Your use of KnowMyC2.com (this “Website”), and related services provided by KnowMyC2, and any updates, new features and enhancements to these services (collectively, “Services”), is governed by the terms and conditions below, including any addenda (“Terms of Service”). These Terms of Service constitute a legally binding agreement between you and KnowMyC2 (“KnowMyC2” “we” or “us”).

In order to use the Services, you must be a licensed health care provider with the intent to use this site for the management of Controlled Substance Dispensing Inventory. If you are an employee of an organization, you warrant that you are authorized to agree to these Terms of Service on behalf of the organization.  No other person or entity, including any hub, consulting company, other reimbursement support service provider, or pharmaceutical company, is permitted to agree to these Terms of Service or to access the Services through these Terms of Service.  Any user in violation of this provision is subject to immediate account termination as set forth in the Website Administration section below.

By clicking the “I AGREE” button on the Terms of Service screen, you agree that you have read, understand, and agree to be bound by these Terms of Service. If you do not agree with any of these Terms of Service, do not use the Services.  KnowMyC2, located at 1330 Filer Ave E, Twin Falls, Id 83301, U.S.A  and is a limited liability company organized under the laws of the State of Idaho.  Reference to KnowMyC2 herein will include any subsidiaries or affiliates of KnowMyC2 involved with providing the Services offered by KnowMyC2. The servers that host this Website are located in the United States, and any Protected Health Information, as defined in 45 CFR § 160.103 (“PHI”), provided to us will be processed by KnowMyC2 in the United States.

What are the privacy obligations of KnowMyC2?

KnowMyC2 provides its Services as a business associate to health care providers. Therefore, to use the KnowMyC2 Services, you must read and agree to the Business Associate Agreement, which is part of these Terms of Service. The Business Associate Agreement requires KnowMyC2 to protect your PHI and specifies the purposes for which it may be lawfully used and disclosed by KnowMyC2. Use of the Services constitutes acceptance of the terms of the Business Associate Agreement. KnowMyC2 may use subcontractors to assist in performing some of its Services.  When these subcontractors have access to PHI, they are required to enter into business associate agreements with KnowMyC2.  The Services are provided to you at no cost, dependent upon KnowMyC2’ ability to share User Content as permitted by law.

 

TERMS OF USE AGREEMENT

1.       INTRODUCTION.

This Terms of Use Agreement (“Agreement” or “Terms of Use”) is made by and between CR Solutions, LLC (hereinafter “Company”), the owner of the Know My C2 website and software (collectively, the “Services”), and you, the user (“you”, “your” or “User”).

This Agreement contains the complete terms and conditions that govern the use of the Services, including but not limited to any content, materials, forms, software, documents, instructions, manuals, or other information provided by the Company.  BY CLICKING THE “I AGREE” BUTTON BELOW OR BY ACCESSING, VISITING, BROWSING, USING OR ATTEMPTING TO INTERACT WITH OR USE ANY PART OF THE SERVICES, YOU AGREE THAT YOU HAVE READ, UNDERSTAND AND AGREE TO BE BOUND BY THIS AGREEMENT AND THE CORRESPONDING PRIVACY POLICY, AVAILABLE AT: www.knowmyc2.com/privacy.

IF YOU DO NOT AGREE TO BE BOUND BY THIS AGREEMENT OR THE PRIVACY POLICY, DO NOT ACCESS OR USE ANY PART OF THE SERVICES. COMPANY RESERVES THE RIGHT, WITH OR WITHOUT NOTICE TO YOU, TO MAKE CHANGES TO THIS AGREEMENT AT COMPANY’S DISCRETION.  YOUR CONTINUED USE OF ANY PART OF THE SERVICES CONSTITUTES YOUR ACCEPTANCE OF SUCH CHANGES TO THIS AGREEMENT.  YOU SHOULD REVIEW THIS AGREEMENT PERIODICALLY TO DETERMINE IF ANY CHANGES HAVE BEEN MADE.  THE MOST CURRENT VERSION OF THIS AGREEMENT, WHICH SUPERSEDES ALL PREVIOUS VERSIONS, CAN BE REVIEWED BY GOING TO: www.knowmyc2.com/terms.

