The URL can be used to link to this page

Home My WebLink AboutCAG2019-010 - Original - UnifyHR, LLC - ACA Compliance Tracking Software - 10/01/2018 KENTRecords Management Document 6wwcu h n fv1 I I CONTRACT COVER SHEET This is to be completed by the Contract Manager prior to submission to the City Clerk's Office. All portions are to be completed. If you have questions, please contact the City Clerk's Office at 253-856-5725. Vendor Name: UnifyHR, LLC Vendor Number (JDE): Contract Number (City Clerk): Category: Contract Agreement Sub-Category (if applicable) Other _ Project Name: Contract Execution Date: 10/01/18 Termination Date: 09/30/2020 Contract Manager: Laura Horea Department: HR Contract Amount: $25,000 Budgeted: ® Grant? Part of NEW Budget: ® Local: ❑ State: ❑ Federal: ❑ Related to a New Position: ❑ Approval Authority: ❑ Director ® Mayor ❑ City Council Other Details: ACA rmmpliance tracking software and re.norhn❑ REQUEST FOR MAYOR'S SIGNATURE Print on Cherry-Colored Paper- " Routing Information: (ALL REQUESTS MUST FIRST BE ROUTED THROUGH THE LAW DEPARTMENT) Approved by Director_ Originator: Laura HOrea Phone (Originator)`. 5290 Date Sent: 1/15/19 Date Required: 1/15/19 Return Signed Document to: Laura HOrea Contract Termination bate: 9/30/20 VENDOR NAME: Date Finance Notified: UnifyHR, LLC 22 00$ 0 and On required �. and over contracts r or on any Grant) DATE OF COUNCIL APPROVAL: Date Risk Manager Notified: Re wired on Non-C� Standard Contracts/Agreements) Has this Document been Specifically Account Number: Authorized in the Budget? YES NO Brief Explanation of Document: Agreement with UNIFYHR for ACA compliance tracking software and reporting. All Contracts Must Be Routed Through The Law Department p n (This area e completed by the Law Departmen Received: tt J�i1�°m Approval of Law Dept. �. Law De Ca Comments; LRec Forwarded to Mayor; Lei o-, .. Shaded Are d Completed By Administration Staff eived Recommendations and Comments: JAN 16 zoi Disposition: S(3 � t�t4�15 City at Kent 0 ce of the Mayor Date Returned: ryryry9 ama aunan Dace.. N n<w ..m e Ana ro: JAN 7 f0)9 (,BAN. MASTER SERVICES AGREEMENT ("Agreement') This Agreement is made and entered into this first day of October 1, 2018 ("Effective Date") between City of Kent ("Client') and UnifyHR, LLC ("UnifyHR") and shall remain in effect per the terms described herein. 1. SERVICES 1.1. In accordance with a schedule to be mutually agreed upon not more than fourteen (14) days following the execution hereof, UnifyHR shall provide to Client through Internet access and service personnel those services described in the Statement of Work ("SOW") attached hereto and incorporated herein (the "Services"). 1.2. The Services provided to Client are data analysis, reporting and administrative services, as set forth more fully in the SOW(s) attached hereto. The Services do not include accounting or legal services. UnifyHR shall owe no fiduciary duties to Client, Plan or its employees pursuant to this Agreement. 1.3. UnifyHR has in place and will continuously maintain a disaster recovery plan with necessary redundancies (i) to prevent any loss of any Client Data by UnifyHR or its contractors utilized in accordance with Section 14 herein, and (ii) that permits UnifyHR to react promptly to disruptions in service, and includes backup and protection controls with respect to data and equipment, which enable timely business resumption. UnifyHR shall: (a) upon request of Client, provide Client with a copy of such disaster recovery plan; (ii) actively test, review, and update each such plan on at least an annual basis (and any future updates or revisions to such plan shall be no less protective than the plan in effect as of the date hereof); and (id) immediately notify Client of any disaster or other event in which such plan is activated. UnifyHR shall retain records and supporting documentation sufficient to document the Services and the fees and expenses paid or payable by Client under this Agreement. 1.4. Client acknowledges that the Internet consists of a series of networks that are subject to failures and errors in operation and transmission. The Internet may be insecure, and is a publicly accessible network subject to access at multiple locations. The Services may be subject to failures and errors caused by the operation or failure of, or defects in, the Internet. Any data transmitted over the Internet, even when transmitted with security protections, is subject to possible access, modification, diversion, corruption and disclosure by unintended parties. In no event shall UnifyHR be liable as a result of any such failures, errors, access, modification, diversions or disclosures caused by the Internet and not attributable to by the acts or omissions of UnifyHR. Notwithstanding anything herein to the contrary, UnifyHR agrees to use any such access mechanisms or portals requested by Client to access Client Data. 1.5. Client shall not use the Services in any manner in violation of any law or governmental regulation. UnifyHR MSA and BAA v1.0 1 2. CLIENT DUTIES 2.1. Client or its agents and brokers shall timely provide UnifyHR with an electronic file, in a mutually agreed upon format, containing data necessary to UnifyHR's delivery of the Services (the "Client Data"). UnifyHR may rely and act upon any communication delivered to UnifyHR by the Client employee(s) with the UnifyHR user identification(s) established by Client. Client shall use reasonable efforts to ensure that the form of all Client Data complies with all data privacy laws of the United States. Without limiting the generality of the provisions protecting Client's Confidential Information (hereinafter defined), UnifyHR's disclosure and use of Client Data shall be strictly limited as set out in the Business Associate Agreement attached hereto and incorporated herein. 2.2. Client shall timely review the analysis, management reports, activities and audit files provided pursuant to section 1.2. Client shall provide related feedback and/or approval as reasonably required by UnifyHR. 2.3. Due to UnifyHR's lack of control over the completeness, accuracy and timeliness of the Client Data, Client shall indemnify UnifyHR for, and hold it harmless against, any loss, liability, claim or expense (including reasonable attorneys' fees and court costs) incurred by UnifyHR for claims arising out of any untimely, incomplete or inaccurate Client Data submitted by Client or Client's agent(s), including Client's stipulated data sources. 3. PLANS. With respect to the coverage provided by the Plan, UnifyHR relies solely upon the Client, reasonable interpretations and administration of the Plan by Client and Client's counsel, and any governmental administrative interpretations of the Plan, and UnifyHR will not be liable to Client for reasonably acting or refraining from acting in reasonable reliance on such interpretations. UnifyHR shall not be liable or responsible for any failure of Client to comply with any of Client's obligations relating to the Plan, including without limitation obligations under applicable federal and state laws (other than PPACA or any such laws relating to 6055 and/or 6056 reporting). Plan participants may be residents in, or citizens, of foreign countries as determined by Client in its discretion; however, in no event shall UnifyHR be responsible or liable for Client failing to comply with the laws or regulations of any country outside of the United States. 4. FEES AND EXPENSES. 2.4. All fees, costs and expenses payable to UnifyHR for the Services (the "Fees") are set forth in the Fee Exhibit attached hereto. The Fees shall be invoiced as stipulated in the Fee Exhibit or Letter of Intent (LOI) and paid by Client in U.S. Dollars. 2.5. Client agrees to reimburse UnifyHR for miscellaneous pass through expenses it has approved in advance in writing, to include; (i) travel expenses for coach air fare and reasonable lodging, (ii) language changes to forms and web pages, (iii) other costs above those necessary and sufficient to UnifyHR's standard delivery of Services (collectively, "Miscellaneous Pass Through Expenses"). UnifyHR MSA and BAA 0.0 2 2.6„ Client shall pay UnifyHR for all undisputed Fees within thirty (30) days of Client's receipt of the invoice. If Client is more than thirty (30) days past due in payment of any undisputed Fees due under this Agreement, UnifyHR may suspend the Services. Client may not assign or transfer its obligations under this provision. 