General Terms and Conditions
Read this Patient Pattern software as a service agreement (this “agreement”) carefully before continuing registration. By clicking the “I accept” button or otherwise accepting this agreement through an ordering document that incorporates this agreement (the “ordering document”), you agree to follow and be bound by the terms and conditions of this agreement. If you are entering into this agreement on behalf of a company or other legal entity, you represent that you have the authority to bind such entity to the terms and conditions of this agreement and, in such event, “you”, “your” and “customer” as used in this agreement shall refer to such entity. If you do not have such authority, or if you do not agree to all the terms and conditions in this agreement, you must select the “I decline” button and may not use the services.
Patient Pattern, Inc. | Software as a Service (SaaS) Agreement
The effective date of the Agreement is referred to herein as the (“Effective Date”) and is the date at which the Customer accepts these terms while signing in the online application.
“Affiliate” means any entity which directly or indirectly controls, is controlled by, or is under common control with the subject entity, where “control” (and its variants, including “controls,” “controlled by,” and “under common control with”) means direct or indirect ownership or control of more than 50% of the voting interests of the subject entity. “Patient” means a person who receives care from Customer or from any Customer Affiliate. “Customer’s Data” means all electronic data or information submitted by Customer to the Product, including it’s Patient’s data. “Malicious Code” means viruses, worms, time bombs, Trojan horses and other harmful or malicious code, files, scripts, agents or programs. “Product” means the online, web-based applications and services provided by Patient Pattern at https://www.patientpattern.com (and/or other designated websites as described in the User Guide or another URL as specified by Patient Pattern from time to time). “User Guide” means the online user guide for the Product, accessible via https://www.patientpattern.com, as updated from time to time. “Users” means individuals who are authorised by Customer to use the Product, and who have been supplied user identifications and passwords by Customer (or by Patient Pattern at Customer’s request). Users may include, but are not limited to, Customer’s employees, caregivers, care coordinators, consultants, contractors and agents, third parties with which Customer transact business, Patient’s family members and other service providers to the Patients such as a Patient’s physician, trust manager or geriatric care manager.
2.1 Provision of Product
Subject to the terms and conditions of this Agreement, Patient Pattern shall make the Product available to Customer pursuant to this Agreement during the term of this Agreement.
2.2 User Subscriptions
Unless otherwise instructed by Customer, each User will be established at the base level of the Product Offering (i.e., the “Facility Administrator” level). Unless otherwise specified on the cover page to this Agreement, (i) the Product is purchased based on the higher of the number of Patients of the Customer or the Minimum Billable Patients and a subscription must be purchased for each User of Customer, (ii) additional Users shall be added during the term at the pricing then in effect at the time the additional Users are added, and (iii) use of the Product for all Users (including added Users) will terminate on the termination date of this Agreement. A User subscription cannot be shared or used by more than one User but may be reassigned to a new User replacing a former User who no longer should use the Product.
3. Use of the Product
3.1 Patient Pattern’s Responsibilities
The service is provided on an “as is” and “as available” basis. Patient Pattern shall provide the Product only in accordance with applicable laws and government regulations.
Patient Pattern has instituted physical, electronic and managerial safeguards to prevent unauthorized access, maintain data security and use of the information we collect online.
3.2 Customer’s Responsibilities
Customer (i) is responsible for Users’ and its Affiliates’ compliance with this Agreement, (ii) is solely responsible for the accuracy, quality, integrity and legality of Customer’s Data and of the means by which Customer acquired Customer’s Data, (iii) shall use commercially reasonable efforts to prevent unauthorized access to or use of the Product, and notify Patient Pattern promptly of any such unauthorized access or use, and (iv) shall use the Product only in accordance with the User Guide and applicable laws and government regulations. Customer shall not (a) make the Product available to anyone other than Users, (b) sell, resell, rent or lease the Product, © use the Product to store or transmit infringing, libellous, or otherwise unlawful or tortious material, or to store or transmit material in violation of third-party privacy rights, (d) use the Product to store or transmit Malicious Code, (e) interfere with or disrupt the integrity or performance of the Product or any data contained therein, or (f) attempt to gain unauthorized access to the Product or their related data, systems or networks.
Customer acknowledges that the proper provision of Care to Customer’s Service Users is solely customer’s responsibility and that the product is designed to be used in conjunction with other Care-related processes and tools to ensure proper delivery of care, including unanticipated failure of the product.
Patient Pattern expressly disclaims all warranties of any kind, whether express or implied, including but not limited to the implied warranties of merchantability, fitness for a particular purpose, and non-infringement. Patient Pattern makes no warranty that the service will meet your requirements or that the service will be uninterrupted, timely, secure, or error free; nor does Patient Pattern make any warranty as to the results that may be obtained from the use of the service or as to the accuracy or reliability of any information obtained through the service or that defects in the software used in the service will be corrected. Patient Pattern disclaims any warranty that the site (or any information or software contained therein) is free of viruses, worms, trojan horses, or other code that manifest contaminating or destructive properties. Patient Pattern makes no warranty regarding any services obtained through the service or any transactions entered into through the service.
