OptiMantra Inc. User Agreement
THIS IS A LEGALLY BINDING AGREEMENT between OptiMantra,
Inc., a Delaware corporation ("we" or
"us") and you (“you”), as a user of our
on-line health record system. BY CLICKING "SIGN UP"
OR “I AGREE” OR THROUGH THE CONTINUED USE OF THE SYSTEM, YOU ARE UNDERTAKING
LEGAL OBLIGATIONS AND CONFERRING LEGAL RIGHTS. Please read this agreement as
well as Attachment A (Business Associate Agreement) and Attachment B (Minimum
System Requirements) carefully, and do not click "Sign up" or “I
agree” or continue use of the System unless you agree fully with its
terms. You and
we are collectively referred to as the "Parties."
Agreement
For the purposes of this
Agreement, the terms set forth in this section have the meanings assigned to
them below. Terms not defined below (whether or not capitalized) have the
definitions given them in HIPAA, unless the context requires otherwise:
"Authorized
Workforce" means those members of your Workforce who are individually
authorized by you and us to have access to the System to assist you in
providing treatment and obtaining payment for treatment, and to whom we have
assigned a unique identifier for access to the System.
"Confidential
Information" means any information concerning our business, financial
affairs, current or future products or technology, trade secrets, workforce,
customers, or any other information that is treated or designated by us as
confidential or proprietary, or would reasonably be viewed as confidential or as
having value to our competitors. Confidential Information shall not include
information that we make publicly available or that becomes known to the
general public other than as a result of a breach of the
terms of this Agreement by you. Confidential Information does not include individuals'
health information.
"HIPAA" means
the administrative simplification provisions of the Health Insurance
Portability and Accountability Act of 1996, and the regulations promulgated thereunder, including the Privacy Rule and the Security
Rule.
"HITECH Act"
means the Technology for Economic and Clinical Health Act of 2009, and
regulations promulgated thereunder.
“Membership Agreement”
shall mean that agreement entered into between You and Us, specifying the terms upon which the
terms of membership are memorialized. The Membership Agreement shall dictate
terms such as price, term, and renewal option, among others, that manage the
terms of granting access to the System and Services.
"Personal Information" means information that identifies you
personally as a user of the System, and all information concerning you and your
use of the System that is not Protected Health Information.
"Privacy Rule" means the Standards for Privacy of Individually
Identifiable Health Information at 45 CFR part 160 and part 164, subparts A and
E.
"Protected Health
Information" has the meaning given it in the Privacy Rule, and includes
all individually identifiable health information concerning your patients that
you provide to the System.
"Security Rule"
means the Security Standards for the Protection of Electronic Protected Health
Information at 45 CFR part 160 and part 164, subparts A and C.
"Services"
means the services of the System to
which you have been granted access, which may include the Electronic Medical
Records service, the Patient Appointment service, the Reference service, the
Symptoms Questionnaire and Toolset service, and other services.
"System" means
the electronic communication network from time to time operated by us,
including all software used or provided by us, and all such software installed
at or accessed from your site, and all documentation provided by us in
connection with the System, paper or electronic.
"Term" means
the initial term and all renewal terms of this Agreement as provided in Section
15.
"User" means
you and any other user of the System.
"User ID"
means a unique user identification assigned to an individual User pursuant to
Section 3.7.
"Workforce" means
employees, agents and independent
contractors.
"Your Health Information"
means Protected Health Information that you or your Workforce enter into the
System.
"Your Site"
means the location you provided us upon registration, and such other location
or locations you may use from time to time.
2. Grant of Right to Use Services
2.1 We grant to you and you accept a non-exclusive,
personal, nontransferable, limited right to have access to and to use the
System, and a non-exclusive, personal, nontransferable, limited license to use
any computer software furnished by us for access to or use of the System, for
the purpose of obtaining the Services during the Term, subject to your full
compliance with the terms and conditions set forth in this Agreement. You will
not: (a) use the System for time-sharing, rental or service bureau purposes;
(b) make the System, in whole or in part, available to any other person, entity
or business except
for the Authorized Workforce; (c) copy, reverse
engineer, decompile or disassemble the System, in whole or in part, or
otherwise attempt to discover the source code to the software used in the
System; or (d) modify the Services or the System or associated software or
combine the Services or the System with any other software or services not
provided or approved by us. You will obtain no rights to the System except for
the limited rights to use the System expressly granted by this Agreement.
2.2 The System may include certain third-party
software and services, which may require that you enter into separate
subscription or licensing agreements with third-party vendors. We may also make
available optional services provided by third parties, such as data and
clinical laboratory reporting services. You agree to comply with, and upon
request to execute, such agreements as may be required for the use of such
software or services, and to comply with the terms of any license or other
agreement relating to third-party products included in the System or made
accessible to you through the System. Your use of the System or of such
third-party products or services will constitute your agreement to be bound by
the terms of all licensing, subscription and similar agreements relating to
such use.
