2024-09-19_skoyanagi_HCA-VNA Ohio MSA 11-29-21 Clean (1).docx

MANAGEMENT AND SERVICES AGREEMENT

This MANAGEMENT AND SERVICES AGREEMENT (the “Agreement”) is made and

entered as of this 1st day of December, 2021, by and between Home Care Assistance of Southern Ohio, LLC, a Delaware limited liability company (“HCA”), and VNA HealthCare Partners of Ohio, Inc., an Ohio nonprofit corporation (“VNA”), located at 925 Keynote Circle, Brooklyn Heights, Ohio 44131. VNA and HCA shall be referred to individually as a “Party” and collectively as the “Parties.

RECITALS

WHEREAS, HCA is a provider of non-medical, private duty home care services in Ohio

(collectively, “Home Care Services”);

WHEREAS, VNA is a provider of home health, Home Assist and hospice care in Ohio

(the “Business”);

WHEREAS, HCA wishes to engage VNA’s marketing and sales services in order to help promote HCA’s business; and

WHEREAS, VNA wishes to engage HCA to provide Home Care Services to clients of the Business and to provide management, staffing, billing, recordkeeping and collection services for the Business as well as caregiver/client compliance and HCA wishes to accept VNA’s engagement of HCA for such purposes, subject to the terms and conditions of this Agreement.

NOW, THEREFORE, in consideration of the mutual covenants and agreements contained herein and other good and valuable consideration, the receipt and sufficiency of which are hereby acknowledged, and intending to be legally bound hereby, the Parties agree as follows:

Obligations of VNA.  VNA shall have the following obligations:

Prior to the Effective Date (as defined below), coordinate with HCA with respect to all communications with Business clients and VNA employees providing Home Care Services (“Caregivers”) to such clients regarding this Agreement in order to ensure a smooth transition of care for those clients and employment of the Caregivers to HCA.

On the Effective Date, VNA shall assign to HCA all client contracts/related client documents for VNA’s clients receiving Home Care Services (“Transitioning Clients”).

On the Effective Date, VNA shall assign to HCA all of VNA’s contact, informational, and other lists of Caregivers as well as all internal files, Contracts, employment agreements, and records relating to the Caregivers.

Designate a liaison to work with HCA to coordinate the planning and provision of services to clients as well as strategic planning and marketing meetings with HCA aimed at promoting and growing the Business and HCA’s business.

VNA shall engage its marketing and sales divisions to effectively promote HCA’s Home Care Services provided under this Agreement.  This includes deployment of strategic resources in order to generate new clients/referral accounts, which may include a dedicated phone line, social media outreach, distribution of marketing collateral, etc.

For ninety (90) days after the Effective Date, VNA shall make available two (2) designated management employees to assist HCA with transition-related services.  After ninety (90) days, HCA shall compensate VNA at a rate of $52.50/hour for any transition related services provided by VNA to HCA.

Obligations of HCA.  HCA shall have the following obligations:

Prior to the Effective Date, coordinate with VNA with respect to all communications with Business clients and Caregivers regarding this Agreement in order to ensure a smooth transition of the care for those clients and employment of the Caregivers to HCA.

Obtain and maintain all licenses, approvals, accreditations and permits necessary to provide Home Care Services, and comply with all federal and state laws applicable to the provision of Home Care Services.

Schedule and furnish Home Care Services by qualified HCA caregivers (“Caregivers”) to clients of the Business, and maintain records relating to services provided in accordance with applicable law and industry standards.

Provide management and supervisory services with respect to all Caregivers and employees providing services under this Agreement.

Designate a liaison to work with VNA to coordinate strategic planning and marketing meetings with VNA aimed at promoting and growing the Business and HCA’s business.  HCA is responsible for all costs associated with HCA/VNA co-branded, in-house marketing materials.

Provide all billing and collection services in connection with the provision of Home Care Services to clients of the Business.

Joint Obligations.  HCA and VNA shall participate in regular meetings and presentations reviewing HCA’s quality and satisfaction metrics and results to assess the quality of Home Care Services being provided by HCA under this Agreement and to help inform VNA’s marketing and sales strategies.  Meetings shall take place on an as needed basis at both the field and executive levels.  HCA and VNA shall also participate in quarterly business review meetings related to the financial related performance under this Agreement.

Referral Partners.  The parties shall work together to develop a list of agreed upon referral partners.  All clients obtained via these agreed upon referral partners shall be governed by the terms of this Agreement as outlined in Schedule A.

Employees. HCA will offer employment to all appropriately qualified Caregivers employed by VNA in the Business on or around the Effective Date, subject to HCA’s employment criteria, pre-employment screening process, and HCA’s sole discretion. HCA may also offer employment, in its sole discretion, to administrative personnel employed in connection with the Business (the Caregivers and administrative personnel employed by HCA are hereinafter referred to as the “Transitioning Employees”). The Transitioning Employees will be “at will” employees of HCA, and HCA will be responsible for withholding and reporting federal and state taxes after the Effective Date.  HCA will not be responsible for accrued vacation, personal days, sick time, or other paid time off or for any other expenses the Transitioning Employees may have accrued as employees of VNA. The Transitioning Employees will be permitted to enroll in HCA’s standard employee benefits plans, if and when eligible, in accordance with the terms and conditions of those plans.

Term of Agreement. This Agreement shall commence on the date the Agreement is fully executed (the “Effective Date”) and the initial term shall be for a period of four (4) years (the “Initial Term”), and will automatically renew for successive two (2) year periods thereafter (each a “Renewal Term”, and together with the Initial Term, the “Term”), unless or until either Party provides at least ninety (90) days’ written notice to the other Party prior to the expiration of the Initial Term or any Renewal Term or this Agreement is otherwise terminated in accordance with the terms of this Agreement.

Termination.  This Agreement shall be terminated upon the occurrence of any of the following events:

Termination for Cause. Either Party may terminate this Agreement for “cause” upon thirty (30) days’ written notice to the other Party in the event such other Party is in material breach of any provision hereof, provided that the material breach has not been cured to the reasonable satisfaction of the non-breaching Party within such thirty (30) day period.

