain in effect commercial general liability insurance in the amount of $1,000,000 per occurrence and $3,000,000 aggregate, professional liability insurance coverage in the amount of $5,000,000 per claim and $5,000,000 aggregate, and crime/employee dishonesty insurance coverage in the aggregate amount of $1,000,000. Optum’s general liability insurance policy will include all of the following by endorsement: (1) Customer must be listed as an additional insured and (2) policy must include waiver of subrogation in favor of Customer. Optum will provide 30 days’ written notice prior to cancellation/termination of any of the required insurance policies. A certificate of insurance will be provided to the Customer upon written request. 10.Disputes In the event that any dispute, claim, or controversy of any kind or nature relating to this Agreement arises between the parties, the parties agree to meet and make a good faith effort to resolve the dispute. Nothing herein is intended to prevent either party from seeking any other remedy available at law including seeking redress in a court of competent jurisdiction. This provision shall survive the termination of this Agreement. DocuSign Envelope ID: CF6DE7AA-2719-453B-891D-DBCDFF493A38DocuSign Envelope ID: 03B5B451-7003-40A8-A82C-5D46C8078B5D 9 11. Customer Obligations 11.1. FSA, RRA and/or HRA Services. If FSA, RRA and/or HRA Services are listed in Exhibit A, Customer shall provide Optum with contribution amounts allocated to each Participant. 11.2. Transportation Services. If transportation services are listed in Exhibit A: 11.2.1. Customer shall provide Optum with contribution amounts allocated to each Participant. 11.2.2. Optum will notify Customer in writing by facsimile or electronically of the dollar amount of transportation claims processed for payment on a pre-arranged, periodic basis. Claim processing reports will be provided to Customer, if requested. 11.2.3. Customer will remit to Optum’s transportation reimbursement account the amount necessary to cover reimbursement requests and payments will be distributed to the respective Participants within the time frame agreed to by the parties. 11.2.4. Liability for and payment of all transportation reimbursement claims shall be the responsibility of Customer and in no event shall Optum be responsible for any such claims and costs. If Customer does not remit funds to Optum’s transportation reimbursement account prior to the time Participant reimbursements are required to be made, Optum reserves the right to immediately suspend reimbursements and terminate Customer’s right to use direct deposit as a method of Participant reimbursement. Optum’s right to terminate use of direct deposit is in addition to any rights granted to Optum in the Agreement. 11.3. Funding. 11.3.1. Imprest Funding. If FSA, RRA and/or HRA Services are listed in Exhibit A and customer is set up with an imprest banking model: 11.3.1.1. Optum will open and maintain a bank account (the “Bank Account”) on behalf of Customer for the purpose of reimbursing claims and paying expenses and fees. Customer acknowledges that funds in the Bank Account may be aggregated with funds belonging to other customers at an omnibus level, provided, however, all recordkeeping is conducted on an individual company basis using sub-accounts, which results in the funding and payment of claims using only the Plan assets of the appropriate Plan Sponsor. 11.3.1.2. Customer shall maintain a minimum balance in the Bank Account of expected claim activity, as determined by Optum. Optum shall have sole discretion to require Customer to: (i) deposit additional funds in the Bank Account; (ii) maintain a higher minimum balance in the Bank Account; (iii) change the frequency or timing of fund transfers into the Bank Account; or (iv) change the method of fund transfers into the Bank Account. Optum will periodically notify Customer of the amount due for reimbursing processed reimbursement claims and fees. Upon receiving such notice, Customer shall fund the Bank Account with the designated amount immediately but no later than within one business day. 11.3.1.3. Customer grants Optum the right to access information regarding the balance in Customer’s corporate funding bank account. If Customer fails comply with any material funding or financial obligations or if Optum determines Customer’s financial DocuSign Envelope ID: CF6DE7AA-2719-453B-891D-DBCDFF493A38DocuSign Envelope ID: 03B5B451-7003-40A8-A82C-5D46C8078B5D 10 condition has deteriorated, Customer authorizes Optum to initiate Automated Clearing House (“ACH”) or wire transfers from Customer’s corporate funding bank account to the Bank Account in an amount needed to pay for reimbursement claims processed and/or fees that are due to Optum. 11.3.1.4. If Customer does not fund the Bank Account with required amounts to maintain the minimum balance, Customer must immediately correct the deficiency and provide prompt notice to Optum of the deficiency. In the event that Customer fails to maintain the required minimum balance, Optum may, in its sole discretion (i) terminate the Agreement or the portion of the Agreement related to FSA and/or HRA services; (ii) suspend any or all Services; or (iii) stop payments on uncashed reimbursement checks. 11.3.1.5. Liability for and payment of all reimbursement claims, shall be the responsibility of Customer and in no event shall Optum be responsible for any such claims and costs. 11.3.1.6. When the Agreement terminates, the funding method set forth in Section 11.3.1 shall remain in place for a period of twelve (12) months following run-out to allow reimbursement checks to clear. 11.4. Debit Card. If Customer has elected to receive Debit Cards: 11.4.1. Customer acknowledges and agrees that Participants will be subject to the terms and conditions of the cardholder agreement distributed with the Debit Card. 11.4.2. Customer acknowledges and agrees that payment of all amounts for Debit Card transactions arising under all Plans shall be the responsibility of Customer via direct Automated Clearing House (“ACH”) from the Bank Account. Customer acknowledges and agrees that all liability for and payment of all claims, shall be the Customer’s responsibility and in no event shall Optum be responsible for any such claims and costs. Customer acknowledges and agrees that a charge of one hundred ($100) Dollars ($100.00) shall be assessed to Customer for each ACH returned due to insufficient funds. 