No doctor-patient relationship is established between Patient Pattern, the Customer, or the Customer’s Patients by reason of the use of our website or under any circumstances whatsoever. The information contained on this website is general in nature and is intended for orientational purposes only. For any specific health care needs, the Customer and associated Patients should work with a doctor or other health care provider.
4.1 Product and Patient Pattern API
Subject to the terms and conditions of this Agreement, Patient Pattern hereby grants to Customer a limited, non-exclusive, non-transferable license, without the right to sublicense, to use the Product.
4.2 Customer Content
Subject to the terms and conditions of this Agreement, Customer hereby grants to Patient Pattern a license, with the right to sublicense, to use the Customer’s anonymized Data in connection with the provision of the Product and the development, offering and delivery of Patient Pattern’s products and services, always respecting Government regulations on PHI confidentiality (HIPAA).
5. Proprietary Rights
5.1 Reservation of Rights
Subject to the limited rights expressly granted hereunder, Patient Pattern reserves all rights, title and interest in and to the Product, including all related intellectual property rights. No rights are granted to Customer hereunder other than as expressly set forth herein. There are no implied rights.
Customer shall not (i) permit any third party to access the Product except as expressly permitted herein or on the cover page to this Agreement, (ii) modify or create derivate works of the Product, (iii) copy, frame or mirror any part or content of the Product, other than copying or framing on Customer’s own intranets or otherwise as reasonably required for Customer’s own internal business purposes, (iv) reverse engineer, decompile, disassemble or otherwise attempt to discover the source code or underlying ideas or algorithms of the Product, (v) remove any proprietary notices from the Product or any other Patient Pattern materials furnished or made available hereunder, or (vi) access the Product in order to (a) build a competitive product or service, or (b) copy any features, functions or graphics of the Product.
5.3 Ownership of Customer’s Data
As between Patient Pattern and Customer, Customer exclusively owns all rights, title and interest in and to all of Customer’s Data.
Customer hereby grants Patient Pattern a royalty-free, worldwide, transferable, sublicenseable, irrevocable, perpetual license to use or incorporate into the Product any suggestions, enhancement requests, recommendations or other feedback provided by Customer, including Users, relating to the operation of the Product.
6. HIPAA – Business Associate Agreement
The parties agree to the business associate terms on the Business , which is hereby incorporated into this Agreement (addendum) and will govern the use, disclosure and security of protected health information (“PHI”). In the event of a conflict between the express terms of this Agreement and the express terms in any such business associate terms, the business associate terms will apply.
7. Fees and Taxes; Payment
7.1 User Fees
On the Effective Date, the Customer shall pay a fee equal in amount to the usage fee for the Product Offering for the first month. In addition, Customer shall pay all fees specified on the cover page to this Agreement in accordance with the level of Product Offering selected by Customer for each service. Unless otherwise instructed by Customer, each User will be established at the base level of the Product Offering (i.e., the “Facility Administrator” level). Except as otherwise specified herein or on the cover page to this Agreement, (i) fees are quoted and payable in United States dollars (ii) fees are based on the number of Patients and not actual usage, (iii) payment obligations are non-cancelable and fees paid are non-refundable, and (iv) the number of Patients monthly subscriptions must equal the highest number of Patients of Customer during that month. Subscription fees are based on monthly periods that begin on the Effective Date and each monthly anniversary thereof; therefore, fees for Facility Administrator subscriptions added in the middle of a monthly period will be charged for that full monthly period and the monthly periods remaining in the term. For purposes of billing, the number of Facility Administrator subscriptions billed will be equal to the highest number of concurrently active or billed Facility Administrator of Customer in the month.
7.2 Invoicing and Payment
Customer shall provide Patient Pattern with valid and updated credit card information. Customer hereby authorizes Patient Pattern to charge that credit card for the Product during the term of this Agreement. On the Effective Date, Customer shall pay a fee equal in amount to the usage fee for the Product for the first month. Thereafter, unless otherwise set forth on the cover page to this Agreement, charges for the first month and every subsequent month will be billed in arrears either monthly or in accordance with the billing frequency described on the cover page to this Agreement. Without limiting Customer’s rights under this Agreement, or at law, all payments by Customer are non-refundable. For payments made by Customer, upon request Patient Pattern will provide a receipt evidencing payment. Customer is responsible for maintaining complete and accurate billing and contact information in the Product. Customer is also responsible for providing updated credit card information should a new card issue or an account close or change.
7.3 Overdue Charges
If any payment is not received from Customer when due, then, at Patient Pattern’s discretion, (a) such charges may accrue late interest at the rate of 2.5% of the outstanding balance per month, or the maximum rate permitted by law, whichever is lower, from the date the payment was due until the date paid, and (b) Patient Pattern may require future payments to be made in advance.
7.4 Suspension of Product and Acceleration
If any amount owing by Customer under this Agreement or any other agreement for Patient Pattern’s services is 30 or more days overdue (or 10 or more days overdue in the case of amounts Customer have authorized Patient Pattern to charge to Customer’s credit card), Patient Pattern may, without limiting Patient Pattern’s other rights and remedies, accelerate Customer’s unpaid fee obligations under this Agreement and the other agreements so that all such obligations become immediately due and payable, and suspend Patient Pattern’s Product to Customer until such amounts are paid in full.
