PROVIDER USER AGREEMENT
Last updated: November 16, 2016
Welcome to Klara Technologies, Inc. ("Klara," “We,” “Us" or “Our”) and to the Klara portal of Klara’s website located at [www.klara.com] (www.klara.com) (the "Portal"). The words "You" and “Your” as used herein refer to all individuals and/or entities accessing or using the Portal on behalf of the individual and/or entity entering into this Provider User Agreement, for any reason.
PLEASE READ THIS PROVIDER USER AGREEMENT (”THE AGREEMENT“) CAREFULLY BEFORE USING THIS PORTAL OR SUBMITTING ANY MATERIALS GENERATED BY YOU (“PROVIDER-GENERATED MATERIAL”). This Agreement, as it might be revised from time to time, governs, among other things: (i) Your access to and use of the Portal and its related products and services; (ii) the manner in which You provide any and all material to Klara at any time after clicking “I Agree”; and (iii) communications between You and Klara with respect to the Portal and its and other Klara products and services. If You do not agree with the terms and conditions below, or do not agree to be bound by them, do not click the “I AGREE” option, do not create an account, or use the Portal or its related services. If You do not agree with these terms and conditions in full, Klara does not grant You any right, license, or otherwise authorize You to access or use this Portal or any related products or services, in any fashion for any purpose whatsoever. Whenever referenced herein, Klara shall refer to Klara Technologies, Inc. and its shareholders, officers, affiliates, employees, directors, agents, subcontractors and representatives, collectively.
IF YOU ARE ENTERING INTO THIS AGREEMENT ON BEHALF OF A COMPANY OR OTHER LEGAL ENTITY, YOU REPRESENT THAT YOU HAVE THE AUTHORITY TO BIND THE ENTITY TO ALL TERMS AND CONDITIONS OF THIS AGREEMENT AND, “YOU” AND “YOUR” IN THIS AGREEMENT SHALL REFER TO SUCH ENTITY OR PRACTICE. IF YOU DO NOT HAVE SUCH AUTHORITY OR IF YOU DO NOT AGREE TO ALL THE TERMS AND CONDITIONS IN THIS AGREEMENT, YOU MAY NOT SELECT THE “I AGREE” BUTTON AND MAY NOT USE THE PORTAL OR ITS RELATED PRODUCTS AND SERVICES. By clicking the “I AGREE” option, creating an account, providing Provider-Generated Material, or paying for or using our Service(s), You accept that the terms, obligations, rights and conditions specified here will form a legally binding agreement between You and Klara, and certify that:
You have read and understand all of the terms and conditions of this Agreement;
You are either the practitioner identified in the profile accessed through this Portal (“the Profile”), or are expressly authorized by the practitioner identified in the Profile to act as an agent on behalf of the practitioner, entity, or practice;
You agree to be bound by all of the terms and conditions of this Agreement and acknowledge that this Agreement is the legal equivalent of a signed, written contract for services between You and Klara.
B. MODIFICATIONS TO THE AGREEMENT
C. DESCRIPTION OF KLARA SERVICES
Klara is messaging service that acts as a gateway portal to facilitate the exchange of health information between physician and patient, and among physicians and other medical service providers, including without limitation pharmacies, health care facilities, and medical staff within a facility or practice. Klara is not a medical provider or telehealth service as such terms may be defined under state or federal laws.
D. ACCESS TO AND USE OF THE PORTAL
Klara will provide You with access to Klara’s cloud-based communication Portal. Klara reserves the right, at its sole discretion, to restrict, suspend or terminate Your access to all or any part of the Portal at any time for any reason without prior notice or liability. As set forth in 4.5 herein, Klara may change, suspend or discontinue all or any aspects of the Portal at any time, but will make commercially reasonable efforts to inform You of disruption, suspension, or material changes to the Portal prior to proceeding with these changes. Klara may also temporarily suspend or discontinue, without notice, a Klara session at any time should Klara reasonably believe that such action is required, or to avoid an imminent threat of harm to Klara, or to You or your patients.
Klara shall provide access to the Portal twenty-four (24) hours, seven (7) days a week excluding periods of time necessary for Portal maintenance and internet performance issues. Klara reserves the right to have planned outages for hardware and software maintenance. You acknowledge system maintenance is a necessary element towards Klara providing the Portal as a functional platform and You understand that under no circumstance shall You be entitled to any abatement of any Fees or reimbursement for any costs or expenses associated with Portal downtime or limited or lack of functionality.
License to Portal. Subject to Your compliance with the terms and conditions of this Agreement, Klara will grant to You a non-exclusive, non-transferable, limited right and license, solely during the Term of this Agreement, to access, use, cache, perform, and display the Portal options and features and all reference materials and associated materials, solely for the purpose of use the Portal and its related products and services.
Hosting. The hosting of the Portal shall consist of secure hosting and storing of certain Confidential Information, as defined in Section 9 of this Agreement, including, but not limited to, applicable protected health information under the Health Insurance Portability and Accountability Act of 1996, and the regulations promulgated thereunder, ("HIPAA") and transmitting the Confidential Information and other required information to You, and Klara’s designated service providers.