11.5. COBRA Services. If COBRA Services are listed in Exhibit A: 11.5.1. Promptly after the Effective Date, Customer shall notify Optum in writing of all of Customer’s Plans with respect to which, Optum will provide COBRA-related services. Customer shall provide Optum with timely notice of plan termination, amendment, or any other event that may affect a qualified beneficiary’s right to COBRA or the type of benefits received or the contributions due under COBRA. 11.5.2. Customer shall provide Optum with notice of a qualifying event immediately, but no later than permitted by applicable laws and regulations. Customer shall provide Optum with any information requested relating to a qualifying event. 11.5.3. Customer shall establish and notify Optum of the continuation contribution due under each Plan in which a qualified beneficiary has coverage, including immediate notification of any changes to any contributions for such coverage. Customer must provide Optum with written notice of changes to COBRA continuation contribution rates (a “Rate Change Notice”) at least thirty (30) days prior to such rate change (the “Rate Change Notice Date”). In the event that Customer is unable to provide the Rate Change Notice before the Rate Change Notice Date, Customer acknowledges and agrees that it is responsible for the DocuSign Envelope ID: CF6DE7AA-2719-453B-891D-DBCDFF493A38DocuSign Envelope ID: 03B5B451-7003-40A8-A82C-5D46C8078B5D 11 difference between the previous COBRA continuation contribution rate and the new COBRA continuation contribution rate until such time as the new COBRA continuation contribution rate is applied to the applicable qualified beneficiary. 11.5.4. Customer shall notify Optum within ten (10) business days after receiving notice from a qualified beneficiary that he or she has been determined to be disabled by the Social Security Administration or has been determined to no longer be disabled by the Social Security Administration pursuant to Title II or XVI of the Social Security Act. 11.6. Retiree-Billing Services. If Retiree-Billing Services (collectively, the “Continuation Services”) is listed in Exhibit A: 11.6.1. Promptly after the Effective Date, Customer shall notify Optum in writing of all of Customer’s Plans with respect to which, Optum will provide Continuation Services. Customer shall provide Optum with timely notice of plan termination, amendment, or any other event that may affect a qualified beneficiary’s right to continuation coverage or the type of benefits received or the contributions due under such continuation coverage. 11.6.2. Customer shall provide Optum with notice of a qualifying event immediately, but no later than permitted by applicable laws and regulations. Customer shall provide Optum with any information requested relating to a qualifying event. 11.6.3. Customer shall establish and notify Optum of the continuation contribution due under each Plan in which a qualified beneficiary has coverage, including immediate notification of any changes to any contributions for such coverage. Customer must provide Optum with written notice of changes to continuation contribution rates (a “Rate Change Notice”) at least thirty (30) days prior to such rate change (the “Rate Change Notice Date”). In the event that Customer is unable to provide the Rate Change Notice before the Rate Change Notice Date, Customer acknowledges and agrees that it is responsible for the difference between the previous continuation contribution rate and the new continuation contribution rate until such time as the new continuation contribution rate is applied to the applicable qualified beneficiary. 11.6.4. Customer shall notify Optum within ten (10) business days after receiving notice from a qualified beneficiary that he or she has been determined to be disabled by the Social Security Administration or has been determined to no longer be disabled by the Social Security Administration pursuant to Title II or XVI of the Social Security Act. 12.Miscellaneous 12.1. Subcontractors. Optum can use subcontractors, including affiliates, to perform Services under this Agreement. Optum will be responsible for their services to the same extent that Optum would have been had Optum performed the Services without the use of an affiliate or subcontractor. 12.2. Assignment. Neither party may assign any of its rights or obligations under this Agreement without the written consent of the other party, provided, however, that Optum may assign or transfer this Agreement to an entity controlling, controlled by, or under common control with Optum, or a purchaser of all or substantially all of Optum’s assets, subject to notice to Customer of the assignment. DocuSign Envelope ID: CF6DE7AA-2719-453B-891D-DBCDFF493A38DocuSign Envelope ID: 03B5B451-7003-40A8-A82C-5D46C8078B5D 12 12.3. Governing Law. This Agreement is governed by and construed in accordance with the laws of the State of Texas, except as to any applicable federal laws, without giving effect to the principles of conflicts of law thereof. 12.4. Entire Agreement. This Agreement, with its exhibits, constitutes the entire agreement between the parties governing the subject matter of this Agreement. This Agreement replaces any prior written or oral communications or agreements between the parties relating to the subject matter of this Agreement. 12.5. Amendment. The parties agree to take such action as is necessary to amend this Agreement from time to time as is necessary to comply with applicable law, including but not limited to federal and state privacy and consumer rights laws and regulations, as applicable.. 12.6. Regulatory Filing. In the event that Customer is required to file this Agreement with any federal, state and local governmental authorities, Customer shall be responsible for filing the Agreement with such authorities as required by any applicable law or regulation. If, following any such filing, the governmental authority requests changes to this Agreement, Optum and Customer shall jointly discuss Customer’s response to the governmental authority. In the event any federal, state or local governmental authority requires a change to this Agreement that either Optum or Customer deems to be material, either party may request renegotiation of the affected provisions of this Agreement. 