TERMS AND CONDITIONS
Business Associate Agreement
Business Associate acknowledges that it is a “Business Associate” of Provider as defined by the standards for Privacy of Individually Identifiable Health Information under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), as amended by Sections 13400 through 13424 of the Health Information Technology for Economic Clinical Health Act (the “HITECH Act”), which was enacted as part of the American Recovery and Reinvestment Act of 2009 (“ARRA”). In accordance with the terms set forth in this “Privacy Agreement,” New Source Medical, LLC and the Customer shall use reasonable best efforts to protect the privacy of Protected Health Information.
1. Terms and Terminology.
1.1. Provider. “Provider” means New Source Medical, LLC, 9913 Shelbyville Road, Suite 203, Louisville, Kentucky 40223.
1.2. Business Associate. “Business Associate” means the New Source Medical customer accessing the MyNewSourceMed.com customer system.
1.3. Patient. “Patient” means a patient of Provider.
1.4. Terms. Terms used, but not defined, in this Privacy Agreement shall have the same meaning as those terms in the Privacy Rule or the Security Rule.
1.5. Privacy Rule. “Privacy Rule” shall mean the standards for Privacy of Individually Identifiable Health Information contained in 45 CFR Parts 160 and 164 , Subparts A and E.
1.6. Protected Health Information. “Protected Health Information” and/or “PHI” means information, whether oral or recorded in any form or medium, including demographic information, that: (i) relates to the past, present, or future physical or mental health or condition of an individual, the provision of health care to an individual, or the past, present or future payment for the provision of health care to an individual; (ii) identifies the individual, or for which there is a reasonable basis for believing that the information can be used to identify the individual; and (iii) is received by Business Associate from or on behalf of Provider, or is created by Business Associate for Provider, or is made accessible to Business Associate by Provider. PHI includes, without limitation, “Electronic Protected Health Information” and/or “EPHI,” as that term is defined at 45 CFR § 160.103 .
1.7. Patient Record. “Patient Record” means any item, collection, or grouping of information that includes Protected Health Information that is maintained, collected, used, or distributed by Provider.
1.8. Services Agreement. “Services Agreement” means the Agreement between New Source Medical and the customer to provide the necessary customer personnel access to New Source Medical’s online ordering, billing, and tracking system by and between Provider and Business Associate having an effective date beginning the day the facility personnel accesses the system.
1.9. Person. “Person” means any legal entity or individual.
1.10. Security Rule. “Security Rule” means the Security Standards for the Protection of Electronic Protected Health Information contained in 45 CFR Parts 160 and 164 , Subparts A and C.
1.11. Personal Health Records. “Personal Health Records” means electronic records of personal health information, regardless of whether the information has been created or received by Provider, health plan, employer, or health care clearinghouse, in order to distinguish it from individually identifiable health information that is created or received by Provider, health plan, employer, or health care clearinghouse. Personal Health Records includes the kinds of records managed, shared, and controlled by or primarily for the Patient, but not records managed by or primarily for commercial enterprises, such as life insurance companies.
1.12. Unsecured Protected Health Information. “Unsecured Protected Health Information” and/or “Unsecured PHI” means information that is not secured through the use of a technology or methodology identified by the Secretary to render the Protected Health Information unusable, unreadable and undecipherable to unauthorized users.
2. Business Associate’s Obligations.
2.1. Business Associate Subject to Same Standards and Same Penalties as Provider. Business Associate will comply with the use and disclosure provisions of the Privacy Rule and the security standards regarding administrative, physical, and technical safeguards of the Security Rule. As set forth in the HITECH Act, Business Associate will be subject to civil and criminal penalties for violation of the Privacy Rule or the Security Rule.
2.2. Permitted Uses and Disclosures. Business Associate shall use or disclose PHI solely as necessary to perform the services set forth in the Services Agreement, and as permitted or required by this Privacy Agreement or as required by law.
2.3. Safeguards. Business Associate shall use appropriate privacy and security measures to prevent the use or disclosure of PHI other than as permitted under this Privacy Agreement. Such measures shall include, but are not limited to: (i) implementing and maintaining appropriate administrative, physical, and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability of any EPHI that it creates, receives, maintains, or transmits on behalf of Provider, as required by the Privacy Rule and Security Rule; and (ii) taking measures to ensure compliance with standards and implementation specifications with respect to the administrative, physical, and technical safeguards, as required by 45 C.F.R. §§ 164.308 , 164.310 , 164.312 , and 164.316 .
2.4. Mitigation. If Business Associate uses or discloses PHI in a manner other than as permitted under this Privacy Agreement, Business Associate shall use its reasonable best efforts to mitigate the effects of the use or disclosure. These efforts shall include, but are not limited to, ensuring that the improper use of PHI is discontinued immediately, seeking return or destruction of the improperly disclosed PHI, and ensuring that any person to whom PHI was improperly disclosed will not redisclose such information.
2.5. Duty to Report. Business Associate shall immediately notify Provider of any use or disclosure of PHI of which Business Associate is aware that is not expressly authorized under this Privacy Agreement, whether made by Business Associate, its employees, representatives, agents, or subcontractors. Business Associate shall also immediately notify Provider of any attempted or successful unauthorized access, use, disclosure, modification, or destruction of information, or interference with the system operations in an information system. Business Associate shall provide in such notice the remedial or other actions taken to correct the unauthorized use or disclosure.
2.6. Agents. Business Associate will ensure that any of its employees, agents, subcontractors, or other third parties with which Business Associate does business are aware of and are bound to abide by Business Associate’s obligations under this Privacy Agreement.