Your Data Security Obligations. You are fully responsible for the security of Provider-Generated Material prior to uploading it to the Portal or that is otherwise in Your possession. You agree to comply with all applicable state and federal laws and rules in connection with Your collection, security, and dissemination of any protected health information (PHI) on Your site. You agree that at all times You shall be compliant with HIPAA and HITECH requirements, as applicable. The steps You will need to take to comply with HIPAA and HITECH when using Klara will vary based on Your implementation. If We believe that it is necessary based on Your implementation and we request it of You, then You will promptly provide us with documentation evidencing Your compliance with HIPAA and HITECH. Information on the HIPAA rules can be found on the HHS website http://www.hhs.gov/ocr/privacy/hipaa/administrative/combined/hipaa-simplification-201303.pdf It is Your responsibility to comply with these standards.
Suspension or Termination. Klara reserves the right, in its sole discretion, to restrict, suspend or terminate Your access to all or any part of the Portal at any time for any reason without prior notice or liability. Klara may change, suspend or discontinue all or any aspects of the Portal at any time, including the availability of any feature, database, or content, without prior notice or liability. Klara will make reasonable, good faith efforts to inform You of pending suspension or termination. You have the right to terminate Your relationship with Klara with thirty (30) days written notice.
Retention of Content. As long as Your Portal account is active, You shall be responsible for managing and retaining any of Your Content. Other than as required by applicable law or legal process or as otherwise agreed, Klara shall not be responsible for retaining any of Your Content after account termination or for archiving purposes. You acknowledge that all Content may be deleted by Klara after the account is terminated, subject to the terms of this Agreement. For the avoidance of doubt, Klara does not provide record keeping or other archival services. You will keep copies of all Content delivered or otherwise made available by or on behalf of You or your patient users to Klara as part of the Services.
Business Continuity. In the event that You or Klara terminate this Agreement, or Klara is unable to continue providing the Portal to You, Klara will provide You with access to the most current data set, as well as all necessary information, including application settings and utilities, in order to facilitate a transition of Your Content to another provider or in-house implementation. Upon termination, Klara will, to the extent possible, provide You at reasonable cost in accordance with industry pricing a current copy of Your Content; provided that You are at such time in good standing in all then current fees and charges and Klara receives written request from You for a copy of Your Content no later than 30 days after termination (the “Termination Transition Period”). Klara will provide the same data backups and settings regardless of which party terminates this Agreement or the reason for termination, and each party will reasonably cooperate to effect a timely and orderly transition of services, if applicable, to any designated third party identified by You in writing to Klara within the Termination Transition Period.
- License Restrictions. You shall not reverse engineer, decompile, disassemble, translate, or attempt to learn the source code of the Portal or its related services. Unless expressly set forth herein, You may not use, copy, modify, create derivative works of, distribute, sell, assign, pledge, sublicense, lease, loan, rent, timeshare, deliver, or otherwise transfer, directly or indirectly, the Portal (in whole or in part) or any rights in the Portal or its related products and services. You may not resell or act as a service bureau for the Portal or any component thereof. You may not remove from the Portal or its related products and services, or alter or add, any Marks or copyright notices or other proprietary rights markings.
E. COMPLIANCE WITH APPLICABLE LAWS
You hereby acknowledge that Klara is software provider with no professional licensure certification, and understands that Klara is not a medical provider. You understand that You are responsible for all aspects of professional services provided by You. You agree to: (a) adhere to the provisions under this Agreement; and (b) comply with the requirements of law and with all ordinances, statutes, regulations, directives, orders, or other lawful enactments of pronouncements of any local, state, federal or other lawful authority applicable to either of the parties. You further agree: (i) not to use Portal or any related services for any illegal purposes; and (ii) to comply with all applicable local, state, national, and international laws and regulations, including without limitation laws relating to recording conversations, privacy, and data protection and public displays or performances, and United States export laws and regulations regarding the transmission of technical data exported from the United States through the Software or Services. You further agree that this Agreement does not require Klara to exercise any right or remedy in order to benefit or protect anyone, although Klara reserves the right to do so in its sole discretion.
H. REPRESENTATIONS AND WARRANTIES
You represent and warrant the following:
6.1. No Conflict. You are not currently a party, and shall not be a party, to any agreement which conflicts with the terms of this Agreement.
6.2. Warranty of Content. You represent that You: (i) are the owner or authorized licensee of any and all Content; (ii) will not publish, post, upload, record, or otherwise distribute or transmit Content using Portal that: (a) infringes or would infringe any copyright, patent, trademark, trade secret, or other proprietary right of any party, or any rights of publicity or privacy of any party; (b) violates any law, statute, ordinance, or regulation (including without limitation the laws and regulations governing export control, unfair competition, anti-discrimination, false advertising, privacy, or data security); (c) is profane, defamatory, libelous, obscene, indecent, threatening, harassing, or otherwise unlawful; (d) is harmful to minors or pornographic; (e) contains any viruses, Trojan horses, worms, time bombs, malware, cancelbots, corrupted files, or any other similar software, data, or programs that may damage, delete, detrimentally interfere with, surreptitiously intercept, or expropriate any system, data, personal information, or property of another; or (f) is materially false, misleading, or inaccurate.