12.7. Waiver/Estoppel. Nothing in this Agreement is considered to be waived by any party, unless the party claiming the waiver receives the waiver in writing. No breach of the Agreement is considered to be waived unless the non-breaching party waives it in writing. A waiver of one provision does not constitute a waiver of any other. A failure of either party to enforce at any time any of the provisions of this Agreement, or to exercise any option which is herein provided in this Agreement, will in no way be construed to be a waiver of such provision of this Agreement. 12.8. Notices. Any notice, demand, or communication required under this Agreement shall be hand delivered or sent by commercial overnight delivery service, or if mailed, by pre-paid, first class mail to the individual designated as the company contact during Implementation with a copy sent to Optum Financial Service’s General Counsel at the address located in the signature block. The addresses to which notices are sent may be changed by proper notice. 12.9. Use of Names. The parties agree not to use each other's name, logo, service marks, trademarks or other identifying information without the written permission of the other; provided, however, Customer grants Optum permission to use Customer’s name, logo, service marks, trademarks or other identifying information (“Customer Marks”) to the extent necessary for Optum to carry out its obligations under this Agreement. Customer represents that Customer Marks do not infringe the rights of others or inaccurately portray the Services or mislead Participants and are used by Customer in accordance with all applicable laws. 12.10. Force Majeure. When any obligation(s) of a party is/are prevented, frustrated, hindered or delayed as a result of a Force Majeure Event, then all such obligations (excluding payments due Optum due under this Agreement) impacted by the Force Majeure Event will be suspended for the duration of that Force Majeure Event and such party shall not be deemed to be in breach of fulfilling such obligation or any other provision of this Agreement or any Exhibit or attachment to the Agreement affected by the Force Majeure Event. Neither party shall be liable for any effect or failure to perform or meet any of its obligations, performance, service levels, or for any damages or penalties caused or occasioned by the Force Majeure Event. The time of DocuSign Envelope ID: CF6DE7AA-2719-453B-891D-DBCDFF493A38DocuSign Envelope ID: 03B5B451-7003-40A8-A82C-5D46C8078B5D 13 performance for such obligations shall be extended for a period of time equal to the time lost by reason of the Force Majeure Event, provided the party is exercising diligent efforts to resume its obligations. The term "Force Majeure Event" means any event or cause not reasonably within the control of the party claiming suspension, including, without limitation, nuclear or natural catastrophe, an act of God, weather-related disaster, hurricane, tornado, flood, fire, earthquake, accident, industrial disturbance, interruptions or malfunctions of computer facilities, disruption or outage of communications or computer (software or hardware) services, connectivity, internet, power, or other utility, any disruption, inability or shortage of supplies or delivery chains, labor, workforce, material, equipment or transportation, military, civil or regulatory disturbance, governmental action, war, riot, terrorism, sabotage, insurrection, disease, quarantine, epidemic, pandemic, embargos, and breakdown of equipment, whether similar or dissimilar to any of the foregoing. A party claiming a Force Majeure Event shall take reasonable steps to resume performance as soon as possible. Each party will maintain commercially reasonable business continuity and disaster recovery plans.” 12.11. Compliance with Laws. Customer shall substantially comply with and ensure the Plan substantially complies with all applicable laws and regulations. Except as provided below, Optum shall obtain and maintain any applicable licenses or regulatory approvals necessary for it to perform its services under this Agreement and shall substantially comply with all applicable laws and regulations. 12.12. Counterparts. This Agreement may be executed by electronic signatures or in one or more counterparts, each of which shall be deemed an original, but all of which, together, shall constitute one agreement. 12.13. Severability. If any provision of this Agreement is held to be invalid or unenforceable by a court of competent jurisdiction, then the remaining portions of the Agreement shall be construed as if not containing such provision, and all other rights and obligations of the parties shall be construed and enforced accordingly. 12.14. Survival of Terms. Any provisions of this Agreement, or any attachments, and exhibits, which by their nature, extend beyond the expiration, or termination of this Agreement, and those provisions that are expressly stated to survive termination, shall survive the termination of this Agreement, and shall remain in effect until all such obligations are satisfied. 12.15. Legal Advice. It is understood and agreed that the Services do not include and Optum will not provide, investment, Tax or legal advice. If the Customer requires legal or other expert advice, the Customer should consult its own legal counsel. 12.16. Improvements and Modification of Services. Optum reserves the right to upgrade, improve, modify or discontinue any Services provided or made available to Customer under this Agreement. 