5. PROPRIETARY RIGHTS. Any software provided by UnifyHR under this Agreement and all source code, object code and technical information pertaining to the software, and documentation and derivative works thereof (collectively "UnifyHR Property') constitute trade secrets of UnifyHR and its licensors (if any) and together with any and all patent, copyright, trademark or other intellectual property rights related thereto are and shall at all times be deemed "Confidential Information" and remain the property of UnifyHR and its licensors. Client shall not modify, reverse engineer, reverse assemble or reverse compile any UnifyHR Property. Client shall not distribute, rent, lease, sublicense or transfer any UnifyHR Property to any third party (other than Client's vendors), use the software in a service bureau or timesharing arrangement with third parties, or otherwise allow direct or indirect use of the UnifyHR Property by any third party (other than Client's vendors) unless authorized by UnifyHR. Client shall not remove, modify or obscure any copyright, trademark or other proprietary rights notices that appear on any UnifyHR Property or that appear during use of any UnifyHR Property. Notwithstanding anything herein to the contrary all reports and other work product created by or on behalf of UnifyHR, whether in tangible or intangible form, in connection with the Services ("Work Product") is for the sole benefit of Client and shall be considered work made for hire and the Confidential Information of Client and, upon creation, shall be and remain the sole and exclusive property of Client. Further, UnifyHR hereby assigns all rights, title, and interest that UnifyHR or its personnel has in such information to Client. If and to the extent that, under applicable law, UnifyHR may be entitled to claim any interest in any Work Product or exclusive title and/or ownership rights may not originally vest in Client as set forth above, UnifyHR hereby irrevocably transfers, grants, conveys, assigns, and relinquishes exclusively to Client all of UnifyHR's right, title, and interest in and to such Work Product in perpetuity or for the longest period otherwise permitted by law. 6. CONFIDENTIALITY. "Confidential Information" (a) with respect to UnifyHR as the Disclosing Party shall mean the information deemed to be "Confidential Information" as set forth in Section 5, and any other information clearly marked as "Confidential" at the time of disclosure, and (b) with respect to Client as the Disclosing Party shall mean: (i) Client Data, (ii) the Plan, and (iii) any other information disclosed by or on behalf of Client, or to which UnifyHR is exposed because of this Agreement, including, without limitation, all files, records, business plans, technical information, ideas, methodologies, processes, intellectual property, personnel, contracts, and information regarding, business operations, personnel, clients, customers, products, services, pricing, organizational structure and financial data, and operational information. Without limiting the generality of the foregoing, "Confidential Information" with respect to Client shall also include NPPI and Privileged Information. UnifyHR MSA and BAA v1.0 3 "NPPI" means material, data, or information that comprises or contains "non-public personal information" as defined by the Gramm-Leach-Bliley Act and its related regulations. "Privileged Information" means material, data, or information that (i) is subject to and protected by legal privileges, including, without limitation, attorney-client and attorney work product privileges or (ii) has been gained through the attorney-client relationship which Client is under an ethical obligation to maintain in confidence. Except with respect to Privileged Information, Confidential Information excludes information available to the public other than by a breach of this Agreement. Each party (the "Receiving Party") agrees that it will not disseminate, distribute, expose, or in any way disclose any Confidential Information of the other party (the "Disclosing Party"), to any third party; provided, however, that the Receiving Party may (a) disclose the Confidential Information of the Disclosing Party to its employees on a need-to-know basis, and (b) use the Disclosing Party's Confidential Information to the extent necessary to perform its obligations under this Agreement or for the specific business purpose for which it was made available. The Receiving Party agrees that it will treat all Confidential Information with the same degree of care as the Receiving Party accords its own Confidential Information, but in no event, less than reasonable care. The Receiving Party certifies that any of its employees to which it discloses the Disclosing Party's Confidential Information have previously agreed, either as a condition to employment or in order to obtain the Confidential Information, to be bound by terms and conditions as restrictive as the terms and conditions applicable to the Receiving Party under this Agreement. The Receiving Party shall immediately give notice to the Disclosing Party of any use or disclosure of the Disclosing Party's Confidential Information prohibited by this Section 6. The Receiving Party, at its cost and expense, agrees to assist the Disclosing Party in remedying any such use or disclosure of Disclosing Party's Confidential Information, which shall include, without limitation, payment of all of Disclosing Parties' costs and expenses (including reasonable attorneys' fees) incurred in connection with any such use or disclosure. Upon the expiration or termination of this Agreement, the Receiving Party shall not have any right to the further use of any Confidential Information of the Disclosing Party. UnifyHR represents, warrants, and agrees that it will maintain reasonable security measures to safeguard Client's Confidential Information, which security measures shall be compliant with applicable law and with any data-handling procedures that Client may from time to time provide to UnifyHR, and be commensurate with industry standards. Without limiting the generality of the forgoing, such security measures shall include, without limitation, the following: (a) access controls on Client's Confidential Information, including controls to authenticate and permit access only to authorized individuals and controls to prevent providing Confidential Information to unauthorized individuals who may seek to obtain it through fraudulent or other improper means; (b) access restrictions at physical locations containing Client's Confidential Information (such as buildings, computer facilities, and records storage facilities) to permit access only to authorized individuals; (c) monitoring systems and procedures to detect or protect against actual and attempted attacks on or intrusions into systems storing or handling Confidential Information; (d) measures to protect against destruction, loss, or damage of Client Confidential Information due to potential environmental hazards, such as fire or water damage or technological failures; (e) training of UnifyHR's employees and other persons performing on its behalf to implement any applicable information security measures; UnifyHR VISA and BAA 0.0 4 and (f) encryption of all digital or electronic storage devices, using encryption standards no less stringent than the Advanced Encryption Standard set forth by the National Institute of Standards and Technology. In the event the Receiving Party is compelled or otherwise required by court order or other legal process or law, which is binding upon it, to disclose the Disclosing Party's Confidential Information, it shall, to the extent permitted by law, promptly give the Disclosing Party written notice that the Receiving Party has received a request for the disclosure of the Confidential Information sufficiently before the date of requested disclosure to permit the Disclosing Party to seek appropriate relief to limit or prevent such disclosure, and the Receiving Party shall cooperate with the Disclosing Party in securing such relief. Notwithstanding anything herein to the contrary, UnifyHR shall keep and maintain all Privileged Information in strict confidence and shall not disclose such Privileged Information without the written consent of Client. Client shall, upon at least two (2) business days prior written notice, have the right to visit UnifyHR's facilities and to inspect, investigate, evaluate, and audit all activities, books, records, data, and other information or materials of UnifyHR and its employees and other persons performing on its behalf to enable Client to examine or otherwise verify: (i) UnifyHR's policies, procedures, and practices with respect to accessing, securing, managing, backing-up, recovering, or otherwise safeguarding Client Data and Client's Confidential Information, including internal controls related to implementation or oversight of any such policy, procedure, or practice; (ii) the accuracy of any amount(s) invoiced by UnifyHR; (iii) systems, equipment, and software that process, store, support, or transmit Client's Confidential Information or are otherwise used to provide services or otherwise perform hereunder; and (vi) the performance of UnifyHR's obligations hereunder and its compliance with this Agreement. The Receiving Party acknowledges and agrees that a breach or threatened breach of its obligations under this Section 6 will cause irreparable injury to the Disclosing Party for which damages are not reasonably ascertainable and there is no adequate legal remedy. Accordingly, the Disclosing Party shall be entitled to seek and obtain, without a showing of irreparable injury and inadequacy of legal remedy, and without bond, a temporary or permanent injunction, or an order of specific performance from a court of competent jurisdiction respecting any such breach or threatened breach. Such equitable relief shall be in addition to all other rights and remedies that may be available to the Receiving Party. 