3.1 Verification. You agree that your use of the
System is subject to verification by us of your identity and credentials as a
health practitioner and to your ongoing qualification as such. You agree that
we may use and disclose your Personal Information for such purposes, including
(without limitation) making inquiry of third parties concerning your identity
and professional and practice credentials. You authorize such third parties to
disclose to us such information as we may request for such purposes, and you
agree to hold them and us harmless from any claim or liability arising from the
request for or disclosure of such information. You agree that we may terminate
your access to or use of the System at any time if we are unable at any time to
determine or verify your qualifications or credentials.
3.2 Permitted Uses. Subject to the terms of this
Agreement, you may use Your Health Information for any purpose expressly
permitted by applicable law. You agree that you will not access the System or
use the Services for any other purposes. In particular:
3.2.1.1 You will not reproduce, publish, or distribute
content in connection with the System that infringes any third party's
trademark, copyright, patent, trade secret, publicity, privacy, or other
personal or proprietary right;
3.2.1.2 You will comply with all applicable laws,
including laws relating to maintenance of privacy, security, and
confidentiality of patient and other health information and the prohibition on
the use of telecommunications facilities to transmit illegal, obscene, threatening,
libelous, harassing, or offensive messages, or otherwise unlawful material;
3.2.1.3 You will not: (a) abuse or misuse the System or
the Services, including gaining or attempting to gain unauthorized access to
the System, or altering or destroying information in the System except in
accordance with “HIPAA
regulations; (b) using the System
or Services in a manner that interferes with other Users' use of the System; or (d) or use any ad
blocking mechanism, device, or tool to prevent the placement of advertisements
in the System or the Service, in the event this is implemented at some point.
3.3 Clinical Support Information. We may provide
information to assist you in clinical decision-making. This may include
information and reminders concerning drug interactions, allergies, dosages, as
well as general wellness and health-care related information and resources. We
may also provide forums for our users to exchange information. The information
and materials available through this site are for informational and educational
purposes only and are not intended to constitute professional advice, diagnosis
or treatment, or to substitute for your professional judgment. Information may
be placed on our Internet site by us and by third parties beyond our control.
We are not responsible for the accuracy or completeness of information
available from or through our site. You assume full risk and responsibility for
the use of information you obtain from or through this site, and you agree that
OptiMantra, Inc. and its respective agents and
employees are not responsible or liable for any claim, loss, or liability arising
from the use of the information. We do not recommend or endorse any provider of
health care or health-related products, items or services, and the appearance
of materials on this site relating to any such products, items or services is
not an endorsement or recommendation of them. You agree to review the
definitions, functionality, and limitations of the System, and to make an
independent determination of their suitability for your use. We and our
suppliers and licensors disclaim all warranties, whether expressed or implied,
including any warranty as to the quality, accuracy, and suitability of the
information provided by the System for any purpose. You waive all claims
against OptiMantra,
Inc. and its respective agents and employees for any such damage or injury
described in this Section.
3.4.1 You will implement and maintain appropriate
administrative, physical and technical safeguards to protect information within
the System from access, use or alteration from Your Site or using a User ID
assigned to you or a member of your Workforce. Such safeguards shall comply
with federal, state, and local requirements, including the Privacy Rule and the
Security Rule, whether or not you are otherwise subject to HIPAA. You will
maintain appropriate security with regard to all personnel, systems, and
administrative processes used by you or members of your Workforce to transmit,
store and process electronic health information through the use of the System.
3.4.2 You will immediately notify us of any breach or
suspected breach of the security of the System of which you become aware, or
any unauthorized use or disclosure of information within or obtained from the
System, and you will take such action to mitigate the breach or suspected
breach as we may direct, and will cooperate with us in investigating and
mitigating the breach.
3.5 Location of Access. You and your Authorized Workforce are authorized
to access the System solely from Your Site and agree to always take the utmost
precautions to protect and guard against unauthorized access to
the System.
3.6 Compliance. You will comply with the terms of
this Agreement and all applicable laws and regulations. You will be solely
responsible for the use of the System by you and your Workforce, and shall
indemnify us and hold us harmless from any claim, cost or liability arising
from such use, including reasonable attorneys' fees.
3.7 User Identification. We authorize you and your
Authorized Workforce to use the User IDs assigned to you by us. You acquire no
ownership rights in any User ID, and User IDs may be revoked or changed at any
time in our sole discretion. You will adopt and maintain reasonable and
appropriate security precautions for User IDs to prevent their disclosure to or
use by unauthorized persons. Each member of your Authorized Workforce shall
have and use a unique identifier. You will use your best efforts to ensure that
no member of your Workforce uses a User ID assigned to another person.
3.8 No Third-Party Access. Except
as required by law, you will not permit any third party (other than your
Authorized Workforce) to have access to the System or to use the Services
without our prior written agreement. You will promptly notify us of any order or demand for compulsory
disclosure of health information if the disclosure requires access to or use of
the System. You will cooperate fully with us in connection with any such
demand.