12.17. Non-Appropriation. The continuation of this Agreement after the close of any fiscal year of the Customer, which fiscal year ends on September 30th annually, is subject to appropriations and budget approval specifically covering this Agreement as an expenditure in said budget, and it is within the sole discretion of the Customer’s City Council to determine whether or not to fund this Agreement. The City does not represent that this budget item will be adopted, as said determination is within the City Council's sole discretion when adopting each budget. DocuSign Envelope ID: CF6DE7AA-2719-453B-891D-DBCDFF493A38DocuSign Envelope ID: 03B5B451-7003-40A8-A82C-5D46C8078B5D 14 ACCEPTED AND AGREED: OptumHealth Financial Services, Inc. City of Corpus Christi 11000 Optum Circle 1702 Horne Rd Eden Prairie, MN 55344 Corpus Christi, TX 78416-1902 Signature: \si2\ Signature: \si1\ Print Name: \na2\ Print Name: \na1\ Print Title: \ti2\ Print Title: \ti1\ Date: \ds2\ Date: \ds1\ Internal Control No.: 00621003.0 DocuSign Envelope ID: CF6DE7AA-2719-453B-891D-DBCDFF493A38 Business Segment CFO 9/14/2020 Mark W. Johns DocuSign Envelope ID: 03B5B451-7003-40A8-A82C-5D46C8078B5D Approved as to Form 10/15/2020 09/15/2020 ___________________Authorized By Council ________________________ M2020-187 Interim AD of Contracts & Procurement Josh Chronley 1/6/2021 ATTEST: _____________________________ Rebecca Huerta City Secretary 15 EXHIBIT A – SERVICES The following are the administrative services Optum has agreed to provide to Customer at the rates set forth herein. Product Name Rate Type Rate Period Fee Rate FSA Per Account Per Month $2.85 COBRA Per Participant Per Month $0.40 COBRA QE Per Qualifying Event N/A $16.00 COBRA QE Per Participant Per Month $5.00 HSA Per Participant Per Month $1.00 $500 fee waiver threshold Additional terms and conditions with respect to the Services may be set forth in one or more Schedules to this Exhibit A. Monthly Minimums: $150.00 Minimum administrative fee for FSA, RRA and HRA (HRA, RRA and FSA can be combined to meet the monthly minimum) Optional Services (Selected by Customer during implementation or at any time during the Term of the Agreement) Service Fee Template RRA, HRA or Cafeteria Plan Master Plan Document and Summary Plan Description (SPD) for review by Customer’s legal counsel $475 Amendments to Plan Document templates furnished by OHFS and for review by Customer’s legal counsel $250 Non-standard programming hourly rate $125 Attend employee meeting plus travel expenses Contiguous meetings at same location are available at $150 per meeting. Fee waived for meetings with >500 employees in attendance $275 Reformatting a file to meet OHFS standard layout requirements $500 For first set of FSA non-discrimination tests (key employee concentration and 55% average benefits test) per plan year $250 DocuSign Envelope ID: CF6DE7AA-2719-453B-891D-DBCDFF493A38DocuSign Envelope ID: 03B5B451-7003-40A8-A82C-5D46C8078B5D 16 $100 for each subsequent non-discrimination test for same plan year COBRA General (initial) Notice; Notice of Unavailability of COBRA Continuation Coverage (Customer uses Optum’s online tool to create and mail notice or Optum will mail any ongoing notices if instructed by the employer) Included in standard service fee COBRA General (initial) Notice; Notice of unavailability of COBRA continuation coverage (When there is a need to send a one-time notice to the entire employee population and the notice is to be produced and mailed by Optum) $3.00 per notice Medicare part D creditable and non-creditable notices (annual basis) $1.95 per notice HIPAA Initial Notice; Woman’s Health and Cancer Notice (package) $4.50 per notice DocuSign Envelope ID: CF6DE7AA-2719-453B-891D-DBCDFF493A38DocuSign Envelope ID: 03B5B451-7003-40A8-A82C-5D46C8078B5D 17 Schedule A-1 HSA Services This Health Savings Account Enrollment and Contribution Schedule (the “HSA Exhibit”) is entered into between Customer and OptumHealth Financial Services, Inc., on behalf of its affiliate, Optum Bank, Inc., a Utah chartered FDIC insured financial institution, (the “Bank”). 1.HSA Documentation. A deposit and custodial agreement (together with other HSA notices, disclosures or information as each may be in effect from time to time, the “HSA Documentation”) between eligible employees who are approved by the Bank to establish a HSA (“Account Holders”) and the Bank governs the rights and obligations of the Account Holder and Bank with regard to the HSA custodial services and nothing in the Agreement or this HSA Exhibit modifies or amends the terms of any HSA Documentation. 2.Contributions. Customer may forward payroll deduction contributions and other contributions to Bank in a manner and form acceptable to Bank. Bank shall have no liability for any payroll deduction files or funds not received by Bank or for any error in crediting contributions to HSAs in reliance on data provided by Customer. Customer’s HSA contributions are non-forfeitable and subject to the rules restricting recoupment by employers. 3.Account Holder Employment Termination; Status as ERISA Plan. Customer shall notify Bank of an Account Holder’s termination of employment or cessation of participation in Customer’s high deductible health plan as soon as administratively feasible and in a manner acceptable to Bank and shall provide Bank with any other information requested by Bank from time to time to comply with applicable law. Customer shall advise Bank as soon as practicable in the event Customer has reason to believe that the HSAs may be subject to ERISA. 4.Representations, Warranties and Obligations. If Customer provides assistance in opening and administering HSAs, then Customer represents and warrants that Customer has been designated by each prospective Account Holder as their authorized agent and Customer: (i) has verified the identity and eligibility pursuant to Section 223 of the Code of each prospective Account Holder in accordance with applicable laws; (ii) has designed its benefits enrollment systems to prevent fraud in the enrollment process; (iii) will, for a period of seven (7) years, maintain records of (a) Customer’s designation as authorized agent, (b) authorizations from each prospective Account Holder authorizing Customer to open and administer a HSA with Bank, (c) prospective Account Holder enrollments and debit card request, and (d) any other information and documents related to Customer opening and administering the HSA; and (iv) agree to take such actions or provide any information requested by the Bank in order to open and administer a HSA and comply with any statute, regulation or governmental