Patient Data API Terms and Conditions
Developer Policies and Agreements Document
This is a legal agreement (“Agreement”) between “you” (a “Developer” or “User”) and Ebiometronics. BY USING THE SYSTEM AND/OR ACCEPTING THIS AGREEMENT, YOU ARE CONSENTING TO BE BOUND BY ITS TERMS. WHEREAS, Company is willing to supply the System (as defined below) to you; WHEREAS, you desire to have access to the System, and are aware of the purpose of the System; Now therefore, in consideration of the foregoing and the mutual covenants hereinafter set forth, the parties hereby agree:
“Codes” means access codes, identification codes, tokens, private security keys, passwords and/or public security certificates that Company may issue to you for use with the System.
“Computer” means any computing device containing one or more central processing units, including but not limited to desktop and laptop personal computers and tablet devices.
“Data Holder” means any third party that provides data that can be accessed through the System.
“Developer” means a person or business that produces or provides software or services through which a User can access the System.
“Documentation” means any printed documentation regarding the System, any electronic documentation regarding the System, and any other online or other documentation that is generally made available by Company to Users or Developers.
“Excessive Use” means access or use of the System by a Developer or User that exceeds two times the 99th percentile of system use observed by Company for all Developers and/or Users, or is otherwise identified as an outlier by Company, as measured by a suitable metric determined by Company, examples including but not limited to bandwidth utilized or number or size of data requests processed.
“Software” means the Open Application Programming Interface (API) of the Universal EHR software, any applicable related website or network resources intended for use with that software, and any other software provided by Company to you in connection with this Agreement, as applicable, in the form intended by Company for use by you, as documented by the Company, and any updates or upgrades thereto provided by Company in Company’s sole discretion.
“System” means any Company websites or network resources, Software and Documentation, Codes, Public Key Infrastructure (PKI), and any services, programs, functions and information provided by Company to you.
“HIPAA” means the Health Insurance Portability and Accountability Act of 1996 and the regulations promulgated thereunder.
“HITECH” means the Health Information Technology for Economic and Clinical Health Act under Title XIII of the American Recovery and Reinvestment Act of 2009 and the regulations promulgated thereunder.
“PHI” means Protected Health Information as defined by HIPAA.
“User” means a person or other entity who accesses the System directly or through any software or service.
2. License Grant. Company hereby grants you a non-transferable, non-exclusive, revocable, limited license to use the System subject to the terms and conditions of this Agreement. RIGHTS NOT EXPRESSLY GRANTED HEREIN ARE RESERVED BY COMPANY.
3. License Restrictions. YOU MAY NOT, EITHER ON YOUR OWN BEHALF OR THROUGH ANY AGENT OR THIRD PARTY DECOMPILE, DISASSEMBLE, REVERSE ENGINEER, OR OTHERWISE ATTEMPT TO DERIVE SOURCE CODE FROM THE SOFTWARE COMPONENTS OF THE SYSTEM, OR MODIFY OR CREATE DERIVATIVE WORKS BASED ON THE SOFTWARE COMPONENTS OF THE SYSTEM OR ANY DOCUMENTATION. For example, but without limitation, you shall not yourself or through any agent, or third party: (i) translate any Software code, including without limitation for the purpose of reverse engineering or to discover the structure, sequence or organization of the Software or any portion thereof, (ii) monitor, interfere with, or reverse engineer the technical aspects of the System, (iii) intentionally compromise the security of the System or take any action intentionally, or neglect or omit to take, any action that compromises the security of the System, (iv) sell, lease, license or sublicense the System or Documentation except as expressly authorized under this Agreement. You are solely responsible for obtaining all equipment, developing or obtaining software to access the System, for ensuring the compatibility thereof with the System in accordance with the Documentation, for determining the suitability of said equipment and software for the purpose of using the System, and for paying all fees including, without limitation, all taxes and Internet access fees, necessary to use the System. Your responsibilities under the immediately preceding sentence include determining the suitability of any computers or devices, including mobile devices, browser software or other third party software, network configuration and internet service, or other hardware or software used by you, including but not limited to any software provided by Company, to access the System, including but not limited to the assessment of a device’s or software’s ability to maintain the security and privacy of your Codes and of any data, including PHI, viewed, downloaded, or otherwise accessed through the System. You shall not use Software or System for any purpose other than those permitted by this agreement. You will not use the System for any purpose that is unlawful or prohibited by this Agreement.