7. PUBLICITY. UnifyHR agrees that it will limit use of client logos to presentation materials, and not, otherwise, (i) make any public announcements, press releases or other publicity of this Agreement and the Services contemplated hereby, (ii) use Client's name in its marketing materials, (iii) disclose to any potential customer of UnifyHR or announce or publicize that UnifyHR renders any services to Client and (iv) use Client's name or logo in any lists published by it, without the prior written consent of Client. UnifyHR MSA and BAA v1.0 5 8. WARRANTY. UnifyHR represents and warrants that (i) it has, and during the Term (hereinafter defined) will continue to have, all right, title, and interest necessary to provide the Services and UnifyHR Property to Customer under the terms set forth in this Agreement; (ii) it shall abide by, and the Services and Unify HR Property will be provided to Client in conformity with, all applicable laws, rules, and regulations, including data privacy laws; (iii) the UnifyHR Property and Services do not, and during the Term shall not (a) infringe on or misappropriate any third party's copyright, patent, trademark, trade secret or other proprietary rights or right of publicity or privacy; or (b) violate any law, statute, ordinance or regulation, including, without limitation, laws and regulations governing export control, false advertising or unfair competition; (iv) the Service will be performed in workmanlike manner and in accordance with the highest standards of care and diligence generally recognized in the industry; (v) each UnifyHR employee or other person performing Services on behalf of Unify HR is suitably skilled, knowledgeable, and experienced to provide the Services requested, and to perform the tasks assigned to them; (vi) all persons providing Services or performing under this Agreement on behalf of UnifyHR who may have access to Client's Confidential Information shall be subject to appropriate screening and background checks and shall be subject to confidentiality obligations and information security policies and procedures no less stringent than is UnifyHR. 9. INDEMNIFICATION. UnifyHR agrees to indemnify, defend, and hold harmless Client and each of its respective partners, officers, directors, employees, successors, assigns, representatives, and agents from any and all obligations, judgments, assessments, losses, liabilities, costs, damages, deficiencies, fines, penalties, or expenses (including reasonable attorneys' fees, accountants' fees, expert witness fees, and related fees and court costs) arising from or relating to any claim, cause of action, or allegation that is, or may be, made against any such indemnified person by any third party in connection with (i) the gross negligence, fraud, or willful misconduct, whether in contract, tort, or otherwise, of UnifyHR or any employee or other person performing on its behalf, (ii) any breach of the provisions of Section 6 (Confidentiality), or (iii) any breach of UnifyHR's representations and warranties by UnifyHR or any employee or other person performing on its behalf. 10. SUSPENSION OF SERVICE. If Client breaches Sections 1.5, 2.2, 4.3, 5, or 6 of this Agreement, UnifyHR may suspend the Services if Client fails to cure within fifteen (15) days of receipt of written notice of breach. 11. EQUIPMENT OR SOFTWARE NOT PROVIDED BY UNIFYHR. Client shall be solely responsible for the installation, operation, maintenance, use and compatibility of equipment or software not provided by UnifyHR and UnifyHR shall have no liability or responsibility in connection therewith. Client shall cooperate with UnifyHR in setting the initial configuration for its equipment's interface with the Services and comply with UnifyHR's reasonable instructions in connection therewith. UnifyHR MSA and BAA v1.0 6 12. LIMITATION OF DAMAGES. EXCEPT AS OTHERWISE PROVIDED IN THE BUSINESS ASSOCIATE AGREEMENT TO THE MAXIMUM EXTENT PERMITTED BY LAW, AND EXCEPT IN CONNECTION WITH UNIFYHR'S (A) OBLIGATIONS UNDER SECTION 9 (INDEMNIFICATION), (B) BREACH OF OR PERFORMANCE UNDER SECTION 6 (CONFIDENTIALITY), OR (C) GROSS NEGLIGENCE, FRAUD, OR WILLFUL MISCONDUCT, IN NO EVENT SHALL EITHER PARTY BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, PUNITIVE OR CONSEQUENTIAL DAMAGES ARISING FROM OR RELATED TO THIS AGREEMENT WHETHER FOR, AMONG OTHER THINGS, BREACH OF WARRANTY OR ANY OBLIGATION ARISING THEREFROM, AND WHETHER LIABILITY IS ASSERTED IN, AMONG OTHER THINGS, CONTRACT OR TORT, AND WHETHER OR NOT SUCH PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF ANY SUCH LOSS OR DAMAGE. 13. INSURANCE. UnifyHR shall secure and maintain insurance coverages and related limits of insurance pertinent to providers of the Services as described in Exhibit B. Such coverages will include Workers Compensation, Employer's Liability, Commercial General Liability, Umbrella Liability, Automobile Liability (Hired and Non-Owned), and Technology Professional (Cyber) Liability. UnifyHR will provide Client a Certificate of Insurance upon written request. Client requests for limit(s) of insurance greater than those maintained by UnifyHR will be charged for the associated increase in premium, if such increase in limit(s) can be obtained. 14. ASSIGNMENT AND TRANSFER. Neither party may transfer or assign this Agreement, or its obligations hereunder, without the prior written consent of the other party, except that either party may assign, novate or otherwise transfer this Agreement in its entirety, without the consent of the other party, to a successor in interest in connection with a merger, reorganization, or sale of all or substantially all assets or equity. Client's arrangement with a broker, consultant or other third party to remit payment for Services does not constitute an assignment for purposes of this Agreement and shall not limit UnifyHR' rights under Section 4.3 hereof. Other than Cloud hosting and print-mail fulfillment, UnifyHR shall not use any subcontractor or other third party in connection with its performance under this Agreement without Client's express written consent. This Agreement shall be binding upon and inure to the benefit of the parties hereto and each of their respective successors and permitted assigns. 15. TERM AND TERMINATION, 13.1. The Initial Term (herein so called) of this Agreement shall commence on the Effective Date and shall end upon the latest expiration of any SOW(s) attached hereto. Any SOW(s) attached may be renewed at mutually agreed upon rates for successive two (2) year terms upon execution of a written agreement of the parties (each such two-year term being a "Renewal Term"), provided, however, that UnifyHR shall give Client six (6) months notice if UnifyHR intends not to renew the Agreement. The Initial Term and any Renewal Terms shall be referred to herein as the "Term". Upon expiration of the Initial Term UnifyHR may increase Client rates upon ninety (90) days written notice. UnifyHR MSA and BAA v1.0 7 13.2. Except as provided in Section 10, either party (referred to as "Party A") may terminate this Agreement by written notice to terminate delivered to the other party (referred to as "Party B") if Party B has failed or refused to cure any material breach of this Agreement within forty-five (45) days following Party B's receipt from Party A of a written notice specifying the nature of Party B's material breach(es) and Party A's intent to terminate this Agreement if Party B fails or refuses to cure such specified material breach(es), except that Party A may terminate this Agreement immediately upon written notice to Party B in the event of the breach by Party B of any provision of Section 6 related to Client Data. 13.3. Either party may terminate this Agreement without cause in whole or in part (i.e., partially as to a specific SOW or element of service within an SOW) during the Initial Term or any Renewal Term upon not less than sixty (60) days' written notice, specifying the date upon which such termination shall become effective (the "Effective Date of Termination"). If Client terminates this entire Agreement in accordance with the preceding sentence, then Client shall pay all Fees incurred through the Effective Date of Termination. Upon payment of the applicable charge pursuant to Section 4.3, Client shall have no further payment obligation of any sort to UnifyHR. 13.4. Either party may terminate this Agreement immediately by written notice delivered to the other party if (i) the other party voluntarily files a petition in bankruptcy, (ii) the other party is adjudicated bankrupt or insolvent pursuant to an order or judgment entered by a court of competent jurisdiction that is no longer subject to appeal and has become final, (iii) the other party makes an assignment for the benefit of creditors or (iv) a receiver is appointed for the other party or for its business and such receiver is not discharged within ninety (90) days after such appointment. In such instance, the cancelling party shall have no further obligations of any sort under this Agreement, except as set out in Section 15.5. 13.5. All rights and obligations that by their nature survive termination, and remedies of the parties arising hereunder before any termination of this Agreement, shall survive any termination of this Agreement. Termination shall not relieve Client from paying all undisputed Fees accruing prior to termination. Without limitation of the foregoing, the provisions of Sections 1.3, 1.4, 5, 6, 7, 8, 9, 12, 13, 15.5, 15.6, 15.7, and 16.1 through 16.8 shall survive the expiration or termination of this agreement. 13.6. Upon and following any termination (in whole or in part) of this Agreement (except for termination by UnifyHR under Section 15.2), UnifyHR agrees that it will provide to Client such services, assistance and cooperation as reasonably requested by Client and as may be necessary, advisable or appropriate to the orderly, efficient and seamless transfer of the terminated Services either back to Client or any third party designated by Client. If such transfer requires UnifyHR to provide data in any format other than the standard UnifyHR format, Client agrees to pay UnifyHR one thousand dollars ($1,000) for its costs incurred pursuant to such transfer. 