mandate as deemed necessary and appropriate by Bank. 5.Patriot Act Notice. As authorized agent for each Account Holder, Customer hereby: (i) accepts the following Patriot Act Notice: “IMPORTANT INFORMATION ABOUT PROCEDURES FOR OPENING A NEW ACCOUNT — To help the government fight the funding of terrorism and money laundering activities, federal law requires all financial institutions to obtain, verify, and record information that identifies each person who opens an account. What this means for you: When you open an account, we will ask for your name, address, date of birth, and other information that will allow us to identify you. We may also ask to see your driver’s license or other identifying documents” and (ii) represents and warrants that Customer has provided each prospective Account Holder with the Patriot Act Notice during enrollment. DocuSign Envelope ID: CF6DE7AA-2719-453B-891D-DBCDFF493A38DocuSign Envelope ID: 03B5B451-7003-40A8-A82C-5D46C8078B5D 18 6. Request to Open Account. As an authorized agent with respect to each prospective Account Holder, Customer hereby requests that Bank open a HSA for and issue a debit card to each prospective Account Holder and Customer agrees that monthly account statements related to each HSA shall be provided to each Account Holder electronically. 7. Communications. Customer will provide the Bank a list of all personnel authorized by Customer to receive and furnish information under the Agreement and Customer hereby authorize Bank, without further review or verification, to honor or act upon any facsimile, electronic direction/data transmission, mail and other order, instruction, action or transmission from Customer or Customer’s authorized personnel (“Employer Communication”). Customer is responsible for the accuracy and completeness of any Employer Communication and Customer is solely responsible for any adverse consequences that may result from errors or inaccuracies within any Employer Communication. Bank will act within a reasonable time after receipt of any communication. Bank will not be liable for any loss of directions or data prior to receipt by Bank. Customer shall be responsible for all costs and expenses incurred by Bank for error correction undertaken by Bank as a result of an erroneous Employer Communication to Bank. 8. Limitation of Liability. Neither Optum nor the Bank will be responsible for claims, damages or liabilities resulting from: (i) acts or omissions based on instructions or directions received from Customer or Customer’s agents, representatives or employees; or (ii) errors caused by incomplete, inaccurate or untimely information provided by Customer or Customer’s agents, representatives or employees, or Customer’s failure to perform its obligations as required by the Agreement and this HSA Exhibit. Section 9.1 of the Agreement shall not apply to the Bank or to services performed pursuant to this HSA Exhibit. 9. Mutual Fund Investments. In the event Customer elects to offer eligible Account Holders the ability to invest HSA funds, Customer acknowledges and agrees that: (a) the Bank is not a fiduciary in any capacity and is not responsible for any mutual funds selected by its registered investment advisor or Customer; (b) the Bank will not provide any investment advice to any Account Holder; (c) the Bank has no duty to determine whether Account Holders are afforded a reasonable choice of investment options, monitor the mutual funds, or determine the suitability of such funds; (d) the Bank is under no obligation to substitute, replace and/or remove any mutual funds offered to Account Holders; (e) if the Bank has agreed in writing to allow Customer to select additional or alternative mutual funds, any such mutual funds consist of a subset of mutual fund investments offered under Customer’s 401(k) plan. 10. Special Indemnification. To the extent authorized under the Constitution and laws of the State of Texas or otherwise permitted by applicable law , Customer will be liable to and will defend, indemnify and hold harmless the Bank, its Affiliates and their respective officers, directors, employees, successors and permitted assigns from and against any and all liability, damages, costs, losses and expenses, penalties or excise Taxes, including attorneys’ fees, disbursements and court costs, imposed upon or incurred by the Bank in connection with any threatened, pending, or adjudicated claim, demand, action, suit or proceeding arising in connection with any mutual fund added at Customer’s request. 11. Fees. Bank will charge each Account Holder a monthly service fee. In the event Customer or Customer’s designee pays the monthly service fee for an Account Holder, Customer shall continue to pay such fee on behalf of the Account Holder until the first of the month following thirty one (31) calendar days after the date the Bank receives written notice that Customer will no longer pay such fees on behalf of the Account Holder. Unpaid fees will be charged by the Bank to each Account Holder’s HSA. DocuSign Envelope ID: CF6DE7AA-2719-453B-891D-DBCDFF493A38DocuSign Envelope ID: 03B5B451-7003-40A8-A82C-5D46C8078B5D 19 12. Confidentiality and Privacy. All of the Bank’s confidentiality obligations to an Account Holder are contained in the HSA Documentation. Confidential Information about an Account Holder that is provided to the Bank, by either the Account Holder, or Customer as an authorized agent, is provided pursuant to the HSA Documentation between Account Holders and the Bank. The Bank is not receiving Customer’s Confidential Information pursuant to the Agreement or this HSA Exhibit. To the extent Customer receives information about HSAs and Account Holders from the Bank, Customer shall employ measures designed to ensure the security and confidentiality of Account Holder information in connection with the HSAs and Account Holders, protect against reasonably foreseeable threats or hazards to the security or integrity of such information, protect against unauthorized access to or use of such information and ensure the proper disposal of Account Holder information. Customer understands that Bank is not a “covered entity”, “business associate” or “plan sponsor” as those terms are defined by the Health Insurance Portability and Accountability Act of 1996, and the amendments and regulations related thereto. 