Immediate Termination. Either Party may terminate this Agreement immediately upon written notice upon the occurrence of any of the following:

the other Party’s fraud, dishonesty, gross negligence or willful misconduct;

conduct that is unprofessional, unethical or detrimental to the reputation, character and standing of the other Party;

the other Party is excluded as a provider of services under Medicare or Medicaid;

the other Party loses its license or registration to operate as a health care service firm; or

the other Party’s general assignment for the benefit of creditors, petition for relief under Title 11 of the United States Code or similar state laws for the protection of creditors, or upon the institution of such proceedings against the other Party if said proceedings are not dismissed within sixty

(60) calendar days after service of process on such Party.

Change of Law. Nothing contained in this Agreement is intended to violate any applicable law.  However, if either Party receives notice of any Government Action (defined below), the Parties shall attempt to amend this Agreement to bring it into compliance with the Government Action.

“Government Action” shall mean any legislation, regulation, rule, advisory opinion, or interpretation of the foregoing by any federal or state government or legislative body, agency or court or administrative hearing officer, which in the opinion of legal counsel for either Party, would cause this Agreement to be in violation of any federal or state law, regulation or rule, subject any Party or their representatives to civil or criminal liability based on their participation in this Agreement, or jeopardize the licensure or participation in government health care programs of any Party or its representatives.

If the Parties, after good faith efforts, are unable to reach an agreement on amendments to this Agreement which would, in the opinions of legal counsel for both Parties, bring this Agreement into compliance with a Government Action, either Party may terminate this Agreement immediately with notice to the other Party.

Effect of Termination. In the event of termination of this Agreement, for whatever reason, HCA shall timely complete all records for the Home Care Services rendered through the date of termination, and VNA shall pay all amounts due for the Home Care Services provided through the date of termination, in accordance with the terms of this Agreement. This provision shall survive any termination of this Agreement.

Compensation.  HCA hereby agrees to provide VNA a marketing/sales fee in accordance with the terms of this Section and the fee schedule set forth in Schedule B of this Agreement; the fee shall be paid by HCA to VNA on a monthly basis:

HCA is responsible for setting pricing for clients under this Agreement and 
shall bill clients of the Business directly for Home Care Services. HCA is responsible for collecting all applicable fees from clients and depositing the same payment.  HCA pricing may differ based on geography, dynamic supply constraints, etc., but such difference will not alter or amend the fee schedule attached hereto as Schedule B.

VNA shall have the right, subject to reasonable advance notice and during normal business hours, to periodically audit all billing, receipts, client records and other records or documents regarding Home Care Services provided by HCA to clients of the Business or amounts received by HCA pursuant to the Agreement.

Any fees charged by credit card companies, banks or other third parties relating to any services provided hereunder, or payments for those services, including any client or other payments, withdrawals or electronic or automated clearing house (“ACH”) transfers of funds into or out of the Business Bank Account, shall be paid by HCA.

Insurance, Indemnification and Excluded Liabilities.

Insurance.	During the term of this Agreement, VNA and HCA shall each maintain at their sole expense, policies of professional liability, general liability, property and bodily injury insurance in the minimum amount of One Million Dollars ($1,000,000) per occurrence and Three Million Dollars ($3,000,000) in the annual aggregate to cover claims arising or resulting from the acts or omissions of such Party, its employees or agents, in connection with this Agreement. Upon the request of either Party, the other Party shall provide Certificates of Insurance evidencing such coverage and stating that such coverage will not be canceled or reduced without thirty (30) days prior written notice to the other Party. Each Party shall also maintain in full force and effect, at its sole expense, worker’s compensation insurance as required by law.

Indemnification. Both HCA and VNA hereby agree to indemnify, defend and hold each other harmless from and against any and all claims, demands, actions, lawsuits and other proceedings, and all losses, liabilities, damages, judgements, awards, amounts paid in settlement, and costs and expenses (including reasonable attorney’s fees and expenses) arising from or related to, in whole or in part, any negligent act or omission or willful misconduct of the other Party, or any of its officers, directors employees or agents in connection with this Agreement.

VNA also agrees to indemnify, defend and hold HCA harmless from and against any and all claims, demands, actions, lawsuits and other proceedings, and all losses, liabilities, damages, judgments, awards, amounts paid in settlement, and costs and expenses (including reasonable attorney’s fees and expenses) arising from or related to, in whole or in part, any matter relating to the actions or inactions of VNA, or any of its officers, directors, employees or agents, occurring prior to the Effective Date, including but not limited to any claim brought by an employee, client, governing/regulatory body, or any other third party.

Excluded Liabilities.  At the Effective Date, HCA does not assume and VNA does not assign any liability relating to any act or omission of VNA in the operation of the business prior to the Effective Date.

Preferred Partner/Exclusivity/Restrictive Covenants.

For purposes of this Section 8, the term “Service Area” shall mean Ohio.

For the duration of the Term, VNA agrees that HCA is a preferred partner to provide Home Care Services to Business clients located in the Service Area and shall have the right of first refusal to service any Business client in the Service Area.

For the duration of the Agreement and for one (1) year thereafter, VNA agrees that it shall not, directly or indirectly, such as through a contract or venture with any other person or entity, solicit, hire, contract with, or otherwise engage any HCA Caregiver to provide Home Care Services or any other services on VNA’s behalf.  In lieu of an injunction, the parties agree that HCA may opt to seek liquidated damages for VNA’s breach of this non-solicitation covenant. It is agreed and understood that the damages HCA would suffer as a result of such breach would be very difficult to ascertain and quantify. Accordingly, the parties agree that the sum of Ten Thousand Dollars ($10,000.00) per HCA Caregiver engaged by VNA is a good faith, reasonable estimate of the damages that HCA would suffer and is not a penalty.

For the duration of the Agreement and for one (1) year thereafter, HCA agrees that it shall not, directly or indirectly, such as through a contract or venture with any other person or entity, solicit, hire, contract with, or otherwise engage any VNA employee then providing home care services exclusively to VNA’s Medicare or Medicaid clients. In lieu of an injunction, the parties agree that VNA may opt to seek liquidated damages for HCA’s breach of this non-solicitation covenant. It is agreed and understood that the damages VNA would suffer as a result of such breach would be very difficult to ascertain and quantify. Accordingly, the parties agree that the sum of Ten Thousand Dollars ($10,000.00) per VNA employee engaged by HCA in breach of this non-solicitation agreement is a good faith, reasonable estimate of the damages that VNA would suffer and is not a penalty.