13.7. Upon the expiration or termination of this Agreement or the earlier request of Client, UnifyHR shall cease use of, and pursuant to direction of Client, as applicable, return, transfer to another provider, and/or destroy or delete from its systems all files, documents, or data in whatever form of media then in the possession, custody, or control of UnifyHR, including, without limitation, Client's Confidential Information. UnifyHR shall certify compliance with such directions through a written statement signed by a duly authorized official of UnifyHR responsible for assuring compliance therewith. UnifyHR VISA and BAA v1.0 8 16. MISCELLANEOUS. 14.1. This Agreement together with the attached SOW(s), Fee Exhibits, and Business Associate Agreement collectively represent the entire Agreement between the parties with respect to the subject matter contained herein, and expressly supersede and cancel any prior oral or written agreements with respect to the subject matter contained herein, it being understood that the Business Associate Agreement shall not limit the generality of the provisions under this Agreement protecting Client. Each party acknowledges that it is not entering into the Agreement on the basis of any representation not expressly contained herein. Other than as specified herein, this Agreement may not be supplemented or modified except in a writing executed by the parties. 14.2. This Agreement shall be governed in accordance with the laws of the State of Washington without regard to its conflicts of law rules. 14.3. All notices delivered under the Agreement shall be in writing and deemed given upon receipt when delivered personally or upon confirmation of receipt following delivery of (i) electronic mail communication, (ii) nationally recognized overnight courier service (iii) registered or certified mail, return receipt requested, postage prepaid, addressed to each party at its last known address, or at such other address furnished by the respective party immediately following the signatures affixed hereto. 14.4. If any provision of this Agreement or portion thereof is found to be invalid or unenforceable under applicable law, it shall be omitted from the Agreement without invalidating the remainder of such provision or the remaining provisions of this Agreement. 14.5. Neither party shall be liable for any delay or failure of performance affecting such party or its contractors (other than obligations to make payments that have become due and payable pursuant to this Agreement unless and to the extent that the means of making payment has been affected by a Force Majeure Event) arising from any cause, circumstance or contingency not caused by such party and beyond the reasonable control of such party or its contractors, including acts of God, acts of terrorism, governmental acts, accidents, war, riots or civil unrest, fires, storms, earthquakes, floods, interruptions or failures of third-party telecommunication or digital transmission links and Internet slow-downs or failures that cannot be reasonably remedied (each a "Force Majeure Event'), provided that if UnifyHR is the affected party, UnifyHR has successfully implemented its disaster recovery plan with respect to the Services. 14.6. Each party will be and shall act as an independent contractor and not as an agent or partner of, or party to as joint venture with the other party for any purpose and neither party by virtue of this Agreement shall have any right, power, or authority to act or create any obligation, express or implied, on behalf of the other party. 14.7. The various headings in this Agreement and in the attached schedules are for convenience only. They shall not affect the meaning or interpretation of this Agreement or any Section or provision hereof. UnifyHR MSA and BAA v1.0 9 14.8. This Agreement may be executed in two (2) or more counterparts, each of which shall be deemed an original and all of which, together, shall constitute one and the same instrument. Facsimile execution and delivery of the Agreement is legal, valid, and binding for all purposes. Agreed to by their respective duly authorized representatives: City of Kent UnifyHR, LLC by: Name: Dana Ralph A. Allen Gehrki Title: Mayor President and CEO Street Address: 220 Fourth Avenue South 105 Decker Court, Suite 530 City, State, Zip: Kent, WA 98032 Irving TX 75062 Date: Physical address for each party for notices, requests, or demands: To UnifyHR at: UnifyHR, LLC Attn: Chief Executive Officer 105 Decker Court Suite 530 Irving, TX 75062 To Client: City of Kent Attn: Laura Horea Street Address: 400 West Gowe St. City, State, Zip: Kent, WA 98032 UnifyHR MSA and BAA v1,0 10 BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement ("Agreement") is entered into as of the date set forth (the "Effective Date") in the Master Services Agreement, by and between Client (the "Covered Entity") and UnifyHR, LLC ("Business Associate"), by means of their signatures on the Master Services Agreement, Covered Entity and Business Associate are sometimes hereinafter referred to individually as "Party" and collectively as "Parties". RECITALS The Parties, in order to establish the parameters of the Parties' business arrangement by which the Covered Entity may disclose to the Business Associate certain Protected Health Information (as that term is defined in 45 CFR Part 160.103) in the custody and control of the Covered Entity, and the Business Associate may use, disclose or create Protected Health Information on behalf of the Covered Entity. The Business Associate provides certain services to the Covered Entity (the "Services"); In the course of providing such Services, the Covered Entity may disclose to the Business Associate certain Protected Health Information ("PHI") in the custody and control of the Covered Entity, and the Business Associate may use and further disclose such PHI, or create additional PHI, in the performance of its Services on behalf of the Covered Entity; and, The Covered Entity and the Business Associate desire to set forth their respective rights and obligations with respect to the use and disclosure of PHI in order to comply with the requirements of the Health Insurance Portability and Accountability Act of 1996 ("HIPAA") as amended by the Health Information Technology for Economic and Clinical Health Act of 2009 (the "HITECH Act"), including all applicable regulations issued by the Department of Health and Human Services ("HHS"). NOW, THEREFORE, Business Associate and Covered Entity agree as follows, 1. DEFINITIONS. Capitalized terms used, but not otherwise defined, in this Agreement shall have the same meaning as those terms in the HIPAA and/or the HITECH Act regulations. Unless specifically indicated, all provisions herein are pursuant to the HIPAA and HITECH Act regulations regarding Business Associate agreements only. Any prospective amendment to the laws referenced in this Agreement prospectively amend this Agreement to incorporate said changes by Congressional act or by regulation of the Secretary of HHS. 1.1, Designated Record Set. "Designated Record Set" has the same meaning as the term "designated record set" has in 45 CFR §164.501. 1.2. Individual. "Individual" shall have the same meaning as the term "individual" in 45 CFR 160,103 and shall include a person who qualifies as a personal representative in accordance with 45 CFR 164.502(g). 1.3. Privacy Rule. "Privacy Rule" shall mean the Standards for Privacy of Individually Identifiable Health Information at 45 CFR Part 160 and Part 164, Subparts A and E, as amended by the HITECH Act. UnifyHR MSA and BAA v1.0 11 1.4, Protected Health Information. "Protected Health Information" shall have the same meaning as the term "protected health information" in 45 CFR 160.103 (as amended by the HITECH Act), limited to the information created or received by Business Associate from or on behalf of Covered Entity. 1.5, Required by Law. "Required by Law" shall have the same meaning as the term "required by law" in 45 CFR 164,103. 1.6. Secretary. "Secretary" shall mean the Secretary of the U.S. Department of Health and Human Services or his designate. 1.7. Security Rule. "Security Rule" shall mean the Security Standards for the Protection of Electronic Protected Health Information at 45 CFR Part 160 and Part 164, Subparts A and C, as amended by the HITECH Act. 1.8, Unsecured Protected Health Information. "Unsecured Protected Health Information" shall mean Protected Health Information that is not secured through the use of a technology or methodology specified by the Secretary in regulations or as otherwise defined in the §13402(h) of the HITECH Act. 1.9. Breach. "Breach" shall have the same meaning as the term "breach" has in §13400 of the HITECH Act and 45 CFR 164.402, wherein breach is defined to mean the acquisition, access, use, or disclosure of Protected Health Information in a manner not otherwise permitted under HIPAA or the HITECH Act which compromises the security or privacy of the Protected Health Information. 1.9.1. A use or disclosure of protected health information that does not include the following information does not, by definition, compromise the security or privacy of the Protected Health Information: names; postal address information; zip code; telephone numbers, fax numbers; electronic mail addresses; social security numbers; and medical record numbers. 