2.7. Access to Patient Record. Business Associate understands that a Patient has the right to access the PHI in its Patient Record in accordance with 45 C.F.R. § 164.524 . To provide Patients with access to Patient Records held by Business Associate, Business Associate agrees to provide access to, or copies of, any Patient Record upon request by Provider. Provider shall request access by giving at least 48 hours’ notice by facsimile, telephone, or electronic mail. Business Associate may charge Provider for the reasonable costs of copying only if Provider is allowed under state and federal law to recoup such costs from the Patient.
2.8. Amendments to Patient Record. Business Associate understands that a Patient may have the right to amend the PHI in its Patient Record. To provide Patients with the ability to amend PHI in Patient Records held by Business Associate, Business Associate agrees to make amendments to any Patient Record upon request of Provider. Business Associate shall make such amendment within 30 days of the written request of Provider.
2.9. Duty to Document Disclosures.
a. Business Associate will document each disclosure it makes of PHI to any other person, including Provider. The documentation shall include:
i. The date of the disclosure;
ii. The name of the person receiving the PHI, and, if known, the address of such person; and
iii. A brief statement of the purpose of the disclosure or, instead of such statement, a copy of the request for disclosure.
b. Notwithstanding Section 2.9(a), Business Associate is not required to document the following disclosures:
i. Unless otherwise required by Section 2.10, disclosures made for the purpose of, or incidental to, carrying out treatment, payment, or health care operations;
ii. Disclosures made to provide the Patient with access to its PHI under Section 2.7;
iii. Disclosures made pursuant to a Patient’s written authorization;
iv. Disclosures required by law for national security or intelligence purposes;
v. Disclosures to correctional institutions or law enforcement officials having lawful custody of a Patient;
vii. Disclosures made as part of a limited data set;
viii. Disclosures made to persons involved in the individual’s care; and
ix. Disclosures made for notification purposes such as in an emergency.
2.10. Accounting of Disclosures. Business Associate understands that a Patient has the right to an accounting of disclosures of PHI. To provide Patients with such an accounting, Business Associate will make available the documentation Business Associate has collected in accordance with Section 2.9 upon written request of Provider. Business Associate shall provide the accounting within 30 days of receipt of Provider’s request. If disclosures were made by Business Associate through the use of an electronic health record, the Patient has the right to receive an accounting of disclosures of personal health records made by Business Associate for treatment, payment, and health care operations during the previous 3 years.
2.11. Minimum Necessary. Business Associate represents and warrants that it will use and disclose PHI in accordance with the Privacy Rule’s “minimum necessary” standards.
2.12. Other Uses and Disclosures. Business Associate will not use or disclose Protected Health Information in any manner that would not be permissible under the Privacy Rule or the Security Rule if used or disclosed by Provider.
2.13. Books and Records and Internal Practices. Business Associate agrees to make all internal practices, books, and records relating to the use and disclosure of PHI available to Provider or to the Secretary of the U.S. Department of Health and Human Services (the “Secretary”), in a time and manner designated by Provider or the Secretary for the purposes of the Secretary determining Provider’s compliance with the Privacy Rule and the Security Rule.
2.14. Business Associate’s Obligations Regarding Unsecured Protected Health Information. Business Associate shall comply with the following obligations that relate to Unsecured PHI.
a. Notification of Provider. Business Associate will notify Provider of any Patient whose Unsecured PHI has been, or is reasonably believed by Business Associate to have been, inappropriately accessed, disclosed, or used. Such notification shall include the names and contact information of the Patients involved and shall be made without unreasonable delay, but in no case later than 30 days following discovery of such breach, unless delayed for law enforcement purposes.
b. Notification of Patient. Business Associate will notify the Patient by first class mail or by e-mail (if the Patient has indicated a preference to receive information by e-mail) of any breaches of Unsecured PHI as soon as possible, but in any event, no later than 60 days following the discovery of the breach. Business Associate will obtain Provider’s approval of the form and content of the written notification before its issuance.
c. Posting Notice of Breach. In the event the breach involves 10 or more Patients whose contact information is out of date, Business Associate will post a notice of the breach on the home page of its website or in a major print or broadcast media. Business Associate will obtain Provider’s approval of the form and content of the written notice before its posting.
d. Contacting Media Outlets. If a breach involves more than 500 Patients in a single state or jurisdiction, Business Associate will send a notice to prominent media outlets. Business Associate will obtain Provider’s approval of the form and content of the written notice before its issuance to the media outlets.
e. Notice to the Secretary. If a breach involves more than 500 Patients, Business Associate will immediately notify the Secretary. Business Associate will obtain Provider’s approval of the form and content of the written notice before its issuance.
f. Contents of Notice. The notices required under this Section shall include the following:
i. A brief description of the breach, including the date of the breach and the date of its discovery, if known;
ii. A description of the types of Unsecured PHI involved in the breach;
iii. Steps the Patient should take to protect himself/herself from potential harm resulting from the breach;
iv. A brief description of actions Business Associate is taking to investigate the breach, mitigate losses, and protect against further breaches; and
v. Contact information, including a toll-free telephone number, e-mail address, website or postal address to permit Patient to ask questions or obtain additional information.
g. Annual Report to Secretary and Maintenance of Log. Business Associate will submit an annual report to the Secretary of a breach that involved less than 500 Patients during the year and will maintain a written log of breaches involving less than 500 Patients.
3. Obligations of Provider.
3.1. Notice of Privacy Practices. To the extent that such limitation or restriction may affect Business Associate’s use or disclosure of PHI, Provider shall provide Business Associate with a copy of its Notice of Privacy Practices, and notify Business Associate of:
a. Any limitation(s) in its Notice of Privacy Practices;
b. Any changes in, or revocation of, permission by a Patient to use or disclose PHI; and
c. Any restriction to the use or disclosure of PHI to which Provider has agreed, to the extent that such restriction may affect Business Associate’s use or disclosure of PHI.