Right of First Refusal. In the event VNA decides to sell the Business during the Term or the one (1) year period thereafter, HCA shall have a right of first refusal to purchase the Business for a price to be negotiated by the parties.

Confidentiality of Information.

During the course of this Agreement, each Party (the “Receiving Party”) may be given access to confidential and proprietary information of the other Party (and its subsidiaries, divisions,  affiliates  and  third party  associates)  (the  “Disclosing  Party”).	“Confidential Information” shall mean information, including trade secrets, know-how, proprietary information, formulae, processes, pricing information, techniques and information relating to the Disclosing Party’s past, present and future marketing, financial, research and development activities, and personally identifiable information about consumers, shareholders, physicians, suppliers, consultants, competitors and customers, that may be disclosed, whether orally or in writing, to the Receiving Party, or that may be otherwise received or accessed by the Receiving Party in the course of performing this Agreement. Confidential Information shall include information marked “confidential” or “proprietary” prior to or upon disclosure, or that, if disclosed orally, is identified by HCA or VNA at the time as being confidential or proprietary. Notwithstanding the foregoing, Confidential Information shall not include information: (i) previously known to the Receiving Party without an obligation of confidence; (ii) independently developed by or for the Receiving Party without use of the Confidential Information; (iii) acquired by the Receiving Party from a third party which is not, to the Receiving Party’s knowledge, under an obligation of confidence with respect to such information; or (iv) which is or becomes publicly available through no breach of this Agreement. The Receiving Party shall only use or disclose the Confidential Information for purposes of and in connection with this Agreement. Each Party agrees to protect the confidentiality of the Confidential Information of the other in the same manner that it protects the confidentiality of its own proprietary and confidential information of like kind, but in no event shall either Party exercise less than reasonable care in protecting such Confidential Information. Access to the Confidential Information shall be restricted to personnel of the parties (including such personnel employed by subsidiaries, divisions, affiliates or third party associates) engaged in a use permitted hereby. The Receiving Party shall not duplicate any material containing Confidential Information except in the direct performance of its obligations under this Agreement. The Receiving Party shall return all copies of materials containing Confidential Information upon reasonable request of the Disclosing Party or upon any earlier termination of this Agreement for any reason whatsoever. If the Receiving Party receives a subpoena or other validly issued administrative or judicial process demanding Confidential Information, it shall promptly notify the Disclosing Party of such receipt and tender to it the defense of such demand. After providing such notification, the Receiving Party shall be entitled to comply with such subpoena or other process to the extent permitted by law.

Each Party acknowledges that, in the event of any breach of the provisions of this Section 10, the Disclosing Party may suffer damages that are not easily determinable, and shall be entitled to seek equitable relief, including an injunction or an order for specific performance, in addition to all other remedies available to the Disclosing Party at Law or in equity.

The obligations under this Section 10 shall survive any expiration or termination of this Agreement.

Miscellaneous.

Entire Agreement; Amendment. This Agreement constitutes the entire agreement of the parties with respect to the subject matter hereof, and supersedes all proposals or prior agreements, oral or written, and all other communications, oral or written. This Agreement shall not be amended, altered or changed, except by written agreement signed by both Parties hereto.

Waiver. A waiver by either Party of a breach or a failure to perform under this Agreement shall not constitute a waiver of any subsequent breach or failure.

Binding Effect; Assignment. This Agreement shall be binding upon the Parties hereto and their respective successors and permitted assigns. Neither Party shall have the right to assign, sell or otherwise transfer this Agreement or any rights hereunder without the express prior written consent of the other Party (which consent shall not be unreasonably withheld); provided, however, that each Party shall have the right to assign, delegate or transfer this Agreement without the other Party’s consent, in whole or in part, to any affiliate, existing now or in the future, or to any entity which succeeds to the applicable portion of the assigning Party’s business through a sale, merger, consolidation or other transaction, provided that such other entity assumes the obligations of this Agreement. Any purported assignment or transfer in violation of this Section shall be null and void.

Descriptive Headings. The descriptive headings in this Agreement are inserted for convenience of reference only and do not constitute a part of this Agreement.

Severability. If any part of this Agreement should be held to be void or unenforceable, such part will be treated as severable, leaving valid the remainder of this Agreement, notwithstanding the part or parts found void or unenforceable.

Notices. Service of all notices under this Agreement shall be sufficient if hand- delivered, placed with an overnight courier or mailed to the party involved at its respective address set forth herein, by certified or registered mail, return prepaid, addressed to the appropriate party as follows:

HCA:

Home Care Assistance of Southern Ohio, LLC 
1255 Oakmead Pkwy.,

Sunnyvale, CA 94085
Attn: Legal Department

VNA:	Peter GaylordCFO

VNA Health Group Inc 23 Main Street Suite D1

Holmdel, NJ 07733

Notice shall be deemed given three (3) days after it is placed in the U.S. mail or the day it is hand-delivered or the day after being placed with an overnight courier. Either Party may change the address to which notices are to be addressed by giving the other Party written notice in the manner set forth herein.

No Third Party Beneficiaries. Nothing express or implied in this Agreement is intended to confer, nor shall anything herein confer, upon any person other than the Parties and the respective successors or assigns of the Parties, any rights, remedies, obligations or liabilities whatsoever.

HCA  is  an  Independent  Contractor.	In performing Home Care Services hereunder, HCA and its employees are independent contractors and shall not be considered employees of VNA. The Parties understand and agree that VNA shall not provide any benefits, insurance coverage of any sort, vacation or holiday pay to HCA or any person who performs services through HCA under this Agreement, and VNA shall not withhold from the payment to HCA any sums for federal, state and local taxes. HCA hereby warrants and agrees to be solely responsible for making any required payments of federal, state and local taxes for compensation paid to such persons who perform services under this Agreement. HCA agrees to indemnify VNA for any federal, state or local taxes or penalties it may be required to pay on behalf of any person who provides services under this agreement. HCA shall not be covered under VNA’s Workers Compensation policy, nor will its agents and/or employees be eligible to participate in any plans or agreements regarding retirement, health, disability, life or other related fringe benefit provided by VNA. In the event the Internal Revenue Service or any other governmental agency shall, at any time, question or challenge the independent contractor status of HCA, both VNA and HCA, upon receipt by either of them of notice from the Internal Revenue Service or any other governmental agency, shall promptly notify the other Party and afford the other Party the opportunity to participate in any discussion or negotiation with the Internal Revenue Service or any other governmental agency. Irrespective of how such discussions or negotiations are initiated, the other Party shall participate in any such discussions or negotiations to the extent permitted by the Internal Revenue Service or any other governmental agency.