2.       LICENSE GRANT AND LIMITATIONS.

2.1.        LIMITED USE LICENSE FOR THE SOFTWARE.  Subject to the terms and conditions of this Agreement, Company grants you a personal, non-transferable, non-exclusive, non-assignable, limited and revocable license to download, install, and use the Know My C2 cloud-based software (the “Software”) to access, use, and make printouts of materials, content, or documentation available in the Software on any computer, tablet, or mobile device (“Device”) that you own or control as permitted by the third-party agreements related to your Device.  You agree to use the Software and Services for your sole and exclusive benefit. 

2.2.        INTENDED PURPOSE. The Services shall be used solely for purposes of automated prescription logging, inventory, and compliance assistance with regulatory agencies and laws (the “Intended Purpose”). You may not rent, lease, lend, sell, redistribute or sublicense the Services, or use the Services for anything other than the Intended Purpose.

2.3.        SUBSCRIPTION ACCESS AND PAYMENT.  The Company provides access to the Services on a subscription basis (the "Subscription"). Your Subscription will commence upon payment of the prescribed fee, and will automatically renew either quarterly, or yearly, depending on your type of Subscription (the "Period"), until either you or the Company terminates the Subscription pursuant to Section 7, below. You specifically acknowledge that your Subscription has an initial and recurring payment feature and you accept responsibility for all recurring charges prior to cancellation. Your Subscription will be automatically extended for successive Periods. As such, your payment method will automatically be charged for each successive Period at the then-current subscription rate. Please note that if you sign up for a Subscription, Company will submit charges for the Period to the payment method you used to set up your Subscription without further authorization from you, until you cancel the Subscription pursuant to Section 7, or change your payment method. Such notice will not affect charges submitted before Company reasonably could act.

To obtain a Subscription, you will be required to provide certain information to the Company.  It is a condition of your use of the Services that all the information you provide will be correct, current, and complete.  If Company believes the information you provide is not correct, current, or complete, Company has the right to deny access to the Services at any time.

If, for any reason, the Subscription fee is not paid within 15 days of the end of the Period, Company shall cancel your Subscription and terminate your access to the Services.

2.4.        PERMITTED USE.  As previously stated, you may use the Services only for the Intended Purpose.  As a condition of your use of the Services, you warrant to Company that you will not use the Services for any purpose that is unlawful or prohibited by these terms, conditions, and notices.  If a User fails to follow any of the terms or conditions of this Agreement or any other applicable guidelines, the Company may, in its sole discretion, discontinue your ability to use the Services.  In addition, the Company has the right to delete any piece of content or material, it finds objectionable in its reasonable discretion.  You alone are totally responsible for any activity that takes place under your KnowMyC2 account.  If you become aware of any unauthorized use of your username or password, it is your responsibility to notify the Company immediately.  You are responsible for maintaining the confidentiality of your login information.

2.5.        RIGHTS LIMITED TO USER.  Any and all rights under this Agreement granted to User are limited to the specific designated person that has paid for the appropriate Subscription established by Company for use of the Services as provided in this Agreement, and to whom a specific username and password has been issued (“Master User”).  The Master User may designate additional users with specific usernames and passwords to operate under the Master User's account (“Sub-Users”). Any terms applicable to “you” or the “User” apply with equal force to any Sub-Users. All passwords and access codes to the Services are personal to the User and are not transferable or assignable by User.

2.6.        USER’S RESPONSIBILITIES.  User shall be exclusively responsible for the supervision, management, and control of its use of the Software, including, but not limited to:

2.6.1.             Assuring proper configuration of equipment or devices;

2.6.2.             Establishing adequate operating methods; and

2.6.3.             Implementing procedures sufficient to satisfy its obligations for security under this Agreement, including appropriate action to prevent misuse, unauthorized copying, modification, or disclosure of the Software.

2.7.        USE RESTRICTIONS.  Except as expressly authorized in SECTION 2.1, User may not and may not permit others to:

2.7.1.             Sell, rent, lease, license, sublicense, or assign the Software, including the content within the Software, to others;

2.7.2.             Transfer the Software, or any content within the Software, to another party;

2.7.3.             Reverse engineer, decompile, disassemble, or otherwise derive the source code from the Software;

2.7.4.             Alter, modify, adapt, reconfigure, or prepare derivative works of the Software or the content within the Software;

2.7.5.             Archive or retain any of the Software in any form without the written permission from Company;

2.7.6.             Distribute (including via e-mail or the Internet), or otherwise make available, copies of the Software to others, whether or not for payment or other consideration;

2.7.7.             Copy, extract, summarize, distribute or otherwise use the Software in any manner which competes with or substitutes for Company’s distribution of the Software to its customers;

2.7.8.             Use the Services in any way disable, overburden, damage, or impair the Services or otherwise interfere with any other party's use and enjoyment of the Services;

2.7.9.             Obtain, or attempt to obtain, any materials, content, or information by any means not expressly made available or provided for through authorized use of the Services;

2.7.10.         Transmit any material in violation of Section 4, below.

2.7.11.         Use the Services in any other manner that would violate the terms of this Agreement, including provisions with respect to the intended purpose of the Services.

