The URL can be used to link to this page

Home My WebLink AboutC2011-440 - 10/18/2011 - NAORIGINAL AMENDED AND RESTATED HIPAA BUSINESS ASSOCIATE AGREEMENT This HIPAA Business Associate Agreement ( "Agreement ") supplements and is made a part of the master service agreement ( "Service Agreement ") by and between the City of Corpus Christi ( "Client ") acting behalf of the City of Corpus Christi — Citicare Employee Benefit Plan, the City of Corpus Christi — Citicare Public Safety Employee Benefit Plan, the City of Corpus Christi — Citicare Fire Employee Benefit Plan, the City of Corpus Christi — Citicare Premium Employee Benefit Plan and the City of Corpus Christi Basic and Expanded Dental Plan (collectively, the "Covered Entity ") and Humana Insurance Company and HumanaDental Insurance Company ( "Business Associate "), and is effective as of August 1, 2011 (the "Effective Date "). This Agreement is an amendment and restatement of the HIPAA business associate agreement currently in place between the parties. RECITALS WHEREAS, Business Associate has been retained to perform functions or activities as a third party administrator that require that Business Associate have access to Protected Health Information in relation to the Covered Entity; and WHEREAS, Business Associate and Client desire to amend and restate the Agreement currently in effect in order to incorporate the changes to the Health Insurance Portability and Accountability Act of 1996 ( "HIPAA") under the Health information Technology for Economic and Clinical Health Act ( "HITECH ") provisions of the American Recovery and Reinvestment Act of 2009. NOW, THEREFORE, in consideration of the mutual covenants, terms and conditions herein contained, the parties hereto agree as follows: 1. DEFINITIONS, Terms used but not otherwise defined in the Agreement shall have the same meaning as those terms in the Privacy Rule and Security Rule. a. "Breach" shall have the meaning given to it by 45 CFR Section 164.402. b. "Breach Notification Rule" shall mean the Standards for Breach Notification for Unsecured Protected Health Information under HIPAA that is codified at 45 CFR Parts 160 and 164, subparts A and D. C. "Business Associate" shall mean Humana Insurance Company and HumanaDental Insurance Company. d. "Covered Entity" shall mean, collectively, the City of Corpus Christi — Citicare Employee Benefit Plan, the City of Corpus Christi — Citicare Public Safety Employee Benefit Plan, the City of Corpus Christi — Citicare Fire Employee Benefit Plan, the City of Corpus Christi — Citicare Alternative 2011 -440 10/18/11 Humana Insurance Company INDEXED Choice Employee Benefit Plan and the City of Corpus Christi Dental Plan. The City of Corpus Christi serves as plan sponsor of the Covered Entity. e. "Deidentified Data" shall have the same meaning as the term "deidentified data" in 45 CFR Section 164.514. "Designated Record Set" shall mean a group of records maintained by or for a Covered Entity that is: (i) the medical records and billing records about Individuals maintained by or for a covered health care provider; (ii) the enrollment, payment, claims adjudication, and case or medical management record systems maintained by or for a health plan; or (iii) used, in whole or in part, by or for the Covered Entity to make decisions about Individuals. For purposes of this definition, the term "record" means any item, collection, or grouping of information that includes Protected Health Information and is maintained, collected, used, or disseminated by or for a Covered Entity. g. "Health Care Operations" shall have the same meaning as the term "Health Care Operations" in 45 CFR Section 164.501. h. "HITECH Act" shall mean the provisions of Title XIII, Subtitle D of the American Recovery and Reinvestment Act of 2009. Any reference to a section of the HITECH Act shall also include any HITECH Regulations related thereto. "HITECH Regulations" shall mean any guidance issued relating to the HITECH Act by the Department of Health and Human Services, including the Breach Notification Rule. j. "Individual" shall have the same meaning as the term "individual" in 45 CFR Section 160.103 and shall include a person who qualifies as a personal representative in accordance with 45 CFR Section 164.502(g). k. "Privacy Officer" shall mean the person designated by the Covered Entity to serve as its privacy official within the meaning of 45 CFR 164.530(a) and any person to whom the Privacy Officer has delegated any of his or her duties or responsibilities. I. "Privacy Rule" shall mean the Standards for Privacy of Individually Identifiable Health Information that is codified at 45 CFR Parts 160 and 164, subparts A and E. M. "Protected Health Information" or "PHI" shall mean any information, whether oral or recorded in any form or medium: (i) that relates to the past, present or future physical or mental condition of an individual; the provision of health care to an individual; or the past, present or future payment for the provision of health care to an individual; and (ii) that identifies the individual or with respect to which there is a reasonable HOUSTON\2358310.1 -2- basis to believe the information can be used to identify the individual, and shall have the meaning given to such term under 45 