3.9.1 You may permit your Authorized Workforce to use
the System and the Services on your behalf, subject to the terms of this
Agreement. You will
3.9.1.1 obtain a unique User ID from us for each member of your
Authorized Workforce.;
3.9.1.2 train all members of your Authorized Workforce in the
requirements of this Agreement relating to their access to and use of the
System and the Services, and ensure that they comply with such requirements;
3.9.1.3 take appropriate disciplinary action against any
member of your workforce who violates the terms of this Agreement;
3.9.1.4 ensure that only you and your Authorized
Workforce access the System from Your Site, including taking measures
to ensure that each member of your Authorized Workforce creates a secure
password for the System and does not share such password with any other member
of the Workforce;
3.9.1.5 immediately notify us of the termination of employment of
any member of your Authorized Workforce who has a unique user ID and access to
the System and the Services, or of your withdrawal of authorization for any
such person to access the System.
3.9.1.6 ensure that all members who have access to our system
work in accordance with the HIPAA privacy rules
3.10 Patient Access. We may offer you the ability to make health
information available to your patients through our Patient Access offering. You
are solely responsible for the information that you make available through the
patient offering, for granting access rights to your patients, and for revoking
access rights. You agree that you will not use the Patient Access offering to
make available the health information of any person under the age of 18 years.
3.11 Forums. We may offer forums for the exchange of
information among our users. You agree to comply with all applicable forum
rules. In particular, you understand that we do not assure the accuracy,
reliability, confidentiality or security of information made available through
the use of such forums. You acknowledge that any information you post in a
forum or discussion
group is available to the public, and may result in your receiving communications
from others outside our site. You are responsible for safeguarding the privacy
of your and your patients' personal information when you participate in forums,
discussion groups and the like. You agree not to disclose Protected Health
Information through such forums.
3.12 Compliance with Law. Subject to the provisions
of section 16, you are solely responsible for ensuring that your use of the
System and the Services (including making health information available through
the System) complies with applicable law. You will not undertake or permit any
unlawful use of the System, or take any action that would render the operation
or use of the System by us or any other User unlawful. We offer no assurance
that your use of the System and the Services under the terms of this Agreement
will not violate any law or regulation applicable to you.
3.13 Professional Responsibility. You will be solely
responsible for the professional and technical services you provide. We make no
representations concerning the completeness, accuracy or utility of any
information in the System, or concerning the qualifications or competence of
individuals who placed it there. We have no liability for the consequences to
you or your patients of your use of the System or the Services.
3.14 Cooperation. You will cooperate with us in the
administration of the System, including providing reasonable assistance in
evaluating the System and collecting and reporting data requested by us for
purposes of administering the System.
3.15 Indemnification. You agree to indemnify, defend,
and hold harmless us and other Users, and our and their affiliates, officers,
directors, and agents, from and against any claim, cost or liability, including
reasonable attorneys' fees, arising out of: (a) the use of the System by you or
your Workforce; (b) any breach by you or your Workforce of any representations,
warranties or agreements contained in this Agreement; (c) the actions of any
person gaining access to the System under a User ID assigned to you or a member
of your Workforce; (d) the actions of anyone using a User ID, password or other
unique identifier assigned to you or any member of your Workforce that
adversely affects the System or any information accessed through the System; (e) the use of any provider of
health care or health-related products, items and services arising out of you
and/or your Workforce’s use of the System; and (f) your negligent or willful misconduct, or that
of any member of your Workforce.
4.1 Purpose of System. The purpose of the System is
to (i) store Your Health
Information and to make it available to you and your Authorized Workforce, to
facilitate the sharing of individuals' health information among certain Users,
and to make health information (Health Information is herein defined as any
information that the practice enters into the system for a patient, including
demographics, past and present illness, and medication history) available to
your patients through the Patient Access offering; (ii) to provide reference
material on herbs, health conditions, and commercial brand name products; (iii)
to schedule patient appointments; (iv) to provide a symptoms questionnaire and
toolset for the Practitioner, (iv) to provide Payment Information for Online
payments from Patients to practitioners using the payment gateways and other
platforms to receive payments (Payment Information is herein defined as any
information that the practice enters into the system for a patient in terms of
conditions treated (ICD9 codes) and associated fees, payment amount, balance,
insurance, and flexible health care savings info, (vi) and other added
functionalities that may be added from time to time. You authorize us, as your
business associate, to use and disclose Your Health Information as follows,
subject to the recipient's agreement to comply with our Policies and Procedures
and with applicable laws and regulations relating to the use and disclosure of
health information, and subject also to the provisions of section 8:
4.1.1 We will permit unrestricted access to Your
Health Information to you and your Authorized Workforce. You may choose to
provide selective access to certain areas of the application on an as needed
basis.
4.1.2 We may permit access to Your Health Information
to your patients to whom you have agreed to grant access through our Patient
Access offering.
4.1.3 We may use Your Health Information in order to
prepare analyses and reports, such as activity or quality-metrics reports, or
any other reports the System makes available, in order to render these reports
to You. Such reporting will be done in a manner that does not make any
disclosure of Protected Health Information that you would not be permitted to
make,
except as set forth in the Privacy Rule.
4.1.4 We may use Your Health Information for the
proper management and administration of the System and our business, and to
carry out our legal responsibilities. We may also disclose Your Health
Information for such purposes if the disclosure is required by law, or we
obtain reasonable assurances from the recipient that it will be held
confidentially and used or further disclosed only as required by law or for the
purpose for which it was disclosed to the recipient, and the recipient notifies
us of any instances of which it is aware in which the confidentiality of the
information has been breached.