6.3. Ownership of Content. Klara does not claim ownership of any Content. In connection with our provision of the Portal to You, except as otherwise provided in this Agreement, as between You and Us, You retain all right, title, interest, and responsibility for, in, and to the Content. You acknowledge that the Portal and its related products and services are provided by automated means and that Klara personnel will not access, use, or disclose any Content, except as necessary to provide Your with Portal products and services, including without limitation the following: (i) during a service interruption as necessary to restore applicable Content at Your request; or (ii) as reasonably deemed necessary or advisable by Klara, at its sole but reasonable discretion, to conform to applicable legal requirements or to comply with legal process. You hereby grant to Klara a nonexclusive, worldwide, royalty-free, fully-paid, irrevocable, transferable license to host, cache, store, display, record and copy Content solely for the purpose of providing the Portal to You during the Term.
I. PAYMENTS & FEES
Unless otherwise set forth in a duly-executed and mutually agreed upon amendment to this Agreement, pricing for use of the Portal and its related products and services is based on the pricing page (https://klara.com/subscribe). Klara reserves the right to adjust pricing from time to time upon 30 days written notice to You. You agree to pay Klara the applicable fees and charges for use of the Portal and its related products and services. You agree to pay Klara the applicable fees and charges for use of the Portal and its related products and services. Unless otherwise stated in a duly-executed and mutually agreed upon amendment to this Agreement, each proper, undisputed, invoice is due and payable by You immediately upon receipt of such notice. Klara reserves the right to charge late fees of up to 1% monthly on balances outstanding beyond 60 days of invoice date.
J. LIMITATION OF LIABILITY
Klara is not assuming liability, and, therefore shall not be liable to the You for any claims, debts, liabilities, obligations, costs, expenses, actions, causes of action and claims for relief as a result of any claim, audit, investigation, litigation or arbitration, or any other cause, whatsoever, regardless of whether or not such loss or damage was caused by or contributed to by Klara’s negligent performance, or failure to perform any obligation. You hereby release Klara from any claims for contribution or indemnity. Notwithstanding the foregoing, Klara’s total liability for losses suffered by You or any of its affiliates under or related to this Agreement shall in no event exceed an amount equal to the average monthly fee paid by You under this Agreement at time of loss.
IT IS EXPRESSLY AGREED THAT IN NO EVENT SHALL KLARA BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, CONSEQUENTIAL, OR EXEMPLARY DAMAGES, INCLUDING BUT NOT LIMITED TO, LOSS OF PROFITS OR REVENUES, LOSS OF USE, OR LOSS OF INFORMATION OR DATA, WHETHER A CLAIM FOR ANY SUCH LIABILITY OR DAMAGES IS PREMISED UPON BREACH OF CONTRACT, BREACH OF WARRANTY, NEGLIGENCE, STRICT LIABILITY, OR ANY OTHER THEORY OF LIABILITY, EVEN IF KLARA HAS BEEN APPRISED OF THE POSSIBILITY OR LIKELIHOOD OF SUCH DAMAGES OCCURRING. KLARA DISCLAIMS ANY AND ALL LIABILITY FOR ERRONEOUS TRANSMISSIONS AND LOSS OF SERVICE RESULTING FROM COMMUNICATION FAILURES BY TELECOMMUNICATION SERVICE PROVIDERS OR THE SYSTEM.
IT IS EXPRESSLY AGREED THAT IN NO EVENT SHALL KLARA BE LIABLE FOR THE DISCLOSURE OF ANY INFORMATION ABOUT YOU THAT IS OR BECOMES GENERALLY AVAILABLE TO THE PUBLIC OTHER THAN AS A RESULT OF ANY GROSS NEGLIGENCE OR WILLFUL MISCONDUCT BY KLARA OR AFFILIATES OR ANY OF THEIR OFFICERS, DIRECTORS, EMPLOYEES, REPRESENTATIVES AND AGENTS, OR THAT IS OR HAS BECOME KNOWN OR AVAILABLE TO KLARA ON A NON-CONFIDENTIAL BASIS FROM A SOURCE THAT, TO THE BEST OF KLARA'S KNOWLEDGE, IS NOT PROHIBITED FROM DISCLOSING SUCH INFORMATION, OR THAT WAS INDEPENDENTLY DEVELOPED BY KLARA OR AFFILIATES OR ANY OF THEIR OFFICERS, DIRECTORS, EMPLOYEES, REPRESENTATIVES AND AGENTS WITHOUT REFERENCE TO SUCH INFORMATION.
IT IS EXPRESSLY AGREED THAT IN NO EVENT SHALL KLARA BE LIABLE FOR ANY DAMAGES RESULTING FROM LOSS OF DATA, PROFITS, USE OF PRODUCTS, OR FOR ANY SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES, EVEN IF ADVISED OF THE POSSIBLITY OF SUCH DAMAGES.