7.5 Payment Disputes
Patient Pattern will generally not impose late fees or suspend the Product and accelerate payment if the applicable charges are under reasonable and good faith dispute and Customer is cooperating diligently and in good faith to resolve the dispute.
Unless otherwise expressly stated, Patient Pattern’s fees do not include any taxes, levies, duties or similar governmental assessments of any nature, including but not limited to value-added, sales, use or withholding taxes, assessable by any local, state, provincial, federal or foreign jurisdiction (collectively, “Taxes”). Customer is responsible for paying all Taxes associated with Customer’s purchases in connection with this Agreement. If Patient Pattern has the legal obligation to pay or collect Taxes for which Customer are responsible under this paragraph, the appropriate amount will be invoiced to and paid by Customer, unless Customer provide Patient Pattern with a valid tax exemption certificate authorized by the appropriate taxing authority. For clarity, Patient Pattern is solely responsible for taxes assessable against it based on Patient Pattern’s income, property and employees.
8. Term and Termination
8.1 Term of Agreement
This Agreement commences on the Effective Date and, unless terminated sooner as provided herein, continues for 12 months. The agreement will be renewed automatically for a new 12 month period, unless any of the two parties express interest on termination. Patient Pattern reserves the right to modify service fees on agreement renewal; any pricing change will be timely notified to Customer.
8.2 Termination for Cause
A party may terminate this Agreement for cause: (i) upon 30 days written notice to the other party of a material breach if such breach remains uncured at the expiration of such period, except that the cure period for non-payment is five days, or (ii) if the other party becomes the subject of a petition in bankruptcy or any other proceeding relating to insolvency, receivership, liquidation or assignment for the benefit of creditors.
8.3 Early Termination
This Agreement may be terminated by Customer for convenience upon payment of all outstanding fees for the term of the contract.
8.4 Effect of Termination
Upon any termination for cause by Customer, Patient Pattern shall, except as otherwise expressly specified in this Agreement, refund Customer any unearned prepaid fees covering the remainder of the term of all subscriptions after the effective date of termination. Upon any termination for cause by Patient Pattern, Customer shall, as a reasonable estimate of the actual damages and not a penalty, pay an amount equal to the fees that would be due over the remainder of the then-current term. In no event will any termination relieve Customer of the obligation to pay the fees payable to Patient Pattern for the period prior to the effective date of termination.
8.5 Return of Customer’s Data
Upon request by Customer made within 30 days after the effective date of termination of this Agreement, Patient Pattern will make available to Customer for download a file of Customer’s Data Service User and caregiver profile data in comma separated value (.csv). After that 30-day period, Patient Pattern has no obligation to maintain or provide any of Customer’s Data and may thereafter, unless legally prohibited, delete all of Customer’s Data in Patient Pattern’s systems or otherwise in Patient Pattern’s possession or under Patient Pattern’s control.
8.6 Surviving Provisions
The provisions that by their nature continue and survive, including those of Section 5 (Proprietary Rights), 7 (Fees and Taxes; Payment), 8.4 (Early Termination), 8.5 (Effect of Termination), 8.6 (Return of Customer’s Data), 8.7 (Surviving Provisions), 8.8 (Non-exclusive Remedy), 9 (Confidentiality), 10 (Warranty), 11 (Indemnification), 12 (Limitation of Liability), and 14 (General) shall survive any termination or expiration of this Agreement.
8.7 Non-exclusive Remedy
Termination or expiration of this Agreement, in part or in whole, shall not limit either party from pursuing other remedies available to it, nor shall either party be relieved of its obligation to pay all fees that are due and owing under this Agreement through the effective date of termination. Neither party will be liable to the other for any damages resulting from termination as permitted herein.
9.1 Definition of Confidential Information
As used herein, “Confidential Information” means all non-public information disclosed by a party (“Disclosing Party”) to the other party (“Receiving Party”), whether orally or in writing, that is designated as confidential or that reasonably should be understood to be confidential given the nature of the information and the circumstances of disclosure. Customer’s Confidential Information includes Customer’s Data; Patient Pattern’s Confidential Information includes the Product; and Confidential Information of each party shall include the terms and conditions of this Agreement and the exhibits hereto, as well as business and marketing plans, technology and technical information, product plans and designs, and business processes disclosed by such party. However, Confidential Information (other than Customer’s Data) does not include any information that (i) is or becomes generally known to the public without breach of any obligation owed to the Disclosing Party, (ii) was known to the Receiving Party prior to its disclosure by the Disclosing Party without breach of any obligation owed to the Disclosing Party, (iii) is received from a third party without breach of any obligation owed to the Disclosing Party, or (iv) was independently developed by the Receiving Party.