4.1.5 We may use Your Health Information to contact
your patients on your behalf for any purpose for which you would be permitted
to contact them, including, without limitation:
(a) For treatment, including sending appointment
reminders;
(b) To request authorization on your behalf from
your patients to use or disclose their health information for any purpose for
which use or disclosure may be made with an appropriate authorization; and
(c) To provide information about health-related
products or services that you provide, or that we provide on your behalf as
your business associate.
4.1.6 We may use or disclose Your Health Information
for other purposes, data aggregation purposes; provided that we will not make
or permit any such use or disclosure that would violate applicable law or
regulation if made by you or your business associate.
4.1.7 We agree that we may (1) receive from or on
behalf of You or Your Patients, or (2) have access to, payment card records
(credit card account numbers, card code numbers, expiration dates, customer
names, addresses, phone numbers, and email addresses), or record systems
containing transaction information (collectively, the "Cardholder
Data"). We shall comply with the Payment Card Industry Data Security Standard
("PCIDSS") requirements for Cardholder Data that are prescribed as
they may be amended from time to time (collectively, the "PCIDSS
Requirements"). The credit card account numbers, code number, expiration
dates and transaction information will be stored securely on a database behind
firewalls where access will be restricted to authorized users of the system on
a data center (AWS) that is Level 1 service provider under the Payment
Card Industry (PCI) Data Security Standard (DSS). The details on customer
identity (names, addresses, phone numbers, email addresses) will also be stored
on a secure database behind the firewall where access will be restricted to
authorized users of the system. We communicate all such information over SSL
communication layer providing the necessary encryption and data privacy that
PCI compliance requires.
We also acknowledge and
agree that Cardholder Data may only be used for assisting in completing a card
transaction or for fraud control services, for purposes of this Agreement or as
required by applicable law. All authorized users of the system are provided
with unique logins and our application provides the ability to provide audit
reports with user activities in the system.
4.2 Responsibility for Misuse by Other Users. You
acknowledge that in granting access to the System for the purposes set forth in
section 4.1, we will rely on the assurances of the recipients of the
information as to (i) their identity and credentials, (ii) the purposes for which they
are accessing the System, and (iii) the nature
and extent of the information to which they will have access. You acknowledge
that, while the System will contain certain technical safeguards against misuse
of the System, it will rely to a substantial extent on the representations and
undertakings of Users. You agree that we will not be responsible for any
unlawful access to or use of Your Health Information by any User resulting from
the User's misrepresentation to us, or breach of the User's user agreement,
and you agree to indemnify, defend, and hold harmless us and other Users, and
our and their affiliates, officers, directors, and agents, from and against any
claim, cost or liability, including reasonable attorneys' fees, arising out of
such misrepresentation and/or breach.
4.3 Specially Protected Information. We apply the
standards of the Privacy Rule in permitting access to the System. You
acknowledge that other federal and state laws impose additional restrictions on
the use and disclosure of certain types of health information, or health
information pertaining to certain classes of individuals. You agree that you
are solely responsible for ensuring that Your Health Information may properly
be disclosed for the purposes set forth in section 4.1, subject only to the
restrictions of the Privacy Rule. In particular, you will:
4.3.1 not make available through the System any
information subject to any restriction on use or disclosure (whether arising
from your agreement with the individual or under law), other than the general
restrictions contained in the Privacy Rule;
4.3.2 obtain any necessary consents, authorizations or
releases from individuals required for making their health information
available through the System for the purposes set forth in section 4.1. Patients will be able
to submit electronic consent forms through the Optimantra platform. The fully-customizable consent forms belong to you and Optimantra is not responsible for the default template or any content in the
consent forms. You have a choice to either rely on adding patient consent forms
onto the system or obtain consent forms from patients directly from the
patients. This preference may
vary. You are able to upload patient consent forms and Optimantra can make these forms available during the patient consult
submission process. You are able to update/upload new consent forms or replace
existing ones if needed. Optimantrawill
not be liable for the content in the patient (services) consent form;
4.3.3 include such statements (if any) in your notice of
privacy practices as may be required in connection with your use of the System;
4.3.4 not place in the System any information that you
know or have reason to believe is false or materially inaccurate.
5. Product and Service Notifications. At some point in time, we may place
advertisements concerning the products and services of third parties on the
System, so that you see them when you use the System. We may receive
remuneration from the suppliers of these products and services for placing
their advertisements. We may use computerized processes to tailor the
advertisements to you or to your use of the system. However, except as
expressly permitted by this Agreement or by our Policies and Procedures, unless
we obtain your consent, we will not disclose to any third party any information
that identifies you to enable the third party to market products or services to
you directly.
6. Intellectual Property Rights
6.1 Individually Identifiable Health Information.
You retain all rights with regard to your Protected Health Information.
7. Individuals' Rights. You shall be solely responsible for informing individuals of their rights with respect to Your Health
Information, such as the rights of access and amendment. You will not undertake
to afford an individual any rights with respect to any information in the
System other than Your Health Information.