4. Participant Evaluations and User Submissions; HIPAA and HITECH; User Responsibilities.
A. As requested by Company, you agree to furnish Company with information describing the results of your use of the System, including (a) Developer’s name and contact information and the names of any Users and other participants, and (b) reasonably comprehensive information concerning any errors, problems, difficulties, or suggestions regarding the access to or use of the System. You will also promptly respond to any reasonable questions provided by Company regarding the System. You acknowledge and agree that all information provided in accordance with this section shall be considered User Submissions and subject to the provisions for same set forth in Section 4.D. below.
B. YOU ATTEST THAT YOU ARE AUTHORIZED TO ACCESS ANY PHI THAT YOU REQUEST THROUGH THE SYSTEM, AND YOU AGREE TO HANDLE AND PROCESS SUCH INFORMATION ACCORDING TO ANY AND ALL APPLICABLE LAWS. You acknowledge and agree that you shall use the System only as and to the extent permitted by applicable law, including any applicable import or export laws, and only for applications related to the secure access to health information over the Internet, in a manner compliant with the security and privacy rules of HIPAA, HITECH, and any other applicable law or regulation. You acknowledge and agree that Company is not a Covered Entity. You agree that you will not intentionally submit to Company or otherwise share with Company any Protected Health Information and will not provide Company with access to any Protected Health Information except as required for you to use the System. You acknowledge and agree that Company only acts as a conduit to transfer Protected Health Information or any other data between you and a Data Holder. You and Company agree that you and Company do not intend to become each other’s Business Associate by virtue of entering into this Agreement or your use of the System. As a result, this Agreement is not intended to serve as a Business Associate Agreement between you and Company.
C. You acknowledge that the System is a data transport tool and is not intended to serve as a medical record, and that it is your sole responsibility to ensure that the content of any data accessed through the System is incorporated into a patient’s medical record, when applicable. You agree that it is your sole responsibility to provide or obtain any and all necessary consents and to fulfill any and all obligations that are required by HIPAA, HITECH, or other governmental statute or regulation, including but not limited to entering into any required Business Associate Agreement, prior to use, disclosure, or transmission of any Protected Health Information or other data accessed through the System. You agree that Company has no obligation to archive or otherwise store any PHI or other data transferred through the System. You acknowledge that the data you request may not be accessible through the System when (i) you are denied access by Data Holder to any or all of the data requested or the Data Holder does not respond to your request for any reason, (ii) your request or the data provided by a Data Holder is not in a format recognized by the System, (iii) your request would cause transfer size or frequency to exceed the allowable maximum permitted by Company, (iv) the Codes you use to access the System are invalid, (v) this Agreement terminates, or (vi) for any other reason. You are solely responsible for obtaining any Codes or other credentials needed to use the System or access PHI or other data through the System. You acknowledge that Company does not control the content of data accessed through the System, that data accessed through the System may contain software viruses or other malicious content, that it is your sole responsibility to protect your computer system from viruses, and that Company has no responsibility to protect your computer system from viruses or other malware. You agree that Company, in its sole discretion, reserves the right not to enable Software or System for any particular Developer or User, should Company determine, in its sole discretion, that use by the Developer or User is a threat to Company’s systems or negatively impacts the use of the System by other Users.