9.2 Protection of Confidential Information
Except as otherwise permitted in writing by the Disclosing Party, the Receiving Party shall (i) use the same degree of care that it uses to protect the confidentiality of its own confidential information of like kind (but in no event less than reasonable care) not to disclose or use any Confidential Information of the Disclosing Party for any purpose outside the scope of this Agreement, (ii) use the use any Confidential Information of the Disclosing Party solely to perform this Agreement or exercise rights hereunder, and (iii) limit access to Confidential Information of the Disclosing Party to those of its employees, contractors and agents who need such access for purposes consistent with this Agreement and who have signed confidentiality agreements with the Receiving Party containing protections no less stringent than those herein.
9.3 Protection of Customer’s Data
Without limiting the above, Patient Pattern shall maintain industry standard administrative, physical, and technical safeguards for protection of the security, confidentiality and integrity of Customer’s Data. Patient Pattern shall not (a) modify Customer’s Data, (b) disclose Customer’s Data except as compelled by law, as expressly permitted by this Agreement or as expressly permitted in writing by Customer, or © access Customer’s Data except to provide the Product or prevent or address service or technical problems, or at Customer’s request in connection with customer support matters.
9.4 Compelled Disclosure
The Receiving Party may disclose Confidential Information of the Disclosing Party if it is compelled by law to do so, provided the Receiving Party gives the Disclosing Party prior notice of such compelled disclosure (to the extent legally permitted) and reasonable assistance, at the Disclosing Party’s cost, if the Disclosing Party wishes to contest the disclosure. If the Receiving Party is compelled by law to disclose the Disclosing Party’s Confidential Information as part of a civil proceeding to which the Disclosing Party is a party, and the Disclosing Party is not contesting the disclosure, the Disclosing Party will reimburse the Receiving Party for its reasonable cost of compiling and providing secure access to such Confidential Information.
9.5 Terms of Agreement
The parties agree that the terms of this Agreement are considered Confidential Information of both parties. Each party may provide a copy of this Agreement in confidence to its advisors, counsel, any bona fide potential investor, investment banker, acquirer, merger partner or other potential financial partner, or as required by the governmental action, including action by the United States Securities Exchange Commission or its equivalent, and in connection with legal action or proceedings concerning this Agreement.
10.1 Patient Pattern’s Warranties
Patient Pattern warrants to Customer that (i) the Product shall perform materially in accordance with the User Guide, and (ii) the functionality of the Product will not be materially decreased during a subscription term. For any breach of either such warranty, Customer’s exclusive remedy shall be for Patient Pattern to correct the issue so that the Product performs as warranted.
10.2 Mutual Warranties
Each party represents and warrants to the other that (i) it has the legal power to enter into this Agreement, and (ii) it will not transmit to the other party any Malicious Code (except for Malicious Code previously transmitted to the warranting party by the other party).
Except as expressly provided herein, neither party makes any warranties of any kind, whether express, implied, statutory or otherwise, and each party specifically disclaims and excludes all other warranties, whether statutory, express or implied, including any warranties of merchantability or fitness for a particular purpose or non- infringement of third party rights.
11.1 Customer Obligations
Customer shall defend Patient Pattern against any cause of action, suit or proceeding (each a “Claim”) made or brought against Patient Pattern by a third party alleging that Customer’s Data, or Customer’s use of the Product in violation of this Agreement, infringes or misappropriates the intellectual property rights of a third party or violates applicable law, and shall indemnify Patient Pattern for any damages finally awarded against, and for reasonable attorney’s fees incurred by, Patient Pattern in connection with the Claim, on condition that Patient Pattern (a) promptly gives Customer written notice of the Claim; (b) gives Customer sole control of the defense and settlement of the Claim (provided that Customer may not settle any Claim unless the settlement unconditionally release Patient Pattern of all liability); and © provides reasonable assistance in connection with the defense (at Customer’s reasonable expense).
11.2 Patient Pattern Obligations
Patient Pattern shall defend Customer against any Claim made or brought against Customer by a third party alleging that Customer’s use of the Product infringes or misappropriates the intellectual property rights of a third party or violates applicable law, and shall indemnify Customer for any damages finally awarded against, and for reasonable attorney’s fees incurred by, Customer in connection with the Claim, on condition that Customer (a) promptly gives Patient Pattern written notice of the Claim; (b) gives Patient Pattern sole control of the defense and settlement of the Claim (provided that Patient Pattern may not settle any Claim unless the settlement unconditionally release Customer of all liability); and © provides reasonable assistance in connection with the defense (at Patient Pattern’s reasonable expense).
11.3 Exclusive Remedy
This Section 11 (Indemnification) states the indemnifying party’s sole liability to, and the indemnified party’s exclusive remedy against, the other party for any type of claim described in this Section.
12. Limitation of Liability
12.1 Limitation on Liability
In no event shall aggregate liability of Patient Pattern arising out of or related to this agreement, whether in contract, tort (including negligence) or under any other theory of liability, exceed the lesser of $10,000 or the amount paid by customer hereunder in the 12 months preceding the incident, notwithstanding any failure of the essential purpose of this agreement or any limited remedy hereunder.