8. Business Associate Provisions. In maintaining, using and affording access to
Your Health Information in accordance with this Agreement, we will:
8.1 Not use or further disclose the information
except as permitted or required by this Agreement or as required by law;
8.2 Use appropriate safeguards to prevent use or
disclosure of the information other than as provided for by this Agreement,
including administrative, physical, and technical safeguards that reasonably
and appropriately protect the confidentiality, integrity, and availability of
the information;
8.3 Report to you any use or disclosure of the
information not provided for by this Agreement of which we become aware, or any
security incident as a result of which we determine that unauthorized access
has been obtained to Your Health Information;
8.4 Ensure that any of our agents or subcontractors
to whom we provide Your Health Information for purposes of assisting us in
providing the System or the Services, agree to the same restrictions and conditions that
apply to us with respect to such information, including the obligation to
implement reasonable and appropriate safeguards to protect it (it being
understood that other Users of the System are not our agents or
subcontractors);
8.5 Make available Protected Health Information in accordance with § 164.524
of the Privacy Rule;
8.6 Make available Protected Health Information for amendment and
incorporate any amendments to protected health information in accordance with
§164.526 of the Privacy Rule;
8.7 Make available the information required to
provide an accounting of disclosures in accordance with § 164.528 of the
Privacy Rule;
8.8 Make our internal practices, books, and records
relating to the use and disclosure of Protected Health Information received from, or
created or received by us on your behalf, available to the Secretary of the United States
Department of Health and Human Services for purposes of determining your
compliance with the Privacy Rule; and
8.9 At termination of this Agreement we will provide
you with a copy of Your Health Information in an electronic form that is
accessible through commercially available hardware and software. You may have
to purchase such hardware and software from third parties in order to access
your data, and you may have to configure your systems in order to use your data
in your practice. Upon termination we will, if feasible, return or destroy all Protected
Health Information received from you, or created or received
by us on your behalf that we still maintain in any form, and retain no copies
of such information; or, if such return or destruction is not feasible, extend
the protections of this Agreement to the information and limit further uses and
disclosures to those purposes that make the return or destruction of the information
infeasible.
8.10 HITECH Act. As required by the HITECH Act:
(a) We will comply with the provisions of the HIPAA
Security Rule that are made applicable to business associates by section
13401(a) of the HITECH Act, with the additional provisions of the HITECH Act
relating to security that are made applicable to business associates and
incorporated into business associate contracts by section 13401(a) of the
HITECH Act, and with the additional provisions of the HITECH Act relating to
privacy that are made applicable to business associates and incorporated into
business associate contracts by section 13404(a) of the HITECH Act. A sample
Business Associates Agreement is attached hereto as Attachment A.
(b) We will report to you the discovery of any
breach of unsecured Protected Health Information that we access, maintain,
retain, modify, record, store destroy or otherwise hold, use or disclose on
your behalf, in compliance with the requirements of Section 13402 of the HITECH
Act and the regulations promulgated thereunder (45
CFR Parts 160 and 164, Subpart D), and we will cooperate reasonably with you to
investigate and mitigate any such breach, and to provide you with information
you need to make any legally required notification to individuals.
9.1 Your Systems. You will acquire, install,
configure and maintain all hardware, software and communications systems
necessary to access the System (your "Implementation"). Your Implementation
will comply with the specifications from time to time established by us. You
will ensure that your Implementation is compatible with the System and
Services. If we notify you that your Implementation is incompatible with the
System, you will eliminate the incompatibility, and we may suspend Services to
you until you do so.
9.2 Assistance. Upon request, we may provide goods
or services in connection with your Implementation. You will pay our then
standard charges for such assistance, and our out-of-pocket costs in accordance
with Section 6.e.i of the Membership Agreement.
10. Third-Party Sites and Service Providers.
10.1 Third-Party Sites. The System may contain
hyperlinks (including hyperlinked advertisements) to Internet web sites
operated by third parties, or to materials or information made available by
third parties. Such third parties may offer goods or services for sale to you.
Such links do not constitute or imply our endorsement of such third parties, or
of the content of their sites, the quality or efficacy of their goods or
services, or their information privacy or security practices, and we have no
responsibility for information, goods or services offered or provided by such
third parties, or for the manner in which they conduct their operations. Your
use of third-party sites and the materials, goods and services offered by them
is entirely at your own risk, and is subject to the terms of use of the third
parties operating or providing them. You should assume that any Internet page
or other material that does not bear the OptiMantra
Inc. logo is provided by a third party.
11.1 Other Charges. You are responsible for any
charges you incur to use the System, such as telephone and equipment charges,
and fees charged by third-party vendors of products and services.