3.       ACCEPTANCE OF THE SOFTWARE.

3.1.        ACCEPTANCE.  User acknowledges and agrees that the Software is cloud-based, and thus requires an Internet connection to fully function. The Software shall be deemed to have been accepted by User upon delivery.  If the Software is deemed unacceptable, User shall return the Software without change with a report detailing the reasons for its unacceptability.

3.2.        TECHNICAL SUPPORT.  The Company can be contacted at [email protected] regarding technical support issues.

4.       USE OF COMMUNICATION SERVICES.

4.1.        COMMUNICATIONS SERVICES PROVIDED BY THE COMPANY.  Company's Services may include forums, bulletin board services, chat areas, message boards, news feeds, news groups, communities, personal web pages, calendars, or other message or communication facilities designed to allow you to communicate with the Internet community or with a group (collectively, “Communications Services”). You agree to use the Communication Services only to post, send and receive messages and content that are considered proper and related to the particular Communication Service.  When using the Services, you agree that you will not post, send, submit, publish, or transmit, or cause to be posted, sent, submitted, published or transmitted, any material that:

4.1.1.             You do not have the right to post, including any proprietary material of any third party protected by intellectual property laws (or by rights of privacy or publicity);

4.1.2.             Advocates illegal activity, discusses an intent to commit an illegal act or violates any law;

4.1.3.             Is vulgar, obscene, pornographic, or indecent;

4.1.4.             Is libelous, defamatory, racist, abusive, threatening, harassing or offensive;

4.1.5.             Seeks to exploit or harm children by exposing them to inappropriate content, or asking for personally identifiable details or information;

4.1.6.             Harvests or otherwise collects information about others, including e-mail addresses, without their consent;

4.1.7.             Impersonates or misrepresents your connection to any other entity or person or otherwise manipulates or forges headers or identifiers to disguise the origin of content;

4.1.8.             Advertises any commercial endeavor (e.g., offering for sale products or services), solicits funds, or otherwise engages in any commercial activity (e.g., conducting raffles or contests, displaying sponsorship banners, or soliciting goods or services);

4.1.9.             Includes programs that contain viruses, worms or Trojan horses or any other computer code, files or programs designed to interrupt, destroy or limit the functionality of any computer software or hardware or telecommunications device;

4.1.10.         Disobeys any law, policy or regulations in your jurisdiction; or

4.1.11.         Contains hyperlinks to other sites that contain content that falls within the scope of this Section.

4.2.        TERMINATION FOR VIOLATIONS.  YOU UNDERSTAND AND AGREE THAT IF YOUR USE OF THE SERVICES VIOLATES ANY OF THE ABOVE CONDUCT, THE COMPANY MAY TERMINATE YOUR USE OF THE WEBSITE IMMEDIATELY WITHOUT PRIOR NOTICE AND WITHOUT ANY RIGHT OF REFUND, SET-OFF OR A HEARING. FURTHER, YOU ACKNOWLEDGE AND AGREE THAT YOUR USE OF THE SERVICES IS ENTIRELY AT YOUR OWN RISK, AND THAT THE COMPANY SHALL HAVE NO LIABILITY OF ANY KIND FOR CONDUCT WHICH VIOLATES THESE TERMS.

4.3.        LIMITATIONS ON USE OF CONTENT.  You acknowledge that you are solely responsible for any material you submit using the Services, and shall indemnify the Company pursuant to SECTION 9 for any actions arising out of or resulting from your uploading, posting, or other submission of material to, with, or through the Services.

5.       CHANGES IN THE SITE.

Company may modify, suspend, discontinue or restrict the use of any portion of the Services, including the availability of any Software derived from Content you enter or submit to, with, or through the Services, at any time and without notice or liability.