Governing Law. This Agreement is entered into in the State of Ohio and shall be governed by the laws thereof without regard to conflicts of laws principles.

Compliance with Law. VNA and HCA shall each comply, at its own cost and expense, with the provisions of all federal, state, county and municipal laws, ordinances, regulations and orders and standards of their respective accrediting agencies pertaining to the performance and provision of its services under this Agreement as they exist now and as they may be amended from time to time (“Applicable Laws”). In the event of any notice of a violation of the Applicable Laws, or an investigation into an alleged violation, VNA and HCA shall each take all measures necessary to promptly remedy any violation(s) of any Applicable Law.

HIPAA. VNA, as a covered entity, as that term is defined under the Health Insurance Portability and Accountability Act of 1996 and regulations promulgated thereunder, as each may be amended from time to time (collectively, “HIPAA”), and HCA, as a business associate of VNA, shall each comply with federal and state laws governing the confidentiality of protected health information, including, but not limited to, those implemented by HIPAA. The Parties shall enter into a business associate agreement, as defined by HIPAA, and as incorporated by reference and attached hereto as Schedule C. The terms in this Section shall have the same meanings as defined under HIPAA.

Fraud  and  Abuse  Compliance. VNA has in place a Corporate Compliance Program, Code of Conduct and written policies governing the Federal False Claims Act, New Jersey’s Health Care Claims Fraud Act and False Claims Act, whistleblower protections under Federal and State laws, and the role of these laws in preventing or detecting fraud, waste and abuse which have a goal of ensuring that VNA complies with federal, state and local laws and regulations. The Corporate Compliance Program focuses on risk management, the promotion of good corporate citizenship, including the commitment to uphold a high standard of ethical and legal  business  practices,  and  the  prevention  of  misconduct.    HCA  acknowledges  VNA’s commitment to Corporate Compliance and agrees to conduct all business transactions which occur pursuant to this Agreement in accordance with applicable federal, state and local laws and regulations.

Use of Name. Neither Party may use the other Party’s name or marks, in any advertising, promotional efforts or any publicity of any kind without the prior written permission of such other Party, except with respect to services provided pursuant to this Agreement in the normal course of business.

Counterparts. This Agreement (and any amendments to hereto) may be executed in one or more counterparts, each of which shall be an original, but all of which together shall constitute one instrument.

[Signature Page Follows]

IN WITNESS WHEREOF, the Parties have executed this Agreement on the day first written above.

VNA HEALTHCARE PARTNERS  OF OHIO, INC

By:   	 Steven Landers, MD, MPH CEO

HOME CARE ASSISTANCE OF SOUTHERN OHIO, LLC

By:   	 
Matt Neal

Chief Development Officer

SCHEDULE A

All clients obtained via the following agreed upon resources/referral partners shall be governed by the terms of this Agreement:

Any client generated through VNA’s marketing/sales and business development teams

Any client generated through VNA’s intake department

All Cleveland metro clinic hospitals and affiliated acute rehabilitation centers

All Cleveland metro university hospitals and affiliated acute rehabilitation centers

Metro Health Medical Center

Fairview Health System

Western Reserve Hospital

Metro Outpatient

Cedarwood Plaza

Cleveland Clinic Rehab-Beachwood

Cleveland Clinic Avon Hospital

Broadview Multicare Center

O'Neill Middleburg Heights

Cleveland Clinic

Cleveland Clinic Hospital

Lake Health Beachwood Medical

Lake Health West Medical Center

Tripoint Lake Health

Altercare of Mayfield Village

O'Neill Healthcare Bay Village

Lutheran Hospital

Lake Pointe Health Center

O'Neill Healthcare Lakewood

Pleasant Lake Villa Nursing Home

Regency Cleveland West

Hillcrest Hospital

O'Neill Fairview Park

South Pointe Hospital

St John Medical Center

Parkside Villa Nursing Home

Wesleyan Village SNF

Cleveland Clinic Medina Hospital

Metro Health Psych Unit

Option Care Cleveland

The parties agree that the following resources/referral partners are affiliated with HCA and are not governed by the terms of this Agreement and no marketing/services fee shall be owed by HCA to VNA for client referrals from these resources/referral partners:

Any client generated through HCA’s marketing/sales and business development teams

Any client generated through HCA’s intake department (HCA branded intake line related to advertising, marketing, and branding efforts in Cleveland)

All Cleveland metro senior living communities

All Cleveland metro geriatric care managers

All Cleveland metro legal and financial professionals

Altercare of Mayfield

Hamlet at Chagrin Falls

Lantern Of Chagrin Valley

The Weils

Arden Courts Of Chagrin Falls

The Gables Of Hudson

Anna Maria Of Aurora

Independence Village Of Aurora

The Atrium At Anna Maria

Hillcrest Hospital

Gates Mills Club

Kendal at Home

Anthology of Mayfield Heights

Villa St. Joes

Forest Hills Place

Woodside Village

Wesleyan Village

Concordia at Sumner

Wiggins Place

Elmcroft of Sagamore Hills

Emerald Village Senior Living

Tapestry Senior Living Wickliffe

Hudson Senior Living, LLC

Avenue Assisted Living

Mulberry Gardens Assisted Living

Kathy Cline, LSW, CMC

Sarah Parran, MSSA, LISW-S, CMC

Rebecca May, RN, CMC

Sarah Parran, MSSA, LISW-S, CMC

Bridget Mary Ritossa, BA, LSW, CMC

Terry Donner, JD, RN, CCM, CSA

Jennifer Beach, BS, MA, LSW, CSWCM

Rita E. Schraff, MSSA, LISW-S, CASWCM

Sherri Tober, BA, LSW

Gerilynn Bryan, BA

In the event a client is generated from a source other than from the resources/referral partners listed above, HCA and VNA shall evenly split credit on a 50/50 basis.