3.2. Permissible Requests. Provider shall not request Business Associate to use or disclose PHI in any manner that would not be permissible under the Privacy Rule if used or disclosed by Provider.
4. Term and Termination.
4.1. Term. The Term of this Privacy Agreement shall be effective as of the effective date of the Services Agreement and shall continue in effect until all obligations of the parties have been met, unless terminated by mutual agreement of the parties or as provided in Section 4.
4.2. Termination for Cause. Provider may immediately terminate this Privacy Agreement and the Services Agreement if, after providing Business Associate written notice of the existence of a material breach of this Privacy Agreement, Business Associate fails to, or is unable to, cure the breach upon mutually agreeable terms within 10 days.
4.3. Effect of Termination.
a. Except as provided in Section 4.3(b), upon expiration or termination of the Services Agreement for any reason, Business Associate shall return or destroy all PHI, including PHI that is in the possession of subcontractor or agents of Business Associate. Business Associate shall retain no copies of PHI.
b. To the extent that it is not feasible for Business Associate to return or destroy all PHI, then
i. Business Associate’s obligations under this Privacy Agreement shall continue for as long as Business Associate maintains such PHI; and
ii. Business Associate’s further uses and disclosures of PHI shall be limited to those purposes that make it not feasible for Business Associate to return or destroy the information for as long as Business Associate maintains such PHI.
5. Miscellaneous Provisions.
5.1. Notice. Notices, requests, and other communications that are required to be in writing must be personally delivered, mailed by prepaid certified mail, return receipt requested, sent by overnight carrier, and must be addressed as follows, or sent by electronic mail, when not prohibited, with confirmation of receipt. Such notice shall be effective upon being mailed or personally delivered to New Source Medical’s headquarters at 9913 Shelbyville Road, Suite 203, Louisville, Kentucky 40223 or to the corporate headquarters of the Business Associate.
MyNewSourceMed.Com Terms of Use
1. USAGE & OWNERSHIP
1.1. Right to Use. Subject to the terms and conditions of this Agreement, New Source Medical grants to Customer the limited, nontransferable, nonexclusive License to access and use, and to permit Authorized Users to access and use, the MyNewSourceMed.com System (the “Product”) solely for Customer’s internal use. New Source Medical reserves all rights in and to the Product not expressly granted in this Agreement. Without limiting the generality of the foregoing, the right to access and use the Product granted herein does not cover any underlying components of the Product, New Source Medical’s underlying application engines, or any other component of the Product or the operating environment within which the Product operates that is not intended by New Source Medical for access by any Authorized User.
1.2. Restrictions. The rights granted to Customer under this Agreement are conditioned upon Customer’s compliance with the terms of this Agreement and HIPAA laws, including the timely payment of all applicable Fees. Customer shall cause each Authorized User to comply with the terms and conditions of this Agreement and will be responsible for any noncompliance. Customer must not do or attempt to do, or permit others to do or attempt to do, any of the following: (a) possess, download, copy or print the Product or any part of the Product, including any component which comprises the Product; (b) view, read, modify, port, adapt or create derivative works of the Product; (c) reverse compile, reverse assemble, disassemble or print the Product’s source code or object code or other runtime objects or files related to the Product or otherwise reverse engineer, modify or copy the look and feel, functionality or user interface of any portion of the Product; (d) rent, lease, distribute (or redistribute), provide or otherwise make available the Product, in any form, to any third party (including in any service bureau or similar environment) unless expressly authorized by New Source Medical in a signed writing; (e) use the Product to process the data of any external clients of Customer or any third party (whether on an outsourcing, service bureau, or other basis), unless expressly permitted by New Source Medical in a signed writing; (f) share use or access of the Product with other practitioners (including outsourcers performing work for Customer) who are not Authorized Users in Customer’s practice, even if Customer shares office space or equipment; (g) share any Online Account or Online Account Access Information with third parties; (h) create any “links” to or “frame” or “mirror” the Product or any portion thereof; (i) defeat, disable or circumvent any protection mechanism related to the Product; or (j) publish, distribute (or redistribute), sell or otherwise reproduce any document or tax rate data retrieved through the Product (even if in the public domain) in any manner that exceeds the scope of this Agreement. In addition, Customer shall not violate or attempt to violate the security of New Source Medical’s networks or servers, including (x) access data not intended for Customer or log into a server or account which Customer is not authorized to access; (y) attempt to probe, scan or test the vulnerability of a system or network or to breach security or authentication measures without proper written request and authorization; or (z) attempt to interfere with service to any user, host or network, including by means of submitting a virus, overloading, flooding, spamming, mail bombing or crashing.
1.3. Reservation of Rights & Ownership of Developed Materials. New Source Medical and its Affiliates and any applicable licensors, retain all intellectual property and other proprietary rights, including all patent, copyright, trade secret, trade name, trademark, and other proprietary rights, related to the Product which are protected under U.S. intellectual property laws and international treaty provisions. Any unauthorized use of any Product will result in cancellation of this Agreement as well as possible civil damages and criminal penalties. Customer is not permitted to use “New Source Medical, LLC,” “New Source Medical,” or any other trade or service marks of New Source Medical or any of its Affiliates in Customer’s announcements, advertising or other materials unless expressly agreed to in writing by an authorized representative of New Source Medical. Customer acknowledges and agrees that New Source Medical and its Affiliates and any applicable licensor’s retention of contractual and intellectual property rights is an essential part of this Agreement. New Source Medical and its Affiliates and any licensor (as applicable) will own and Customer hereby assigns, to the extent applicable, to New Source Medical all rights in (i) any copy, translation, modification, adaptation or derivative work of the Product, including any improvement or development thereof, whether provided as part of Support, Services or otherwise, and whether or not developed by or for the Customer, and (ii) any suggestions, ideas, enhancement requests, feedback, or recommendations provided by or on behalf of Customer.