6.       CANCELLATION AND TERMINATION.

6.1.        CANCELLATION BY USER.  User may cancel your Subscription by:

6.1.1.             Notifying the Company via email at [email protected]; and

6.1.2.             Ceasing access and use of the Services after the Subscription expires.

No partial refunds for the Service will be given.

6.2.        TERMINATION BY THE COMPANY.  At its sole discretion. Company reserves the right to terminate your access to any or all of the Services at any time and for any reason whatsoever, including violation of these Terms. Company shall give five (5) days notice prior to termination.

7.       INTELLECTUAL PROPERTY.

7.1.        INTELLECTUAL PROPERTY RIGHTS.  As detailed in this Agreement, the Services and all worldwide copyrights, trademarks, patents, trade secrets and other intellectual property rights therein (the “Company IP”) are the exclusive property of the Company or its licensors, as applicable. You agree that Company IP is protected by applicable intellectual property and other laws, including but not limited to copyright and trademark, and that you will not use Company IP in any way whatsoever except as permitted by this Agreement, and any applicable law. In the event of any third party claim that content you create using the Services infringes on a third party’s intellectual property rights, you accept and acknowledge that the Company will not be responsible for the investigation, defense, settlement, and discharge of any such intellectual property infringement claim. Further, in such event, you will defend and indemnify the Company against all claims, demands, lawsuits, or other action, including reasonable attorneys’ fees, costs, and damages or payments for settlement of such claims pursuant to Section 10 of this Agreement.

7.2.        DAMAGES FOR BREACH.  User shall be strictly liable for all damages to the Company that result from any infringement or other unauthorized use of Company IP.

8.       DISCLAIMER & LIMITATIONS ON LIABILITY.

8.1.        DISCLAIMER OF WARRANTIES.  You understand that Company cannot and does not guarantee or warrant that the Services will be free of viruses, worms, Trojan horses or other code that may cause damage or harm to your computer(s) or network(s). You acknowledge and agree that you will be solely responsible for implementing sufficient procedures and checkpoints to protect your computer(s) and network(s), and that you will maintain adequate means of backup of any content or data you enter into the Services. Company further disclaims any responsibility to ensure that any content provided by the Services is complete and up-to-date.

YOU AGREE THAT YOUR USE OF THE SERVICES IS AT YOUR OWN RISK.  THE SERVICES ARE PROVIDED “AS IS” AND WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESSED OR IMPLIED.  COMPANY DISCLAIMS ALL WARRANTIES, INCLUDING ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, OR NON-INFRINGEMENT.  COMPANY DOES NOT WARRANT THAT THE CONTENT CONTAINED WITHIN THE SERVICES WILL BE UNINTERRUPTED OR ERROR-FREE, THAT DEFECTS WILL BE CORRECTED, OR THAT THE SERVICES OR THE SERVER THAT MAKES THE SERVICES AVAILABLE ARE FREE OF VIRUSES OR OTHER HARMFUL COMPONENTS.  COMPANY DOES NOT WARRANT OR MAKE ANY REPRESENTATION REGARDING USE, OR THE RESULT OF USE, OF THE SERVICES IN TERMS OF ACCURACY, RELIABILITY, OR OTHERWISE.  THE USER ACKNOWLEDGES THAT THE SERVICES MAY INCLUDE TECHNICAL INACCURACIES OR TYPOGRAPHICAL ERRORS, AND COMPANY MAY MAKE CHANGES OR IMPROVEMENTS AT ANY TIME.  YOU ASSUME THE ENTIRE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION IN THE EVENT OF ANY LOSS OR DAMAGE ARISING FROM THE USE OF THE SERVICES.  COMPANY MAKES NO WARRANTIES THAT YOUR USE OF THE SERVICES WILL NOT INFRINGE THE RIGHTS OF OTHERS AND ASSUMES NO LIABILITY OR RESPONSIBILITY FOR ERRORS OR OMISSIONS IN SUCH CONTENT. YOU FURTHER ACKNOWLEDGE AND AGREE THAT COMPANY IS NOT RESPONSIBLE FOR ANY CONTENT YOU ENTER INTO THE SERVICES.