D. You may make submissions of certain data and information to Company (the “User Submissions”), such as feedback related to the System. You understand that User Submissions are not and shall not be deemed to be your confidential and/or proprietary information, regardless of whether any submission is marked “Confidential” and/or “Proprietary”. All User Submissions of any type, and the responses of Company or any other entity, if any, and all intellectual property rights therein, including any derivatives, modifications, updates and improvements thereto, shall be owned solely by Company, and you hereby irrevocably assign to Company all such rights in the User Submissions. You hereby warrant that the User Submissions are and will be in compliance with all applicable laws and regulations, and will not contain Protected Health Information. Company has a right to use User Submissions, to which it is given access in any form, to evaluate, test or improve the System or for other lawful purpose. You will make User Submissions and will provide Company access to Software-generated data only in accordance with HIPAA/HITECH, applicable state privacy laws and other applicable laws.
E. If the Company (i) determines that a statute or regulation, including any interpretation thereof (e.g., an advisory opinion) (collectively referred to in this subsection as a “Law”) to become effective as of a certain date which, if or when implemented, would have the effect of subjecting the Company to civil or criminal prosecution under state and/or federal laws, or any other material adverse proceeding on the basis of such party’s participation herein, or (ii) receives notice of an actual or threatened decision, finding or action by any governmental or private agency or party or court (collectively referred to in this subsection as an “Action”), which, if or when implemented, would have the effect of subjecting Company to civil or criminal prosecution under state and/or federal laws, or any other material adverse proceeding on the basis of such party’s participation herein, then Company shall amend this Agreement to the minimum extent necessary, as determined reasonably by the Company, in order to comply with such Law or to avoid the Action, as applicable and Company shall have the power to amend this Agreement for this purpose without your consent or the consent of any other person or entity. If the Company determines that compliance with such requirements is impossible, then this Agreement may be terminated by the Company without penalty and without prior written notice.
A. Company may limit the number of Users who can use the System at any given time. You warrant to Company that (a) all information supplied by you is true, correct and complete, (b) no unauthorized entity has ever had access to your Codes, and (c) you have not included trademarks in your token request unless you also possess the rights to use the respective names, nor have you otherwise misrepresented the identity of your legal organization or software. You are solely responsible for use and proper protection of your Codes, and agree to take all reasonable precautions to protect the security and integrity of the Codes and to prevent their unauthorized use. You acknowledge and agree that you are solely responsible for all actions taken that utilize your Codes, unless such actions are taken by Company, its subcontractors or agents without your approval.
B. If Company determines in its sole discretion that you are or may be using a Code issued by Company for purposes other than those allowed by this agreement, Company may, in its sole discretion, revoke the Code. Company may modify a Code or its metadata issued to you if Company determines, in its sole discretion, that such modification is required to meet the initial or ongoing inclusion or interoperability requirements of a trust community or equivalent in which Company participates or intends to participate, or that Company or Developer do not meet or have ceased to meet the inclusion requirements for a trust community or equivalent. You will cease use of all Codes following expiration or revocation of the corresponding Code or of the license granted hereunder. You will promptly notify Company if any information in your Code or its associated metadata is inaccurate or has changed. You will protect all Codes to which you have access from unauthorized access. Without limiting the last sentence of Section 7, this Section 5 will survive any termination of this Agreement.
6. Proprietary Rights and Audits. The Software, System, Documentation and all content and all information with regard thereto or contained therein including, but not limited to, data, evaluation and test results, any reports, questionnaires or other documentation provided to Company under this Agreement (the “Company Information”) and any User Submissions, including any compilations of any participant information that are created in connection with or as part of the System are proprietary products of Company and its licensors and are protected under various intellectual property laws. Except for the rights expressly granted pursuant to Section 2 above, Company and its licensors retain all right, title, and interest in and to the System and Documentation, all other Company Information and the User Submissions, including all intellectual property rights therein. Company may modify the Software and Documentation at any time and from time to time and the definitions of Software or Documentation shall be deemed to also include such modifications and such Software and Documentation as modified.