1.4 Acceptance. This Agreement is valid without Customer's signature. It becomes effective upon Customer’s use of the Software.
2.1. Protection of Access Information. New Source Medical will supply Customer with the means to create private Online Account Access Information for its Authorized Users so that such Authorized Users may log into their respective Online Accounts within the Product. Online Accounts are designed for private use and should only be accessed through Authorized User’s Online Account Access Information. Customer is fully responsible for the protection and confidentiality of its Authorized Users’ Online Account Access Information. Customer acknowledges and agrees that Customer is responsible for all use of the Product that is made through Customer’s and its Authorized Users’ Online Accounts by any person and for insuring that all use of Customer’s and its Authorized Users’ Online Accounts is for authorized purposes only and complies fully with the provisions of this Agreements and HIPAA laws. Customer agrees to promptly notify New Source Medical of any unauthorized use of any Online Account Access Information or any other breach of security upon becoming aware thereof, assist in preventing any recurrence thereof and otherwise cooperate fully in any proceedings or other actions undertaken to protect the rights of New Source Medical.
2.2. Additional Terms. New Source Medical may post duplicative and/or additional relevant terms of use, conditions and/or polices upon login where Authorized Users access the Product. Authorized Users will be subject to such terms from and after the date on which such terms are first posted.
2.3. Internet Connectivity; Disclaimer. To the extent that New Source Medical (either itself or through a third party) makes the Product available for access via the Internet, Customer shall provide, at Customer’s own expense, all necessary hardware, applications and Internet connectivity necessary to access the Product. Customer acknowledges that the Internet is known to be unpredictable in performance and may, from time to time, impede access to the Product or performance hereunder. Customer agrees that New Source Medical is not in any way responsible for any interference with Customer’s use of or access to the Product arising from or attributable to the Internet and Customer waives any and all claims against New Source Medical in connection therewith.
3. DATA RETENTION. Source Medical will use reasonable efforts to retain the Customer Data (as defined in subsection 5.2.7) that Customer has properly submitted to New Source Medical’s online servers for at least six (6) years, or such other time as required by applicable laws or regulations, following the year in which Customer submitted any such Customer Data. New Source Medical will then maintain such Customer Data in accordance with its internal business practices. It is Customer’s responsibility to backup onto Customer’s own local system all data and records that Customer submits to New Source Medical. Upon Customer’s request, and subject to payment of any fees charged by New Source Medical therefor, New Source Medical shall use commercially reasonable efforts to make available for retrieval by Customer, all Customer Data then in New Source Medical’s possession or control per New Source Medical’s customary internal business practices.
4.1. Expiration of Rights. Subject to the terms of subsection 4.2 - 4.3, the term of Customer’s License to any Product will coincide with Customer’s business relationship with New Source Medical and will terminate in the event New Source Medical no longer provides services to Customer.
4.2. Termination of Agreement for Cause by New Source Medical. This Agreement, including all rights provided hereunder, may be terminated by New Source Medical for cause, in its sole discretion, (i) immediately upon notice to Customer if Customer commits an incurable breach of the terms or conditions of this Agreement, or (ii) if Customer fails to cure a curable breach of this Agreement within thirty (30) days of being provided with notice of such breach.
4.3. Effect of Expiration or Termination of Agreement. Upon any expiration or termination of this Agreement, all rights granted to Customer hereunder will immediately terminate and New Source Medical will have the right to immediately and indefinitely terminate Customer’s access to and use of the Product. The following sections will survive the expiration or termination of this Agreement: subsections 1.2, 1.3, 2.3, 4.2, 6.3, 6.4 and 6.6, and Sections 3, 5, 7, 8, 9 and 10.
4.4. Suspension of Access. In addition to any other suspension or termination rights of New Source Medical pursuant to this Agreement, New Source Medical may suspend or terminate Customer’s access to and/or use of any Online Account without notice (a) in the event Customer (including any Authorized User, Client or other person or entity acting through or on behalf of Customer) is determined by New Source Medical, in New Source Medical’s sole judgment, to have or attempted to have damaged, harmed or misused New Source Medical’s software, server, network or other systems; or (b) as necessary or appropriate to comply with any law, regulation, court order, or other governmental request or order or otherwise protect New Source Medical from potential legal liability or harm to its business. New Source Medical will use commercially reasonable efforts to notify Customer of the reason(s) for such suspension or termination action as soon as reasonably practicable unless such action is due to subsection (a) hereof. In the event of a suspension (other than due to subsection (a) hereof), New Source Medical will promptly restore Customer’s access to the Online Account as soon as the event giving rise to the suspension has been resolved as determined in New Source Medical’s discretion. Nothing contained in this Agreement will be construed to limit New Source Medical’s actions or remedies or act as a waiver of New Source Medical’s rights in any way with respect to any of the foregoing activities. New Source Medical will not be responsible for any loss or damages incurred by Customer as a result of any termination or suspension of access to or use of the Product as set forth in this Agreement.
5. CUSTOMER’S PROFESSIONAL RESPONSIBILITY AND WARRANTIES
5.1. Professional Responsibility. Customer understands, agrees and acknowledges that:
5.1.1. Customer is solely responsible for providing all complete, correct and necessary information to New Source Medical;
5.1.2. Customer is fully and solely responsible for: (a) selection of adequate and appropriate products to satisfy Customer’s business needs and achieve Customer’s intended results; (b) use of the Product; (c) all results obtained from the Product; (d) selecting, obtaining and maintaining all hardware, software, computer capacity, Internet service, program and system resources and other equipment and utilities needed for access to and use of the Product, and for all costs associated therewith; and (e) selection, use of, and results obtained from any other programs, computer equipment or services used with the Product.