1.9.2. The term Breach specifically excludes: i) Any unintentional acquisition, access, or use of Protected Health Information by a workforce member or person acting, under the authority of the Covered Entity or the Business Associate, if such acquisition, access, or use was made in good faith and within the scope of authority and does not result in further use or disclosure in a manner not permitted under HIPAA or the HITECH Act. ii) (Any inadvertent disclosure by a person who is authorized to access Protected Health Information at the Covered Entity or Business Associate to another person authorized to access Protected Health Information at the same Covered Entity or Business Associate, or organized health care arrangement in which the Covered Entity participates, and the information received as a result of such disclosure is not further used or disclosed in a manner not permitted under HIPAA or the HITECH Act. iii) A disclosure of Protected Health Information where the Covered Entity or Business Associate has a good faith belief that an unauthorized person to whom the disclosure was made would not reasonably have been able to retain such information. UnifyHR MSA and BAA v1.0 12 Except as provided in Section 1.9.2 above, an acquisition, access, use, or disclosure of Protected Health Information in a manner not permitted under the HIPAA or the HITECH Act is presumed to be a Breach unless the Covered Entity or Business Associate, as applicable, demonstrates that there is a low probability that the Protected Health Information has been compromised based on risk assessment of at least the following factors: i) The nature and extent of the Protected Health Information involved, including the types of identifiers and the likelihood of re-identification; ii) The unauthorized person who used the Protected Health Information or to whom the disclosure was made; N) Whether the Protected Health Information was actually acquired or viewed; and iv) The extent to which the risk to the Protected Health Information has been mitigated. 2. OBLIGATIONS AND ACTIVITIES OF BUSINESS ASSOCIATE„ The parties agree as follows: 2.1. Business Associate shall comply with the requirements of Title XI I, Subtitle D of the Health Information Technology for Economic and Clinical Health (HITECH) Act, codified at 42 U.S.C. §§17921-17954, which are applicable to Business Associates, and shall comply with all regulations issued by the Department of Health and Human Services (HHS) to implement these referenced statutes, as of the date by which Business Associates are required to comply with such referenced statutes and HHS regulations. 2.2. Business Associate understands that the HITECH Act has made certain provisions of HIPAA directly applicable to all Business Associates, including requirements for implementation of administrative, physical, and technical safeguards for maintaining the privacy and security of PHI, and application of civil and criminal penalties for violation of HIPAA or the HITECH Act. 2.3. Business Associate agrees to not use or further disclose Protected Health Information other than as permitted or required in the performance of its Services to Covered Entity, or as otherwise Required by Law. 2.4, Business Associate agrees to use appropriate privacy safeguards to prevent use or disclosure of the Protected Health Information other than in connection with the Services provided to the Covered Entity, and to maintain the integrity and confidentiality of any Protected Health Information transmitted by Covered Entity to Business Associate for the purpose of obtaining services or system support from Business Associate. 2.5, Business Associate agrees to use all commercially reasonable efforts to maintain the security of the Protected Health Information and to prevent unauthorized use and/or disclosure of such Protected Health Information. Such security measures shall, at a minimum: 2.5.1. Implement HIPAA-compliant administrative, physical and technical safeguards, as defined by 45 CFR 164,304, that reasonably and UnifyHR MSA and BAA v1.0 13 appropriately protect the confidentiality, integrity and availability of the Covered Entity's electronic Protected Health Information that the Business Associate accesses, maintains, creates, receives, retains, modifies, records, stores, destroys, or otherwise holds, uses, or discloses; and 2.5.2. Business Associate agrees to ensure that any agent, including a subcontractor, to whom it provides Protected Health Information received from Covered Entity, or created or received by Business Associate on behalf of Covered Entity, agrees to the same restrictions and conditions, including the implementation of reasonable and appropriate security safeguards, that apply through this Agreement to Business Associate with respect to such information. 2.6, Business Associate agrees to mitigate, to the extent practicable, any harmful effect that is known to Business Associate of a use or disclosure of Protected Health Information by Business Associate in violation of the requirements of this Agreement. 2.7. Business Associate will make a report to the Covered Entity of any Breach or other use or disclosure, or improper or unauthorized access or acquisition of Unsecured Protected Health Information, as required by 42 U.S.C. §§ 17932 (b), within five (5) business days of Business Associate's discovery of the Breach. This notice shall include the identification of each individual whose Unsecured Protected Health Information has been, or is reasonably believed by Business Associate to have been, accessed, acquired or disclosed during such Breach. Business Associate shall indemnify Covered Entity for any reasonable expenses Covered Entity incurs in notifying individuals of a Breach caused by Business Associate or its subcontractors or agents. 2.8. Business Associate agrees to make all reasonable efforts to ensure that any agent, including a subcontractor, to whom it provides Protected Health Information received from Covered Entity, or created or received by Business Associate on behalf of Covered Entity, agrees to the same restrictions and conditions, including the implementation of reasonable and appropriate security safeguards, that apply through this Agreement to Business Associate with respect to such information. 2.9, Business Associate agrees to provide access, at the reasonable request of Covered Entity, to Protected Health Information in a Designated Record Set, to Covered Entity or, as directed by Covered Entity, to an Individual in order to meet the requirements under 45 CFR 164.524. 2.10. Business Associate agrees to, at the request of, and in a reasonable time and manner designated by the Covered Entity, make any amendment(s) to the Protected Health Information that the Covered Entity directs or agrees to pursuant to 45 CFR 164.526 at the request of the Covered Entity or an individual and confirm such change in writing in a timely manner. 2.11. Business Associate agrees to make available to the Secretary of Health and Human Services, or his designee, or to Covered Entity, during Business Associate's normal business hours, the internal practices, books, and records relating to the use and disclosure of Protected Health Information received from, or created or received by Business Associate on behalf of Covered Entity, in a time and manner designated by the Covered Entity or the Secretary, for purposes of the Secretary determining Covered Entity's compliance with the Privacy Rule. Business Associate also agrees to make available to the Secretary of Health and Human Services, or his designee, UnifyHR MSA and BAA v1.0 14 its policies, procedures, and documentation relating to its reasonable and appropriate security safeguards of the Protected Health Information, for purposes of the Secretary determining Covered Entity's compliance with the Security Rule. 2.12. Business Associate agrees to document such disclosures of Protected Health Information and information related to such disclosures as would be required for Covered Entity to respond to a request by an Individual for an accounting of disclosures of Protected Health Information in accordance with 45 CFR 164.528. 2.13. Business Associate agrees to provide to Covered Entity or an Individual, in a reasonable time and manner designated by Covered Entity, information collected in accordance with the Agreement, to permit Covered Entity to respond to a request by an Individual for an accounting of disclosures of PHI in accordance with 45 CFR 164.528. 2.14. Business Associate understands and agrees that, pursuant to the HITECH Act, if Business Associate knows of a pattern of activity or practice that constitutes a material breach or violation of the Covered Entity's obligation under the Agreement, Business Associate must take reasonable steps to cure the breach or end the violation. If such steps are unsuccessful, the Business Associate must terminate the Agreement, if feasible; if termination is not feasible, Business Associate must report the problem to the Secretary of Health and Human Services. 3. PERMITTED USES AND DISCLOSURES BY BUSINESS ASSOCIATE. Except as otherwise limited in this Agreement, Business Associate may use or disclose Protected Health Information on behalf of, or to provide services to, Covered Entity, as required in connection with the performance of the Services, provided that such use or disclosure would not violate the HIPAA Privacy Rule if done by Covered Entity or the minimum necessary policies and procedures of Covered Entity, to the extent they are made known to the Business Associate. In addition: 3.1, Except as otherwise limited in this Agreement, Business Associate may disclose Protected Health Information for the proper management and administration of Business Associate, and to fulfill any present or future legal responsibilities of Business Associate, provided that disclosures are Required by Law, or the Business Associate obtains reasonable assurances from the person to whom the information is disclosed that (i) the information will remain confidential and used or further disclosed only as Required by Law or for the purpose for which it was disclosed to the person, and (ii) the person notifies Business Associate of any instances of which it is aware in which the confidentiality of the information has been breached. 