IN THE EVENT YOU TRANSMIT, INTRODUCE, OR OTHERWISE CAUSE ANY TECHNICAL DISRUPTION OF THE PORTAL, YOU AGREE TO BE RESPONSIBLE FOR ANY AND ALL LIABILITIES AND COSTS AND EXPENSES (INCLUDING ATTORNEYS’ FEES AND EXPENSES) ARISING FROM ANY AND ALL CLAIMS BROUGHT BY THIRD PARTIES BASED UPON SUCH TECHNICAL DISRUPTIONS. "TECHNICAL DISRUPTION" MEANS DISTRIBUTION OF UNSOLICITED ADVERTISING OR CHAIN LETTERS, PROPAGATION OF COMPUTER WORMS, VIRUSES OR OTHER HARMFUL CODE, AND/OR USING THE SITE TO MAKE UNAUTHORIZED ENTRY TO ANY OTHER MACHINE ACCESSIBLE VIA THE SITE. YOU ARE FURTHER SOLELY RESPONSIBLE FOR THE CONTENT OF ANY TRANSMISSIONS USING THE SITE AND AGREE NOT TO UPLOAD, POST OR OTHERWISE MAKE AVAILABLE ON THE PORTAL ANY MATERIAL PROTECTED BY A PROPRIETARY RIGHT OF A THIRD PARTY WITHOUT FIRST OBTAINING THE EXPRESS PERMISSION OF THE OWNER OF SUCH PROPRIETARY RIGHT. YOU SHALL BE SOLELY LIABLE FOR ANY DAMAGES, LOSSES, COSTS OR EXPENSES (INCLUDING ATTORNEYS' FEES AND EXPENSES) ARISING OUT OF INFRINGEMENT OF PROPRIETARY RIGHTS OR ANY OTHER HARM ARISING FROM THE UPLOADING, POSTING OR OTHER SUBMISSION OF MATERIALS BY YOU.
YOU ACKNOWLEDGE AND AGREE THAT THE FEES AND OTHER CHARGES WHICH KLARA IS CHARGING UNDER THIS AGREEMENT DO NOT INCLUDE ANY CONSIDERATION FOR ASSUMPTION BY KLARA OF THE RISK OF YOUR'S DIRECT, INDIRECT, CONSEQUENTIAL OR INCIDENTAL DAMAGES OR OF UNLIMITED DIRECT DAMAGES.
YOU ACKNOWLDEGE THAT ACCESS TO THE PORTAL WILL BE PROVIDED OVER VARIOUS FACILITIES AND COMMUNICATIONS LINES, AND INFORMATION WILL BE TRANSMITTED OVER LOCAL EXCHANGE AND INTERNET BACKBONE CARRIER LINES AND THROUGH ROUTERS, SWITCHES, AND OTHER DEVICES (COLLECTIVELY, “CARRIER LINES”) OWNED, MAINTAINED, AND SERVICED BY THIRD-PARTY CARRIERS, UTILITIES, INTERNET SERVICE PROVIDERS, ALL OF WHICH ARE BEYOND KLARA’s CONTROL. KLARA ASSUMES NO LIABILITY FOR OR RELATING TO THE INTEGRITY, PRIVACY, SECURITY, CONFIDENTIALITY, OR USE OF ANY INFORMATION WHILE IT IS TRANSMITTED ON THE CARRIER LINES, OR ANY DELAY, FAILURE, INTERRUPTION, INTERCEPTION, LOSS, TRANSMISSION, OR CORRUPTION OF ANY DATA OR OTHER INFORMATION ATTRIBUTABLE TO TRANSMISSION ON THE CARRIER LINES. USE OF THE CARRIER LINES IS SOLELY AT YOUR RISK AND IS SUBJECT TO ALL APPLICABLE LOCAL, STATE, NATIONAL, AND INTERNATIONAL LAWS.
KLARA IS NOT RESPONSIBLE FOR UNAUTHORIZED ACCESS TO YOUR DATA, FACILITIES OR EQUIPMENT BY INDIVIDUALS OR ENTITIES USING THE PORTAL FOR UNAUTHORIZED ACCESS TO, ALTERATION, THEFT, CORRUPTION, LOSS OR DESTRUCTION OF YOUR DATA FILES, PROGRAMS, PROCEDURES, OR INFORMATION THROUGH THE SYSTEM, WHETHER BY ACCIDENT, FRAUDULENT MEANS OR DEVICES, OR ANY OTHER MEANS BY ANY AUTHORIZED USER, OR ANY OTHER PERSON, ENTITY, THIRD PARTY OR OTHER. YOU ARE SOLELY RESPONSIBLE FOR VALIDATING THE ACCURACY OF ALL OUTPUT AND REPORTS, AND FOR PROTECTING YOUR DATA AND PROGRAMS FROM LOSS BY IMPLEMENTING APPROPRIATE SECURITY MEASURES, INCLUDING ROUTINE BACKUP PROCEDURES. YOU HEREBY WAIVE ANY DAMAGES OCCASIONED BY LOST OR CORRUPT DATA, INCORRECT REPORTS, OR INCORRECT DATA FILES RESULTING FROM PROGRAMMING ERROR, OPERATOR ERROR, EQUIPMENT OR SOFTWARE MALFUNCTION, SECURITY VIOLATIONS, OR THE USE OF THIRD-PARTY SOFTWARE. KLARA IS NOT RESPONSIBLE FOR THE CONTENT OF ANY INFORMATION TRANSMITTED OR RECEIVED THROUGH OUR PROVISION OF THE PORTAL.