5.2. Customer’s Representations. Customer represents, warrants and covenants that:
5.2.1. Customer has full power and authority to enter into this Agreement and to perform its obligations under this Agreement, and that this Agreement have been duly authorized and constitute valid and binding obligations of Customer;
5.2.2. Customer is accessing and using the Product solely for Customer’s own use within the scope of the License granted to Customer;
5.2.3. Customer will not access or use the Product to create a product, service or database that competes with New Source Medical or any Product;
5.2.4. Customer is responsible for complying with all rules, regulations and procedures of local, state, federal and foreign authorities applicable to Customer and its business, including all rules, regulations and procedures of the relevant taxing authorities;
5.2.5. Customer will be solely responsible for compliance with this Agreement by the Authorized Users;
5.2.6. Customer will not otherwise violate the rights of any third party while accessing or using the Product;
5.2.7. Customer has sole responsibility for all data, information, records or files that are uploaded and/or stored on the Product by or on behalf of Customer (“Customer Data”);
5.2.8. Customer agrees not to: upload or transmit any Customer Data: (i) that Customer does not have the lawful right to copy, transmit, distribute, and display (including any Customer Data that would violate any confidentiality or fiduciary obligations that Customer might have with respect to the Customer Data and particularly with respect to HIPAA laws); (ii) for which Customer does not have the consent or permission from the owner of any personally identifiable information contained in the Customer Data; (iii) that infringes, misappropriates or otherwise violates any intellectual property or other proprietary rights or violates any privacy rights of any third party (including any copyright, trademark, patent, trade secret, or other intellectual property right, or moral right or right of publicity); (iv) that is false or misleading; (v) that is defamatory, obscene, or offensive; or (vi) that violates, or encourages any conduct that would violate, any applicable law or regulation or would give rise to civil or criminal liability;
5.2.9. Customer will not use the Product to transmit, route, provide connections to or store any material that violates or promotes the violation of any of the restrictions of subsection 5.2.8 above; and
5.2.10. By making Customer Data available through the Product, Customer grants New Source Medical the nonexclusive, worldwide, transferable right, on a royalty-free basis, with a right to sublicense this right only to third parties assisting New Source Medical in providing the Product or otherwise fulfilling New Source Medical’s obligations hereunder, to possess, store, use, copy, distribute and process Customer Data on the Product on Customer’s behalf and on behalf of Clients (if applicable) solely for the purposes of fulfilling New Source Medical’s obligations and/or exercising New Source Medical’s rights hereunder and solely to the extent such acts are in compliance with all laws and regulations and in particular with HIPAA.
Customer represents, warrants and covenants to New Source Medical that New Source Medical’s use of the Customer Data in compliance with the foregoing license grant shall not infringe, misappropriate or otherwise violate any intellectual property rights, or other rights, of any third party. New Source Medical does not claim any ownership rights in any Customer Data. New Source Medical reserves the right, in its sole discretion, at any time, to remove any Customer Data that it believes to be in violation of this Agreement.
5.3. Indemnification. Customer agrees to indemnify and hold harmless New Source Medical, its employees, officers, directors and Affiliates against any and all liability (including damages, recoveries, deficiencies, interest, penalties and reasonable attorney’s fees) to third parties (including any Clients and any taxing authorities) relating to: (a) Customer’s breach of any of its obligations, representations and/or warranties under this Agreement; or (b) except to the extent of claims for which New Source Medical is liable under Section 6 below, Customer’s use of the Product and/or any third party software, application or service.
6. New Source Medical WARRANTIES; LIMITATIONS OF LIABILITY
6.1. New Source Medical’s Product Warranties. New Source Medical represents and warrants that: (i) it has title to the Product or the right to grant Customer the rights granted hereunder; (ii) the Product and Service Deliverables do not violate any third party’s United States patent, copyright or trade secret rights; and (iii) New Source Medical has not inserted into the Product any virus or similar device to erase data. Customer’s sole and exclusive recourse and remedy, and New Source Medical’s sole, exclusive and entire liability, for a breach of items (i) and (ii) by New Source Medical shall be the exercise of Customer’s indemnity rights under subsection 6.3 below. For a breach of item (iii) Customer’s sole and exclusive recourse and remedy – and New Source Medical’s sole, exclusive and entire liability – shall be to terminate the Agreement and obtain a refund of the Fees paid for the directly affected Product less an allocation for use made by Customer prior to the breach.
6.2. Indemnification by New Source Medical.
6.2.1. Subject to the other terms and conditions set forth herein, New Source Medical agrees to defend Customer, its employees, officers and directors, at New Source Medical’s sole cost and indemnify Customer (by paying for damages finally awarded against Customer or any amounts payable in any settlement entered into in compliance with this Agreement) from and against any claims, demands, actions or proceedings by any third parties alleging that Customer’s use of a Product or Service Deliverable as provided and permitted herein infringes or violates such third party’s United States patent, copyright or trade secret rights; provided that: (i) New Source Medical is notified promptly in writing of the claim; (ii) New Source Medical controls the defense, settlement and approval of the claim; and (iii) Customer cooperates reasonably, assists and gives all necessary authority to New Source Medical and reasonably required information in connection with the defense or settlement of the claim.