13. Termination. Either party hereto may terminate the services described in this HSA Exhibit at any time upon ninety (90) days prior written notice. Bank may terminate the services described in this HSA Exhibit immediately if at any time Customer fails to comply with any of its material obligations, Customer is appointed a receiver, a general assignment is made for the benefit of Customer’s creditors, a bankruptcy proceeding has been commenced, or any representation made or information provided is false or misleading in any material respect when made or provided. Termination of this HSA Exhibit or the Agreement will not terminate Bank’s provision of services to Account Holders. 14. Amendments. The Bank may unilaterally amend the Agreement as it may determine, in its reasonable discretion, is necessary for the HSA Exhibit to comply with applicable laws, rules and regulations (including without limitation, HIPAA) by providing written notice of such amendment to Customer (an “Amendment Notice”). Such amendment shall be effective upon receipt of the Amendment Notice or such other date specified in the Amendment Notice. All other amendments shall be by mutual written agreement by an authorized officer of each of the parties. Customer may terminate as of the effective date of the amendment if it disagrees with any such amendment. 15. Regulatory Audits. Customer shall make its facilities, systems, personnel, and records, related to Customer’s performance under this Agreement available for audit when required by applicable law or by state or federal bank regulatory authorities with jurisdiction over Bank. 16. Survival. The provisions of this Agreement that by their operation or effect apply after the expiration or termination of this Agreement will apply after such expiration or termination, including but not limited to Sections 4, 7, 8, 10, 12, 15, 16 and 17. 17. Governing Law. The Bank is chartered and located in the State of Utah and as such, the HSAs are governed by Utah laws and regulations. Accordingly, this HSA Exhibit shall be governed by laws of the state of Utah without giving effect to its conflicts of law provisions. 18. Single Sign On Access. Customer may request that Bank develop a process to effect single sign- on access to allow HSA Account Holder access to their HSA as well as the ability to effect transactions within their HSA once logged into Customer’s health care benefit portal (“Website”) without having to input an additional separate password or take security steps separate from that required by the Website (“SSO”). Customer agrees to pay Bank an additional fee to implement SSO, which shall be mutually agreed to by the parties. Customer agrees that Bank shall retain the right to terminate, revoke, suspend, disable, or otherwise cease SSO access at any time at the Bank’s sole discretion, without notice. Without limiting DocuSign Envelope ID: CF6DE7AA-2719-453B-891D-DBCDFF493A38DocuSign Envelope ID: 03B5B451-7003-40A8-A82C-5D46C8078B5D 20 the foregoing, the Bank may, without notice, suspend or terminate SSO access to one or more Account Holder or to Customer for purposes of and to allow the Bank to test, shield, or mitigate suspected fraud or data security risks. The SSO is not an essential purpose of HSA. Access to SSO is dependent on technology beyond the control of Bank, including but not limited to computer systems, computer equipment and third party services with which the Bank may not have a direct contractual relationship. Bank continuously monitors the working condition of its computer systems and servers, and third party providers and is committed to attempting to resolve any issues that may arise. Customer understands, and has informed its employees that Bank is not liable and is not responsible for any interoperability or connectivity which may be terminated either temporarily or permanently. Furthermore, Bank has no commitments to ensuring the working condition of the SSO. The SSO is controlled from and operated by the Bank in its offices in the United States. The Bank makes no representations that the SSO is appropriate or available for use in any specific location. Those who access or use the SSO do so at their own risk of their own volition and are entirely responsible for all unauthorized access. Customer shall ensure that Account Holder not share any SSO password and protect and secure it for reasons other than its intended purpose. Customer is responsible for maintaining the security of its computer equipment and account access passwords, and will use reasonable efforts to prevent any unauthorized use of the SSO. Customer is responsible for all individuals who access the SSO through Customer’s computer systems including those who are not authorized. Customer agrees to immediately notify Bank in writing of any and all unauthorized use that comes to Customer’s attention. If there is unauthorized use by anyone who obtained access to the SSO directly or indirectly through Customer or Customer’s systems or servers, then Customer will take all steps necessary to terminate the unauthorized use. Customer is and will be responsible and liable for all activity conducted through its users’ accounts. Customer will cooperate and assist with any actions taken by Bank to prevent or terminate unauthorized use of the SSO. Notwithstanding any term in the Agreement and to the maximum extent permitted by applicable law, if Bank grants HSA Account Holder single sign-on access to the Bank’s systems via the Website provided or made available by Customer, Customer agrees, to the extent authorized under the Constitution and laws of the State of Texas or otherwise permitted by applicable law, to indemnify, defend and hold harmless the Bank, its officers, directors, employees, agents affiliates and contractors from and against all loss, liabilities, demands, claims, actions, and expenses (including, without limitation, any attorney fees and Taxes) arising out of, or in connection with: (i) unauthorized access to or use of the SSO, the Bank’s servers, systems or other computer equipment or any and all information stored therein, specifically