8.2.        LIMITATION OF LIABILITY.  COMPANY, ITS SUBSIDIARIES, AFFILIATES, LICENSORS, SERVICE PROVIDERS, CONTENT PROVIDERS, EMPLOYEES, AGENTS, OFFICERS, AND DIRECTORS WILL NOT BE LIABLE FOR ANY INCIDENTAL, DIRECT, INDIRECT, PUNITIVE, ACTUAL, CONSEQUENTIAL, SPECIAL, EXEMPLARY, OR OTHER DAMAGES, INCLUDING LOSS OF REVENUE OR INCOME, PAIN AND SUFFERING, EMOTIONAL DISTRESS, OR SIMILAR DAMAGES, EVEN IF COMPANY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES OR SUCH DAMAGES WERE REASONABLY FORSEEABLE. THIS INCLUDES FEES, FINES, OR OTHER LIABILITY ASSESSED BY ANY LOCAL, STATE OR FEDERAL GOVERNMENT AGENCY OR BODY FOR ANY ACT OR OMISSION WITH ANY CONNECTION TO YOUR USE OF THE SERVICES, HOWEVER REMOTE.

IN NO EVENT WILL THE COLLECTIVE LIABILITY OF COMPANY AND ITS SUBSIDIARIES, AFFILIATES, LICENSORS, SERVICE PROVIDERS, CONTENT PROVIDERS, EMPLOYEES, AGENTS, OFFICERS, AND DIRECTORS, REGARDLESS OF THE FORM OF ACTION (WHETHER IN CONTRACT, TORT, OR OTHERWISE), EXCEED THE GREATER OF $500.

8.3.        HYPERLINKING.  The Services may hyperlink to and by other websites which are not maintained by, or related to, Company. Hyperlinks to such sites are provided as a service to Users and are not sponsored by, endorsed or otherwise affiliated with Company. Company has not reviewed any or all of such sites and is not responsible for the content of any linking sites, and any links made directly from the Services to another web page should be accessed at the User's own risk. Company makes no representations or warranties about the content, completeness, quality or accuracy of any such website.

8.4.        SECURITY. Any passwords used for the Services are for individual use only.  You are responsible for the security of your password(s).  From time to time, Company may require that you change your password.  You are prohibited from using any services or facilities provided in connection with the Services to compromise security or tamper with system resources or accounts.  The use or distribution of tools designed for compromising security (e.g., password crackers, rootkits, Trojan horses, or network probing tools) is strictly prohibited.  Company reserves the right to investigate suspected violations of these Terms of Use, and you agree to fully cooperate with such investigation.  Company reserves the right to fully cooperate with any law enforcement authorities or court order requesting or direction Company to disclose the identity of anyone posting any e-mail messages, or publishing or otherwise making available any materials that are believed to violate these Terms of Use.

BY ACCEPTING THIS AGREEMENT YOU WAIVE ALL RIGHTS AND AGREE TO HOLD COMPANY HARMLESS FROM ANY CLAIMS RESULTING FROM ANY ACTION TAKEN BY COMPANY DURING OR AS A RESULT OF ITS INVESTIGATIONS OR FROM ANY ACTIONS TAKEN AS A CONSEQUENCE OF INVESTIGATIONS BY EITHER COMPANY OR LAW ENFORCEMENT AUTHORITIES.

9.       INDEMNITY.

9.1.        INDEMNIFICATION OF COMPANY.  YOU AGREE TO INDEMNIFY AND HOLD COMPANY, ITS SUBSIDIARIES, AFFILIATES, LICENSORS, CONTENT PROVIDERS, SERVICE PROVIDERS, EMPLOYEES, AGENTS, OFFICERS, DIRECTORS, AND CONTRACTORS (THE “INDEMNIFIED PARTIES”) HARMLESS FROM ANY BREACH OF THESE TERMS OF USE BY YOU, INCLUDING ANY USE OF THE SERVICES OTHER THAN AS EXPRESSLY AUTHORIZED IN THESE TERMS OF USE.  YOU AGREE THAT THE INDEMNIFIED PARTIES WILL HAVE NO LIABILITY IN CONNECTION WITH ANY SUCH BREACH OR UNAUTHORIZED USE, AND YOU AGREE TO INDEMNIFY ANY AND ALL RESULTING LOSS, DAMAGES, JUDGMENTS, AWARDS, COSTS, EXPENSES, AND ATTORNEYS' FEES OF THE INDEMNIFIED PARTIES IN CONNECTION THEREWITH. YOU WILL ALSO INDEMNIFY AND HOLD THE INDEMNIFIED PARTIES HARMLESS FROM AND AGAINST ANY CLAIMS BROUGHT BY THIRD PARTIES ARISING OUT OF YOUR USE OF THE SERVICES, INCLUDING CLAIMS BROUGHT BY ANY LOCAL, STATE, OR FEDERAL AGENCY OR OTHER GOVERNMENT BODY.