6.2.2. New Source Medical’s indemnity obligations under subsection 6.2.1 hereof will not apply if and to the extent that they arise from or relate to: (i) the access or use of the Product or Service Deliverable in any manner other than as provided and permitted by New Source Medical hereunder and as required to be used by Customer hereunder; or (ii) the use of the Product or Service Deliverable in combination or in connection with any intellectual property, services, reports, documentation, hardware, software, data or technology that is not supplied by New Source Medical.
6.2.3. If any Product becomes, or in New Source Medical’s opinion, is likely to become, the subject of a third party claim covered by New Source Medical’s indemnification obligations under subsection 6.2.1, then New Source Medical may, in its sole discretion and at its sole cost and expense: (i) procure for Customer the right to continue using such Product or Service Deliverable; (ii) modify the infringing portion of the Product or Service Deliverable so as to render it non-infringing but still appropriate for its intended use under this Agreement; or (iii) replace the infringing portion of the Product or Service Deliverable with non-infringing items with substantially similar functionality. If New Source Medical reasonably determines that none of the foregoing is commercially practicable, then New Source Medical may elect to terminate this Agreement and grant Customer a refund of the Fees paid for the particular infringing Product or Service Deliverable during the most recent License Term for such Product and/or Service Deliverable.
6.2.4. This subsection 6.2 states New Source Medical’s entire liability and the sole and exclusive remedy of Customer, its employees, officers, directors and Affiliates and any Authorized User with respect to any actual or claimed infringement or other violation of any third party’s intellectual property rights.
6.3. Limited Warranty. EXCEPT AS STATED IN SUBSECTION 6.1, THE PRODUCTS AND SERVICE DELIVERABLES ARE PROVIDED “AS IS” WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED. NEW SOURCE MEDICAL DISCLAIMS AND EXCLUDES ANY AND ALL OTHER WARRANTIES INCLUDING ANY IMPLIED WARRANTIES OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, IRRESPECTIVE OF ANY COURSE OF DEALING OR PERFORMANCE, CUSTOM OR USAGE OF TRADE. CUSTOMER BEARS THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PRODUCT AND SERVICE DELIVERABLES. NEW SOURCE MEDICAL DOES NOT WARRANT THAT THE PRODUCTS, SERVICE DELIVERABLES, OR ANY COMPONENT THEREOF WILL BE UNINTERRUPTED, THAT THEIR USE OR OPERATION WILL BE ERROR OR DEFECT FREE, THAT THE PRODUCT, SERVICE DELIVERABLES OR ANY COMPONENT THEREOF WILL ALWAYS BE ACCESSIBLE OR AVAILABLE, OR THAT ALL DEFECTS THEREIN WILL BE CORRECTED. CUSTOMER WILL BE SOLELY RESPONSIBLE FOR THE SELECTION, USE AND SUITABILITY OF THE PRODUCTS AND NEW SOURCE MEDICAL WILL HAVE NO LIABILITY THEREFOR.
6.4. Limitation of Liability and Damages. NEITHER PARTY (AND, IN THE CASE OF NEW SOURCE MEDICAL, ITS AFFILIATES, CONSULTANTS, distributors, agents, subcontractors and licensors) WILL HAVE ANY LIABILITY TO THE OTHER OR ANY THIRD PARTY (INCLUDING ANY CONTRACTOR, AGENT, AFFILIATE OR CLIENT OF CUSTOMER) FOR ANY LOSS OF PROFITS, SALES, BUSINESS, DATA, OR OTHER INCIDENTAL, CONSEQUENTIAL, OR SPECIAL LOSS OR DAMAGE, INCLUDING EXEMPLARY AND PUNITIVE DAMAGES, OF ANY KIND OR NATURE RESULTING FROM OR ARISING OUT OF THIS AGREEMENT, THE PRODUCTS, AND/OR SERVICE DELIVERABLES. THE FOREGOING LIMITATION OF LIABILITY SHALL NOT APPLY WITH RESPECT TO ANY VIOLATION OF EITHER PARTY’S INTELLECTUAL PROPERTY RIGHTS AS SET FORTH HEREIN. THE TOTAL LIABILITY OF NEW SOURCE MEDICAL AND ITS AFFILIATES, CONSULTANTS, distributors, agents, subcontractors and licensors TO CUSTOMER OR ANY THIRD PARTY RESULTING FROM OR ARISING OUT OF THIS AGREEMENT, THE PRODUCTS, AND/OR SERVICE DELIVERABLES, FOR ANY AND ALL CLAIMS OR TYPES OF DAMAGES SHALL NOT EXCEED THE TOTAL FEES PAID HEREUNDER BY CUSTOMER FOR THE APPLICABLE PRODUCTS OR SERVICES WITHIN THE TWELVE-MONTH PERIOD PRECEDING THE DATE SUCH CLAIM OR CAUSE OF ACTION FIRST AROSE TO THE EXTENT ALLOWABLE BY LAW. New Source Medical is not an insurer with regard to performance of the Products or Service Deliverables. Customer agrees to assume the risk for: (a) all liabilities disclaimed by New Source Medical herein, and (b) all alleged damages in excess of the amount of the limited remedy provided hereunder. The allocations of liability in this subsection 6.4 represent the agreed, bargained-for understanding of the parties and New Source Medical’s compensation hereunder reflects such allocations. The limitation of liability and types of damages stated in this Agreement are intended by the parties to apply regardless of the form of lawsuit or claim a party may bring, whether in tort, contract or otherwise, and regardless of whether any limited remedy provided for in this Agreement fails of its essential purpose.