12.1 You may not disclose our Confidential
Information to any other person, and you may not use any Confidential
Information except as expressly set forth in this Agreement, the Business Associates
Agreement, or the Membership Agreement. Except as otherwise provided in any of
these three Agreements, you may not, without our prior written consent, at any
time, during or after the Term of this Agreement, directly or indirectly,
divulge or disclose Confidential Information for any purpose or use
Confidential Information for its own benefit or for the purposes or benefit of
any other person. You agree to hold all Confidential Information in strict
confidence and to take all measures necessary to prevent unauthorized copying,
use, or disclosure of Confidential Information, and to keep the Confidential
Information from falling into the public domain or into the possession of
persons not bound to maintain its confidentiality. You will disclose
Confidential Information only to members of your Workforce who have a need to
use it for the purposes of this Agreement. You will inform all such recipients
of the confidential nature of Confidential Information and will instruct them
to deal with Confidential Information in accordance with the terms of this
Agreement. You will promptly advise us in writing of any improper disclosure,
misappropriation, or misuse of the Confidential Information by any person,
which may come to your attention.
12.2 You agree that we will suffer irreparable harm
if you fail to comply with its obligations set forth in this Section 12, and
you further agree that monetary damages will be inadequate to compensate us for
any such breach. Accordingly, you agree that we will, in addition to any other
remedies available to us at law or in equity, be entitled to the issuance of
injunctive relief to enforce the provisions hereof, immediately and without the
necessity of posting a bond.
12.3 This Section 12 will survive the termination or
expiration of this Agreement for any reason.
13. Disclaimer, Exclusion of Warranties, and Limitation
of Liability.
13.1 Carrier Lines. YOU ACKNOWLEDGE THAT ACCESS TO
THE SYSTEM WILL BE PROVIDED OVER VARIOUS FACILITIES AND COMMUNICATIONS LINES,
AND INFORMATION WILL BE TRANSMITTED OVER LOCAL EXCHANGE AND INTERNET BACKBONE
CARRIER LINES AND THROUGH ROUTERS, SWITCHES, AND OTHER DEVICES (COLLECTIVELY,
"CARRIER LINES") OWNED, MAINTAINED, AND SERVICED BY THIRD-PARTY
CARRIERS, UTILITIES, AND INTERNET SERVICE PROVIDERS, ALL OF WHICH ARE BEYOND
OUR CONTROL. WE ASSUME NO LIABILITY FOR OR RELATING TO THE INTEGRITY, PRIVACY,
SECURITY, CONFIDENTIALITY, OR USE OF ANY INFORMATION WHILE IT IS TRANSMITTED ON
THE CARRIER LINES, OR ANY DELAY, FAILURE, INTERRUPTION, INTERCEPTION, LOSS,
TRANSMISSION, OR CORRUPTION OF ANY DATA OR OTHER INFORMATION ATTRIBUTABLE TO
TRANSMISSION ON THE CARRIER LINES. USE OF THE CARRIER LINES IS SOLELY AT YOUR
RISK AND IS SUBJECT TO ALL APPLICABLE LOCAL, STATE, NATIONAL, AND INTERNATIONAL
LAWS.
13.2 Other Users. YOU ACKNOWLEDGE THAT OTHER USERS HAVE ACCESS TO THE
SYSTEM AND ARE RECEIVING OUR SERVICES. SUCH OTHER USERS HAVE COMMITTED TO
COMPLY WITH OUR POLICIES AND PROCEDURES CONCERNING USE OF THE SYSTEM; HOWEVER,
THE ACTIONS OF SUCH OTHER USERS ARE BEYOND OUR CONTROL. ACCORDINGLY, WE DO NOT
ASSUME ANY LIABILITY FOR OR RELATING TO ANY IMPAIRMENT OF THE PRIVACY,
SECURITY, CONFIDENTIALITY, INTEGRITY, AVAILABILITY, OR RESTRICTED USE OF ANY
INFORMATION ON THE SYSTEM RESULTING FROM ANY USER'S ACTIONS OR FAILURES TO ACT.
13.3 Unauthorized Access; Lost or Corrupt Data. WE
ARE NOT RESPONSIBLE FOR UNAUTHORIZED ACCESS TO YOUR DATA, FACILITIES OR
EQUIPMENT BY INDIVIDUALS OR ENTITIES USING THE SYSTEM OR FOR UNAUTHORIZED
ACCESS TO, ALTERATION, THEFT, CORRUPTION, LOSS OR DESTRUCTION OF YOUR DATA
FILES, PROGRAMS, PROCEDURES, OR INFORMATION THROUGH THE SYSTEM, WHETHER BY
ACCIDENT, FRAUDULENT MEANS OR DEVICES, OR ANY OTHER MEANS. YOU ARE SOLELY
RESPONSIBLE FOR VALIDATING THE ACCURACY OF ALL OUTPUT AND REPORTS, AND FOR
PROTECTING YOUR DATA AND PROGRAMS FROM LOSS BY IMPLEMENTING APPROPRIATE
SECURITY MEASURES, INCLUDING ROUTINE BACKUP PROCEDURES. YOU HEREBY WAIVE ANY
DAMAGES OCCASIONED BY LOST OR CORRUPT DATA, INCORRECT REPORTS, OR INCORRECT
DATA FILES RESULTING FROM PROGRAMMING ERROR, OPERATOR ERROR, EQUIPMENT OR
SOFTWARE MALFUNCTION, SECURITY VIOLATIONS, OR THE USE OF THIRD-PARTY SOFTWARE.
