By checking “I accept and agree to QCM Agreements” checkbox, you the customer (“You” or “Your” or “Yourself” or “Customer”) agree to this agreement (“Agreement”) between You and Quality Care Metrics, LLC (“QCM”). This Agreement governs Your use of the applications provided by QCM (“Applications”).
Indemnification. You agree to indemnify, defend, and hold QCM, and the officers, directors, employees, agents, representatives, licensors, affiliates, contractors, sub-contractors, consultants, advisors, service providers, and suppliers of QCM harmless, including costs, liabilities, and legal fees, from any claim or demand made by any third-party arising out of or relating to (i) Your access to or use of the Applications, (ii) Your violation of this Agreement, (iii) any products or services purchased or obtained by You in connection with the Applications, (iv) any providers or services provided by You in connection with the Applications or promotions thereof, or (v) the infringement by You, or any third-party using Your account, of any intellectual property or other right of any person or entity. QCM reserves the right, at Your expense, to assume the exclusive defense and control of any matter for which You are required to indemnify QCM and You agree to cooperate with QCM’s defense of these claims. You agree not to settle any matter for which You are required to indemnify QCM without the prior written consent of QCM.
DISCLAIMER OF WARRANTIES.
- EXCEPT AS EXPRESSLY NOTED IN THIS AGREEMENT, THE APPLICATIONS (INCLUDING CONTENT AVAILABLE THROUGH THE APPLICATIONS) ARE MADE AVAILABLE TO YOU ON AN “AS IS” AND “AS AVAILABLE” BASIS AND QCM EXPRESSLY DISCLAIMS ALL WARRANTIES, IF ANY, WHETHER EXPRESS OR IMPLIED, RELATING TO THE APPLICATIONS INCLUDING BUT NOT LIMITED TO WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS. QCM DOES NOT WARRANT THAT THE APPLICATIONS WILL BE UNINTERRUPTED OR ERROR-FREE, THAT DEFECTS, IF ANY, WILL BE CORRECTED, OR THAT THE APPLICATIONS ARE FREE OF VIRUSES OR OTHER HARMFUL COMPONENTS; NOR DOES QCM MAKE ANY REPRESENTATIONS OR WARRANTIES ABOUT THE ACCURACY, RELIABILITY, CURRENCY, QUALITY, PERFORMANCE, OR SUITABILITY OF THE APPLICATIONS OR ANY CONTENT AVAILABLE THROUGH THE APPLICATIONS.
- ALSO, IN CONSIDERATION FOR QCM MAKING THE APPLICATIONS ACCESSIBLE TO YOU, YOU AGREE THAT YOU WILL NOT HOLD QCM RESPONSIBLE FOR ANY MEDICAL PROVIDER CONTENT, PATIENT CONTENT, OR ANY ACTIONS OR INACTIONS OF ANY OTHER USERS ASSOCIATED WITH THE APPLICATIONS.
LIMITATION OF LIABILITY.
- YOU AGREE THAT QCM WILL NOT BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR EXEMPLARY DAMAGES INCLUDING BUT NOT LIMITED TO DAMAGES FOR LOSS OF PROFITS, GOODWILL, USE, DATA, OR OTHER INTANGIBLE LOSSES (EVEN IF QCM HAD BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES, RESULTING FROM (I) THE USE OR THE INABILITY TO USE THE APPLICATIONS; (2) THE COST OF PROCUREMENT OF SUBSTITUTE GOODS AND SERVICES RESULTING FROM ANY USE OR INABILITY TO USE THE APPLICATIONS; (III) UNAUTHORIZED ACCESS TO OR ALTERATION OF TRANSMISSION OR DATA; OR (IV) ANY STATEMENTS OR CONDUCT OF ANY THIRD PARTY ON THE APPLICATIONS.