12.2 Exclusion of Consequential and Related Damages
In no event shall Patient Pattern have any liability to customer for any lost profits or revenues or for any indirect, special, incidental, consequential, cover or punitive damages however caused, whether in contract, tort (including negligence) or under any other theory of liability, and whether or not the party has been advised of the possibility of such damages and notwithstanding any failure of the essential purpose of this agreement or any limited remedy hereunder. the foregoing disclaimer shall not apply to the extent prohibited by applicable law.
12.3 Acknowledgement of Customer’s Sole Responsibility for Customer’s Services
Acknowledges that the proper provision of care to Customer’s Service Patients’ is solely and exclusively Customer’s responsibility and Customer will not rely solely on the offerings of Patient Pattern to ensure proper fulfillment of care plans by Customer’s caregivers. Customer agrees to make redundant printed copies of all care-related materials available to caregivers to ensure that proper care is provided to Customer’s service Patients under any circumstance without regard to the function or performance of the product.
Patient Pattern may use Customer’s name as part of a general list of customers and may refer to Customer as a user of the Product in its advertising, marketing and promotional materials.
All notices to a party shall be in writing and sent to the addresses specified above or such other address as a party notifies the other party, and shall be deemed to have been duly given when received, if personally delivered; when receipt is electronically confirmed, if transmitted by confirmed facsimile; the day after it is sent, if sent for next day delivery by recognized overnight delivery service; and upon receipt, if sent by certified or registered mail, return receipt requested. Customer and Patient Pattern are independent contractors and neither party is the legal representative, agent, joint venturer, partner, franchisor, franchisee or employee of the other party for any purpose whatsoever. Neither party has any right or authority to assume or create any obligations of any kind or to make any representation or warranty on behalf of the other party, whether express or implied, or to bind the other party in any respect whatsoever. All indices, titles, subject headings, section titles and similar items contained in this Agreement are provided for the purpose of reference and convenience only and are not intended to be inclusive, definitive or to affect the meaning, content or scope of this Agreement. This Agreement may be executed in any number of counterparts, and each executed counterpart shall have the same force and effect as an original instrument. Neither party shall assign its rights under this Agreement nor delegate any performance (other than the right to receive payments) without the other party’s prior written consent, except that Patient Pattern may, without Customer’s consent, assign this Agreement to an affiliate or pursuant to a corporate reorganization, merger, acquisition or sale of all or substantially all of its assets to which this Agreement relates. Any attempted assignment or delegation in violation of the foregoing is void. Subject to the foregoing, this Agreement will bind and inure to the benefit of the parties and their respective successors and permitted assigns. The laws of the State of California (without giving effect to its conflicts of law principles) govern all matters arising out of or relating to this Agreement. The United Nations Convention on Contracts for the International Sale of Goods does not apply to this Agreement. The parties hereby submit to the jurisdiction of, and waive any venue objections against, the federal and state courts of San Francisco, California in all controversies arising out of, or relating to, this Agreement. No remedy is intended to be exclusive, but each shall be cumulative and in addition to any other remedy referred to above or otherwise legally available to a party. Except with respect to payment obligations, neither party is liable for any failure of performance or equipment due to causes beyond its reasonable control, including, but not limited to, the following: (i) acts of God, fire, flood, earthquake, tsunami, storm, or other catastrophes; (ii) any law, order, regulation, direction, action, or request of any governmental entity or agency, or any civil or military authority; (iii) national emergencies, insurrections, riots, wars or acts of terrorism; (iv) unavailability of rights-of-way or materials; or (v) strikes, lock- outs, work stoppages, or other labor difficulties. The parties may waive this Agreement only by a writing executed by the party or parties against whom the waiver is sought to be enforced. No failure or delay (a) in exercising any right or remedy, or (b) in requiring the satisfaction of any condition, © under this Agreement, and no act, omission or course of dealing between the parties, operates as a waiver or estoppel of any right, remedy or condition. A waiver made in writing on one occasion is effective only in that instance and only for the purpose stated. A waiver once given is not to be construed as a waiver on any future occasion or against any other person. Customer shall comply with all applicable United States, foreign and local laws and regulations, including, without limitation, export control laws and regulations of the U.S. Export Administration. The parties may amend this Agreement only by a written agreement of the parties that identifies itself as an amendment to this Agreement. If any part of this Agreement is found invalid or unenforceable that part will be enforced to the maximum extent permitted by law and the remainder of this Agreement will remain in full force. This Agreement reflects the wording negotiated and accepted by the parties and no rule of construction shall apply against either party. This Agreement is proposed and executed in the English language only and any translation of this Agreement into any other language shall have no effect. All proceedings related to this Agreement will be conducted in the English language. This Agreement (including the Schedules hereto) constitutes the entire agreement between the parties with respect to the subject matter hereof. All earlier and contemporaneous negotiations and agreements between the parties on the matters contained in this Agreement are expressly merged into and superseded by this Agreement.
15. ADDENDUM - HIPAA Business Associate Agreement
The following terms used in this Agreement shall have the same meaning as those terms in the HIPAA Rules: Breach, Data Aggregation, Designated Record Set, Disclosure, Health Care Operations, Individual, Minimum Necessary, Notice of Privacy Practices, Protected Health Information, Required By Law, Secretary, Security Incident, Subcontractor, Unsecured Protected Health Information, and Use.