including non-public personal information and any password and login information whether used for the SSO or any other computer system or account with like login and password; (ii) any party gaining unauthorized access to a Bank account and/or any unauthorized transactions occurring as a result of or attributable to the SSO; (iii) interruption or cessation of transmission to or from the SSO; (iv) any viruses, hacks or attacks of any nature, including but not limited to bugs, Trojan horses, malware, or the like that may be transmitted to or through the SSO from any source whatsoever; and (v) information, errors, mistakes, or inaccuracies of content of the SSO. DocuSign Envelope ID: CF6DE7AA-2719-453B-891D-DBCDFF493A38DocuSign Envelope ID: 03B5B451-7003-40A8-A82C-5D46C8078B5D 21 EXHIBIT B – BUSINESS ASSOCIATE ADDENDUM This Business Associate Addendum (“BAA”) is incorporated into and made part of the Agreement by and between Optum, on behalf of itself and its subsidiaries and affiliates (“Business Associate”), and Customer (“Covered Entity”), that involve the use or disclosure of PHI (as defined below). The parties agree as follows. 1. DEFINITIONS 1.1 All capitalized terms used in this BAA not otherwise defined herein have the meanings established for purposes of the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations, as amended and supplemented (collectively, “HIPAA”). 1.2 “Breach” means the acquisition, access, use or disclosure of PHI in a manner not permitted by the Privacy Rule that compromises the security or privacy of the PHI, subject to the exclusions in 45 C.F.R. § 164.402. 1.3 “PHI” means Protected Health Information, as defined in 45 C.F.R. § 160.103, and is limited to the Protected Health Information received from, or received, created, maintained or transmitted on behalf of, Covered Entity. 1.4 “Privacy Rule” means the federal privacy regulations, and “Security Rule” means the federal security regulations, as amended, issued pursuant to HIPAA and codified at 45 C.F.R. Parts 160 and 164 (Subparts A, C & E). 1.5 “Services” means the services provided by Business Associate to Covered Entity to the extent they involve the receipt, creation, maintenance, transmission, use or disclosure of PHI. 2. RESPONSIBILITIES OF BUSINESS ASSOCIATE. With regard to its use and/or disclosure of PHI, Business Associate agrees to: 2.1 not use and/or further disclose PHI except as necessary to provide the Services, as permitted or required by this BAA and in compliance with the applicable requirements of 45 C.F.R. § 164.504(e), or as Required by Law; provided that, to the extent Business Associate is to carry out Covered Entity’s obligations under the Privacy Rule, Business Associate will comply with the requirements of the Privacy Rule that apply to Covered Entity in the performance of those obligations. 2.2 implement and use appropriate administrative, physical and technical safeguards and comply with applicable Security Rule requirements with respect to ePHI, to prevent use or disclosure of PHI other than as provided for by this BAA. 2.3 without unreasonable delay, report to Covered Entity (i) any use or disclosure of PHI not provided for in this BAA and/or (ii) any Security Incident of which Business Associate becomes aware in accordance with 45 C.F.R. § 164.314(a)(2)(i)(C). For the purposes of reporting under this BAA, a reportable “Security Incident” shall not include unsuccessful or inconsequential incidents that do not represent a material threat to confidentiality, integrity or availability of PHI (such as scans, pings, or unsuccessful attempts to penetrate computer networks). DocuSign Envelope ID: CF6DE7AA-2719-453B-891D-DBCDFF493A38DocuSign Envelope ID: 03B5B451-7003-40A8-A82C-5D46C8078B5D 22 2.4 report to Covered Entity within ten business days: (i) any Breach of Unsecured PHI of which it becomes aware in accordance with 45 C.F.R. § 164.504(e)(2)(ii)(C). Business Associate shall provide to Covered Entity a description of the Breach and a list of Individuals affected (unless Covered Entity is a plan sponsor ineligible to receive PHI). Business Associate shall provide required notifications to Individuals and the Media and Secretary, where appropriate, in accordance with the Privacy Rule and with Covered Entity’s approval of the notification text. Business Associate shall pay for the reasonable and actual costs associated with those notifications and with credit monitoring, if appropriate. 2.5 in accordance with 45 C.F.R. § 164.502(e)(1)(ii) and 45 C.F.R. § 164.308(b)(2), ensure that any subcontractors of Business Associate that create, receive, maintain or transmit PHI on behalf of Business Associate agree, in writing, to the same restrictions on the use and/or disclosure of PHI that apply to Business Associate with respect to that PHI, including complying with the applicable Security Rule requirements with respect to ePHI. 2.6 make available its internal practices, books and records relating to the use and disclosure of PHI to the Secretary for purposes of determining Covered Entity’s compliance with the Privacy Rule, in accordance with 45 C.F.R. § 164.504(e)(2)(ii)(l). 2.7(a) after receiving a written request from Covered Entity, make available within ten business days to Covered Entity information necessary for an accounting of disclosures of PHI about an Individual, in accordance with 45 C.F.R. § 164.528. 2.7(b) after receiving a written request from an Individual, promptly make available to the Individual information necessary for an accounting of disclosures of PHI about the Individual, in accordance with 45 C.F.R. § 164.528. 2.8(a) provide access to Covered Entity, within ten business days after receiving a written request from Covered Entity, to PHI in a Designated Record Set about an Individual, sufficient for compliance with 45 C.F.R. § 164.524. 2.8(b) provide prompt access to an Individual after receiving a written request from such Individual, to PHI in a Designated Record Set about an Individual, sufficient for compliance with 45 C.F.R. § 164.524. 2.9(a) to the extent that the PHI in Business Associate’s possession constitutes a Designated Record Set, make available, within ten business days after a written request by Covered Entity, PHI for amendment and incorporate any amendments to the PHI as requested in accordance with 45 C.F.R. § 164.526. 