WE ARE NOT RESPONSIBLE FOR THE CONTENT OF ANY INFORMATION TRANSMITTED OR
RECEIVED THROUGH OUR PROVISION OF THE SERVICES.
14. Insurance. You will obtain and maintain such policies of general liability,
errors and omissions, and professional liability insurance with reputable
insurance companies as is usually carried by persons engaged in your business
covering the Term of this Agreement.
15. Term; Modification; Suspension; Termination
15.1 Term. The initial term of this Agreement shall
commence on the Effective Date of the Membership Agreement and continue for as
long as the Membership Agreement is in effect.
16. Applicable Law. The interpretation of this Agreement and the resolution of any
disputes arising under this Agreement shall be governed by the laws of the
District of Columbia. If any action or other proceeding is brought on or in
connection with this Agreement, the venue of such action shall be exclusively
in the District of Columbia.
17. ARBITRATION. ANY DISPUTE, CLAIM OR CONTROVERSY ARISING OUT OF OR RELATING TO
THIS NOTICE OR THE BREACH, TERMINATION, ENFORCEMENT, INTERPRETATION OR VALIDITY
THEREOF, INCLUDING THE DETERMINATION OF THE SCOPE OR APPLICABILITY OF THIS
AGREEMENT TO ARBITRATE, OR TO YOUR USE OF THIS SITE OR THE SYSTEMS OR
INFORMATION TO WHICH IT GIVES ACCESS, SHALL BE DETERMINED BY ARBITRATION IN THE
DISTRICT OF COLUMBIA, BEFORE A SINGLE ARBITRATOR. THE ARBITRATION SHALL BE
ADMINISTERED PURSUANT TO ITS COMPREHENSIVE ARBITRATION RULES AND PROCEDURES.
JUDGMENT ON THE AWARD MAY BE ENTERED IN ANY COURT HAVING JURISDICTION. THIS
CLAUSE SHALL NOT PRECLUDE PARTIES FROM SEEKING PROVISIONAL REMEDIES IN AID OF
ARBITRATION FROM A COURT OF APPROPRIATE JURISDICTION.
18. Non-Assignability. This Agreement may not be assigned or
transferred by you without our prior written consent.
19. Supervening Circumstances. No Party to this Agreement shall be deemed in
violation of this Agreement if it is prevented from performing any of the
obligations under this Agreement by reason of: (a) severe weather and storms;
(b) earthquakes or other natural occurrences; (c) strikes or other labor
unrest; (d) power failures; (e) nuclear or other civil or military emergencies;
(f) acts of legislative, judicial, executive, or administrative authorities; or
(g) any other circumstances that are not within its reasonable control.
20. Severability. Any provision of this Agreement that shall prove to be invalid,
void, or illegal, shall in no way affect, impair, or invalidate any other
provision of this Agreement, and such other provisions shall remain in full
force and effect.
21. Waiver. No term of this Agreement shall be deemed waived
and no breach excused, unless such waiver or consent shall be in writing and
signed by the Party claimed to have waived or consented. Any consent by any
Party to, or waiver of a breach by the other, whether expressed or implied,
shall not constitute a consent to, waiver of, or excuse for any other different
or subsequent breach.
22. No Third-Party
Beneficiaries. Nothing express or
implied in this Agreement is intended to confer, nor shall confer, upon any
person or entity other than the parties and their respective successors or
assigns any rights, remedies, obligations, or liabilities whatsoever.
23. Advice of Counsel. Each Party acknowledges: (a) having fully read
this Agreement in its entirety; (b) having had full opportunity to study and
review this Agreement; (c) having been advised that counsel for us has acted
solely on our behalf in connection with the negotiation, preparation, and
execution of this Agreement; (d) having been advised that all parties have the
right to consult and should consult independent counsel respecting their rights
and duties under this Agreement; and (e) having had access to all such
information as has been requested.
24. Authority. The individuals entering into this Agreement represent and warrant
that they are competent and capable of entering into a binding contract, and
that they are authorized to enter into this Agreement on behalf of the Parties.
25. Non-Disparagement You agree not to disparage or denigrate the company orally or in writing, and that
neither you nor anyone acting on your behalf will publish, post, or otherwise release any material
in written or electronic format, make speeches, gain interviews, or make public statements that
mentioned the company, its operations, clients, employees, products, or services without the prior
written consent of the company.
Attachment A
Business
Associate Agreement
BY CLICKING "SIGN UP" OR “I AGREE” OR
THROUGH THE CONTINUED USE OF THE SYSTEM, YOU ARE UNDERTAKING LEGAL OBLIGATIONS
AND CONFERRING LEGAL RIGHTS. Please
read this Attachment A (Business Associate Agreement) carefully,
and do not click "Sign up" or “I agree” or continue use of the System
unless you agree fully with its terms.
Definitions (Catch-all definition):
Terms used, but not
otherwise defined, in this Agreement shall have the same meaning as those terms
in the Privacy Rule.
Examples of specific
definitions:
a.
Business Associate. "Business
Associate" shall mean OptiMantra, Inc.
b.
Covered Entity. "Covered
Entity" shall mean Practitioner’s business name.
c.