SCHEDULE B

COMPENSATION SCHEDULE

As of the Effective Date, for clients provided Home Care Services by HCA under this Agreement, HCA agrees to pay VNA a marketing/sales fee of $2.30 per hour for hourly shifts and $25 per day for clients receiving daily live-in service.  HCA shall pay VNA marketing/sales fees on a monthly basis.

SCHEDULE C

HIPAA Business Associate Agreement

THIS HIPAA BUSINESS ASSOCIATE AGREEMENT (this “Agreement”) is by and between VNA HealthCare Partners  of Ohio, Inc (“Covered Entity”) and Home Care Assistance of NJ, LLC (“Business Associate”) (hereinafter, Covered Entity and Business Associate are, at times, referred to individually each as a “Party” and together as “the Parties”).

RECITALS:

WHEREAS, Covered Entity has engaged Business Associate for the purpose of performing certain functions and engaging in certain activities for and on behalf of Covered

Entity, as set forth in the underlying agreement between the Parties (hereinafter, the “Services Agreement”);

WHEREAS, in connection with services provided by Business Associate to Covered Entity under the Services Agreement (“BA Services”), it may become necessary for Covered Entity to disclose information to Business Associate, some of which may constitute protected health information (“PHI”), including electronic protected health information (“e-PHI”). PHI and e-PHI are, collectively, referred to hereinafter as “Covered Entity’s PHI” as defined below;

WHEREAS, the Parties intend to protect the privacy and provide for the security of Covered Entity’s PHI in compliance with the Health Insurance Portability and Accountability Act of 1996, Public Law 104-191 (the “HIPAA Statute”), and its related “Privacy Rule” (45 CFR Part 164 Subpart E) and “Security Rule” (45 CFR Part 164 Subpart C) (collectively, the Privacy Rule, Security Rule and HIPAA Statute are, hereinafter, referred to as “HIPAA”), all as amended by the Health Information Technology for Economic and Clinical Health Act (the “HITECH Statute”) and any regulations promulgated thereunder (collectively, the “HITECH Rules,” and together with the HITECH Statute, referred to hereinafter simply as “HITECH”), as well in compliance with other applicable federal or state laws concerning the privacy and security of health information;

NOW THEREFORE, in consideration of the foregoing, the mutual representations, covenants and agreements set forth below and in the underlying Services Agreement, and for other good and valuable consideration, the Parties, intending to be legally bound, hereby agree as follows:

TERMS:

Definitions.  Any terms not otherwise specifically defined in this Agreement shall have the meanings ascribed to them in HIPAA and HITECH.

Uses and Disclosures of  Covered  Entity’s PHI .

Permitted Uses and Disclosures. Business Associate may use and/or disclose Covered Entity’s PHI made available by Covered Entity, or created  or obtained by

Business Associate for or on behalf of Covered Entity as follows:

to furnish or perform the BA Services set forth in the Services Agreement, as permitted by and in accordance with this Agreement, HIPAA, HITECH and all other applicable federal or state laws. Business Associate may not use or disclose Covered Entity’s PHI in a manner that would violate HIPAA and HITECH if done by Covered Entity, this Agreement or applicable law;

to use and or disclose only the minimum necessary amount of Covered Entity’s PHI needed for Business Associate to perform the BA Services, as consistent with Covered Entity’s minimum necessary policies and procedures, and including in accordance with any minimum necessary standards and guidance released by the U.S. Department of Health & Human Services (HHS) pursuant to the HITECH Act;

for internal management and administration purposes of Business Associate only if use of Covered Entity’s PHI is necessary for Business Associate to perform internal management and administration functions, or to carry out its own internal legal responsibilities;

for the internal management and administration purposes of Business Associate only if disclosure of Covered Entity’s PHI: (1) is required by law, or

(2) Business Associate obtains from such third party recipient written assurances: (a) that such recipient will hold Covered Entity’s PHI confidential and in compliance with HIPAA and HITECH on the same terms as set forth in this Agreement and (b) that such recipient will notify the Business Associate, without unreasonable delay, of any instances of which such recipient becomes aware of a Breach that compromises the confidentiality of Covered Entity’s PHI. Notwithstanding the foregoing, Business Associate, shall NOT, under any circumstances, disclose Covered Entity’s PHI to any third party not within the borders and jurisdiction of the United States of America without the prior written consent of the Covered Entity, which may be withheld in Covered Entity’s sole and unfettered discretion]; and

to the extent Business Associate is to carry out a function or obligation of Covered Entity with respect to the Privacy Rule or Security Rule, comply with the requirements of the Privacy Rule that apply to the Covered Entity in the performance of such obligation.

Business Associate’s Agents. Business Associate shall ensure that any agent to whom it provides Covered Entity’s PHI agrees to implement reasonable and appropriate security measures to protect such PHI.

HIPAA Authorization. Business Associate shall not, except as provided in this Agreement and permitted or required under HIPAA and HITECH, use in any other manner or disclose to any other person or entity Covered Entity’s PHI without first obtaining a HIPAA-compliant authorization (“HIPAA Authorization”) from the individual about whom the information pertains, including, but not limited to, whenever Covered Entity would be required to do so in accordance with federal or State laws and regulations. Business Associate must retain a copy of any such HIPAA Authorization obtained for six (6) years, and make copies available to Covered Entity.

Unauthorized Uses and Disclosures. Business Associate shall report to Covered Entity any unauthorized use or disclosure of PHI not provided for by this BA Agreement, including any Security Incident or Breach as required by Section D(2), affecting Covered Entity’s PHI of which Business Associate becomes aware.

Prohibited Uses and Disclosures.

Prohibition  “ Sale” of  PHI  and  “ Marketing” .  Business Associate shall not directly or indirectly accept remuneration in exchange for using or disclosing any of Covered Entity’s PHI, including in de-identified  form, except Business Associate may accept such remuneration from Covered  Entity in exchange for services or functions performed pursuant to this Agreement. Business Associate shall not use or disclose Covered Entity’s PHI  for marketing except for or on behalf of Covered Entity with Covered Entity’s express written consent and the individual’s Authorization.

All  Other  Uses  Strictly  Prohibited.	Business Associate is strictly prohibited from using or disclosing Covered Entity’s PH in any other manner except as expressly permitted under this Agreement, including, but not limited to, manipulating or otherwise converting such information to de-identified format, even if any such use or disclosure is otherwise permitted under HIPAA and or HITECH, unless Covered Entity agrees in advance in writing.