CFR Section 160.103. Protected Health Information shall be limited to the information created or received by Business Associate from or on behalf of Client. n. "Required By Law" shall have the same meaning as the term "required by law" in 45 CFR Section 164.103. o. "Secretary" shall mean the Secretary of the Department of Health and Human Services or his or her designee. P. "Security Rule" shall mean the Security Standards for the Protection of Electronic Protected Health Information under HIPAA that is codified at 45 CFR Parts 160 and 164, subparts A and C. q. "Unsecured PHI" shall mean Protected Health Information that is not secured through the use of a technology or methodology that renders such Protected Health Information unusable, unreadable or indecipherable to unauthorized individuals, as specified in guidance issued pursuant to Section 13402(h) of the HITECH Act, including the Breach Notification Rule. 2. OBLIGATIONS AND ACTIVITIES OF BUSINESS ASSOCIATE. a. Permitted Uses and Disclosures. Business Associate agrees to not use or disclose Protected Health Information other than as permitted or required by this Agreement or as Required By Law. Business Associate recognizes that the Protected Health Information is and shall remain the Covered Entity's property except as set forth in the Service Agreement. Business Associate agrees that it acquires no title or rights to the Protected Health Information as a result of this Agreement. Business Associate shall not use or disclose Protected Health Information in any manner that violates the Privacy Rule or the HITECH Act. To the extent required by the Privacy Rule, Business Associate shall only request, use and/or disclose the minimum amount of Protected Health Information necessary to accomplish the purpose of the request, use and/or disclosure. The determination of what constitutes the minimum necessary amount of Protected Health Information shall be determined in accordance with the provisions of the Privacy Rule, as amended by Section 13405(b) of the HITECH Act. Business Associate shall not use or disclose Protected Health Information that is genetic information for underwriting purposes, as set forth in the regulations issued pursuant to Section 105 of the Genetic Information Nondiscrimination Act of 2008. HOUSTON \ 2358310.1 -3- b. Safeguards. Business Associate agrees to use administrative, physical and technical safeguards that reasonably and appropriately protect the confidentiality, integrity and availability of Protected Health Information, in electronic or any other form, that it creates, receives, maintains or transmits under this Agreement, in accordance with the Privacy Rule and the Security Rule to prevent the use or disclosure of Protected Health Information other than as provided for by this Agreement. Business Associate covenants that as of February 17, 2010, such safeguards shall also include, without limitation, implementing written policies and procedures in compliance with HIPAA and the HITECH Act, conducting a security risk assessment and training Business Associate's workforce members who will have access to PHI with respect to the policies and procedures adopted to comply with HIPAA and the HITECH Act. Business Associate shall comply with the provisions of 45 CFR Sections 164.308, 164.310, 164.312 and 164.316 with respect to electronic Protected Health Information in the same manner that such provisions apply to a HIPAA covered entity. Business Associate shall also comply with any additional security requirements contained in the HITECH Act and the HITECH Regulations that are applicable to HIPAA covered entities. C. Reporting of Improper Use or Disclosure. Business Associate agrees to report to the Covered Entity's Privacy Officer in writing within five (5) business days of discovery of any use or disclosure of the Protected Health Information not provided for by this Agreement of which it becomes aware. Business Associate shall also report any security incident of which it becomes aware to Covered Entity within five (5) business days of discovery. To the extent that such use or disclosure also constitutes a Breach of Unsecured PHI or a suspected Breach of Unsecured PHI, the provisions of Section 6 shall apply. d. Mitigation. Business Associate agrees to mitigate, to the extent practicable, any harmful effect that is known to Business Associate of a use or disclosure of Protected Health Information by Business Associate in violation of the requirements of this Agreement. Business Associate agrees to document in writing any steps taken under this section and provide any such documentation to Covered Entity upon request. e. Agents and Subcontractors. Business Associate agrees to require that any agent, including a subcontractor, to whom it provides Protected Health Information received from, or created or received by Business Associate on behalf of Covered Entity agrees in writing to the same restrictions and conditions that apply through this Agreement to Business Associate with respect to such information, including the implementation of reasonable and appropriate measures for safeguarding Protected Health Information. The Business Associate shall insert the substance of this subsection (e) in HOUSTON\2358314.1 -4- all such