De-Identifying. “De-Identifying” shall mean the process by
which Protected Health Information is converted into De-Identified Health
Information. As stated in the
HIPAA Privacy Rule, De-Identified Health Information is “Health Information that
does not identify an individual and with respect to which there is no
reasonable basis to believe that the information can be used to identify an
individual.” Sections 164.514(b) and (c) of the HIPAA Privacy Rule provide the
implementation specifications or requirements for de-identification of
Protected Health Information. The
implementation specifications set forth the two acceptable methods of
de-identification of Protected Health Information: (1) Expert Determination,
and (2) Safe Harbor.
d.
Designated
Record Set. “Designated Record Set” shall mean the information being provided
by Covered Entity to Business Associate, including, but not limited to, medical
records, financial billing information, claims adjudication records and other
information concerning other third party service providers.
e.
Individual. "Individual" shall have the
same meaning as the term "individual" in 45 CFR 160.103 and shall
include a person who qualifies as a personal representative in accordance with
45 CFR 164.502(g).
f.
Membership Agreement. “Membership Agreement” shall mean
that agreement entered into between Covered Entity and Business Associate,
specifying the terms upon which the terms of membership are memorialized. This Membership Agreement shall dictate terms
such as price, term, renewal option, among others.
g.
Privacy Rule. "Privacy Rule" shall mean the
Standards for Privacy of Individually Identifiable Health Information at 45 CFR
Part 160 and Part 164, Subparts A and E.
h.
Protected Health Information. "Protected
Health Information" shall have the same meaning as the term
"protected health information" in 45 CFR 160.103, limited to the
information created or received by Business Associate from or on behalf of
Covered Entity.
i.
Required By Law. "Required By Law" shall have the
same meaning as the term "required by law" in 45 CFR 164.103.
j.
Secretary. "Secretary" shall mean the
Secretary of the Department of Health and Human Services or his designee.
k.
User Agreement. “User Agreement” shall mean that agreement
entered into between Covered Entity and Business Associate, specifying the
terms upon which Covered Entity may interact and use that certain online health
record system created by and maintained by Business Associate for Covered
Entity’s use and enjoyment.
Obligations and Activities
of Business Associate
Permitted Uses
and Disclosures by Business Associate
Except as otherwise limited
in this Agreement, Business Associate may use or disclose Protected Health
Information to perform functions, activities, or services for, or on behalf of,
Covered Entity as specified in the User Agreement, provided that such use or
disclosure would not violate (i) the Privacy Rule if
done by Covered Entity or (ii) the minimum necessary policies and procedures of
the Covered Entity.
Specific Use and
Disclosure Provisions
Business Associate may use Protected Health
Information to report violations of law to appropriate Federal and State
authorities, consistent with 164.502(j)(1).
Obligations of
Covered Entity
Covered Entity shall notify
Business Associate of any restriction to the use or disclosure of Protected
Health Information that Covered Entity has agreed to in accordance with 45 CFR
164.522, to the extent that such restriction may affect Business Associate's
use or disclosure of Protected Health Information.
Permissible
Requests by Covered Entity
Covered Entity shall not
request Business Associate to use or disclose Protected Health Information in
any manner that would not be permissible under the Privacy Rule if done by
Covered Entity.
Term and
Termination
Liability and
Indemnification
a. Business Associate
and its respective agents and employees (a) shall not be liable in any manner
to Covered Entity, its agents and employees for any injury or damage to Tenant,
Tenant's agents or employees caused by the criminal or intentional misconduct
of third parties or of Covered Entity, its agents and employees; and (b) assume
no liability or responsibility whatsoever with respect to the conduct and
operation of Covered Entity’s business, and shall not be liable for any
accident or injury to any person or persons or property which are caused by the
conduct and operation of said business. Business Associate and its respective
agents and employees shall have no liability for any loss, cost, damage or
expense arising out of or due to any interruption of business (regardless of
the cause therefore), increased or additional cost of operation of business or
other costs or expenses, which could be insured against by Covered Entity. Covered Entity waives all claims against
Business Associate and its respective agents and employees for any such damage or
injury described in this Section.
b. Covered Entity shall
defend, indemnify and hold harmless Business Associate from and against any
loss, damage, expense or claim, including reasonable attorney’s fees and
expenses: (i) arising from or out of any breach of
Covered Entity’s representations, warranties or obligations under this
Agreement, and/or (ii) arising from or out of any negligence or willful
misconduct of Covered Entity or any agent or employee of Covered Entity. This indemnity shall survive the expiration
or early termination of this Lease.
Miscellaneous
Attachment
B
Minimum System Requirements
|
||
Platform |
Operating Systems |
Browser |
Windows |
XP, Vista 2, Windows 7, Windows 8 Desktop |
Internet Explorer 9, Firefox 14+, Chrome |
Mac |
OSX 10.6 or above |
Firefox 14+, Chrome, Safari |
Hardware |
Minimum Requirements |
|
Processor |
2GHz |
|
Screen resolution |
1024x768 |
|
RAM |
1GB |
|
Internet Speed |
Cable or DSL, 1mb/s |