6.5. Third Party Products. The Products or Service Deliverables may contain code, content, features, functionality, and components that are provided by third-parties. Furthermore, the Products or Service Deliverables may require data and information from third-parties in order to work properly. Any SUCH third-party products OR SERVICES shall be provided “AS IS” without warranty of any kind by New Source Medical. All rights and obligations with respect to sUCH third-party products OR SERVICES shall be governed exclusively by the terms and conditions of agreements provided by suppliers of sUCH third-party products OR SERVICES and Customer hereby releases New Source Medical from all liability and responsibility with respect thereto.
7. CONFIDENTIALITY, NONUSE, AND NONDISCLOSURE
Customer and New Source Medical agree to comply with the terms of the Business Associate Agreement for HIPAA compliance. Customer and New Source Medical further agree that during the term hereof and for two (2) years after termination or expiration of this Agreement, or for such longer period as may be required by applicable law or regulation, all non-public information furnished or disclosed to the other pursuant to this Agreement, including the terms of Customer’s Order Form(s), proprietary information within the Product, Customer Data and any discussions between the parties regarding other potential business relationships (the “Confidential Information”), shall be held in strict confidence by the other party, and will not be used other than as provided herein or made available or disclosed to any third party without the other party’s prior written consent.
8.1. Audit. Upon New Source Medical’s written request, Customer must furnish New Source Medical with a signed certificate verifying that the Product is being accessed and used in compliance with all of the terms and conditions of this Agreement, including being accessed and used only by Authorized Users and to the extent permitted herein, by Clients. At its expense, New Source Medical, itself or by its third party agents, may audit Customer’s compliance with the requirements of this Agreement. Any such audit will be conducted not more than once per calendar year and during regular business hours at Customer’s facilities and will not unreasonably interfere with Customer’s business activities. During any such audit New Source Medical and its designees may have access to Customer’s computer systems and records and conduct forensic reviews thereof and may interview any of Customer’s current and former employees and contractors
8.2. Limitations Period. Except for collection actions which may be brought by New Source Medical at any time and without limiting claims for indemnification hereunder, any claim or cause of action arising under or otherwise relating to this Agreement, or the subject matter hereof, whether based on contract, tort (including negligence) or otherwise, must be commenced within one year from the date such claim or cause of action first arose.
8.3. Jurisdiction. This Agreement will be governed in all respects by the laws of Kentucky, without regard to any conflicts of law principles, decisional law, or statutory provision which would require or permit the application of another jurisdiction’s substantive law. Any Party bringing a legal action or proceeding against any other Party arising out of or relating to this Agreement shall bring the legal action or proceeding in the United States District Court for the Western District of Kentucky, or in any court of the Commonwealth of Kentucky sitting in Jefferson County. Each Party waives, to the fullest extent permitted by law, (i) any objection which it may now or later have to the laying of venue of any action or proceeding arising out of or relating to this Agreement brought in the United States District Court for the Western District of Kentucky, or any court of the Commonwealth of Kentucky sitting in Jefferson County; and (ii) any claim that any action or proceeding brought in any such court has been brought in an inconvenient forum.
8.4. Waiver of Jury Trial. EACH PARTY, TO THE EXTENT PERMITTED BY LAW, KNOWINGLY, VOLUNTARILY AND INTENTIONALLY WAIVES ITS RIGHT TO A TRIAL BY JURY IN ANY ACTION OR LEGAL PROCEEDING ARISING OUT OF OR RELATING TO THIS AGREEMENT, ANY ORDER FORM OR THE SUBJECT MATTER HEREOF OR THEREOF.
8.5. Enforcement. Customer will pay all of New Source Medical’s reasonable attorneys’ fees and costs and expenses incurred in the enforcement of any of the provisions of this Agreement.
8.6. Remedies. Customer acknowledges that the Product and other proprietary information of New Source Medical are unique and that, in the event of any breach of this Agreement by Customer, New Source Medical may not have an adequate remedy at law, and will be entitled to seek injunctive or other equitable relief without the necessity of proving actual damages. Unless specifically stated otherwise elsewhere in this Agreement, the various rights, options, elections, powers and remedies of a party or parties to this Agreement shall be construed as cumulative and no one of them exclusive of any others or of any other legal or equitable remedy, which said party or parties might otherwise have in the event of breach or default in the terms hereof.
8.7. Notices. All notices, demands, consents or requests given by a party hereto must be in writing and sent by delivery via a third party, nationally recognized tracked express mail service, postage prepaid, addressed to either Customer’s billing address or to New Source Medical, LLC Attn: Legal Department, 9913 Shelbyville Road, Louisville, Kentucky 40223. Customer agrees to always provide New Source Medical with Customer’s most current contact information, including Customer’s address, phone number, fax number and e-mail address.
8.8. Severability. If any provision of this Agreement is held to be invalid, illegal or unenforceable, such provision shall be, to the maximum extent permitted by applicable law, construed or limited, and/or deemed replaced by a revised provision, to the extent (and only to the extent) necessary to render it valid, legal and enforceable and, as nearly as possible, to reflect and achieve the parties’ intentions in agreeing to the original provision. If it is not possible to so construe, limit or reform any such provision, then the invalid, illegal or unenforceable provision shall be severed from this Agreement. In any event, the remaining provisions of this Agreement shall be unaffected thereby and shall continue in full force and effect.
8.9. Waiver. A party’s failure or delay to require compliance with any term of this Agreement, or to exercise any right provided herein, shall not be deemed a waiver by such party of such term or right. No failure or delay in exercising any right or remedy or requiring the satisfaction of any condition under this Agreement, and no course of dealing between the parties, shall operate as a waiver or legally bar a party from enforcing any right, remedy or condition. All waivers must be made in writing and signed by the waiving party and any such waiver on one occasion is effective only in that instance and only for the purpose that it is given and is not to be construed as a waiver on any future occasion.