L. NO LIABILITY FOR CONTENT.
YOU AGREE THAT KLARA WILL NOT BE LIABLE FOR ANY CONTENT, INCLUDING BUT NOT LIMITED TO CONTENT THAT IS SENT, RECEIVED, HELD, RELEASED OR OTHERWISE CONNECTED IN ANY RESPECT TO THE PORTAL OR ITS RELATED SERVICES, CONTENT THAT IS UPLOADED OR DOWNLOADED BUT NOT RECEIVED, AND CONTENT SENT USING AND/OR INCLUDED IN THE SERVICES, INCLUDING WITHOUT LIMITATION ANY THREATENING, DEFAMATORY, OBSCENE, OFFENSIVE, OR ILLEGAL CONTENT; FURTHER, YOU AGREE THAT KLARA WILL NOT BE LIABLE FOR ANY ACCESS TO OR ALTERATION OF SUCH CONTENT OR FOR ANY INFRINGEMENT OF ANOTHER'S RIGHTS, INCLUDING PRIVACY, INTELLECTUAL PROPERTY, OR DATA PROTECTION RIGHTS ARISING FROM SUCH PROVIDER-GENERATED OR PATIENT USER-GENERATED CONTENT, OR FROM THE CONDUCT OF PHYSICIAN USERS, PATIENT USERS, OR THIRD PARTIES OTHER THAN WHICH MAY BE THE RESULT OF KLARA’S WILLFUL CONDUCT.
M. NO WARRANTY.
YOU AGREE THAT THE PORTAL IS PROVIDED ON “AS IS” AND “AS AVAILABLE” BASIS ONLY, WITHOUT WARRANTY OF ANY KIND, AND ALL EXPRESS, IMPLIED OR STATUTORY WARRANTIES, CONDITIONS, REPRESENTATIONS, INCLUDING BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF TITLE, MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, ACCURACY, TIMELINESS, COMPLETENESS, ADEQUACY AND NONINFRINGEMENT OR WARRANTY ARISING OUT OF COURSE OF PERFORMANCE, COURSE OF DEALING OR USAGE OR TRADE ARE EXCLUDED BY KLARA, AND KLARA DOES NOT WARRANT THAT THE PROGRAMS WILL MEET THE REQUIREMENTS OF ANY PERSON AND OPERATE ON AN UNINTERRUPTED OR ERROR-FREE BASIS. YOU ACKNOWLEDGE YOU ARE SOLELY RESPONSIBLE FOR ANY AND ALL ACTS OR OMISSIONS TAKEN OR MADE IN RELIANCE ON THE PORTAL, INCLUDING INACCURATE OR INCOMPLETE INFORMATION.
You agree to release, indemnify and hold Klara harmless from and against any losses, damages, liabilities, demands, administrative actions, government investigations, payor audits, costs, fines, fees, expenses (including reasonable attorneys’ fees, expert fees and disbursements) penalties, claims, suits and actions (collectively “Claims”), caused by, asserted to have been caused by, arising out of, as a result of, or related to, directly or indirectly, any act or omission by You, Your employees, affiliates, subcontractors or assigns, including but not limited to (i) the use, non-use misuse, access or unauthorized access of the Portal; (ii) a material breach of the terms of this Agreement including representations, warranties, covenants and obligations; (iii) any act or omission of You that results in submitting any false or fraudulent claim to any governmental or private payor; (iv) any violation of law, rule or regulation; or (v) any other acts or omissions.
The parties recognize that they may come in contact with or become familiar with information that the other party may consider confidential, such as certain proprietary, financial or commercial information, including, but not limited to, records, files, reports, protocols, policies, manuals, databases, processes, procedures, computer systems, materials, and other documents created or maintained relating to the operation of the party’s organization. The parties agree that they will not, and that their staff or designees will not, during or after the term of this Agreement, disclose any confidential or proprietary information to any other person or entity for any reason or purposes whatsoever, without written consent of the other party. All Confidential Information disclosed hereunder will remain the exclusive and confidential property of the disclosing party. The receiving party will not disclose the Confidential Information of the disclosing party and will use at least the same degree of care, discretion and diligence in protecting the Confidential Information of the disclosing party as it uses with respect to its own confidential information, but in no case less than reasonable care; provided, however, that Klara may disclose protected health information included within the Confidential Information in accordance with the Business Associate Agreement by and between the parties. The receiving party will limit access to Confidential Information to its affiliates, employees and authorized representatives with a need to know and will instruct them to keep such information confidential. Notwithstanding the foregoing, the receiving party may disclose Confidential Information of the disclosing party (i) to the extent necessary to comply with any Law; (ii) as appropriate and with prior notice where practicable, to respond to any summons or subpoena or in connection with any litigation; and (iii) to any vendor with which Klara has a HIPAA compliant relationship.