Use and Disclosure of De-identified Data; Limited Data Set.

De-identification. If the Services Agreement permits the use of aggregated and de-identified data, Business Associate may use and disclose Data which has been reasonably and appropriately de-identified in accordance with the HIPAA De- identification Standards solely for the purpose described in the Services Agreement. Prior to use or disclosure of de-identified Data, Business Associate shall de-identify Covered Entity’s PHI in accordance with one of the following: (i) the HIPAA “safe harbor” method (45 C.F.R. §164.514(a); or (ii) the HIPAA “expert determination” method (45 C.F.R. §164.514(b)(1)). Business Associate shall under no circumstance use or disclose, or permit use or disclosure by any agent, contractor or subcontractor, of Covered Entity’s aggregated and/or de-identified data for any commercial purposes.

De-identification Guidance. Business Associate shall comply with guidance or standards that may be promulgated by the Department of Health and Human Services (HHS) relating to methods for the de-identification of PHI, including but not limited to “Guidance on De-identification of Protected Health Information”, Office for Civil Rights

(November 26, 2012), available at: http://www.hhs.gov/ocr/privacy/hipaa/understanding/coveredentities/De-identification/guidance.html

Compliance with De-identification Standards.	Business Associate shall ensure that its employees and agents, and any subcontractors who would create, receive, maintain or transmit PHI for de-identification purposes, will act in full compliance with either the HIPAA safe harbor or HIPAA expert determination standard to appropriately de-identify Data to be used or disclosed, including but not limited to implementing reasonable and appropriate policies and procedures for doing so.

No Re-identification. Business Associate shall not, nor permit its employees or agents to, re-identify or attempt to re-identity de-identified Data, or permit any other entity to do so on its behalf, including, but not limited to, re-identification of Data for purposes other than those permitted by the Services Contract. Business Associate shall require any entity, including employees, agents, subcontractors and/or third parties, to which it may disclose de-identified Data to agree to not re-identify, or attempt to re- identify any such de-identified Data. Under no circumstance shall Business Associate or any other entity contact or attempt to contact an Individual who is the subject of the de- identified Data.

Limited Data Sets. Business Associate may use and disclose Covered Entity’s PHI within a Limited Data Set (45 C.F.R. §164.514(e)(1)). Business Associate may only use and disclose a Limited Data Set for (i) research, (ii) for public health, and (iii) for health care operations purposes. In the event Business Associate wishes to create, use, and/or disclose a Limited Data Set, as such term is described by HIPAA, Business Associate shall enter into a separate Limited Data Set Agreement with Covered Entity prior to the creation, use or disclosure of such Limited Data Set.

Obligations of Covered Entity.

Covered Entity shall provide Business Associate with the notice of privacy practices that Covered Entity produces in accordance with 45 C.F.R. § 164.520, as well as any changes to that notice.

Covered Entity shall provide Business Associate with any changes in, or revocation of, permission by Individual to use or disclose Protected Information, if such changes affect Business Associate’s permitted or required uses and disclosures.

Covered Entity shall notify Business Associate, in writing, of any restriction to the use or disclosure of Protected Information that Covered Entity has agreed to in accordance with 45 C.F.R. § 164.522.

Covered Entity shall make reasonable efforts to provide to, or request from, the Business Associate only the minimum Protected Information necessary for Business Associate to perform or fulfill a specific function required or permitted hereunder.

If Covered Entity transmits Protected Information by electronic transfer or sends it in physical media Covered Entity shall transmit all such Protected Information in an encrypted format, as may be mutually agreed by the parties.

Covered Entity represents that it has the right and authority to disclose Protected Information to Business Associate for Business Associate to perform its obligations and provide services to Covered Entity, and Covered Entity shall not request Business Associate to use or disclose Protected Information in any manner that would violate HIPAA, other applicable laws or Covered Entity’s privacy notice, if done by Covered Entity.

Security Safeguards.

General. Business Associate shall have in place reasonable and appropriate safeguards to provide for the security of Covered Entity’s PHI and prevent use or disclosure of Covered Entity’s PHI other than as provided for by this Agreement in accordance with the HIPAA Security Rule and other applicable laws, including administrative, technical and physical safeguard Standards as set forth in § 164.308, § 164.310, § 164.312 of the Security Rule:

Compliance with Security Rule. Business Associate shall comply with the requirements of the Security Rule at all times with respect to Covered Entity’s PHI.

Administrative   and   Other   Safeguards.	Business	Associate	shall implement and maintain a written security program that includes administrative, technical and physical safeguards appropriate to the size and complexity of Business Associate’s operations and the nature and scope of its activities and as reasonably necessary for Business Associate to comply with applicable provisions of the HIPAA Security Rule, including but not limited to all “Required” and “Addressable” Implementation Specifications.

Documentation. Business Associate shall maintain written or electronic policies and procedures developed to comply with the HIPAA Security Rule. If any action, activity or assessment is required under the HIPAA Security Rule to be documented, Business Associate shall maintain a written (or electronic) record of the same, and retain a copy and make it available to Covered Entity upon request for a period of six (6) years from the date of its creation, or the date when it last was in effect, whichever is later.

HHS Guidance. Business Associate shall implement and comply with all requirements set forth in any guidance concerning business associate compliance with the Security Rule that may be issued by HHS pursuant to the HITECH Act or HIPAA.

Security Breach Notification.

General. Business Associate shall comply with the standards and requirements under the Breach Notification Laws, which for purposes of this Agreement include, collectively, the provisions relating to breach as set forth in the HITECH Statute and its related Rules for Breach Notification for Unsecured Protected Health Information (45 CFR Parts 160 and 164), as may be amended in the future, and state breach notification laws and related regulations, as may be amended from time to time.

Encryption. Business Associate shall encrypt Covered Entity’s PHI when maintained by Business Associate (i.e., “at rest”) and when transmitted by Business Associate (i.e., “in transit”) to render it unusable, unreadable and indecipherable, including any and all of Covered Entity’s PHI that Business Associate accesses, maintains, retains, modifies, records, stores, destroys, or otherwise holds, uses, or discloses for or on behalf of Covered Entity pursuant to this Agreement. If the Parties otherwise mutually agree that it is not reasonable or possible for Business Associate to encrypt Covered Entity’s PHI, then Business Associate shall implement reasonable alternative security methods, as agreed to by Covered Entity, to safeguard Covered Entity’s PHI.