10.   MISCELLANEOUS

10.1.     DISCLOSURE UNDER LAW. Company reserves the right at all times to disclose any information as necessary to satisfy any applicable law, regulation, legal process or governmental request, or to protect the rights, property or personal safety of the Company, its Users or the public.

10.2.     DISPUTES. If there is any dispute about or involving these Terms of Use, the Privacy Policy, or the Services, you agree that such dispute shall be governed by the laws of the State of California, notwithstanding any principles of conflicts of law.  You specifically consent to personal and exclusive jurisdiction by and venue in the state and federal courts of San Diego County, California in connection with any dispute between you and Company arising out of or involving this Agreement, the Privacy Policy, or the Services.

10.3.     ENTIRE AGREEMENT.  These Terms of Use and the Privacy Policy constitute the entire agreement among the parties relating to the subject matter hereof, and supersedes all prior or contemporaneous communications and proposals, whether electronic, oral or written between you and Company with respect to the Services.  Company may revise these Terms of Use at any time by updating this posting.  You should review the Agreement from time to time to determine if any changes have been made to the Agreement.  Your continued use of the Services after any changes have been made to this Agreement signifies and confirms your acceptance of such changes or amendments.

10.4.     HEADINGS. The section titles in the Agreement are for convenience only and have no legal or contractual effect.

10.5.     RELATIONSHIP BETWEEN THE PARTIES.  You agree that no joint venture, partnership, employment, or agency relationship exists between you and Company as a result of this Agreement or use of the Services.

10.6.     SEVERABILITY.  If any part of these Terms of Use is found by a court of competent jurisdiction to be unlawful, void or unenforceable, that part will be deemed severable and will not affect the validity and enforceability of any remaining provisions.

10.7.     WAIVER.  The failure of Company to exercise or enforce any right or provision of this Agreement shall not operate as a waiver of such right or provision.  Any waiver of this Agreement by Company must be in writing and signed by an authorized representative of the Company.

11.   CONTACT INFORMATION.

If you have any questions, or if you would like to report a violation of this Agreement to the Company, please contact us at [email protected].

 

Business Associate Agreement

This BUSINESS ASSOCIATE AGREEMENT (“Agreement”) is entered into this and is effective as of the date that you click the “I AGREE” button on the Terms of Service screen (the “Effective Date”) between CR Solutions LLC, DBA KnowMyC2 (“Facility”) and You, “Covered Entity”) for the purpose of setting forth the terms and conditions on which the Business Associate will provide services, as defined herein, on behalf of the Facility.

WITNESSETH

WHEREAS, the Facility pursuant to the Health Insurance Portability and Accountability Act (“HIPAA”) and desires to engage the services of Business Associate to perform SOME OF Facility’s obligations; and

WHEREAS, Business Associate desires to perform the designated services on behalf of Facility as set forth herein.

NOW THEREFORE, for and in consideration of the mutual promises, conditions and covenants herein contained, the parties hereto agree as follows:

Specific definitions:

(a) Business Associate.  “Business Associate” shall generally have the same meaning as the term “business associate” at 45 CFR 160.103, and in reference to the party to this agreement, shall mean [Insert Name of Business Associate].

(b) Facility (aka Covered Entity).  “Facility” shall generally have the same meaning as the term “Covered Entity” at 45 CFR 160.103, and in reference to the party to this agreement, shall mean [Insert Name of Facility].

(c) HIPAA Rules.  “HIPAA Rules” shall mean the Privacy, Security, Breach Notification, and Enforcement Rules at 45 CFR Part 160 and Part 164.