9.1. Entire Agreement. This Agreement constitutes the entire and exclusive agreement, understanding and representation, express or implied, between Customer and New Source Medical with respect to the subject matter hereof (use of MyNewSourceMed.com); it is the final expression of that agreement and understanding, and it supersedes all prior agreements and communications between the parties (including all oral and written proposals, as well as any nondisclosure agreement as it may relate to information and data that is disclosed in connection with the Products), with respect to said subject matter. In the event of a conflict, this Agreement will control and then any other terms provided by New Source Medical, unless New Source Medical explicitly acknowledges and upholds the particular conflict in such other document. Oral statements made about the Product will not constitute warranties, will not be relied on by Customer, and will not be binding or enforceable. No supplement, modification or amendment of this Agreement will be binding unless executed in writing by New Source Medical and agreed to by Customer. New Source Medical reserves the right to revise this Agreement from time to time in its discretion, provided that any such revisions shall not be effective with respect to Customer until the commencement of Customer’s next renewal term, if any.
9.2. Unauthorized Acquisition. New Source Medical expressly prohibits the use of any product or service from New Source Medical that has been improperly obtained and/or accessed. For purposes of illustration, but not limitation, examples include any product or service that: (a) is acquired from an unauthorized reseller or distributor; (b) is pirated, cracked or hacked, including through the use of Online Account Access Information established for use by another individual; (c) has been acquired with the intent or for the purpose to use in a manner that is illegal, fraudulent, in violation of this Agreement or otherwise outside the normal, stated and/or reasonably understood purpose of such product or service; or (d) is acquired with the use of false or inaccurate statements and/or information (e.g., false name, contact information, or payment information; or false declaration of the total number of end users).
9.3. Force Majeure. New Source Medical shall not be held liable for the failure to perform any obligation, or for the delay in performing any obligation, arising out of or connected with this Agreement if such failure or delay results from or is contributed to by any cause beyond its reasonable control including failures or delays caused by the act or omission of any governmental authority, fire, flood, failures of third party suppliers, acts or omissions of carriers, transmitters, providers of telecommunications or Internet services, vandals, hackers or other event beyond its reasonable control.
9.4. Modification/Replacement of Product. New Source Medical reserves the right, in its sole discretion and without first consulting with Customer, to discontinue or modify the Product or any component thereof for any reason.
9.5. No Third Party Beneficiary. Except as noted in the case of New Source Medical’s Affiliates, consultants, distributors, agents, subcontractors and licensors, no third party is intended to be or shall be a third party beneficiary of any provision under this Agreement. New Source Medical and Customer shall be the only parties entitled to enforce the rights set out in this Agreement.
9.6. Assignment. Neither this Agreement, the rights granted hereunder nor the Product may be sublicensed, assigned, sold, hypothecated, or transferred by Customer without the prior written consent of New Source Medical, which shall not be unreasonably withheld in the case of an internal restructuring involving Customer unrelated to a change in ownership. Any attempt to sublicense, assign or transfer any of the rights, duties or obligations under this Agreement without the prior written consent of New Source Medical shall automatically terminate the rights granted hereunder and shall be void and of no effect. New Source Medical may assign this Agreement or delegate its duties, in whole or in part, without any consent of Customer. Customer agrees that New Source Medical’s retention of these contractual and other legal rights is an essential part of this Agreement.
9.7. Data Transmission Notification. The Product may transmit to the servers on which the Product is hosted, various information relating to how Customer and its Authorized Users access and/or use the Product, as well as general information about Customer’s and its Authorized Users’ computer system from which the Product is being accessed (for example, system configuration, type of internet connectivity, RAM, CPU, operating system, browser version), as well as certain records that Customer has created while using the Product. New Source Medical may use this information for purposes of improving, enhancing or further developing the Product, for internal quality assurance and software error checking, to assist users with multiple offices and as otherwise necessary or appropriate to perform its obligations pursuant to this Agreement. New Source Medical shall keep this information confidential in accordance with Section 7 hereof.
10. DEFINITIONS. Capitalized terms used but not defined elsewhere in this Agreement shall have the respective meanings set forth below:
10.1. “Affiliate” means with respect to an entity party to this Agreement, any entity which, directly or indirectly, controls, is controlled by or is under common control with such party, where control means the ability to direct the affairs of an entity through ownership of voting interest, contract rights or otherwise.
10.2. “Authorized User” means an individual in Customer’s employ who is authorized by Customer to access or use the Product and who can access the information under HIPAA requirements. An Authorized User may also include a Client of Customer if, and to the extent that, the Product includes functionality that invites Client access and so long as such access complies with all HIPAA regulations. An Authorized User does not acquire individual rights in the Product other than the right to access and use such Product on Customer’s behalf and pursuant to the rights granted to Customer and subject to the terms and conditions of this Agreement.
10.3. “Client” means any third party client of Customer that has a direct relationship with Customer and that operates under Client’s oversight.
10.4. “Customer” means the customer to whom New Source Medical is providing services and access to MyNewSourceMed.com.
10.5. “License” means the rights granted to Customer by New Source Medical to access and use the Product and/or Service Deliverables pursuant to the terms of this Agreement.
10.6. “Product” means the New Source Medical MyNewSourceMed.com application, as such application may be updated from time to time by New Source Medical in its sole discretion.
10.7. “Service Deliverables” means any reporting or analytical information provided through the MyNewSourceMed.com application.
The use of the word “including” means “including without limitation.”
Password Reset Warning
This is a friendly reminder that your password is about to expire soon. For your security, we recommend that you reset your password at your earliest convenience. To reset your password, please click and follow the instructions. If you prefer, you can choose to reset your password later. However, we strongly encourage you to update your password promptly to maintain the security of your account.