BA’s Obligations in the Event of a Security Incident or Breach.

Reporting Security Incidents and Breaches.	Business Associate shall promptly report to Covered Entity’s Privacy Officer and/or Security Officer, or their respective designee, either in person or by telephone at a number to be provided by Covered Entity, any Breach or Security Incident, as such terms are defined by HIPAA, that has or may result in the unauthorized use or disclosure of Covered Entity’s PHI, and in no case later than seventy-two (72) hours from the date of discovery by Business Associate.

In accordance with 45 C.F.R. §164.402, any acquisition, access, use or disclosure of PHI in a manner not permitted under the Privacy Rule is presumed to be a Breach unless a low probability exists that the PHI has been compromised. For purposes of this Agreement, a Breach shall be deemed “discovered” by Business Associate as of the first day on which such Breach is actually known to any person, other than the individual committing the Breach, that is an employee, officer, or other agent of Business Associate, including but not limited to notification provided to Business Associate by a subcontractor of a Breach. Business Associate shall take all commercially reasonable steps (e.g., audits; hotlines; technological tools, etc.) to allow it to discover Breaches and Security Incidents involving Covered Entity’s PHI.

No Delay for Risk Assessment.	Business Associate shall not delay Breach or Security Incident reporting on the basis of there being a pending determination of whether the incident may result in a “low probability” that Covered Entity’s PHI was compromised under the Breach Notification Laws. Covered Entity has the sole and unfettered right to make any and all risk assessment determinations, and Business Associate shall cooperate with investigations if requested by Covered Entity in order for Covered Entity to comply with its obligations under HITECH.

Assistance and Cooperation. Business Associate shall provide Covered Entity with such information as may be required for Covered Entity to appropriately determine whether an incident is a Security Incident or Breach, and provide such notification as may be required under the Breach Notification Laws. Business Associate agrees to assist and cooperate with Covered Entity as needed for Covered Entity and Business Associate to fully comply with the Breach Notification Laws. If Business Associate is the direct cause of a Breach of Covered Entity’s PHI, including any of Business Associate’s employees, owners, directors, agents, independent contractors, or affiliates, Business Associate shall provide Covered Entity, at Business Associate’s sole cost, administrative support and other resources as may be reasonably requested by Covered Entity in order to furnish written notices to individuals affected by the Breach and otherwise comply with the Breach Notification Laws. In the event that Business Associate does not provide such requested assistance and resources in a timely manner, as determined by Covered Entity in its sole and unfettered discretion, then Business Associate shall reimburse Covered Entity for all reasonable actual costs and expenses (e.g., postage; supplies; administrative staff time, etc.) incurred by Covered Entity in its efforts to comply with the Breach Notification Laws.

Indemnification for Failures to Discover or Report Breaches. Business Associate shall defend, indemnify and hold harmless Covered Entity and each of its officers, directors, employees and agents (“Covered Entity Affiliates”) from and against any and all penalties, claims, losses, liabilities, damages, costs and expenses (including reasonable attorneys’ fees and expenses) resulting from third party claims against Covered Entity or any Covered Entity Affiliates arising out of or in connection with a violation of HIPAA by Business Associate’s employees, agents or subcontractors. Covered entity shall defend, indemnify and hold harmless Business Associate and each of its officers, directors, employees and agents (“Business Associate Affiliates”) from and against any and all penalties, claims, losses, liabilities, damages, costs and expenses (including reasonable attorneys’ fees and expenses) resulting  from  third  party claims  against  Business  Associate  or  any

Business Associate Affiliates arising out of or in connection with a violation of HIPAA by Covered Entity’s employees, agents, or subcontractors.

Amendment  of  PHI.	Business Associate shall make Covered Entity’s PHI available to Covered Entity as may be required for Covered Entity to fulfill its obligations to respond under §164.526 of the Privacy Rule to an individual’s request for amendment of his or her protected health information. Business Associate agrees to incorporate any amendments, as directed by Covered Entity, into copies of Covered Entity’s PHI maintained by Business Associate.

Restrictions.	Business Associate shall implement any restrictions on use or disclosure of Covered Entity’s PHI that Covered Entity has agreed to and provided notice to Business Associate of, including but not limited to any restriction for disclosure of PHI to a health plan where the Individual paid in full and out-of-pocket and such disclosure would be for the sole purpose of payment or health care operations purposes.

Access Rights of Individual. Business Associate agrees to make Covered Entity’s PHI available to Covered Entity as may be required for Covered Entity to fulfill its obligations under § 164.524 of the Privacy Rule to provide an individual with access or a copy of such individual’s PHI, including but not limited to making available PHI maintained in an electronic designated record set in an electronic form and format as requested by the individual, if readily producible. Business Associate’s compliance with such “access rights” requirements shall be at Business Associate’s cost. Notwithstanding the forgoing, Business Associate may, if Covered Entity agrees, to charge a “copy/labor fee” to the individual as otherwise permitted under HIPAA, HITECH and State law.

Accounting of Disclosures. Business Associate shall maintain and make available documentation as required under § 164.528 of the Privacy Rule to allow Covered Entity to respond to an individual’s request for an accounting of disclosures (AOD) by Business Associate. Business Associate shall provide such information as may be necessary in order for Covered Entity to respond to an individual’s request for an accounting of disclosures as required by 45 C.F.R. § 164.528, as modified by HITECH and its implementing accounting of disclosure rules and regulations.

Business	Associate ’s	Subcontractors .	Business	Associate	expressly acknowledges that HITECH makes directly applicable to Business Associate and its subcontractors certain provisions of the HIPAA Privacy Rule and the Security Rule, and that such subcontractors may be considered “business associates” in their own respect with regard to PHI that they may create, receive, maintain or transmit for or on behalf of Business Associate.  Business Associate hereby agrees to:

Ensure that any subcontractor that creates, receives, maintains or transmits Covered Entity’s PHI for or on behalf of Business Associate enters into a written HIPAA Business Associate Agreement that complies with the requirements of

§164.314(a) and §164.508(e), as applicable;

Ensure that each such subcontractor is notified and made aware that it is directly responsible for complying with applicable provisions of the HIPAA Privacy and Security Rules as a result of entering into such HIPAA Business Associate Agreement with respect to Covered Entity’s PHI; and

Ensure that each HIPAA Business Associate Agreement shall contain the same restrictions and conditions which apply to Business Associate with respect to Covered Entity’s PHI.