I-Obligations and Activities of Business Associate

Business Associate agrees to:

(a) Not use or disclose protected health information other than as permitted or required by the Agreement or as required by law;

(b) Use appropriate safeguards, and comply with Subpart C of 45 CFR Part 164 with respect to electronic protected health information, to prevent use or disclosure of protected health information other than as provided for by the Agreement;

(c) Report to Facility within sixty (60) days of discovery any use or disclosure of protected health information not provided for by the Agreement of which it becomes aware, including breaches of unsecured protected health information as required at 45 CFR 164.410, and any security incident of which it becomes aware;

 (d) In accordance with 45 CFR 164.502(e)(1)(ii) and 164.308(b)(2), if applicable, ensure that any subcontractors that create, receive, maintain, or transmit protected health information on behalf of the business associate agree to the same restrictions, conditions, and requirements that apply to the business associate with respect to such information;

(e) Make available protected health information in a designated record set to the Facility as necessary to satisfy Facility’s obligations under 45 CFR 164.524;

(f) Make any amendment(s) to protected health information in a designated record set as directed or agreed to by the Facility pursuant to 45 CFR 164.526, or take other measures as necessary to satisfy Facility’s obligations under 45 CFR 164.526;

(g) Maintain and make available the information required to provide an accounting of disclosures to the Facility as necessary to satisfy Facility’s obligations under 45 CFR 164.528;

[The parties may wish to add additional specificity regarding how the business associate will respond to a request for an accounting of disclosures that the business associate receives directly from the individual (such as whether and in what time and manner the business associate is to provide the accounting of disclosures to the individual or whether the business associate will forward the request to the Facility) and the timeframe for the business associate to provide information to the Facility.]

(h) To the extent the business associate is to carry out one or more of Facility's obligation(s) under Subpart E of 45 CFR Part 164, comply with the requirements of Subpart E that apply to the Facility in the performance of such obligation(s); and

(i) Make its internal practices, books, and records available to the Secretary for purposes of determining compliance with the HIPAA Rules.

II- Permitted Uses and Disclosures by Business Associate

(a) Business Associate agrees to not use or further disclose PHI other than as permitted or required by this Agreement or as permitted or Required by Law.

(b) Business Associate agrees to use appropriate safeguards to prevent use or disclosure of the PHI other than as provided for by this Agreement.

(c) Business associate agrees to make uses and disclosures and requests for protected health information consistent with their minimum necessary policies and procedures.

(d) Business associate may not use or disclose protected health information in a manner that would violate Subpart E of 45 CFR Part 164 if done by Facility.

(e) In accordance with the HIPAA Standards, Business Associate shall implement administrative, physical and technical safeguards that reasonably and appropriately protect the confidentiality, integrity and availability of ePHI that it creates, receives, maintains or transmits on behalf of the Covered Entity. Specifically, Business Associate shall comply with the Security Standards.

(f) Business Associate agrees to report to Covered Entity any use or disclosure of PHI not provided for by this Agreement of which Business Associate becomes aware. Additionally, Business Associate shall report to Covered Entity any Security Incident resulting in an unauthorized use or disclosure of ePHI of which Business Associate becomes aware.

(g) Business Associate agrees to notify Covered Entity of any Breach of Unsecured Protected Health Information within twenty (20) business days of the date Business Associate learns of the Breach. Business Associate shall provide such information to Covered Entity as required by the HIPAA Standards. Business Associate shall reasonably cooperate and assist Covered Entity in making the notifications required by law in the event of a Breach due solely to the wrongful acts or omissions of Business Associate.

(h) Business Associate agrees to ensure that any Subcontractor, to whom it provides PHI created or received by Business Associate on behalf of Covered Entity agrees to implement reasonable and appropriate safeguards to protect PHI to the same restrictions and conditions that apply through this Agreement to Business Associate with respect to such information.

(i) Business Associate agrees to mitigate, to the extent practicable, any harmful effect that is known to Business Associate of a use or disclosure of PHI by Business Associate in violation of the requirements of this Agreement.

(j) Business Associate agrees to make internal practices, books, and records, including policies and procedures and PHI relating to the use and disclosure of PHI created or received by Business Associate on behalf of Covered Entity available, at the request of the Covered Entity, to the Secretary, for purposes of determining Covered Entity’s compliance with the HIPAA Standards.

(k) Business Associate agrees to document those disclosures of PHI, and information related to such disclosures, as required to respond to a request by an Individual for an accounting of disclosures of PHI in accordance with 45 C.F.R. § 164.528. Business Associate further agrees to provide Covered Entity such information upon its written request to permit Covered Entity to respond to a request by an Individual for an accounting of disclosures of PHI, in accordance with 45 C.F.R. § 164.528.

(l) If Business Associate conducts any Transactions electronically on behalf of Covered Entity, Business Associate shall comply with the applicable requirements of 45 C.F.R. Part 162.

(m) Except as otherwise permitted by law, Business Associate shall not directly or indirectly receive remuneration in exchange for a disclosure of PHI without the Individual’s authorization.