- YOU ACKNOWLEDGE THAT QCM IS NOT RESPONSIBLE FOR THE ACCURACY OF ANY CONTENT INCLUDING ANSWERS AND/ OR RESULTS. QCM IS NOT A MEDICAL PROVIDER AND QCM CONTENT IS NOT INTENDED TO BE A SUBSTITUTE FOR PROFESSIONAL MEDICAL ADVICE, DIAGNOSIS, OR TREATMENT. NEVER DISREGARD PROFESSIONAL MEDICAL ADVICE OR DELAY IN SEEKING PROFESSIONAL MEDICAL ADVICE BECAUSE OF ANY QCM CONTENT, INCLUDING BUT NOT LIMITED TO SCREENING RESULTS PROVIDED BY THE APPLICATIONS. IN THE EVENT OF ANY DISSATISFACTION, FRUSTRATION, LOSS, OR DAMAGES SUFFERED IN CONNECTION WITH THE APPLICATIONS, THE SOLE REMEDY FOR YOU IS TO CEASE USING THE APPLICATIONS. ALSO, IN CONSIDERATION FOR QCM MAKING THE APPLICATIONS ACCESSIBLE TO YOU, YOU AGREE THAT YOU WILL NOT HOLD QCM RESPONSIBLE FOR ANY CONTENT, OR ANY ACTIONS OR INACTIONS OF ANY OTHER USERS ASSOCIATED WITH THE APPLICATIONS.
- NOTWITHSTANDING THE PREVIOUS PARAGRAPH, IF QCM IS FOUND LIABLE, QCM’S LIABILITY TO YOU OR ANY THIRD PARTY IS LIMITED TO THE TOTAL CHARGES YOU PAID TO QCM IN THE 12 MONTHS IMMEDIATELY PRECEEDING TO THE ACTION GIVING RISE TO THE LIABILITY.
QCM Content may reference, use, or contain content from third parties. For example, QCM Content may include proprietary screening tools that provide “scores” for third-party screening tools. QCM’s “scores” may differ substantially from scores obtained taking the third-party screenings using other means. In addition, QCM is not affiliated with any such third-parties and makes no representations or warranties regarding the reliability or usefulness of any information from such third parties. Furthermore, by providing the third-party content, QCM makes no direct or indirect statement regarding the reliability or usefulness of any third-party content.
You may be required to create an account and provide certain information about Yourself to use the Applications (or a portion thereof). You are responsible for maintaining the confidentiality of Your account information, such as a username and a password. You are also responsible for all activities that occur in connection with Your account. You are responsible for storage of all content stored in your account. QCM makes no warranties to maintain access to content stored in your account after the termination of all active account subscriptions. You agree to notify QCM immediately of any unauthorized use of Your account.
You are provided with a 30-day trial period. During the trial period you will not be invoiced. Your first invoice will be at the end of the month following the end of the trial period, which may be a partial month. Future invoices will be at the end of each calendar month.
For each screening result report generated (“Report”), You agree to pay QCM $39.99 (“Fee” or “Fees”). At the end of every month, You will be invoiced for the previous month total number of Reports. Fees payments are not refundable.
You or QCM may terminate this Agreement, effective immediately upon written notice. No termination will affect Your obligation to pay all Fees that may have become due before such termination or entitle You to any refund.
This Agreement shall be deemed executed by both parties on the date a subscription was first activated or a transaction was first took place by You in the Application.
BUSINESS ASSOCIATE AGREEMENT
THIS BUSINESS ASSOCIATE AGREEMENT (“BA Agreement”) is by and between Quality Care Metrics, LLC (“Business Associate”) and Customer as defined below (“Covered Entity”). By checking “I accept and agree to QCM Agreements” checkbox, Covered Entity and Business Associate agree to this Agreement. Business Associate and Covered Entity are sometimes singularly referred to as “Party” and collectively as “Parties”.
WHEREAS, Business Associate and Covered Entity have entered into an agreement under which the Business Associate provides certain services to the Covered Entity; and
WHEREAS, this BA Agreement between Covered Entity and Business Associate is necessary in order for the parties to meet the requirements of Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) as set forth in 45 CFR Parts 160 and 164;
WHEREAS, both the Business Associate and the Covered Entity intend to comply with the HIPAA Rules (as defined herein) to protect the privacy and security of the Protected Health Information (as defined herein); and
WHEREAS, both the Business Associate and the Covered Entity wish to set forth the terms and conditions pursuant to which the Protected Health Information is protected in terms of its privacy and security and otherwise handled by virtue of this BA Agreement.
NOW THEREFORE, in consideration of the mutual covenants contained herein and intending to be legally bound, the Parties agree as follows:
SECTION 1 – DEFINITIONS
The following required definitions are as set forth in 45 CFR Parts 160 and 164 (the “Privacy Rule”):
“Customer” shall mean a customer with at least one active subscription to the SaaS based web and/or mobile application(s); “Quality Care Metrics ”, “P2I2”, and/or any and all successors (“Application”); collectively identified as all items or features associated in the application to a “Client”, including, but not limited to Assessments, Locations, Providers, and Users.