3.2, Business Associate may use Protected Health Information to report violations of law to appropriate Federal and State authorities, consistent with 45 CFR 164.5020)(1). UnifyHR MSA and BAA v1.0 15 4. OBLIGATIONS OF COVERED ENTITY. Covered Entity agrees as follows: 4.1. Covered Entity shall notify Business Associate of any limitations in its Notice of Privacy Practices of Covered Entity in accordance with 45 CFR 164.520, to the extent that such limitation may affect Business Associate's use or disclosure of Protected Health Information. 4.2, Covered Entity shall notify Business Associate of any changes in, or revocation of permission by an Individual to use or disclose Protected Health Information, to the extent that such changes may affect Business Associate's use or disclosure of Protected Health Information. 4.3, Covered Entity shall notify Business Associate of any restriction to the use or disclosure of Protected Health Information that Covered Entity has agreed to in accordance with 45 Cl 164.522, to the extent that such restriction may affect Business Associate's use or disclosure of Protected Health Information. 4.4, Covered Entity shall not request Business Associate to use or disclose Protected Health Information in any manner that would not be permissible under the Privacy Rule if done by Covered Entity (except data aggregation and management and administrative activities of Business Associate). 5. TERM AND TERMINATION. The parties agree as follows: 5.1. Term. The term of this BAA shall commence as of the "Effective Date" and shall terminate when all of the Protected Health Information provided by Covered Entity to Business Associate, or created or received by Business Associate on behalf of Covered Entity, is destroyed or returned to Covered Entity, or, if it is infeasible to return or destroy Protected Health Information, protections are extended to such information, in accordance with the termination provisions in this Section. 5.2. Termination for Cause. Upon Covered Entity's knowledge of a material breach of this Agreement by Business Associate, Covered Entity shall provide a reasonable time for Business Associate to cure the breach. If Business Associate does not cure the breach within such reasonable time, or if cure is not feasible, Covered Entity may terminate the Services immediately, but the Covered Entity shall remain responsible for any and all fees for Services rendered prior to such termination. 6. EFFECT OF TERMINATION. The parties understand and agree that Business Associate has an ethical obligation to retain documentation regarding and supporting legal services it renders to the Covered Entity. Consequently, it is agreed and understood that, upon termination of the Agreement, for any reason, it will be infeasible to return or destroy the Protected Health Information that Covered Entity disclosed to Business Associate. Nonetheless, Business Associate shall extend the protections of this Agreement to such Protected Health Information and limit any further uses and disclosures of such Protected Health Information to those purposes that make the return or destruction infeasible. UnifyHR MSA and BAA v1.0 16 7. MISCELLANEOUS. 7.1. Regulatory References. A reference in this Agreement to a section in the Privacy or Security Rules means the section as in effect or as amended, and for which compliance is required. 7.2. Amendment. The parties agree to take such action as is necessary to amend this Agreement from time to time as is necessary for the parties to comply with the requirements of the Privacy and Security Rules and the Health Insurance Portability and Accountability Act of 1996, Public Law 104-191, as it relates to Business Associate's performance thereunder. 7.3. Interpretation. Any ambiguity in this Agreement shall be resolved in favor of a meaning that permits Covered Entity to comply with the Privacy and Security Rules. 7.4. Survival. The respective rights and obligations of Business Associate under sections 2, 3, and 6 of this Agreement shall survive the termination of this Agreement as long as Business Associate and its subcontractors or agents are in possession of any Covered Entity Protected Health Information. 7.5, No Third-Party Beneficiaries. Nothing express or implied in this Agreement is intended to confer, nor shall anything herein confer, upon any person other than the parties and their respective successors or assigns, any rights, remedies, obligations, or liabilities whatsoever. 7.6. Washington Medical Records Laws. Business Associate shall comply with the Washington Medical Records Laws and the related regulations, as may be amended from time to time. UnifyHR MSA and BAA v1.0 17 Statement of Work ACA Comprehensive Services City of Kent This Statement of Work ("SOW") is subject in all respects to the Master Services Agreement between Client and UnifyHR ("Agreement"). In the event of a conflict between this SOW and the Agreement, the Agreement shall prevail. Additional services requested by Client and provided by UnifyHR that are not described herein as part of the SOW may be purchased by Client pursuant to the Agreement and will be provided by UnifyHR at then-current rates. Notwithstanding the preceding, it is agreed that the services described herein include by implication all lesser and included baseline services and activities that are necessary to render the described service. 1. ACA Comprehensive Administration Services 1.1. Eligibility Analysis: UnifyHR will utilize Client provided data to determine employee full-time/part-time status under applicable methodologies as defined by the Affordable Care Act ("ACA") and subsequent federal guidance. Similarly, UnifyHR will provide Client current variable hour employee average hours worked and likely outcome of current ongoing or new hire individual measurement periods. 1.2. Set up Client in the UnifyHR Application: UnifyHR will set up the Client in the UnifyHR application, including Client specific demographic information, designated Client contacts, Client defined set of application users, and other provisions. 1.3. Load Employee Data and Participant Data: UnifyHR requires data for employees and participants, along with dependent data (where applicable), be loaded to the UnifyHR application. To facilitate this load, UnifyHR will provide to Client or the Client's designated agent a file specification for the transmission of this data. Once received, UnifyHR will review the data file for errors and load the data. If Client cannot provide the data in a consumable format, UnifyHR will attempt to utilize an existing feed at the current data conversion rate. See Fee Exhibit for additional setup fees applicable to multiple system interfaces. 1.4. Management Reports: UnifyHR will provide Client with real-time access to facilitate review and timely client feedback regarding available reports (e.g., 1095 audit file and reports). 1.5. Management Report Orientation: UnifyHR will orient Client to Management Reports in the application as well as other information as reasonably requested by Client. UnifyHR ACA Comprehensive SOW 1.0 1 1.6. Result data feed: UnifyHR will provide to Client result files on an agreed upon schedule that include the outcomes of applicable employee eligibility analysis as well as the summary client data used to determine those outcomes. 1.7. Historical Analysis: UnifyHR will utilize historical demographic, payroll, and employment data to determine the optimal configuration to meet the Client's enrollment goals and PPACA compliance mandates on an annual basis. 1.8. Health Insurance Exchange Enrollment Forms: UnifyHR will, for applicable employees, digitally generate, for Client distribution, the employer portion of the Health Exchange enrollment form (aka "Employer Coverage Tool") for Client distribution. 1.9. Affordability: If Client provides pay rate and employee premium information, UnifyHR will determine plan affordability for each employee based on current PPACA requirements. 1.10. 6055 and 6056 Reporting: Each fiscal quarter, UnifyHR will process Client files as necessary to create, test and update Form 1095-C content. Provided Client has submitted final production data no later than twenty-one (21 ) days before the statutory deadline, UnifyHR will create the necessary information returns as mandated by the IRS to fulfill the Client's obligations under sections 6055 and 6056 of the Internal Revenue Code. This includes complete physical fulfillment service to the client's employee population (printing, mailing, and return mail support), as well as creation and submission of the electronic returns to the IRS on behalf of the Client. See Fee Exhibit for additional setup fees applicable to multiple system interfaces. 2. Fees 2.1. Fees: All fees, costs and expenses payable to UnifyHR for the Services (the "Fees") are set forth in the Fee Exhibit attached hereto. The Fees shall be invoiced and paid in U.S. Dollars. 2.2. Implementation Fees: Implementation and Setup fees will be invoiced upon contract execution. 2.3. 6055 and 6056 Fees: Fees for Reporting and Fulfillment under IRS sections 6055 and 6056 will be invoiced at one fourth the estimated annual amount at the beginning of each calendar year quarter. Following the IRS imposed deadline each reporting year, actual 6055/6056 Reporting Fees will be billed to Client reduced by previously paid estimates. 