subcontracts provided that the clause shall be modified to treat the subcontractor as the Business Associate. Access to Individuals. Within 10 days of receipt of a request from the Covered Entity, Business Associate agrees to provide access to Protected Health Information in a Designated Record Set, to Covered Entity or, as directed by Covered Entity, to an Individual in order to meet the requirements under 45 CFR Section 164.524. g. Amendments to Protected Health Information. Within 10 days of receipt of a request from the Covered Entity, Business Associate agrees to make any reasonable amendment(s) to Protected Health Information in a Designated Record Set that the Covered Entity directs or agrees to pursuant to 45 CFR Section 164.526 at the request of Covered Entity or an Individual. h. Access by Covered Entity. Within 10 days of receipt of a request from the Covered Entity, Business Associate agrees to make internal practices, books and records including policies and procedures and Protected Health Information, relating to the use and disclosure of Protected Health Information received from, or created or received by Business Associate on behalf of, Covered Entity available to the Secretary for purposes of the Secretary determining Covered Entity's compliance with HIPAA. Disclosure Documentation. Business Associate agrees to document such disclosures of Protected Health Information and information related to such disclosures as would be required for Covered Entity to respond to a request by an Individual for an accounting of disclosures of Protected Health Information in accordance with 45 CFR Section 164.528. Within 10 days of receipt of a request from the Covered Entity, Business Associate agrees to provide to Covered Entity or an Individual information collected in accordance with this subsection to permit Covered Entity to respond to a request by an Individual for an accounting of disclosures of Protected Health Information in accordance with 45 CFR Section 164.528. j. Training. Business Associate agrees to train its workforce members who handle Covered Entity's Protected Health Information about the Business Associate's obligations and permitted uses and disclosures under this Agreement. Business Associate also agrees to train its workforce members as to Business Associate's obligations and duties under the HITECH Act, including the Breach Notification Rule. k. Compliance with the HITECH Act. To the extent not already referenced in this Agreement, the requirements applicable to Business Associate under the HITECH Act are hereby incorporated by reference into the Agreement. Business Associate agrees to comply, as of the applicable HOUSTON\2358310.1 -5- effective dates of each such HIPAA obligation, with the requirements imposed by the HITECH Act and HITECH Regulations. Business Associate acknowledges that it is directly subject to the Security Rule, the Breach Notification Rule and applicable provisions of the Privacy Rule and Business Associate agrees to comply with its duties under such provisions of HIPAA. 3. PERMITTED USES BY BUSINESS ASSOCIATE. a. Service Agreement. Except as otherwise limited in this Agreement, Business Associate may use or disclose Protected Health Information to perform functions, activities, or services for, or on behalf of, Covered Entity as specified in the Service Agreement, provided that such use or disclosure would not violate the Privacy Rule if done by Covered Entity or the minimum necessary policies and procedures of the Covered Entity. b. Other Permitted Usage. Except as otherwise limited in this Agreement, Business Associate may use Protected Health Information for the proper management and administration of the Business Associate or to carry out the legal responsibilities of the Business Associate. In addition, Business Associate may use Protected Health Information to provide Data Aggregation services as permitted by 45 CFR Section 164.504(e)(2)(i)(B). 4. OBLIGATIONS OF COVERED ENTITY. a. Change in Privacy Practices. Covered Entity shall notify Business Associate of any limitation(s) in its notice of privacy practices of Covered Entity in accordance with 45 CFR Section 164.520, to the extent that such limitation may affect Business Associate's use or disclosure of Protected Health Information. b. Change in right to use Protected Health Information. Covered Entity shall notify Business Associate of any changes in, or revocation of, permission by Individual to use or disclose Protected Health Information, to the extent that such changes may affect Business Associate's use and disclosure of Protected Health Information. C. Change in Restrictions Regarding Protected Health Information Covered Entity shall notify Business Associate of any restriction to the use or disclosure of Protected Health Information that Covered Entity has agreed to in accordance with 45 CFR Section 164.522, to the extent that such restriction may affect Business Associate's use or disclosure of Protected Health Information. Business Associate will implement a similar restriction provided such restriction is reasonable and does not impact its ability to perform services provided to the Covered Entity. HOUSTON\2358310.1 -fj- d. Covered Entity Representative. Covered Entity shall notify Business Associate of those employees of Covered Entity who are authorized to receive Protected Health Information from Business Associate. 