“Request Date” shall mean the date a subscription was first activated or a transaction was first took place by Customer in the Application.
“Business Associate” shall generally have the same meaning as the term “business associate” at 45 CFR 160.103, and in reference to the party to this BA Agreement, shall mean Business Associate as defined above.
“Covered Entity” shall generally have the same meaning as the term “covered entity” at 45 CFR 160.103, and in reference to the party to this BA Agreement, shall mean Covered Entity as defined above.
“Designated Record Set” means: (1) A group of records maintained by or for a Covered Entity that is:
(i) The medical records and billing records about Individuals maintained by or for a covered Health Care provider; (ii) The enrollment, payment, claims adjudication, and case or medical management record systems maintained by or for a health plan; or (iii) Used, in whole or in part, by or for the Covered Entity to make decisions about Individuals. (2) For purposes of this paragraph, the term record means any item, collection, or grouping of information that includes Protected Health Information and is maintained, collected, used, or disseminated by or for a Covered Entity.
“Disclosure” means the release, transfer, provision of access to, or divulging in any other manner of information outside the entity holding the information.
“Health Care” means care, services, or supplies related to the health of an Individual. Health Care includes, but is not limited to, the following: (1) Preventive, diagnostic, therapeutic, rehabilitative, maintenance, or palliative care, and counseling, service, assessment, or procedure with respect to the physical or mental condition, or functional status, of an Individual or that affects the structure or function of the body; and (2) Sale or dispensing of a drug, device, equipment, or other item in accordance with a prescription.
“Health Information” means any information, including genetic information, whether oral or recorded in any form or medium, that: (1) is created or received by a Health Care provider, health plan, public health authority, employer, life insurer, school or university, or Health Care clearinghouse; and (2) relates to the past, present, or future physical or mental health or condition of an Individual; the provision of Health Care to an Individual; or the past, present, or future payment for the provision of Health Care to an Individual.
“HIPAA Rules” shall mean the Privacy, Security, Breach Notification, and Enforcement Rules at 45 CFR Part 160 and Part 164.
“Individual” means the person who is the subject of Protected Health Information.
“Individually Identifiable Health Information” is information that is a subset of Health Information, including demographic information collected from an Individual, and: (1) is created or received by a Health Care provider, health plan, employer, or Health Care clearinghouse; and (2) relates to the past, present, or future physical or mental health or condition of an Individual; the provision of Health Care to an Individual; or the past, present, or future payment for the provision of Health Care to an Individual; and (i) that identifies the Individual; or (ii) with respect to which there is a reasonable basis to believe the information can be used to identify the Individual.
“Protected Health Information” means Individually Identifiable Health Information: (1) except as provided in paragraph (2) of this definition, that is: (i) transmitted by electronic media; (ii) maintained in any medium of electronic media; or (iii) transmitted or maintained in any other form or medium. Protected Health Information excludes Individually Identifiable Health Information: (i) in education records covered by the Family Educational Right and Privacy Act, as amended, 20 U.S.C. 1232 (ii) in records described at 20 U.S.C. 1232g(a)(4)(B)(iv), (iii) in employment records held by a covered entity in its role as employer and (iv) regarding a person who has been deceased for more than 50 years.
“Use” means with respect to Individually Identifiable Health Information, the sharing, employment, application, utilization, examination, or analysis of such information within an entity that maintains such information.
SECTION 2 – DUTIES AND RESPONSIBILITIES OF BUSINESS ASSOCIATE
Business Associate may only use or disclose protected health information if it has de-identify in accordance with 45 CFR 164.514(a)-(c).
Business Associate shall not use or disclose protected health information other than as permitted or required by the BA Agreement or as required by law.
Business Associate agrees to make uses and disclosures and requests for Protected Health Information consistent with Covered Entities minimum policies and procedures provided that Covered Entity provides the minimum policies and procedures to Business Associate in writing.
Business Associate may not use or disclose Protected Health Information in a manner that would violate Subpart E of 45 CFR Part 164 if done by Covered Entity.
Business Associate may use Protected Health Information for the proper management and administration of the Business Associate or to carry out the legal responsibilities of the Business Associate.