(n) Business Associate may use or disclose PHI to perform functions, activities, or Services for, or on behalf of, Covered Entity pursuant to the Terms of Service between the parties, provided that such use or disclosure does not violate the HIPAA Standards. Business Associate may use PHI for the proper management and administration of Business Associate or to carry out the legal responsibilities of Business Associate.  Business Associate may disclose PHI for the proper management and administration of Business Associate or to carry out its legal responsibilities, provided that such disclosures are (i) Required by Law, or (ii) Business Associate obtains reasonable assurances from the person to whom the information is disclosed that it will remain confidential and used or further disclosed only as Required by Law or for the purpose for which it was disclosed to the person, and the person agrees to notify Business Associate of any instances of which it is aware in which the confidentiality of the information has been breached. All disclosures will be made in accordance with HIPAA Standards.

III-Provisions for Facility to Inform Business Associate of Privacy Practices and Restrictions and Notices

(a) Facility shall notify business associate of any limitation(s) in the notice of privacy practices of Facility under 45 CFR 164.520, to the extent that such limitation may affect business associate’s use or disclosure of protected health information.

(b) Facility shall notify business associate of any changes in, or revocation of, the permission by an individual to use or disclose his or her protected health information, to the extent that such changes may affect business associate’s use or disclosure of protected health information.

(c) Facility shall notify business associate of any restriction on the use or disclosure of protected health information that Facility has agreed to or is required to abide by under 45 CFR 164.522, to the extent that such restriction may affect business associate’s use or disclosure of protected health information.

      (d) Any notices or communications to be given pursuant to this Agreement shall be made, in the case of Covered Entity, to the    individual noted in Covered Entity contact appearing in  your account set up information and if made to Business  Associate, to the address given below:

If to business associate
to: Privacy Officer
1330 Filer Ave E,
Twin Falls, ID 83301

[email protected]

 

IV-Permissible Requests by Facility

   Facility shall not request business associate to use or disclose protected health information in any manner that would not be permissible under Subpart E of 45 CFR Part 164 if done by Facility.

 

V-Term and Termination

(a) Term. The Term of this Agreement shall be effective as of the date signed, and shall terminate or on the date Facility terminates for cause as authorized in paragraph (b) of this Section, whichever is sooner. 

(b) Termination for Cause. Business associate authorizes termination of this Agreement by Facility, if Facility determines business associate has violated a material term of the Agreement and business associate has not cured the breach or ended the violation within the time specified by Facility.

(c) Obligations of Business Associate Upon Termination.

Upon termination of this Agreement for any reason, business associate shall return to Facility or, if agreed to by Facility, destroy, all protected health information received from Facility, or created, maintained, or received by business associate on behalf of Facility, that the business associate still maintains in any form.  Business associate shall retain no copies of the protected health information. 

Upon termination of this Agreement for any reason, business associate, with respect to protected health information received from Facility, or created, maintained, or received by business associate on behalf of Facility, shall:

    1. Retain only that protected health information which is necessary for business associate to continue its proper management and administration or to carry out its legal responsibilities;
    2. Return to Facility or, if agreed to by Facility, destroy the remaining protected health information that the business associate still maintains in any form;
    3. Continue to use appropriate safeguards and comply with Subpart C of 45 CFR Part 164 with respect to electronic protected health information to prevent use or disclosure of the protected health information, other than as provided for in this Section, for as long as business associate retains the protected health information;
    4. Not use or disclose the protected health information retained by business associate other than for the purposes for which such protected health information was retained and subject to the same conditions set out at Section I related to paragraphs (e) and (f) above under Permitted Uses and Disclosures By Business which applied prior to termination; and
    5. Return to Facility the protected health information retained by business associate when it is no longer needed by business associate for its proper management and administration or to carry out its legal responsibilities.

(d) Survival.  The obligations of business associate under this Section shall survive the termination of this Agreement.

VI-Miscellaneous

(a) A reference in this Agreement to a section in the HIPAA Rules means the section as in effect or as amended.

(b) The Parties agree to take such action as is necessary to amend this Agreement from time to time as is necessary for compliance with the requirements of the HIPAA Rules and any other applicable law.

(c) Any ambiguity in this Agreement shall be interpreted to permit compliance with the HIPAA Rules.

We have carefully reviewed this contract and agree to and accept its terms and conditions.  We are executing this contract as of the day and year first written above.