2.4. PEPM Fees: Per Employee Per Month (PEPM) Fees will be calculated on the last day of each calendar month by multiplying the total number of active employees for such month by the applicable PEPM rate. This calculated fee will be invoiced to Client during the subsequent calendar month. PEPM fees UnifyHR ACA Comprehensive SOW 1.0 2 will commence no later than ninety (90) days after the initial implementation meeting. 2.5. Other Fees: Any fees for other services will be invoiced according to the methodology and frequency set forth in the attached Fee Exhibit. UnifyHR ACA Comprehensive SOW 1.0 3 Fee Exhibit This schedule of fees for services enumerated in the SOW is subject in all respects to the Outsourcing Services Agreement between Client and UnifyHR ("Agreement'). In the event of a conflict between the SOW and the Agreement, the Agreement shall prevail. _._ _...m._ _....n....._ - - Implementation Fee General Implementation Fee - Includes 5 FEINs and 5 Health $2,363 Plans Additional FEINs - Per Each Set of 5 $1 ,000 Additional Health Plans - Per Each Set of 5 $1 ,000 Setup Fees - Per System Interface $1 ,350 _.__..........._....._. --------- _....._ . Retro EDI Setup Fee - Retroactive Data Capture $0 ACA Comprehensive Services Fee Hours & Affordability Tracking PEPM $0.77 —_._.... 1095/1094 Reporting Per 1095 $3.42 Annual Plan Maintenance Fee Fee Annual FEIN Maintenance Fee - Per Each 5 FEINs $1,000 Fees billed annually at SOW anniversary Annual Health Plan Maintenance Fee Per Each 5 Health $1,000 Plans Fees billed annually at SOW anniversary Data Conversion Fee Fee Data Conversion Fee $50.00 Fee billed per hour Fees are subject to an annual minimum total of $5,000. Fee Effective Period: October 1, 2018 through September 30, 2020 - Continues on next page - UnifyHR ACA Comprehensive SOW 1.0 4 Client and UnifyHR cause this SOW and Fee Exhibit to be effective with the signature of their respective duly authorized representatives: Client Name UnifyHR, LLC Laura Horea Allen Gehrki Contact Name — Contact Name _..._. Ihoreaakentwa.gov agehrkipunifyhr.com _..._.__.,........_........,.... . ........................... ... .... m.............__._......... ......... Contact Email .,.. Contact Email 220 Fourth Avenue South 105 Decker Court, Suite 150 Street Address Street Address Kent, WA 98032 Irving, TX 75062 City State,Zip City„sWe,Zip ` - ' � Client Aulhorizaa na g ura ClientAuthonzed Signature Dana Ralph, Mayor Allen Gehrki, CEO and President Prnted Narrt�e and Title Printed Name and Title 1 t� y c„ Date Date UnifyHR ACA Comprehensive SOW 1.0 5 EXHIBIT B INSURANCE REQUIREMENTS FOR CONSULTANT SERVICES AGREEMENTS Insurance The Contractor shall procure and maintain for the duration of the Agreement, insurance against claims for injuries to persons or damage to property which may arise from or in connection with the performance of the work hereunder by the Contractor, their agents, representatives, employees or subcontractors. A. Minimum Scope of Insurance Contractor shall obtain insurance of the types described below: 1. Comnercial General Liabij_iU insurance shall be written on ISO occurrence form CG 00 01 and shall cover liability arising from premises, operations, independent contractors, products-completed operations, personal injury and advertising injury, and hability assumed under an insured contract. The Commercial General Liability insurance shall be endorsed to provide the Aggregate Per Project Endorsement ISO form CG 25 03 11 85. The City shall be named as an insured under the Contractor's Commercial General Liability insurance policy with respect to the work performed for the City using ISO additional insured endorsement CG 20 10 11 85 or a substitute endorsement providing equivalent coverage. 2. Professional Liabilit (Errors & Omissions insurance appropriate to the Consultant's profession. B. Minimum Amounts of Insurance Contractor shall maintain the following insurance limits: 1. Commercial General Liability insurance shall be written with limits no less than 52,000,000 each occurrence, $2,000,000 general aggregate and a $2,000,000 products-completed operations aggregate limit. 2. Professional Liability (Errors & Omissions) Insurance shall be written with limits no less than $1,000,000 per claim and $1,000,000 policy aggregate limit. C. Other Insurance Provisions The insurance policies are to contain, or be endorsed to contain, the following provisions for Automobile Liability and Commercial General Liability insurance: EXHIBIT° B (Continued) 1. The Contractor's insurance coverage shall be primary insurance as respect the City. Any Insurance, self-insurance, or insurance pool coverage maintained by the City shall be excess of the Contractor's insurance and shall not contribute with it. 2. The Contractor's insurance shall be endorsed to state that coverage shall not be cancelled by either party, except after thirty (30) days prior written notice by certified mail, return receipt requested, has been given to the City. 3. The City of Kent shall be named as an additional insured on all policies (except Professional Liability) as respects work performed by or on behalf of the contractor and a copy of the endorsement naming the City as additional insured shall be attached to the Certificate of Insurance, The City reserves the right to receive a certified copy of all required insurance policies. The Contractor's Commercial General Liability insurance shall also contain a clause stating that coverage shall apply separately to each insured against whom claim is made or suit is brought, except with respects to the limits of the insurer's liability. D. Acceptability of Insurers Insurance is to be placed with insurers with a current A.M. Best rating of not less than ANII. E. Verification of Coverage Contractor shall furnish the City with original certificates and a copy of the amendatory endorsements, including but not necessarily limited to the additional insured endorsement, evidencing the insurance requirements of the Contractor before commencement of the work. F. Subcontractors Contractor shall include all subcontractors as insureds under its policies or shall furnish separate certificates and endorsements for each subcontractor. All coverages for subcontractors shall be subject to all of the same insurance requirements as stated herein for the Contractor. UnifyHR Services Proposal Unify, HR About UnifyHR UnifyHR provides flexible and affordable services that help employers manage complex employee benefits programs so they can focus on their core business. Our management team has extensive experience in employee benefits administration. The team includes the co-founders of CompLink, an industry-disrupting COBRA and Billing Services administrator that was acquired by CONEXIS, as well as the founders of HRAdvance, one of the nation's premier eligibility verification service providers. We know that every employer has unique business needs, so we've we designed flexibility into everything we do. We'll work with you to design a program that meets your compliance obligations while reducing your risk and workload, saving you time and money. Features Common to All UnlifyHR Services While each UnifyHR service includes its own unique set of features, there are several important service features that are shared across all of our services, including: Technology UnifyHR uses Azure, an industry leading cloud solution from Microsoft. This open and flexible cloud platform allows UnifyHR to quickly build, deploy and manage our proprietary application across a network of data centers supported by Microsoft, making UnifyHR incredibly nimble, infinitely scalable, and highly secure. Microsoft Azure provides U.S.-based geographically redundant storage, world-class data encryption utilizing SSL and TLS cryptography, and intrusion detection with automated penetration testing and tools designed to help identify and mitigate potential threats. Data Transfer and Integration We designed our application to simplify the complexities of sharing data between organizations. We will accept and aggregate data from different sources (payroll, benefits administration, leave and enrollment systems, etc.), analyze the data, and then use the results to administer our services in accordance with each employer's unique needs and business rules. To lessen the demand on their IT teams, many of our customers utilize existing reports and downloadable extracts from their native systems (e.g., payroll, HRIS, Time & Attendance, etc.). We can accept data in several formats (e.g., tab-delimited text files, CSV, etc.). While it's always preferable to receive data in our file layout, we are very flexible and often able to "marry & map" data, eliminating the need for the employer's IT team to program to our file specifications. Onboarding and Ongoing Customer Service Our new client onboarding process is built on proven project management processes and is driven by our highly trained and deeply experienced client services team members. Each new client is assigned to a team consisting of a product architect, the employer's designated client relationship manager, and an EDI analyst. This structure allows each team to take a consultative approach, providing best-practice recommendations to tailor our services to satisfy the unique needs of each employer client. The employer's designated client relationship manager leads the onboarding process and continues to serve as the employer's day-to-day contact to provide continuity of service and account knowledge. Client services team members are available toll-free Monday through Friday (excluding holidays and scheduled company closures) from 8 a.m. to 5 p.m. Central Time. Security We strive to provide our customers with peace of mind by ensuring regulatory