7. Term and Termination. The term of this Agreement shall begin on the date of your acceptance of this Agreement, first use of the System, or upon issuance of Codes to you, whichever occurs earliest. This license will automatically terminate without notice to you upon expiration of Codes issued to you or upon the termination of this Agreement as provided herein, whichever occurs earlier. Upon any termination, all rights and licenses granted to you under this Agreement shall immediately terminate and, if you have been issued any Code(s) from Company, you shall destroy and discard (or cause to be destroyed or discarded) and cease use of all copies of such Code(s). The terms of this Agreement that give the parties rights beyond termination of this Agreement will survive any termination of this Agreement.
A. YOU ACKNOWLEDGE AND AGREE THAT THE SOFTWARE, DOCUMENTATION, SYSTEM AND ANY OTHER MATERIALS OR CONTENT ARE PROVIDED TO YOU “AS-IS,” WITH NO WARRANTY WHATSOEVER, EITHER EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION, THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE OR USE, ANY WARRANTY OF NON-INFRINGEMENT, OR ANY WARRANTY THAT THE OPERATION OF THE SYSTEM WILL BE UNINTERRUPTED OR ERROR FREE. COMPANY DISCLAIMS ANY LIABILITY FOR UNAUTHORIZED THIRD PARTY ACCESS, OR RELIANCE ON THE SYSTEM BY YOU OR ANY THIRD PARTY. COMPANY DISCLAIMS ANY LIABILITY FOR ANY DAMAGES TO YOUR COMPUTER OR ANY THIRD PARTY’S COMPUTER OR OTHER PROPERTY CAUSED BY OR ARISING FROM YOUR USE OF THE SYSTEM, WHETHER DUE TO INFECTION BY A SOFTWARE VIRUS OR OTHER MALWARE OR OTHER CAUSE. COMPANY DISCLAIMS ANY LIABILITY RESULTING FROM ANY UNAUTHORIZED ACCESS TO DATA ARISING FROM OR RELATED TO YOUR USE OF THE SYSTEM, INCLUDING BUT NOT LIMITED TO LIABILITY FOR COSTS, DAMAGES, ATTORNEYS’ FEES, OR ANY LIABILITY ARISING FROM OR RELATING TO ANY REGULATORY ACTION BY ANY STATE OR FEDERAL AGENCY. You agree that you and the Company are independent contractors and that neither has any fiduciary responsibility to the other. In furtherance of the immediately preceding sentence, each of you and the Company agree to never assert for its own benefit that the other has any fiduciary duties and to the extent permitted by applicable law, you and Company hereby disclaim any fiduciary relationship between Company on one hand and you on the other hand. You further acknowledge that some content, including but not limited to any health data or directory information, has been supplied by third parties and that Company makes no warranty whatsoever with respect to such content. Company has not attempted to nor has it verified the accuracy or completeness of such content, nor does Company have any obligation to update or correct any such content. You acknowledge that use of the System may require that data is supplied by or passes through systems that are not controlled by Company, including, without limitation, internet service providers, third party applications, routers, domain name system (DNS) servers, and systems run by Developers, Data Holders, or other third parties, and you agree that Company is not responsible for the timeliness, reliability or availability of those systems.
B. You acknowledge that the System is designed to facilitate secure delivery of health content over the Internet. You acknowledge and agree that each user’s needs and data are unique, and that your inputs and information and your use to generate customized reports and outputs or other data based on your own needs and data, may cause your experience to differ from that of other users and that you assume the entire risk of your reliance on the System and any reports, information or any other content generated thereby. You acknowledge and agree that you will never use the System in urgent, critical, emergency, life-threatening, time sensitive or mission critical scenarios, and instead shall communicate in such circumstances directly and orally. You shall never use the system as a substitute for direct oral person-to-person communication in urgent, critical, emergency, life-threatening, time-sensitive, or mission-critical situations, including for communication of critical medical results in such circumstances.