Business Associate may disclose Protected Health Information for the proper management and administration of Business Associate or to carry out the legal responsibilities of the Business Associate, provided the disclosures are required by law, or Business Associate obtains reasonable assurances from the person to whom the information is disclosed that the information will remain confidential and used or further disclosed only as required by law or for the purposes for which it was disclosed to the person, and the person notifies Business Associate of any instances of which it is aware in which the confidentiality of the information has been breached.
Business Associate may provide data aggregation services relating to the Health Care operations of the Covered Entity.
Business Associate shall use appropriate safeguards and comply with Subpart C of 45 CFR Part 164 with respect to electronic protected health information, to prevent use or disclosure of the information other than as provided for by this BA Agreement. Such safeguards shall include (but shall not be limited to) those safeguards provided by state and federal laws and regulations. This Section shall survive this BA Agreement.
Business Associate shall report in writing to Covered Entity, as soon as it becomes aware, any use or disclosure of the Protected Health Information not provided for by this BA Agreement of which it becomes aware, including breaches of unsecured protected health information as required at 45 CFR 164.410, and any security incident of which it becomes aware.
In accordance with 45 CFR §164.502(e)(1)(ii) and 164.308(b)(2), if applicable, Business Associate shall ensure that any subcontractors that create, receive, maintain, or transmit protected health information on behalf of the business associate agree to the same restrictions, conditions, and requirements that apply to the business associate with respect to such information.
Business Associate shall make available protected health information in a designated record set to Covered Entity or the Covered Entities’ designee as necessary to satisfy covered entity’s obligations under 45 CFR §164.524.
Business Associate shall make any reasonable amendment(s) to protected health information in a designated record set as directed or agreed to by the covered entity pursuant to 45 CFR §164.526, or take other reasonable measures as necessary to satisfy covered entity’s obligations under 45 CFR §164.526; so long as the request in provided in writing and Business Associate is given a reasonable time to perform the request(s) or amendment(s).
Business Associate shall make available the Protected Health Information required to provide an accounting of disclosures to the Covered Entity as reasonably necessary to satisfy covered entity’s obligations under 45 CFR §164.528.
To the extent the Business Associate is to carry out one or more of covered entity’s obligation(s) under Subpart E of 45 CFR Part 164, comply with the requirements of Subpart E that apply to the Covered Entity in the performance of such obligation(s).
Business Associate shall make its internal practices, books, and records directly relating to the use and disclosure of Protected Health Information received from, or created or received by Business Associate on behalf of, Covered Entity available to the Secretary, Department of Health or Human Services or his or her designee (“Secretary”), for purposes of determining compliance with the HIPAA Rules.
Upon termination of this BA Agreement, Business Associate shall, at Covered Entity’s direction, return and/or destroy all Protected Health Information received from, or created or received by Business Associate on behalf of, Covered Entity that Business Associate still maintains in any form, except Protected Health Information that has been de-identify in accordance with 45 CFR 164.514(a)-(c), and retain no copies of such Protected Health Information or, if such return or destruction is not feasible, extend the protections of this BA Agreement to the Protected Health Information and limit further uses and disclosures to those purposes that make the return or destruction of the Protected Health Information infeasible.
In the event that Business Associate determines that returning or destroying the Protected Health Information is infeasible, Business Associate shall provide to Covered Entity notification of the conditions that make return or destruction infeasible. Upon Covered Entity’s confirmation that such return is infeasible, Business Associate shall extend the protections under this BA Agreement and limit further uses and disclosures of such Protected Health Information to those purposes that make the return or destruction infeasible, for so long as Business Associate maintains such Protected Health Information.
Business Associate may disclose the Protected Health Information received by Business Associate in its capacity to Covered Entity, if: (A) the disclosure is required by law; or (B) (1) Business Associate obtains reasonable assurances from the person to whom the Protected Health Information is disclosed that it will be held confidentially and used or further disclosed only as required by law or for the purpose for which it was disclosed to the person; and (2) the person notifies Business Associate of any instances of which it is aware in which the confidentiality of the Protected Health Information has been breached.
Business Associate agrees to immediately mitigate, to the extent practicable, any harmful effect that is known to the Business Associate of a use or disclosure of Protected Health Information by Business Associate in violation of the requirements of this BA Agreement.
The obligations of Business Association as set forth in this Section 2 shall survive the termination of this BA Agreement.