- Business Associate. “Business Associate” shall generally have the same meaning as the term “business associate” at 45 CFR 160.103, and in reference to the party to this agreement, shall mean Patient Pattern, Inc.
- Covered Entity. “Covered Entity” shall generally have the same meaning as the term “covered entity” at 45 CFR 160.103, and in reference to the party to this agreement, shall mean Customer contracting Patient Pattern’s service.
- HIPAA Rules. “HIPAA Rules” shall mean the Privacy, Security, Breach Notification, and Enforcement Rules at 45 CFR Part 160 and Part 164.
15.2 Obligations and Activities of Business Associate
Business Associate agrees to:
- Not use or disclose protected health information other than as permitted or required by the Agreement or as required by law.
- Use appropriate safeguards, and comply with Subpart C of 45 CFR Part 164 with respect to electronic protected health information, to prevent use or disclosure of protected health information other than as provided for by the Agreement.
- Report to covered entity any use or disclosure of protected health information not provided for by the Agreement of which it becomes aware, including breaches of unsecured protected health information as required at 45 CFR 164.410, and any security incident of which it becomes aware.
- In accordance with 45 CFR 164.502(e)(1)(ii) and 164.308(b)(2), if applicable, ensure that any subcontractors that create, receive, maintain, or transmit protected health information on behalf of the business associate agree to the same restrictions, conditions, and requirements that apply to the business associate with respect to such information.
- Make available protected health information in a designated record set to the covered entity as necessary to satisfy covered entity’s obligations under 45 CFR 164.524.
- Make any amendment(s) to protected health information in a designated record set as directed or agreed to by the covered entity pursuant to 45 CFR 164.526, or take other measures as necessary to satisfy covered entity’s obligations under 45 CFR 164.526.
- Maintain and make available the information required to provide an accounting of disclosures to the covered entity as necessary to satisfy covered entity’s obligations under 45 CFR 164.528.
- To the extent the business associate is to carry out one or more of covered entity’s obligation(s) under Subpart E of 45 CFR Part 164, comply with the requirements of Subpart E that apply to the covered entity in the performance of such obligation(s), and
- Make its internal practices, books, and records available to the Secretary for purposes of determining compliance with the HIPAA Rules.
15.3 Permitted Uses and Disclosures by Business Associate
- Business associate may only use or disclose protected health information as necessary to perform the services set forth in Service Agreement. The business associate is authorized to de-identify the protected health information in accordance with 45 CFR 164.514(a)-© to improve and augment the service provide to it’s customers.
- Business associate may use or disclose protected health information as required by law.
- Business associate agrees to make uses and disclosures and requests for protected health information consistent with covered entity’s minimum necessary policies and procedures.
- Business associate may not use or disclose protected health information in a manner that would violate Subpart E of 45 CFR Part 164 if done by covered entity except for the specific uses and disclosures set forth below.
- Business associate may use protected health information for the proper management and administration of the business associate or to carry out the legal responsibilities of the business associate.
- Business associate may disclose protected health information for the proper management and administration of business associate or to carry out the legal responsibilities of the business associate, provided the disclosures are required by law, or business associate obtains reasonable assurances from the person to whom the information is disclosed that the information will remain confidential and used or further disclosed only as required by law or for the purposes for which it was disclosed to the person, and the person notifies business associate of any instances of which it is aware in which the confidentiality of the information has been breached.
- Business associate may provide data aggregation services relating to the health care operations of the covered entity.
15.4 Provisions for Covered Entity to Inform Business Associate of Privacy Practices and Restrictions
- Covered entity shall notify business associate of any limitation(s) in the notice of privacy practices of covered entity under 45 CFR 164.520, to the extent that such limitation may affect business associate’s use or disclosure of protected health information.
- Covered entity shall notify business associate of any changes in, or revocation of, the permission by an individual to use or disclose his or her protected health information, to the extent that such changes may affect business associate’s use or disclosure of protected health information.
- Covered entity shall notify business associate of any restriction on the use or disclosure of protected health information that covered entity has agreed to or is required to abide by under 45 CFR 164.522, to the extent that such restriction may affect business associate’s use or disclosure of protected health information.
15.5 Permissible Requests by Covered Entity
Covered entity shall not request business associate to use or disclose protected health information in any manner that would not be permissible under Subpart E of 45 CFR Part 164 if done by covered entity, except if the business associate will use or disclose protected health information for data aggregation or management and administration and legal responsibilities of the business associate.
15.6 Term and Termination
- This Business Associate Agreement uses same Term and Termination provisions described in Section 8, Term and Termination of the SaaS Service agreement, plus the following.
- Termination for Cause. Business associate authorizes termination of this Agreement by covered entity, if covered entity determines business associate has violated a material term of the Agreement and business associate has not cured the breach or ended the violation within the time specified by covered entity.