5. PERMISSIBLE REQUESTS BY COVERED ENTITY Covered Entity shall not request Business Associate to use or disclose Protected Health Information in any manner that would not be permissible under the Privacy Rule if done by Covered Entity. 6. DUTIES OF BUSINESS ASSOCIATE UPON BREACH OF UNSECURED PHI a. Timing for Business Associate to Notify Covered Entity of Breach. Upon Business Associate's discovery of a Breach of Unsecured PHI or a suspected Breach of Unsecured PHI which occurs on or after September 23, 2009, Business Associate shall provide written notice of the Breach to the Covered Entity's Privacy Officer as soon as administratively practicable (and in no case later than five (5) business days after such discovery). The content of such written notice of the Breach shall comply with the requirements of 45 CFR Section 164.410(c). In any case requiring urgency because of possible imminent misuse of Unsecured PHI, Business Associate shall notify the Privacy Officer by telephone within 24 hours after discovery of the Breach. Business Associate shall coordinate an appropriate course of action with the Privacy Officer. Business Associate shall apply the provisions of 45 CFR Section 164.410 in determining when a Breach is treated as discovered. b. Cooperation. Upon notifying Covered Entity of the discovery of a Breach of Unsecured PHI that is attributable to Business Associate (or an agent or subcontractor of Business Associate) in accordance with 6(a) above, Business Associate shall cooperate fully with Covered Entity in determining the details of the Breach and in notifying all appropriate parties as required by the Breach Notification Rule. Further, Business Associate shall cooperate fully with Covered Entity in determining whether a suspected Breach that is attributable to Business Associate (or an agent or subcontractor of Business Associate) requires notice under the Breach Notification Rules, including participation in the risk assessment process if requested by Covered Entity. C. Documentation Requirement. Business Associate shall maintain written records relating to (i) each Breach of Unsecured PHI and (ii) each suspected Breach which is later determined to not constitute a Breach of Unsecured PHI for a period of the lesser of six (6) years or the duration of this Agreement. Business Associate shall maintain records relating to actual or suspected Breaches (even if it is determined that no notice is required under the Breach Notification Rules), including all risk assessments for determining risk of harm to affected individuals and all HOUSTON\2358310.1 -7- analyses of whether the Breach Notification Rules are implicated by an actual or suspected Breach. Business Associate shall also maintain all records relating to actions taken in response to a Breach of Unsecured PHI, including all notices provided in accordance with the Breach Notification Rule, all steps taken to mitigate harm caused by the Breach and all corrective action steps taken to prevent a future similar Breach. Upon termination of the Agreement, Business Associate shall provide to Covered Entity all such documentation for the previous eight (8) year period. d. Log of Small Breaches. If a Breach of Unsecured PHI involves less than 500 individuals, the Business Associate shall maintain a log or other documentation of the Breach which contains the information required to report such Breach to the Secretary in accordance with the requirements of 45 CFR Section 164.408(c). Business Associate shall provide such log to the Covered Entity (i) within five (5) business days of the Covered Entity's request. e. Notification Requirements. Covered Entity, in its discretion, may require Business Associate to prepare and provide individual notices (as required under 45 CFR Section 164.404) and media notice (as required under 45 CFR Section 164.406). Covered Entity may also require Business Associate to assist in providing notice to the Secretary, in accordance with 45 CFR Section 164.408(b) and (c). Prior to providing any such notice, Business Associate shall provide the Covered Entity's Privacy Officer with an opportunity to review and revise any notice. Business Associate shall obtain Covered Entity's approval of any notification prior to sending such notification to any individual or entity. Covered Entity shall either approve Business Associate's draft of any notification or provide Business Associate with a revised version of the notification without unreasonable delay. Alternatively, Covered Entity may elect to draft any required notification for review by Business Associate. If Covered Entity determines that Business Associate shall distribute any notifications described above for a Breach attributable to Business Associate (or an agent or subcontractor of Business Associate), Business Associate shall comply with all timeframes for providing such notices in accordance with the requirements of the Breach Notification Rule. Further, the content, form and delivery of each of the notices shall comply with the requirements of the Breach Notification Rule and all guidance published by the Secretary for complying with the Breach Notification Rule. Expenses Associated with a Breach. If a Breach of Unsecured PHI is attributable to Business Associate (or an agent or subcontractor of Business Associate), Business Associate shall be liable for and pay all costs associated with preparing and providing the notices required by the HOUSTON\2358310.1 -8- Breach Notification Rule, including but not limited to labor costs, postage, and expenses relating to substitute notice. 