and operational compliance that is continuously monitored by internal and external parties. The American Institute of Certified Public Accountants (AICPA) has developed the Service Organization Controls (SOC) framework, a standard for controls that safeguard Al PA the confidentiality and privacy of information. A SOC 2 m; 90 audit gauges the effectiveness of a Cloud Service Providers' (CSP) system, based on the AICPA Trust so Service Principles and Criteria. Our services are audited ^ alcpa.org/sac annually against the SOC reporting framework by independent third-party auditors. Reporting and Anallytics Our proprietary reporting system gives our clients access to the detailed reports they need to monitor their compliance and audit status quickly and easily. In addition to our standard dashboard reports, we offer a fully customizable library of on-demand and automated scheduled reports which are protected by HIPAA-compliant encryption. In addition to the wide variety of standard reports, custom ad-hoc reporting is available depending on customer needs and source data. ACA Compliance Services Although its status has been questionable at times, the Affordable Care Act (ACA) remains law and employers must continue to meet its challenging requirements or face substantial penalties. But complying with ACA rules is no easy task, and doing so can be very difficult for employers. Outsourcing ACA administration reduces an employer's workload and can help ensure that an employer accurately manages their ACA program while protecting them from potential penalties. Hours Tracking Administration The UnifyHR application tracks client-specific data for measurement, administration, and stability periods as defined by the Department of Treasury. We can track both the Monthly or Look-Back Measurement methods (or a combination thereof) depending upon the employer's unique compliance plan design requirements, taking into account things such as paid leaves of absence, qualified unpaid hours and all variations of the Rule of Parity. Our system sends automated alerts to the employer and assigned representatives of pending changes affecting employees. Affordability Tracking Administration Our affordability tracking service (included in our Comprehensive service option) measures, monitors, and reports all appropriate employee groups to perform affordability calculations utilizing the Rate of Pay, W2 or Federal Poverty Level affordability safe harbors. IRS 109511094 Reporting Our Comprehensive and Reporting-Only services both include code generation and the production, printing, and mailing of 1095-C forms for all eligible employees, including enrolled individuals such as retirees and COBRA participants. We also include the production and electronic XML filing of corresponding 1094 Transmittals utilizing the IRS AIR system. Our mail services include USPS First-Class mailing with returned mail tracking, reporting, destruction, and queuing of replacement statements. All related printing and postage fees are included in the 1095 "per statement" activity fee. Marketplace Exchange Notifications and Audit Defense Packets Upon notification of an Employer Appeal Request, we will review, validate, and provide timely support to enable the client to respond to any requests from the Marketplace for potentially erroneous tax credit awards. Our automated Employer Coverage Tool (ECT) form allows employers to quickly and easily generate a fully personalized ECT form to print or email to individuals requesting documentation, including our contact information to respond to any Marketplace inquiries on behalf of the customer. In the event of an IRS audit, we will provide a review of all penalty notices and respond with a comprehensive IRS Audit Defense Packet and corresponding documentation. ACA Comprehensive Services s m m ® - ACA Lives: Includes all full-time, part-time, variable and 700 seasonal employees Reportable Lives: Includes all active, retiree and COBRA 660 lives eligible to receive 1095 tax forms ...... ....--_. ._._.._ _ ------ Proposed Effective Date January 1 , 2019 .............---------------------------------............ ----------------- - -........ -........_ _..._.....--_.........._ -,.- Fee Guarantee Period Two Years _____ ............. .... ...._ ......_... _..w Total Number of Health Plans 4 Total Number of FEINs 1 Number of System Interfaces 2 Potential 2018 4980h(a) ACA Penalty $1 ,451,220 Eq MOM General Implementation Fee - Includes 5 FEINs 1 $2,363* $2,363 and 5 Health Plans Additional FEINs - Per Each Set of 5 0 $1 ,000 $0 Additional Health Plans - Per Each Set of 5 0 $1 ,000 $0 Setup Fees Per System Interface 2 $1,351 $2,700 - .... _.. ................_..... --- _..._. ....._ _... ......... Retro EDI Setup Fee Retroactive Data 1 1 $1,000 $0* Capture Hours & Affordability Tracking - PEPM 700 7$M ,40.77* $6, 68 1095/1094 Reporting - Per 1095 6603.42* $2257 MMm Annual FEIN Maintenance Fee - Per Each 5 1 $1,000 $1,000 FEINs -- .....,...__,.,.... Annual Health Plan Maintenance Fee - Per 1 $1,000 $1,000 ff Each 5 Health Plans $13,788 $10,725 See "Miscellaneous Fees and Assumptions" below for additional information *Health & Benefits Leadership Conference Special Promotion Miscellaneous Assumptions Mid-Year FEIN Takeover Fee — Per FEIN $500 Mid-Year Acquisition Takeover Fee — Per Acquisition $500 Manual Data Entry: Per Hour Fee $50 Assumptions The fees above assume all FEINs are considered ALEs of the same Applicable Large Employer ("Control Group") and supported by the same technology interfaces. EDI/System interfaces are defined as the various customer systems where required ACA data elements may be maintained such as a Payroll, HRIS, Benefits Enrollment, Time & Attendance, FMLA/LOA or COBRA, etc. Organizations that require more complex interface(s) may be subject to additional implementation and setup fees. Annually recurring Administration PEPM and Activity Fees are subject to an annual minimum of $5,000. Estimated annual fee(s) are calculated using provided lives. We reserve the right to adjust the fees quoted if the actual number of employees vary by more than 20 percent of the estimated lives indicated above. All fees are valid for 60 days beyond the proposed effective date. Definitions f ACA Services General Implementation Fee Set up of client data in our system, including client-specific account structure, demographic information, designated client contacts, a client-defined set of application users, and other provisions. The general implementation fee includes up to five FEINs and five health plans. Additional fees apply for each additional set of five FEINs or each additional set of five health plans. System Integration Setup Fee Client data file(s) mapped to our file requirements to ensure accurate and timely processing. The fee is calculated per source integration. e ro EDI Takeover Setup Fee To properly administer your ACA program, �,ve need employee data for each month of the calendar year. Therefore, it's best if employers implement our services prior to January 31 The retro EDI fee applies to employers who choose to implement our services after July 1 . Comprehensive Flours Tracking PEPM Fees Determine ACA full-time and part-time classifications based upon client's compliance plan design utilizing the Monthly and/or Lookback Measurement Methods, determine plan affordability for each employee based on current PPACA requirements; support Marketplace Appeal inquiries, and generate IRS Defense Packets (when required). PEPM fee invoiced by the fifth day of each month. 1095/1094 Reporting activity Fees Create the necessary information returns as mandated by the IRS to fulfill the client's obligations under sections 6055 and 6056 of the Internal Revenue Code. This includes complete fulfillment services to the designated populations (1095 code generation, printing, mailing, return mail support) as well as creation and submission of the electronic returns to the IRS on behalf of the employer. Fees invoiced quarterly (one-fourth of illustrated 1095/1094 activity fee per quarter). Final tax year production adjustment "trued- up" and invoiced following physical distribution of 1095-C forms each year Contact Us Today I would like to thank you for the opportunity to present this proposal. I am confident that UnifyHR is the perfect match for your business needs, and we're excited about the prospects of working with you and your organization. If you have any questions about UnifyHR and our services, or if you need additional information, please don't hesitate to contact me. If I don't hear from you in the meantime, I'll be in touch soon to make sure you have everything you need to make a decision. Best regards, 46 Brad C. Inghram Executive Vice President of Sales binghram@unifyhr.com Toll-free: 800.610.1738 ext. 405 Direct: 469.202.8740 Mobile: 916.220.8000 Are you ready to move forward with UnifyHR? That's great news! Please complete our simple online new business application to confirm and we'll start the onboarding process right away. This Proposal includes proprietary data, plan provisions, process diagrams, and other elements not in the public domain ("Confidential Information"). Prospect, Prospect's broker/consultant and UnifyHR shall distribute Proposal only to intended parties, shall use Proposal and the Confidential Information therein only for evaluating the merits of UnifyHR services for Prospect, and shall protect the Confidential Information of the other party(s) in the same manner it protects its own Confidential Information. Unintended recipients should immediately return the Proposal along with other Confidential Information to UnifyHR