You acknowledge that Klara may from time to time communicate directly with You for the purpose of marketing its products and services or those of its recommended vendors, and may use Confidential Information to do so. The obligations of Klara set forth in this Section shall not apply to any suggestions and feedback for product or service improvement, correction, or modification provided by You in connection with any present or future Klara product or service. In addition, subject to any limitations imposed by HIPAA, with Your consent (which is hereby given), Klara may use internet/website analytics software tools and programs that collect, transmit, store, disclose and analyze certain information about the actual use of the hosted programs by You (such as, but not limited to, pages viewed, links clicked, help functions used and other workflow information); such information shall not be considered Confidential Information hereunder and may be used by Klara for the purpose of license administration, error resolution and product analysis and improvement.
P. USE OF NAME AND PUBLICITY
Except as required by law, You shall not: (i) use the name, trademark, trade dress, or any other name or mark by which Klara is known, or of any employee, officer, director or affiliate of Klara or any adaptation, acronym or name by which Klara is commonly known, in any advertising, promotional or sales literature or in any publicity without the prior written approval of Klara; or (ii) publish any information about the Portal, without the prior written permission of Klara.
This Agreement shall be governed by, and construed in accordance with the laws of the State of New York, exclusive of conflict of law rules. Each party to this Agreement hereby agrees and consents that any legal action or proceeding with respect to this Agreement shall only be brought in the courts of the state of New York. This Agreement, along with any exhibits, constitutes the entire agreement between the parties with respect to the subject matter contained herein, and this Agreement supersedes and replaces any former agreement or addendum entered into by the parties. This Agreement may be executed in counterparts, each of which when taken together shall constitute one original. Any PDF or electronic signatures to this Agreement shall be deemed original signatures to this Agreement.
R. FORCE MAJEURE
Klara has no liability to You if the Portal is inaccessible or data destroyed by fire, strike, theft, acts of God, or any other cause. In the event of system malfunction, for whatever reasons, or inability to access the Portal, Klara shall not be liable for damage to or loss of any of Your data and You acknowledge that You have been advised that You are responsible for maintaining Your own data by use of regular backup procedures. You agree to hold Klara harmless from any liability resulting from violations of local, state or federal regulation relating to the inaccessibility to the Portal for reasons set forth in this Section. You agree to indemnify and hold Klara harmless from costs associated with the defense of Klara, including attorney’s fees, in any such local state or federal proceeding.
BUSINESS ASSOCIATES AGREEMENT
This Business Associate Agreement, dated as of _, 20 (“BA Agreement”), is by and between _ (referred to herein as the “Covered Entity”, within the meaning as defined at 45 CFR 160.103) and Klara Technologies, Inc. (referred to herein as the “Business Associate”, within the meaning as defined at 45 CFR 160.103). WHEREAS, Covered Entity and Business Associate are parties to an arrangement pursuant to which Business Associate provides certain services to Covered Entity as further set forth in that certain agreement by and between the parties. In connection with Business Associate’s services, Business Associate may assist in the performance of a function or activity involving the use or disclosure of individually identifiable health information, which information is subject to protection under the Privacy, Security, Breach Notification, and Enforcement Rules at 45 CFR Part 160 and Part 164 (collectively referred to herein as the “HIPAA Rules”).
WHEREAS, in light of the foregoing and the requirements of HIPAA Rules, Business Associate and Covered Entity agree to be bound by the following terms and conditions.
NOW, THEREFORE, for good and valuable consideration, the receipt and sufficiency of which is hereby acknowledged, the parties agree as follows:
The following terms used in this Agreement shall have the same meaning as those terms in the HIPAA Rules: Breach, Data Aggregation, Designated Record Set, Disclosure, Electronic Protected Health Information, Health Care Operations, Individual, Minimum Necessary, Notice of Privacy Practices, Protected Health Information, Required By Law, Secretary, Security Incident, Subcontractor, Unsecured Protected Health Information, and Use.
Obligations and Activities of Business Associate.
Use and Disclosure. Business Associate agrees not to use or disclose Protected Health Information other than as permitted or required by this BA Agreement or as Required By Law. Business Associate shall comply with the provisions of this BA Agreement relating to privacy and security of Protected Health Information and all present and future provisions of the HIPAA Rules that relate to the privacy and security of Protected Health Information and that are applicable to Covered Entity and/or Business Associate.
Appropriate Safeguards. Business Associate agrees to use appropriate safeguards to prevent the use or disclosure of the Protected Health Information other than as provided for by this BA Agreement. Without limiting the generality of the foregoing sentence, Business Associate will:
Comply with its administrative, physical, and technical safeguards that reasonably and appropriately protect the confidentiality, integrity and availability of Electronic Protected Health Information as required by the HIPAA Rules;
Ensure that any agent, including a subcontractor, to whom Business Associate provides Electronic Protected Health Information agrees to implement reasonable and appropriate safeguards to protect Electronic Protected Health Information; and
Promptly report to Covered Entity any Security Incident of which Business Associate becomes aware as well as any use or disclosure of Protected Health Information of which it becomes aware not provided for by the BA Agreement. In addition, Business Associate agrees to promptly notify Covered Entity following the discovery of any Breach as required at 45 CFR 164.410.