7. TERM AND TERMINATION a. Term. This Agreement will begin on the Effective Date, and will continue until terminated in accordance herein. b. Termination. 1) Termination for Cause. Upon Covered Entity's knowledge of a material breach of this Agreement by Business Associate, Covered Entity shall provide not less than 20 days written notice of its intent to terminate the Agreement if Business Associate does not cure such material breach no later than the end of the written notice period. If Business Associate does not cure the breach within such time, then Covered Entity may, in its sole discretion, immediately terminate this Agreement. If termination of this Agreement is not feasible, Covered Entity shall report the violation to the Secretary. 2) Termination without Cause and Termination of the Service Agreement. Either party may terminate this Agreement effective upon 30 days advance written notice to the other party given with or without any reason if Business Associate no longer performs services for Covered Entity requiring the use or disclosure of protected health information. This Agreement will immediately terminate if the Service Agreement terminates. The effective date of such termination will be the same as the effective date that the Service Agreement terminates. C. Effect of Termination. Except as provided in the next paragraph, upon termination of this Agreement for any reason, Business Associate shall return or, with the Covered Entity's express permission, destroy all Protected Health information received from the Covered Entity, or created or received by Business Associate on behalf of Covered Entity. If the Protected Health Information is destroyed, Business shall provide Covered Entity with appropriate evidence of destruction. Business Associate shall retain no copies of the Protected Health Information, except in cases of actual or threatened litigation or if required by law. This provision shall apply to Protected Health Information that is in the possession of subcontractors or agents of Business Associate. In the event that Business Associate determines that returning or destroying the Protected Health Information is infeasible, Business Associate shall provide to Covered Entity notification of the conditions that make return or destruction infeasible. Upon Business Associate's determination that return or destruction of Protected Health Information is infeasible, Business Associate shall extend the protections of this HOUSTON \ 2358310.1 -9- Agreement to such Protected Health Information and limit further uses and disclosures of such Protected Health Information to those purposes that make the return or destruction infeasible, for so long as Business Associate maintains such Protected Health Information. 8. MISCELLANEOUS a. Regulatory References. Any reference in this Agreement to a section in the Privacy Rule, Security Rule, Breach Notification Rule or HITECH Act means the section as in effect or as amended. b. Amendment. The Parties agree to take such action as is necessary to amend this Agreement from time to time as is necessary for Covered Entity to comply with the requirements of the Privacy Rule, Security Rule, the Breach Notification Rule or any other requirements of the HITECH Act. C. Survival. The respective rights and obligations of Business Associate under Section 7(c) and 8(I) shall survive the termination of this Agreement. d. Interpretation; Conflict. Any ambiguity in this Agreement shall be resolved to permit Covered Entity to comply with the Privacy Rule, Security Rule, the Breach Notification Rule or any other requirements of the HITECH Act. In addition, to the extent this Agreement, only as it relates to the Privacy Rule, the Security Rule, the Breach Notification Rule or any other requirements of the HITECH Act and Protected Health Information, is inconsistent with the terms of the Service Agreement, the terms of this Agreement shall govern. To the extent the Service Agreement conflicts with the terms of this Agreement unrelated to the Privacy Rule, the Security Rule, the Breach Notification Rule or any other requirements of the HITECH Act and Protected Health Information, the terms of the Service Agreement shall govern. All terms of the Service Agreement not in conflict with this Agreement remain in full force and effect. e. No Third -Party Beneficiaries. Except as set forth in this Agreement or as expressly provided for under HIPAA, this Agreement is entered into by and among the parties hereto solely for their benefit. The parties have not created or established any third -party beneficiary status or rights in any person or entity not a party hereto including, but not limited to, any individual, provider, subcontractor, or other third -party, and no such third - party will have any right to enforce any right or enjoy any benefit