SECTION 3 – DUTIES AND RESPONSIBILITIES OF COVERED ENTITY
Covered Entity may terminate the BA Agreement with Business Associate if Covered Entity knows or reasonably believes through an activity or practice of Business Associate that said activity or practice constitutes a breach or violation of the duties and responsibilities of Business Associate under this BA Agreement.
Covered Entity shall notify Business Associate in writing of any limitation(s) in the notice of privacy practices of covered entity under 45 CFR 164.520, to the extent that such limitation may affect Business Associate’s use or disclosure of Protected Health Information.
Covered Entity shall notify Business Associate in writing of any changes, in or revocation of, permission by an individual regarding the use or disclosure of Protected Health Information, to the extent that such changes may affect Business Associate’s use or disclosure of Protected Health Information.
Covered Entity shall notify Business Associate in writing of any restriction on the use or disclosure of Protected Health Information that Covered Entity has agreed to or is required to abide by under 45 CFR 164.522, to the extent that such restriction may affect Business Associate’s use or disclosure of Protected Health Information.
Covered Entity shall not request Business Associate to use or disclose Protected Health Information in any manner that would not be permissible under Subpart E of 45 CFR Part 164 if done by Covered Entity.
SECTION 4 – GENERAL PROVISIONS
Amendment. The Parties agree to take such action as is necessary to amend this BA Agreement from time to time as is necessary for compliance with the requirements of the HIPAA Rules and any other applicable law.
Interpretation. Any ambiguity in this BA Agreement shall be resolved in favor of a meaning that permits Covered Entity and the Business Associate to comply with the HIPAA Rules.
Governing Law and Venue. This BA Agreement shall be governed by and construed in accordance with the laws of the state of Nevada. Venue for any dispute relating to this BA Agreement shall be in Clark County, Nevada.
Severability. With respect to any provision of this BA Agreement finally determined by a court of competent jurisdiction to be unenforceable, such court shall have jurisdiction to reform such provision so that it is enforceable to the maximum extent permitted by applicable law, and the Parties shall abide by such court’s determination. In the event that any provision of this BA Agreement cannot be reformed, such provision shall be deemed to be severed from this BA Agreement, but every other provision of this BA Agreement shall remain in full force and effect.
No Waiver. The failure of any Party at any time to require performance of any provision or to resort to any remedy provided under this BA Agreement shall in no way affect the right of that Party to require performance or to resort to a remedy at any time thereafter, nor shall the waiver by any Party of a breach be deemed to be a waiver of any subsequent breach. A waiver shall not be effective unless it is in writing and signed by the Party against whom the waiver is being enforced.
Assignment. Either Party shall have the right to assign its rights and obligations hereunder to an affiliate or successor, without the prior approval of the other party.
Nature of the Relationship Between the Parties. Nothing in this BA Agreement shall be construed to create (i) a partnership, joint venture or other joint business relationship between the parties or any of their affiliates, or (ii) a relationship of employer and employee between the parties. Business Associate is an independent contractor, and not an agent of Covered Entity.
Notices. All notices, demands, and all other communications required or permitted to be given or made under this BA Agreement shall be in writing, shall be effective upon receipt, and shall be sent by any of the following means: (i) personal delivery; (ii) certified or registered United States mail, return receipt requested; (iii) overnight delivery service via courier with proof of delivery; or (iv) electronic mail with a certificate of transmission.
Notices shall be sent to:
Address: Customer’s primary Location
Email: The email address of any User in an Admin Role as part of Customer’s setup in the Application
Address: 4454 N. Decatur Blvd, Las Vegas, NV 89130
SECTION 5 – TERM/TERMINATION
Term. The term of this BA Agreement shall be effective as of Request Date and shall terminate on completion or removal of all active subscriptions from the Application or on the date Covered Entity terminates for cause as authorized in Section 5.2, whichever is sooner.
Termination for Cause. Business Associate authorizes termination of this BA Agreement by Covered Entity, if Covered Entity determines Business Associate has violated a material term of the BA Agreement and Business Associate has not cured the breach or ended the violation within the reasonable time specified by Covered Entity.
Business Associate will comply with the provisions of section 2.16 of this BA Agreement.
Survival. The obligations of Business Associate under this Section 5 shall survive the termination of this BA Agreement.
This BA Agreement shall be deemed executed by both parties on the Request Date.