Comply with its Breach notification policy that reasonably and appropriately identifies any potential Breach of the HIPAA Rules by Business Associate and/or to the extent Business Associate has knowledge of, by Covered Entity, and provides procedure for proper response and notification of any such Breach as required by the HIPAA Rules and any other applicable Federal or State laws.
Mitigation. Business Associate agrees to mitigate, to the extent practicable, any harmful effect that is known to Business Associate of a use or disclosure of Protected Health Information by Business Associate or its employees, officers or agents in violation of the requirements of this BA Agreement (including, without limitation, any Security Incident or Breach of Unsecured Protected Health Information). Business Associate agrees to reasonably cooperate and coordinate with Covered Entity in the investigation of any violation of the requirements of this BA Agreement and/or any Security Incident or Breach. Business Associate shall also reasonably cooperate and coordinate with Covered Entity in the preparation of any reports or notices to the Individual, a regulatory body or any third party required to be made under HIPAA Rules, or any other Federal or State laws, rules or regulations, provided that any such reports or notices shall be subject to the prior written approval of Covered Entity. Agents. Business Associate shall ensure that any agent, including a subcontractor, to whom it provides Protected Health Information received from, or created or received by, Business Associate on behalf of Covered Entity agrees to the same restrictions and conditions that apply through this BA Agreement to Business Associate with respect to such information. Access to Designated Record Sets. To the extent that Business Associate possesses or maintains Protected Health Information in a Designated Record Set, Business Associate agrees to provide access, at the request of Covered Entity, and in the time and manner designated by the Covered Entity, to Protected Health Information in a Designated Record Set, to Covered Entity or, as directed by Covered Entity, to an Individual in order to meet the requirements under HIPAA Rules. If an Individual makes a request for access to Protected Health Information directly to Business Associate, Business Associate shall notify Covered Entity of the request within three (3) business days of such request and will cooperate with Covered Entity and allow Covered Entity to send the response to the Individual. Amendments to Designated Record Sets. To the extent that Business Associate possesses or maintains Protected Health Information in a Designated Record Set, Business Associate agrees to make any amendment(s) to Protected Health Information in a Designated Record Set that the Covered Entity directs or agrees to pursuant to HIPAA Rules at the request of Covered Entity or an Individual, and in the time and manner designated by the Covered Entity. If an Individual makes a request for an amendment to Protected Health Information directly to Business Associate, Business Associate shall notify Covered Entity of the request within three business (3) days of such request and will cooperate with Covered Entity and allow Covered Entity to send the response to the Individual. Access to Books and Records. Business Associate agrees to make its internal practices, books, and records, including policies and procedures and Protected Health Information, relating to the use and disclosure of Protected Health Information received from, or created or received by Business Associate on behalf of, Covered Entity available to the Covered Entity, or to the Secretary, in a time and manner designated by the Covered Entity or designated by the Secretary, for purposes of the Secretary determining Covered Entity’s compliance with the Privacy Rule. Accountings. Business Associate agrees to document such disclosures of Protected Health Information and information related to such disclosures as would be required for Covered Entity to respond to a request by an Individual for an accounting of disclosures of Protected Health Information in accordance with the HIPAA Rules. Requests for Accountings. Business Associate agrees to provide to Covered Entity or an Individual, in the time and manner designated by the Covered Entity, information collected in accordance with this BA Agreement, to permit Covered Entity to respond to a request by an Individual for an accounting of disclosures of Protected Health Information in accordance with the HIPAA Rules. If an Individual makes a request for an accounting directly to Business Associate, Business Associate shall notify Covered Entity of the request within three business (3) days of such request and will cooperate with Covered Entity and allow Covered Entity to send the response to the Individual. Permitted Uses and Disclosures by Business Associate. Required For Provision of Services. Except as otherwise limited in this BA Agreement, Business Associate may use or disclose Protected Health Information to perform functions, activities, or services for, or on behalf of, Covered Entity as reasonably required in performing its services to Covered Entity, provided that such use or disclosure would not violate the HIPAA Rules if done by Covered Entity or the minimum necessary policies and procedures of the Covered Entity. To the degree required for provision of services hereunder, Business Associate may de-identify information received from Covered Entity for such purposes as would not violate the HIPAA Rules if done by Covered Entity or the minimum necessary policies and procedures of the Covered Entity. Use for Administration of Business Associate. Except as otherwise limited in this BA Agreement, Business Associate may use Protected Health Information for the proper management and administration of the Business Associate or to carry out the legal responsibilities of the Business Associate. Disclosure for Administration of Business Associate. Except as otherwise limited in this BA Agreement, Business Associate may make uses and disclosures and requests for Protected Health Information for the proper management and administration of the Business Associate, provided that (i) disclosures are Required by Law, (ii) disclosures are consistent with the Covered Entity’s minimum necessary policies and procedures, or (iii)Business Associate obtains reasonable assurances from the person to whom the information is disclosed that it will remain confidential and used or further disclosed only as Required by Law or for the purpose for which it was disclosed to the person, and the person notifies the Business Associate of any instances of which it is aware in which the confidentiality of the information has been breached. Covered Entity Notification of Privacy Practices and Restrictions.