- Obligations of Business Associate Upon Termination. Upon termination of this Agreement for any reason, business associate, with respect to protected health information received from covered entity, or created, maintained, or received by business associate on behalf of covered entity, shall:
- Retain only that protected health information which is necessary for business associate to continue its proper management and administration or to carry out its legal responsibilities.
- Return to covered entity or, if agreed to by covered entity, destroy the remaining protected health information that the business associate still maintains in any form.
- Continue to use appropriate safeguards and comply with Subpart C of 45 CFR Part 164 with respect to electronic protected health information to prevent use or disclosure of the protected health information, other than as provided for in this Section, for as long as business associate retains the protected health information.
- Not use or disclose the protected health information retained by business associate other than for the purposes for which such protected health information was retained and subject to the same conditions set out at “Permitted Uses and Disclosures By Business Associate” paragraphs (e) and (f), which applied prior to termination, and
- Return to covered entity or, if agreed to by covered entity, destroy the protected health information retained by business associate when it is no longer needed by business associate for its proper management and administration or to carry out its legal responsibilities.
- The business associate will transmit the protected health information to another business associate of the covered entity at termination if agreed to by covered entity.
- Survival. The obligations of business associate under this Section shall survive the termination of this Agreement.
- Amendment. The Parties agree to take such action as is necessary to amend this Agreement from time to time as is necessary for compliance with the requirements of the HIPAA Rules and any other applicable law.
- Interpretation. Any ambiguity in this Agreement shall be interpreted to permit compliance with the HIPAA Rules.
Last updated: 20th Janurary, 2017
Patient Pattern, Inc. (“Patient Pattern” or the “Company”) is committed to protecting the privacy of your information. This Privacy Statement describes Patient Pattern’s Web site privacy practices.
1 Web Site Covered
This Privacy Statement covers the information practices of http://patientpattern.com.
2 Information Collected
Patient Pattern offers a variety of services that are collectively referred to as the “Services.” Patient Pattern collects information from individuals who visit the Company’s Web site (“Visitors”) and individuals who register to use the Services (“Customers”).
When expressing an interest in obtaining additional information about the Services or registering to use the Services, Patient Pattern requires you to provide the Company with personal contact information, such as name, company name, address, phone number, and email address (“Required Contact Information”). When purchasing the Services, Patient Pattern requires you to provide the Company with financial qualification and billing information, such as billing name and address, credit card number, and the number of employees within the organization that will be using the Services (“Billing Information”). Patient Pattern may also ask you to provide additional information, such as company annual revenues, number of employees, or industry (“Optional Information”). Required Contact Information, Billing Information, and Optional Information are referred to collectively as “Data About Patient Pattern Customers.”
As you navigate the Company’s Web site, Patient Pattern may also collect information through the use of commonly-used information-gathering tools, such as cookies and Web beacons (“Web Site Navigational Information”). Web Site Navigational Information includes standard information from your Web browser (such as browser type and browser language), your Internet Protocol (“IP”) address, and the actions you take on the Company’s Web site (such as the Web pages viewed and the links clicked).
3 Use of Information Collected
The Company uses Data About Patient Pattern Customers to perform the services requested. For example, if you fill out a “Contact Me” Web form, the Company will use the information provided to contact you about your interest in the Services.
The Company may also use Data About Patient Pattern Customers for marketing purposes. For example, the Company may use information you provide to contact you to further discuss your interest in the Services and to send you information regarding the Company and its partners, such as information about promotions or events.
Patient Pattern uses credit card information solely to check the financial qualifications of prospective Customers and to collect payment for the Services.
Patient Pattern uses Web Site Navigational Information to operate and improve the Company’s Web site. The Company may also use Web Site Navigational Information alone or in combination with Data About Patient Pattern Customers to provide personalized information about the Company.
4 Web Site Navigational Information
Patient Pattern uses commonly-used information-gathering tools, such as cookies and Web beacons, to collect information as you navigate the Company’s Web site (“Web Site Navigational Information”). This section describes the types of Web Site Navigational Information that may be collected on the Company’s Web site and how this information may be used.
If you have chosen to identify yourself to Patient Pattern, the Company uses session cookies containing encrypted information to allow the Company to uniquely identify you. Each time you log into the Services, a session cookie containing an encrypted, unique identifier that is tied to your account is placed your browser. These session cookies allow the Company to uniquely identify you when you are logged into the Services and to process your online transactions and requests. Session cookies are required to use the Services.
Patient Pattern uses persistent cookies that only the Company can read and use to identify browsers that have previously visited the Company’s Web site. When you purchase the Services or provide the Company with personal information, a unique identifier is assigned you. This unique identifier is associated with a persistent cookie that the Company places on your Web browser. The Company is especially careful about the security and confidentiality of the information stored in persistent cookies. For example, the Company does not store account numbers or passwords in persistent cookies. If you disable your Web browser’s ability to accept cookies, you will be able to navigate the Company’s Web site, but you will not be able to successfully use the Services.
Patient Pattern may use information from session and persistent cookies in combination with Data About Patient Pattern Customers to provide you with information about the Company and the Services.