created or established under this Agreement. f. Force Majeure. The obligations of any party under this Agreement will be suspended for the duration of any force majeure applicable to that party. The term "force majeure" means any cause not reasonably within the control of the party claiming suspension, including, without limitation, an HOUSTON\2358310.1 act of God, industrial disturbance, war, riot, weather - related disaster, earthquake and governmental action. The party claiming suspension under this Section will take reasonable steps to resume performance as soon as possible without incurring unreasonably excessive costs. g. Entire Agreement; Amendments; Facsimile. This Agreement including any riders, attachments or amendments hereto, constitutes the entire agreement among the parties with respect to the Privacy Rule, the Security Rule, the Breach Notification Rule and any other requirements of the HITECH Act. This Agreement supersedes any prior agreement or understandings pertaining to HIPAA obligations between the parties, whether oral or written, and may be amended only by a writing executed by authorized representatives of both parties. A facsimile or other reproductive type copy of this Agreement, so long as signed by all parties, will be considered an original and will be fully enforceable against all parties. h. Choice of Law. This Agreement is made in and will be governed by, and construed in accordance with, the laws of the State of Texas without regard to principles of conflict or choice of law. i. Assignment and Delegation. No party may assign its rights or duties under this Agreement without the prior written consent of the other. This Agreement is binding upon and will inure to the benefit of the respective parties hereto and their successors and permitted assigns. j. Headings. All headings are for convenience only and may not be deemed to limit, define or restrict the meaning or contents of the Sections. k. Unenforceable Provisions. If any provision of this Agreement is held to be illegal or unenforceable by a court of competent jurisdiction, the remaining provisions will remain in effect and the illegal or unenforceable provision will be modified so as to conform to the original intent of this Agreement to the greatest extent legally permissible. Notwithstanding the foregoing, if any such modification causes a material change in the obligations or rights of any party, upon written notice from one party to the other of the adverse effect thereof upon such notifying party, and then if the parties are not able to mutually agree as to an amendment hereto, any party may terminate this Agreement upon 30 days written notice to the other parties. 1. Indemnity. To the extent allowed under law, the Covered Entity, the Client, and Business Associate will indemnify, hold harmless, and defend each other from and against any and all claims, losses, liabilities, costs and other expenses incurred as a result of, or arising directly or indirectly out of or in connection with: (i) any misrepresentation, breach of warranty, any acts or omissions of any party (including its agents, subcontractors HOUSTON\2358314.1 -11- - and affiliates) or non - fulfillment of any undertaking on the part of a party under this Agreement respecting Protected Health Information; and (ii) any claims, demands, awards, judgments, actions and proceedings, including legal fees and proceedings costs, made by any person or organization arising out of or in any way connected with the party's performance under this Agreement. M. Notices. Any notice required pursuant to this Agreement must be in writing and sent by registered or certified mail, return receipt requested, by fax with proof of delivery, or by a nationally recognized private overnight carrier with proof of delivery, to the addresses of the parties set forth below in this Agreement. The date of notice will be the date on which the recipient receives notice or refuses delivery. All notices must be addressed as foliows or to such other address as a party may identify in a notice to the other party: To Business Associate To Covered Entity City of Corpus Christi 1201 Leopard Street, 2" Flr. Corpus Christi, TX 78404 Attn: Patricia Atkins Fax: 361 - 844 -1730 n. Waiver. A waiver of a breach or default under this Agreement is not a waiver of any other or subsequent breach or default. A failure or delay in enforcing compliance with any term or condition of this Agreement does not constitute a waiver of such term or condition unless it is expressly waived in writing. o. Negotiated Agreement. Each party acknowledges that this Agreement resulted from negotiations by and among all parties, and therefore any rule of construction requiring ambiguities to be construed against the drafter of an agreement will not apply to any provision of this Agreement. HOUSTON \2358310.1 -12- IN WITNESS WHEREOF, the parties have executed this Agreement the day and date first above written by their duly authorized officers for and on behalf of said entity. Humana Insurance Company The City of Corpus Christi By: Name: Khalid Nazir Title: VP Large Group Underwritin Date: I d %f 'f a„ i I HumanaDental Insurance Company Name: Gerald Ganoni Title: President Date: / 4 :Z/ 7//( Name: Ron Olson HOUSTON\2358314:1 -13-