2.9(b) to the extent that the PHI in Business Associate’s possession constitutes a Designated Record Set, promptly make available, after a written request by an Individual, PHI for amendment and incorporate any amendments to the PHI as requested in accordance with 45 C.F.R. § 164.526. 3. RESPONSIBILITIES OF COVERED ENTITY. Covered Entity: 3.1 shall identify the records it furnishes to Business Associate that it considers to be PHI for purposes of the Agreement, and provide to Business Associate only the minimum PHI necessary to accomplish the Services. 3.2 in the event that the Covered Entity honors a request to restrict the use or disclosure of PHI pursuant to 45 C.F.R. § 164.522(a) or makes revisions to its notice of privacy practices of Covered Entity in accordance with 45 C.F.R. § 164.520 that increase the limitations on uses or disclosures of PHI or agrees to a request by an Individual for confidential communications under 45 C.F.R. § 164.522(b), DocuSign Envelope ID: CF6DE7AA-2719-453B-891D-DBCDFF493A38DocuSign Envelope ID: 03B5B451-7003-40A8-A82C-5D46C8078B5D 23 Covered Entity agrees not to provide Business Associate any PHI that is subject to any of those restrictions or limitations, unless Covered Entity notifies Business Associate of the restriction or limitation and Business Associate agrees in writing to honor the restriction or limitation. 3.3 shall be responsible for using administrative, physical and technical safeguards to maintain and ensure the confidentiality, privacy and security of PHI transmitted to Business Associate pursuant to the Agreement, in accordance with the requirements of HIPAA. 3.4 shall obtain any consent or authorization that may be required by applicable federal or state laws prior to furnishing Business Associate the PHI for use and disclosure in accordance with this BAA. 3.5 if Covered Entity is an employer sponsored health plan, Covered Entity represents that to the extent applicable, it has ensured and has received certification from the applicable Plan Sponsor that the Plan Sponsor has taken the appropriate steps in accordance with 45 C.F.R. § 164.504(f) and 45 C.F.R. § 164.314(b) to enable Business Associate on behalf of Covered Entity to disclose PHI to Plan Sponsor, including but not limited to amending its plan documents to incorporate the requirements set forth in 45 C.F.R. § 164.504(f)(2) and 45 C.F.R. § 164.314(b). Covered Entity shall ensure that only employees authorized under 45 C.F.R. § 164.504(f) shall have access to the PHI disclosed by Business Associate to Plan Sponsor. 4. PERMITTED USES AND DISCLOSURES OF PHI. Business Associate may: 4.1 use and disclose PHI as necessary to provide the Services to Covered Entity. 4.2 use and disclose PHI for the proper management and administration of Business Associate or to carry out the legal responsibilities of Business Associate, provided that any disclosures are Required by Law or any third party to which Business Associate discloses PHI provides written assurances that: (i) the information will be held confidentially and used or further disclosed only for the purpose for which it was disclosed to the third party or as Required by Law; and (ii) the third party promptly will notify Business Associate of any instances of which it becomes aware in which the confidentiality of the information has been breached, in accordance with 45 C.F.R. § 164.504(e)(4). 4.3 De-identify any PHI received or created by Business Associate under this BAA in accordance with the Privacy Rule. 4.4 provide Data Aggregation services relating to the Health Care Operations of the Covered Entity in accordance with the Privacy Rule. 4.5 use PHI for Research projects conducted by Business Associate, its Affiliates or third parties, in a manner permitted by the Privacy Rule, by obtaining documentation of individual authorizations, an Institutional Review Board, or a privacy board waiver that meets the requirements of 45 C.F.R. § 164.512(i)(1), and providing Covered Entity with copies of such authorizations or waivers upon request. 4.6 make PHI available for reviews preparatory to Research in accordance with the Privacy Rule at 45 C.F.R. § 164.512(i)(1)(ii). 4.7 use the PHI to create a Limited Data Set (“LDS”) and use or disclose the LDS for the health care DocuSign Envelope ID: CF6DE7AA-2719-453B-891D-DBCDFF493A38DocuSign Envelope ID: 03B5B451-7003-40A8-A82C-5D46C8078B5D 24 operations of the Covered Entity or for Research or Public Health purposes as provided in the Privacy Rule. 5. TERMINATION 5.1 Covered Entity may terminate this BAA and the Agreement if Business Associate materially breaches this BAA, Covered Entity provides written notice of the breach to Business Associate, and Business Associate fails to cure the breach within the reasonable time period set by Covered Entity. 5.2 Within thirty (30) days after the expiration or termination for any reason of the Agreement and/or this BAA, Business Associate shall return or destroy all PHI, if feasible to do so, including all PHI in possession of Business Associate’s subcontractors. In the event that return or destruction of the PHI is not feasible, Business Associate may retain the PHI subject to this Section 5.2. Business Associate shall extend any and all protections, limitations and restrictions contained in this BAA to Business Associate’s use and/or disclosure of any PHI retained after the expiration or termination of the Agreement and/or this BAA, and shall limit any further uses and/or disclosures solely to the purposes that make return or destruction of the PHI infeasible. 6. MISCELLANEOUS The terms of this BAA shall be construed to allow Covered Entity and Business Associate to comply with HIPAA. Nothing in this Addendum shall confer upon any person other than the parties and their respective successors or assigns, any rights, remedies, obligations or liabilities whatsoever. Sections 2, 3, 4 and 5.2 shall survive the expiration or termination of this BAA for any reason. [remainder of page intentionally blank] DocuSign Envelope ID: CF6DE7AA-2719-453B-891D-DBCDFF493A38DocuSign Envelope ID: 03B5B451-7003-40A8-A82C-5D46C8078B5D