Limitation(s) in Privacy Policies. Covered Entity shall notify Business Associates of any limitation(s) in its notice of privacy practices, to the extent that any such limitation may affect Business Associate’s uses or disclosure of Protected Health Information.
Changes/Revocation of Permission. Covered Entity shall notify Business Associate of any changes in, or revocation of, the permission by an Individual to use or disclose Protected Health Information, to the extent that such changes may affect Business Associate’s use or disclosure of protected health information. Restriction of Protected Health Information. Covered Entity shall notify Business Associate of any restriction on the use or disclosure of protected health information that covered entity has agreed to or is required to abide by under the HIPAA Rules, to the extent that such restriction may affect Business Associate’s use or disclosure of protected health information. Permissible Requests by Covered Entity. Except as otherwise Required By Law or set forth herein, Covered Entity shall not request Business Associate to use or disclose Protected Health Information in any manner that would not be permissible under the HIPAA Rules if done by Covered Entity. Term and Termination. Term. This BA Agreement shall be effective as of the date of this BA Agreement and shall terminate upon the effective date of Termination for Cause. Termination for Cause. Business Associate authorizes termination of this Agreement by Covered Entity, if Covered Entity determines Business Associate has violated a material term of the BA Agreement and Business Associate has not cured the breach or ended the violation within the time specified by covered entity.
Obligations of Business Associate Upon Termination. Upon termination of this BA Agreement for any reason, Business Associate, with respect to Protected Health Information received from Covered Entity, or created, maintained, or received by Business Associate on behalf of Covered Entity, shall: Retain only that Protected Health Information which is necessary for Business Associate to continue its proper management and administration or to carry out its legal responsibilities; Return to Covered Entity, or, if agreed to by Covered Entity, destroy, the remaining Protected Health Information that the Business Associate still maintains in any form Continue to use appropriate safeguards and comply the HIPAA Rules with respect to Electronic Protected Health Information to prevent use or disclosure of the Protected Health Information, other than as provided for in this Section, for as long as Business Associate retains the Protected Health Information; Not use or disclose the Protected Health Information retained by Business Associate other than for the purposes for which such Protected Health Information was retained and subject to the same conditions set out in Section 3 which applied prior to termination; and Return to covered entity, or, if agreed to by covered entity, destroy the Protected Health Information retained by Business Associate when it is no longer needed by Business Associate for its proper management and administration or to carry out its legal responsibilities. Survival. The obligations of Business Associate under this Section 6 shall survive the termination of this BA Agreement. Indemnity. Covered Entity agrees to indemnify, defend and hold harmless Business Associate and its employees, directors/trustees, members, professional staff, representatives and agents (collectively, the “Indemnitees”) from and against any and all claims (whether in law or in equity), obligations, actions, causes of action, suits, debts, judgments, losses, fines, penalties, damages, expenses (including attorney’s fees), liabilities, lawsuits or costs incurred by the Indemnities which arise or result from a breach of the terms and conditions of this BA Agreement or a violation of the HIPAA Rules by Covered Entity or its employees or agents. Covered Entity’s indemnification obligations hereunder shall not be subject to any limitations of liability or remedies in the Service Agreement. Compliance with HIPAA Transaction Standards. When providing its services and/or products, Covered Entity shall comply with all applicable HIPAA Rules standards and requirements with respect to the transmission of Electronic Protected Health Information in connection with any transaction for which the Secretary has adopted a standard under HIPAA (“Covered Transactions”). Covered Entity represents and warrants that it is aware of all current HIPAA standards and requirements regarding Covered Transactions, and Covered Entity shall comply with any modifications to the HIPAA Rules which may become effective from time to time. Covered Entity agrees that such compliance shall be at its sole cost and expense, which expense shall not be passed on to Business Associate in any form, including, but not limited to, increased fees. Covered Entity shall require all of its agents and subcontractors (if any) who assist Covered Entity in providing its services and/or products to comply with the terms of this Section 8. Miscellaneous. Regulatory References. A reference in this BA Agreement to a section in the HIPAA Rules means the section as in effect or as amended or modified from time to time, including any corresponding provisions of subsequent superseding laws or regulations. Amendment. The Parties agree to take such action as is necessary to this BA Agreement from time to time as is necessary for Covered Entity to comply with the requirements of the HIPAA Rules and any other applicable law. Interpretation. Any ambiguity in this Agreement shall be resolved to permit Covered Entity to comply with the HIPAA Rules. Miscellaneous. This BA Agreement shall be governed by, and construed in accordance with the laws of the State of New York, exclusive of conflict of law rules. Each party to this BA Agreement hereby agrees and consents that any legal action or proceeding with respect to this BA Agreement shall only be brought in the courts of the state of New York. This BA Agreement constitutes the entire agreement between the parties with respect to the subject matter contained herein, and this BA Agreement supersedes and replaces any former business associate agreement or addendum entered into by the parties. This BA Agreement may be executed in counterparts, each of which when taken together shall constitute one original. Any PDF or electronic signatures to this BA Agreement shall be deemed original signatures to this BA Agreement. No amendments or modifications to the BA Agreement shall be effected unless executed by both parties in writing.