4.2 Web Beacons
Patient Pattern may use Web beacons alone or in conjunction with cookies to compile information about Customers and Visitors’ usage of the Company’s Web site and interaction with emails from the Company. Web beacons are clear electronic images that can recognize certain types of information on your computer, such as cookies, when you viewed a particular Web site tied to the Web beacon, and a description of a Web site tied to the Web beacon. For example, Patient Pattern may place Web beacons in marketing emails that notify the Company when you click on a link in the email that directs you to one of the Company’s Web site. Patient Pattern uses Web beacons to operate and improve the Company’s Web site and email communications.
Patient Pattern may use information from Web beacons in combination with Data About Patient Pattern Customers to provide you with information about the Company and the Services.
4.3 Flash Cookies
Patient Pattern may use local shared objects, also known as Flash cookies, to store your preferences or display content based upon what you view on our site to personalize your visit. Third parties, with whom the Company partners to provide certain features on our site or to display advertising based upon your Web browsing activity, use Flash cookies to collect and store information.
Flash cookies are different from browser cookies because of the amount of, type of, and how data is stored. Cookie management tools provided by your browser will not remove Flash cookies. To learn how to manage privacy and storage settings for Flash cookies click here.
4.4 IP Addresses
When you visit Patient Pattern’s Web site, the Company collects your Internet Protocol (“IP”) addresses to track and aggregate non-personal information. For example, Patient Pattern uses IP addresses to monitor the regions from which Customers and Visitors navigate the Company’s Web site.
4.5 Third Party Cookies
From time-to-time, Patient Pattern engages third parties to track and analyze usage and volume statistical information from individuals who visit the Company’s Web site. Patient Pattern may also use other third-party cookies to track the performance of Company advertisements. The information provided to third parties does not include personal information, but this information may be re-associated with personal information after the Company receives it.
5 Public Forums, Refer a Friend, and Customer Testimonials
Patient Pattern may provide bulletin boards, blogs, or chat rooms on the Company’s Web site. Any personal information you choose to submit in such a forum may be read, collected, or used by others who visit these forums, and may be used to send you unsolicited messages. Patient Pattern is not responsible for the personal information you choose to submit in these forums.
Customers and Visitors may elect to use the Company’s referral program to inform friends about the Company’s Web site. When using the referral program, the Company requests the friend’s name and email address. Patient Pattern will automatically send the friend a one-time email inviting him or her to visit the Company’s Web site. Patient Pattern does not store this information.
Patient Pattern may post a list of Customers and testimonials on the Company’s Web site that contain information such as Customer names and titles. Patient Pattern obtains the consent of each Customer prior to posting any information on such a list or posting testimonials.
6 Sharing of Information Collected
Patient Pattern may share Data About Patient Pattern Customers with the Company’s service providers so that these service providers can contact Customers and Visitors who have provided contact information on our behalf. Patient Pattern may also share Data About Patient Pattern Customers with the Company’s service providers to ensure the quality of information provided. Unless described in this privacy statement, Patient Pattern does not share, sell, rent, or trade any information provided with third parties for their promotional purposes.
From time to time, Patient Pattern may partner with other companies to jointly offer products or services. If you purchase or specifically express interest in a jointly-offered product or service from Patient Pattern, the Company may share Data About Patient Pattern Customers collected in connection with your purchase or expression of interest with our joint promotion partner(s). Patient Pattern does not control our business partners’ use of the Data About Patient Pattern Customers we collect, and their use of the information will be in accordance with their own privacy policies. If you do not wish for your information to be shared in this manner, you may opt not to purchase or specifically express interest in a jointly offered product or service.
Patient Pattern uses a third-party service provider to manage credit card processing. This service provider is not permitted to store, retain, or use Billing Information except for the sole purpose of credit card processing on the Company’s behalf.
Patient Pattern reserves the right to use or disclose information provided if required by law or if the Company reasonably believes that use or disclosure is necessary to protect the Company’s rights and/or to comply with a judicial proceeding, court order, or legal process.
7 Communications Preferences
Patient Pattern offers Customers and Visitors who provide contact information a means to choose how the Company uses the information provided. You may manage your receipt of marketing and non-transactional communications by clicking on the “unsubscribe” link located on the bottom of the Company’s marketing emails. Additionally, you may send a request specifying your communications preferences to firstname.lastname@example.org. Customers cannot opt out of receiving transactional emails related to their account with Patient Pattern or the Services.
8 Correcting and Updating Your Information
Customers may update or change their registration information by logging in to their accounts at https://patientpattern.com. Requests to access, change, or delete your information will be handled within 30 days.
Patient Pattern uses appropriate administrative, technical, and physical security measures to protect Data About Patient Pattern Customers.
10 Changes to this Privacy Statement
Patient Pattern reserves the right to change this Privacy Statement. Patient Pattern will provide notification of the material changes to this Privacy Statement through the Company’s Web site at least thirty (30) business days prior to the change taking effect.
11 Contacting Us
Questions regarding this Privacy Statement or the information practices of the Company’s Web site should be directed to email@example.com or by mailing Patient Pattern...Patient Pattern, Inc
701 Ellicott Street
Buffalo, NY 14203
Last updated Jan 10th, 2017.