Not disclose any of Covered Entity’s PHI to a subcontractor not within the borders and jurisdiction of the United States of America without prior written consent of Covered Entity.

Training. Business Associate agrees to require its directors, officers, employees and agents that have access to Covered Entity’s PHI to: (a) undergo HIPAA and HITECH-related training and education; and (b) agree to abide by Business Associate’s specific responsibilities and obligations with respect to accessing and using Covered Entity’s PHI under this Agreement.

Books  and  Records. Except for information accorded legal protection as privileged or confidential information, each Party agrees to make its internal practices, books and records relating to the use and disclosure of Covered Entity’s PHI available if access to such information is necessary for the Secretary of HHS to determine Covered Entity’s compliance with HIPAA and HITECH.

State Law.	The Parties agree that if any provision or requirement concerning privacy or security of Covered Entity’s PHI under State law is more stringent or provides individuals with more rights regarding their protected health information than a similar provision or requirement under HITECH or HIPAA, such state law shall be followed.

Termination.

Noncompliance. If Covered Entity notifies Business Associate regarding an activity or practice that constitutes a material breach or violation of an obligation under this Agreement, HIPAA or HITECH, and Business Associate does not take reasonable steps to or otherwise does not successfully cure the breach or end the violation, as applicable, within a reasonable timeframe as determined by Covered Entity, Covered Entity may terminate this Agreement and Business Associate’s authority to access, use and/or maintain possession of Covered Entity’s PHI.

Judicial or Administrative Proceedings. Covered Entity may terminate this Agreement immediately if: i) Business Associate is named as a defendant in a criminal proceeding for a violation of HIPAA or HITECH, or other criminal law or, ii) a finding or stipulation that Business Associate has violated any standard or

requirement of HIPAA, HITECH or other law is made in any administrative or civil proceeding in which Business Associate has been joined.

Return of Covered Entity’s PHI. Upon termination of the underlying Services Agreement or this Agreement, Business Associate shall return to Covered Entity and/or destroy all of Covered Entity’s PHI that Business Associate or any of its subcontractors still maintains in any form, and Business Associate and its subcontractors shall retain no copies of Covered Entity’s PHI. If return or destruction is not feasible, Business Associate agrees to continue to extend the protections of this Agreement to such information, and limit further use of Covered Entity’s PHI to those purposes that make the return or destruction of such PHI infeasible, and similarly require any of its subcontractors to extend such protections and limit further use/disclosure of Covered Entity’s PHI, as applicable.

Assistance in Litigation or Administrative Proceedings.	Each Party agrees to reasonably assist the other in the performance of its obligations under this Agreement including, if necessary, to testify as witnesses in the event that any litigation or administrative proceedings are commenced against a Party based upon a claimed violation of HIPAA, HITECH, except where the other Party, or its subcontractor, employee or agent may be named as an adverse Party.

Amendment.	The Parties acknowledge that state and federal laws relating to electronic data security and privacy are rapidly evolving and that amendment of this Agreement may be necessary to address such developments. Upon either Party’s request, the Parties agree to in good faith promptly enter into negotiations concerning the terms of an amendment to this Agreement embodying written assurances consistent with the standards and requirements of HIPAA and HITECH or other applicable laws. Either Party may terminate this Agreement and Business Associate’s right to continued access to or possession of the PHI upon 30 days written notice in the event that Party, or any of its agents and subcontractors: (i) does not promptly enter into negotiations to amend this Agreement when requested by the other Party pursuant to this paragraph or (ii) does not enter into an amendment to this Agreement providing assurances regarding the safeguarding of PHI sufficient to satisfy the standards and requirements of HIPAA and HITECH.

Independent Contractor. Nothing contained herein shall be deemed or construed by the Parties hereto or by any third party as creating the relationship of employer and employee, principal and agent, partners, joint venturers, or any similar relationship. Covered Entity and Business Associate expressly acknowledge and agree that Business Associate is an independent contractor, and not an agent of Covered Entity, under federal agency law or otherwise.

No Waiver. Neither the failure or any delay on the part of a Party to exercise any right, remedy, power or privilege under this Agreement shall operate as a waiver thereof, nor shall any single or partial exercise of any right, remedy, power or privilege with

respect to any occurrence be construed as a waiver of such right, remedy, power or privilege with respect to any other occurrence.

Governing Law.	This Agreement shall be construed in accordance with and governed by the laws of Ohio except where preempted by federal law.

Binding Effect. This Agreement shall inure to the benefit of, and be binding upon each Party hereto and their respective successors and assigns.

Notices. All notices to be made under this Agreement shall be given in writing and shall be deemed to have been duly given if personally delivered or sent by confirmed facsimile transmission, e-mail, certified or registered mail, return recipe requested, to the other Party at the address set forth in the underlying Services Agreement.

Modification.	This Agreement may be amended, superseded, terminated or extended, and the terms hereof may be waived, only by a writing signed by the Parties.

Severability. If any provision of this Agreement is held by a court of competent jurisdiction to be invalid or unenforceable, such provision shall be deemed severed from this Agreement, and the remainder of the provisions will remain in full force and effect.

Interpretation. The Parties agree that any ambiguity in this Agreement shall be resolved in favor of a meaning that complies and is consistent with HIPAA and HITECH. If any provision of this Agreement conflicts with a provision in the underlying Services Agreement, the terms of this Agreement will control. The use of headings in this Agreement are for convenience only and shall not affect the interpretation hereof.

(Signature Page Follows)

IN WITNESS WHEREOF, the Parties hereto have duly executed this Agreement effective as of the date of the signature below (the “Effective Date”).

FOR COVERED ENTITY:

VNA HEALTHCARE PARTNERS OF OHIO, INC

By:  	 Steven Landers, MD, MPH CEO

Date:

FOR BUSINESS ASSOCIATE:

HOME CARE ASSISTANCE OF SOUTHERN OHIO, LLC

By:

Matt Neal

Chief Development Officer

Date: