By signing the contract, you are indicating that you expressly accept the following terms and conditions in this legal agreement (the “Agreement”) between you and any organization you represent (collectively, “you” or the “Customer”) and Mark It Developments, Inc. (“EasyMarkit”) governing your use of EasyMarkit’s online service and any related software you may install on your computer (the “Service”). If you are entering into this Agreement, you represent that you are authorized to accept the terms of this Agreement on behalf of yourself or the organization you represent. If you do not have such authority, or if you do not agree with the terms and conditions of this Agreement, you must not sign the contract, and may not use the Service.
2. License grant & restrictions
EasyMarkit hereby grants the Customer, during the terms of this Agreement, the non-exclusive, non-transferable, worldwide right to use the Service, solely for the Customer’s own internal business purposes, subject to the terms and conditions of this Agreement. All rights not expressly granted to the Customer are reserved by EasyMarkit and its third party licensors or suppliers (collectively, the “Licensors”).
The Customer shall not (i) license, sublicense, sell, resell, transfer, assign, distribute or otherwise commercially exploit or make available to any third party the Service or the content provided by or on behalf of EasyMarkit through the Service (the content) in any way; (ii) modify or make derivative works based upon the Service or the Content; (iii) create Internet “links” to the Service or “frame” or “mirror” any Content on any other server or wireless or Internet-based device; or (iv) reverse engineer or access the Service in order to (a) build a competitive product or service, (b) build a product using similar ideas, features, functions or graphics of the Service, or (c) copy any ideas, features, functions or graphics of the Service.
Customer agrees that EasyMarkit may publish, modify and amend any and all content appearing within EasyMarkit.com, and all other internet domains or content feeds owned, managed, or controlled by EasyMarkit, including content consisting of promotions, advertisements and listings for non-competing local businesses, or products and services offered by EasyMarkit.
3. Ownership of intellectual property rights and Customer Data
The parties acknowledge and agree that, subject to the license grants contained in this Agreement, Licensor, retains all right, title and interest, including all related intellectual property rights, in and to the EasyMarkit technology, the Content and the Service and any suggestions, ideas, enhancement requests, feedback, recommendations (collectively, Feedback) or other information provided by the Customer or any other party relating to the Service. Customer retains all right, title and interest to any and all patient or customer data including consumer review data captured by the EasyMarkit system (“Customer Data”) provided to EasyMarkit, subject to EasyMarkit’s right to use such Customer Data to provide the Service to Customer. This Agreement is not a sale and does not convey any rights of ownership in or related to the EasyMarkit Service, EasyMarkit technology, EasyMarkit Content, or EasyMarkit intellectual property to the Customer except for the limited licenses granted to the Customer under this Agreement. Any and all software, algorithms, applications, source codes, structures, sequences, routines, sub-routines and related programming, engineering or technological matter developed or created by EasyMarkit or its Licensors (and all copyrights, patents, trademarks and other proprietary rights related thereto) shall remain the sole, exclusive and perpetual property of EasyMarkit or its Licensors.
The trademarks, trade names, service names or logos associated with the Service (collectively, the “Marks”) are trademarks of EasyMarkit or its Licensors, and no right or license is granted to use them. Customer hereby acknowledges EasyMarkit or its Licensors’ perpetual and exclusive ownership of and title to the Marks and the goodwill attaching thereto. Customer agrees not to use or attempt to register any Mark that is confusingly or deceptively similar to the Marks.
4. Customer responsibility and passwords; Third party software
You are responsible for all activity occurring under your User accounts and shall abide by all applicable local, state, national and foreign laws, treaties and regulations in connection with your use of the Service, including those related to data privacy, international communications and the transmission of technical or personal data. You also will choose a password and a user name. You are entirely responsible for maintaining the confidentiality of your password and account. Furthermore, you are entirely responsible for any and all activities that occur under your account. You agree to notify EasyMarkit immediately of any unauthorized use of your account or any other breach of security. EasyMarkit will not be liable for any loss that you may incur as a result of someone else using your password or account, either with or without your knowledge. Customer warrants and represents that: (i) the content to be transmitted by or on behalf of Customer does not constitute SPAM; (ii) the content to be transmitted by or on behalf of Customer is not illegal, threatening, hateful, vulgar, obscene, libelous or defamatory and does not and will not infringe upon any trademark, patent, copyright, trade secret or other proprietary, publicity or privacy right of any third party; and (iii) Customer has complied and will comply with all applicable laws respecting its execution and performance of this Agreement.
The EasyMarkit Service receives data from third-party software systems, which will be designated by Customer in the process of setting up the EasyMarkit Service. If Customer elects to change, upgrade or materially alter the third party software system from which EasyMarkit receives data, EasyMarkit does not guarantee that all Customer Data or Service functionality will be preserved. Customer is responsible for communicating any changes in data structure, management system, or hardware upgrades that may impact EasyMarkit’s ability to receive and process Customer Data.
5. Client data and account information
EasyMarkit does not own any Customer Data, information or material that you submit to the Service in the course of using the Service. Except in accordance with this Agreement or as required by law, Customer Data will not be disclosed, sold, assigned, licensed or otherwise disposed of by EasyMarkit to any third party. You, not EasyMarkit, shall have sole responsibility for the accuracy, quality, integrity, legality, reliability, appropriateness, and intellectual property ownership or right to use of all Customer Data, and, except as provided in this Agreement or as required by law, EasyMarkit shall not be responsible or liable for the deletion, correction, destruction, damage, loss or failure to store any Customer Data, or for the improper or erroneous upload or extraction of any Customer Data. EasyMarkit reserves the right to withhold, remove and/or discard Customer Data without notice for any breach, including, without limitation, your non-payment. Upon termination for cause, your right to access or use Customer Data immediately ceases, and, except as set forth in Section 16 below, EasyMarkit shall have no obligation to maintain or forward any Customer Data.
6. Limited liability
IN NO EVENT SHALL EASYMARKIT, ITS SUBSIDIARIES, OFFICERS, DIRECTORS, EMPLOYEES, LICENSORS, PARTNERS OR AFFILIATES BE LIABLE FOR: (I) ANY INDIRECT, INCIDENTAL, UNFORESEEABLE, SPECIAL, PUNITIVE OR CONSEQUENTIAL DAMAGES; (II) ANY DAMAGES FOR LOSS OF PROFITS, LOSS OF EARNINGS OR LOSS OF BUSINESS OPPORTUNITIES, EVEN IF EASYMARKIT HAS BEEN ADVISED OR WARNED BY CUSTOMER OF THE POSSIBILITY OF SUCH DAMAGES; (III) COSTS OF PROCUREMENT OR SUBSTITUTE GOODS OR SERVICES; (IV) LOSS OF DATA OR OTHER CUSTOMER CONTENT RESULTING FROM DELAYS, NON-DELIVERIES, MISDELIVERIES, SECURITY BREACHES TO, SERVICE INTERRUPTIONS TO, OR ERRORS OR OMISSIONS RESPECTING THE SERVICE OR THE OPERATION OF EASYMARKIT OR ITS LICENSORS’ NETWORKS; OR (V) LOSSES OR LIABILITIES DUE IN WHOLE OR IN PART TO INADVERTENT, PREMATURE OR UNAUTHORIZED RELEASE OR DISCLOSURE OF INFORMATION BY CUSTOMER VIA EASYMARKIT OR ITS LICENSORS’ NETWORKS. THE TOTAL CUMULATIVE LIABILITY OF EASYMARKIT TOGETHER WITH ITS SUBSIDIARIES, OFFICES, DIRECTORS, EMPLOYEES, LICENSORS, PARTNERS AND AFFILIATES TO CUSTOMER OR ANY THIRD PARTIES IN ANY CIRCUMSTANCE ARISING OUT OF OR RELATING TO THIS AGREEMENT OR THE SERVICE IS LIMITED TO THE AMOUNT OF FEES CUSTOMER PAYS TO EASYMARKIT IN THE 12 MONTHS PRIOR TO THE ACTION GIVING RISE TO LIABILITY. The foregoing limitations will apply even if EasyMarkit has been notified of the possibility of such damages and notwithstanding the failure of the essential purpose of any limited remedy. No action or claim relating to this Agreement shall be made against EasyMarkit or its Licensors, subsidiaries, officers, directors, employees, partners or affiliates by Customer or on Customer’s behalf more than 12 months after the event giving rise to such action or claim.
You agree to indemnify and hold EasyMarkit (including its parent, subsidiaries, affiliates, officers, directors, agents, and employees, contractors, sub-contractors, Licensors, partners and affiliates) harmless from any claim or demand, including reasonable attorney’s fees, made by any third party due to or arising out of your breach or alleged breach of this Agreement or the documents it incorporates by reference, or your violation of any law or the rights of a third party (including without limitation any negligent, willful, tortious or illegal conduct by you affecting a third party).
This Agreement is a yearly commitment billed in accordance with Section 10 below. This Agreement will automatically renew at the end of term for a further year term unless EasyMarkit is notified in writing at least 30 days prior to the end of the relevant term.
10. Billing & pricing
EasyMarkit charges and collects in advance for use of the Service. EasyMarkit will automatically renew and bill your credit card or issue an invoice each year on the subsequent anniversary for annual licenses, or in an otherwise mutually agreed upon manner. The renewal charge will be equal to the then-current license fee in effect at the time of renewal.
11. Credit card authorization
By submitting your credit/debit card (“Bank Card”) data to EasyMarkit, you authorize EasyMarkit in its complete discretion to submit a financial transaction(s) to your issuing bank for settlement. You agree that once EasyMarkit has approved or declined your transaction, EasyMarkit has fully performed under the terms of this Agreement. You agree to contact EasyMarkit in the event that you desire to cancel any recurring charge, prior to the next billing cycle. Should you fail to contact EasyMarkit, you agree to indemnify and hold EasyMarkit harmless from any losses or damages that you suffer as a result of a recurring charge. EasyMarkit may be contacted at: billing@EasyMarkit.com or #201, 124 East Pender Street, Vancouver, BC V6A 1T3 or 1(855) 221-3279. If you think that there is an error on your account, including an incorrect amount or unauthorized transaction, you agree to contact EasyMarkit prior to the next billing cycle. Upon proper notification, EasyMarkit, in its sole discretion may issue a credit to your Bank Card.
12. Representations & warranties
Each party represents and warrants that it has the power and authority to enter into this Agreement. EasyMarkit represents and warrants that it will provide the Service in a manner consistent with generally accepted industry standards. Customer represents and warrants that Customer has not falsely identified itself or its corporate entity nor provided any false information to gain access to the Service and that all Bank Card and other billing information that Customer has provided is correct.
THE SERVICE IS PROVIDED “AS IS” AND “AS AVAILABLE”. EXCEPT AS EXPLICITLY SET FORTH ABOVE, EASYMARKIT IS NOT PROVIDING ANY WARRANTIES AND REPRESENTATIONS REGARDING THE SERVICE, CONTENT OR TECHNOLOGY, AND EASYMARKIT AND ITS LICENSORS, PARTNERS AND AFFILIATES DISCLAIM ALL WARRANTIES AND REPRESENTATIONS OF ANY KIND WITH REGARD TO THE SERVICE, CONTENT AND TECHNOLOGY, INCLUDING ANY IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT OF THIRD PARTY RIGHTS, FREEDOM FROM VIRUSES OR OTHER HARMFUL CODE, OR FITNESS FOR ANY PARTICULAR PURPOSE. FURTHER, EASYMARKIT WILL NOT BE LIABLE FOR ANY DELAY, DIFFICULTY IN USE, INACCURACY OF INFORMATION, COMPUTER VIRUSES, MALICIOUS CODE OR OTHER DEFECT IN THE SERVICE, OR FOR ANY OTHER PROBLEMS EXPERIENCED BY THE CUSTOMER DUE TO CAUSES BEYOND EASYMARKIT’S CONTROL.
13. Email compliance
EasyMarkit has worked to achieve email compliance. You agree to comply with all elements of CAN-SPAM and safe sender email practices. This includes but not limited to including unsubscribe links, your full contact information in all correspondence, and not releasing private and/or confidential information. You may only use email services for those customers with which you have an existing business relationship and which have indicated that they accept correspondence from you. You may not attempt to spoof sender domains, send spam or other offending email practices including those covered in Section 4 of this agreement. Because of carrier technologies, EasyMarkit makes no expressed or implied warranty of individual message receipt. EasyMarkit is not liable for any issues that arise associated with the content that you provide or unforeseen liabilities of it being delivered.
14. Text message compliance
EasyMarkit has worked to achieve carrier certification for your text message delivery. To maintain this certification, you agree to only use text message services for those customers with which you have an existing business relationship and which have indicated that they accept correspondence from you. For reliable delivery, you must adhere to message limitations including length and delivery. You may not attempt to spoof sender domains, send spam or other offending text message practices including those covered in Section 4 of this Agreement. Because of carrier technologies, EasyMarkit makes no expressed or implied warranty of individual message receipt. Standard text message rates apply for all text message services. EasyMarkit is not liable for any issues that arise associated with the content that you provide or unforeseen liabilities of it being delivered.
15. Governing law; venue; waiver of class action.
This Agreement will be interpreted, construed, and enforced in all respects in accordance with the laws of the Province of British Columbia, without reference to its choice of law principles to the contrary. The Customer will not commence or prosecute any action, suit, proceeding or claim arising under or by reason of this Agreement other than in the provincial or federal courts located in Vancouver, British Columbia. The Customer irrevocably consents to the jurisdiction and venue of the courts identified in the preceding sentence in connection with any action, suit, proceeding, or claim arising under or by reason of this Agreement. To the extent permitted by applicable law, each party agrees that it will not bring or participate in any class action against the other party or its partners or affiliates relating to this Agreement or the Services, and each party hereby waives any rights to bring such claims.
If any provision of this Agreement is found to be invalid or unenforceable, then the remainder of this Agreement will have full force and effect, and the invalid provision will be modified, or partially enforced, to the maximum extent permitted to effectuate the original objective. This Agreement constitutes the entire agreement between the parties with respect to the subject matter hereof and merges and supersedes all prior agreements, understandings, negotiations, and discussions. Neither of the parties will be bound by any conditions, definitions, warranties, understandings, or representations with respect to the subject matter hereof other than as expressly provided herein. Failure by either party to enforce any term of this Agreement will not be deemed a waiver of future enforcement of that or any other term in this Agreement or any other agreement that may be in place between the parties. The section headings contained in this Agreement are for reference purposes only and will not affect in any way the meaning or interpretation of this Agreement. This Agreement is not intended to confer any right or benefit on any third party, and no action may be commenced or prosecuted against a party by any third party claiming as a third-party beneficiary of this Agreement or any of the transactions contemplated by this Agreement. No oral explanation or oral information by either party hereto will alter the meaning or interpretation of this Agreement. No amendments or modifications will be effective unless in a writing signed by authorized representatives of both parties.
17. Business associate addendum
17.1 Status of the parties.
The parties hereby acknowledge and agree that Customer is a covered entity (Covered Entity) and that EasyMarkit is a business associate of Covered Entity under the HIPAA Privacy Regulations, the HIPAA Security Regulations and the HITECH Standards, defined below.
17.2 Privacy and confidentiality.
The parties acknowledge that in carrying out its obligations under the Agreement, EasyMarkit and its subcontractors, employees, affiliates, agents, or representatives may have reason to access, use, create, maintain or transmit PHI, as defined below, for or on behalf of Covered Entity. Certain PHI may be transmitted by or maintained in electronic media as Electronic PHI. Both parties agree to comply with any applicable federal, provincial or state law governing the privacy and security of the PHI and Electronic PHI including, without limitation, the HIPAA Privacy Regulations, HIPAA Security Regulations, and the HITECH Standards, each as defined below.
a. “Breach” shall mean the acquisition, access, use, or disclosure of Protected Health Information in a manner not permitted under 45 C.F.R. Part 164, Subpart E (the HIPAA Privacy Rule) which compromises the security or privacy of the Protected Health Information. “Breach” shall not include:
(1) Any unintentional acquisition, access, or use of Protected Health Information by a workforce member or person acting under the authority of the Covered Entity or EasyMarkit, if such acquisition, access, or use was made in good faith and within the scope of authority and does not result in further use or disclosure in a manner not permitted under the HIPAA Privacy Rule; or
(2) Any inadvertent disclosure by a person who is authorized to access Protected Health Information at the Covered Entity or EasyMarkit to another person authorized to access Protected Health Information at the Covered Entity or EasyMarkit, respectively, or organized health care arrangement in which the Covered Entity participates, and the information received as a result of such disclosure is not further used or disclosed in a manner not permitted under the HIPAA Privacy Rule; or
(3) A disclosure of Protected Health Information where the Covered Entity or EasyMarkit has a good faith belief that an unauthorized person to whom the disclosure was made would not reasonably have been able to retain such information.
b. “Electronic Protected Health Information” or “Electronic PHI” means Protected Health Information that is transmitted by or maintained in electronic media as defined in the HIPAA Security Regulations.
c. “HIPAA” means the Health Insurance Portability and Accountability Act of 1996, Public Law 104-191.
d. “HIPAA Privacy Regulations” means the regulations promulgated under HIPAA by the United States Department of Health and Human Services to protect the privacy of Protected Health Information, including, but not limited to, 45 C.F.R. Part 160 and 45 C.F.R. Part 164, Subpart A and Subpart E.
e. “HIPAA Security Regulations” means the regulations promulgated under HIPAA by the United States Department of Health and Human Services to protect the security of Electronic Protected Health Information, including, but not limited to, 45 C.F.R. Part 160 and 45 C.F.R. Part 164, Subpart A and Subpart C.
f. “HITECH Standards” means the privacy, security and security breach notification provisions applicable to a Business Associate under Subtitle D of the Health Information Technology for Economic and Clinical Health Act (“HITECH), which is Title XIII of the American Recovery and Reinvestment Act of 2009 (Public Law 111-5), and any regulations promulgated thereunder.
g. “Individually Identifiable Health Information” means information that is a subset of health information, including demographic information collected from an individual, that is;
(1) created or received by a health care provider, health plan, employer, or health care clearinghouse; and
(2) relates to the past, present, or future physical or mental health or condition of an individual; the provision of health care to an individual; or the past, present, or future payment for the provision of health care to an individual; and
(a) that identifies the individual; or
(b) with respect to which there is a reasonable basis to believe the information can be used to identify the individual.
h. “Protected Health Information” or “PHI” means Individually Identifiable Health Information transmitted or maintained in any form or medium that (i) is received by EasyMarkit from Covered Entity, (ii) EasyMarkit creates for its own purposes from Individually Identifiable Health Information that EasyMarkit received from Covered Entity, or (iii) is created, received, transmitted or maintained by EasyMarkit on behalf of Covered Entity. Protected Health Information excludes Individually Identifiable Health Information in education records covered by
the Family Educational Rights and Privacy Act, as amended, 20 U.S.C. §1232g, records described at 20 U.S.C. §1232g(a)(4)(B)(iv), and employment records held by the Covered Entity in its role as employer.
i. “Security Incident” means the attempted or successful unauthorized access, use, disclosure, modification, or destruction of information or interference with system operations in an information system.
j. Any terms capitalized, but not otherwise defined, in this Addendum shall have the same meaning as those terms have under HIPAA, the HIPAA Privacy Regulations, the HIPAA Security Regulations, and the HITECH Standards.
a. Use or Disclosure. EasyMarkit agrees to not use or further disclose Protected Health Information other than as expressly permitted or required by this Addendum or as required by law.
b. Safeguards. EasyMarkit agrees to use appropriate safeguards to prevent any use or disclosure of the Protected Health Information other than uses and disclosures expressly provided for by this Addendum. EasyMarkit further agrees to use appropriate administrative, physical and technical safeguards to protect the confidentiality, integrity and availability of any Electronic Protected Health Information in accordance with the HIPAA Security Regulations.
c. Mitigation. EasyMarkit agrees to mitigate, to the extent practicable, any harmful effect that is known to EasyMarkit of a use or disclosure of Protected Health Information by EasyMarkit in violation of the requirements of this Addendum.
d. Reporting. EasyMarkit agrees to report to Covered Entity any use or disclosure of Protected Health Information in violation of this Addendum by EasyMarkit or by a third party to which EasyMarkit disclosed Protected Health Information pursuant to Section 3.e of this Addendum (Subcontractors and Agents), of which it becomes aware, in the time and manner reasonably designated by Covered Entity. EasyMarkit further agrees to report to Covered Entity any Security Incident of which it becomes aware. In addition, EasyMarkit shall report to Covered Entity any Breach consistent with the regulations promulgated under HITECH by the United States Department of Health and Human Services at 45 C.F.R. Part 164, Subpart D.
e. Subcontractors and Agents. EasyMarkit agrees to ensure that any agent, including a subcontractor, to whom it provides Protected Health Information received from, or created or received by EasyMarkit on behalf of, Covered Entity, agrees to the same restrictions and conditions that apply through this Addendum to EasyMarkit with respect to such information.
f. Access. Upon receipt of a written request by Covered Entity for access to Protected Health Information about an individual contained in a Designated Record Set, EasyMarkit shall make available to Covered Entity such Protected Health Information, in the time and manner reasonably designated by Covered Entity, for so long as such information is maintained in the Designated Record Set. In the event any individual requests access to Protected Health Information directly from EasyMarkit, EasyMarkit shall forward such request to Covered Entity in the time and manner reasonably designated by Covered Entity. Any denials of access to the Protected Health Information requested shall be the responsibility of Covered Entity.
g. Amendment. Upon receipt of a written request by or on behalf of Covered Entity for the amendment of an individual’s Protected Health Information or record contained in a Designated Record Set (for so long as the Protected Health Information is maintained in the Designated Record Set), EasyMarkit shall provide such information to Covered Entity for amendment and incorporate any such amendments in the Protected Health Information as required by 45 C.F.R. §164.526, in the time and manner reasonably designated by Covered Entity.
h. Audit and Inspection. EasyMarkit agrees to make its internal practices, books, and records, including policies and procedures and Protected Health Information, relating to the use and disclosure of Protected Health Information and the security of Electronic Protected Health Information, available to Covered Entity, or, at the request of Covered Entity, to the Secretary of Health and Human Services (the “Secretary of HHS” or any officer or employee of HHS to whom the Secretary of HHS has delegated such authority for the purposes of the Secretary of HHS determining Covered Entity’s compliance with the HIPAA Privacy Regulations and the HIPAA Security Regulations. Such information shall be made available in a time and manner designated by Covered Entity or the Secretary of HHS.
i. Documentation of Disclosures. EasyMarkit agrees to document such disclosures of Protected Health Information, and such information related to such disclosures, as would be required for Covered Entity to respond to a request by an Individual for an accounting of disclosures of Protected Health Information in accordance with 45 C.F.R. §164.528.
j. Accounting. Upon receipt of written notice by or on behalf of Covered Entity to EasyMarkit that Covered Entity has received a request for an accounting of disclosures of Protected Health Information, EasyMarkit shall make available to Covered Entity, in the time and manner reasonably designated by Covered Entity, that information collected in accordance with Section 3.i of this Addendum (Documentation of Disclosures), to permit Covered Entity to respond to the request in accordance with 45 C.F.R. §164.528.
k. Compliance with the HITECH Standards. Notwithstanding any other provision in the Agreement, no later than February 17, 2010, unless a separate effective date is specified by law or the Agreement for a particular requirement (in which case the separate effective date shall be the effective date for that particular requirement), EasyMarkit shall comply with the HITECH Standards, including, but not limited to: (i) compliance with the requirements regarding minimum necessary under HITECH § 13405(b); (ii) requests for restrictions on use or disclosure to health plans for payment or health care operations purposes when the provider has been paid out of pocket in full consistent with HITECH §13405(a); (iii) the prohibition of sale of PHI without authorization unless an exception under HITECH §13405(d) applies; (iv) the prohibition on receiving remuneration for certain communications that fall within the exceptions to the definition of marketing under 45 C.F.R. §164.501 unless permitted by the Agreement and Section 13406 of HITECH; (v) the requirements relating to the provision of access to certain information in electronic access under HITECH §13405(e); (vi) compliance with each of the Standards and Implementation Specifications of 45 C.F.R. Ё 164.308 (Administrative Safeguards), 164.310 (Physical Safeguards), 164.312 (Technical Safeguards) and 164.316 (Policies and Procedures and Documentation Requirements); and (vii) the requirements regarding accounting of certain disclosures of PHI maintained in an Electronic Health Record under HITECH §13405(c).
17.5 Permitted uses and disclosures by EasyMarkit.
a. General Use and Disclosure Provisions. Except as otherwise limited in this Addendum, EasyMarkit may use or disclose Protected Health Information in connection with its performance of the services provided under the Agreement if such use or disclosure of Protected Health Information would not violate HIPAA or the HIPAA Privacy Regulations if done by Covered Entity or such use or disclosure is expressly permitted under Section 4.b of this Addendum (Specific Use and Disclosure Provisions).
b. Specific Use and Disclosure Provisions. Except as otherwise limited in this Addendum, EasyMarkit may use and disclose Protected Health Information for the proper management and administration of EasyMarkit or to meet its legal responsibilities; provided, however, that such Protected Health Information may be disclosed for such purposes only if the disclosures are required by law or EasyMarkit obtains certain reasonable assurances from the person to whom the information is disclosed. The required reasonable assurances are that:
(1) the information will remain confidential;
(2) the information will be used or further disclosed only as required by law or for the purpose for which the information was disclosed to the person; and
(3) the person will notify EasyMarkit of any instances of which it is aware in which the confidentiality of the information has been breached.
17.6 Obligations of covered entity.
Covered Entity shall not request EasyMarkit to use or disclose Protected Health Information in any manner that would not be permissible under the HIPAA Privacy Regulations if done by Covered Entity or that is not otherwise expressly permitted under Section 4 of this Addendum (Permitted Uses and Disclosures by EasyMarkit).
17.7 Term and termination.
a. Term. This Addendum shall be effective as of the date of the execution of the Agreement and shall continue until the Agreement expires or terminates or this Addendum is sooner terminated in accordance with the provisions of Section 6.b (Termination for Cause) or 7.b (Amendment) hereof, whichever shall first occur.
b. Termination for Cause. Upon Covered Entity’s knowledge of a material breach by EasyMarkit, Covered Entity may, in its sole discretion, either (1) provide EasyMarkit with notice of and an opportunity to cure such breach and then terminate this Addendum if EasyMarkit does not cure the breach within the time period specified by Covered Entity, or (2) terminate this Addendum immediately. In the event that termination of this Addendum is not feasible, EasyMarkit acknowledges that Covered Entity has the right to report the breach to the Secretary of HHS.
On or after February 17, 2010, upon EasyMarkit’s knowledge of a material breach by the Covered Entity of this Addendum, EasyMarkit may, in its sole discretion, either (1) provide Covered Entity with notice of and an opportunity to cure such breach and then terminate this Addendum if Covered Entity does not cure the breach within the time period specified by EasyMarkit, or (2) terminate this Addendum immediately. In the event that termination of this Addendum is not feasible, Covered Entity acknowledges and agrees that EasyMarkit has the right to report the breach to the Secretary of HHS.
c. Effect of termination.
(1) Subject to the following paragraph, upon termination of this Addendum for any reason, EasyMarkit shall return or destroy all Protected Health Information received from Covered Entity, or created or received by EasyMarkit on behalf of Covered Entity. This provision shall also apply to Protected Health Information that is in the possession of subcontractors or agents of EasyMarkit. EasyMarkit shall retain no copies of the Protected Health Information.
(2) Notwithstanding the foregoing, if EasyMarkit determines that returning or destroying the Protected Health Information is not feasible, EasyMarkit shall provide Covered Entity notice of the conditions that make return or destruction not feasible. EasyMarkit shall extend the protections of this Addendum to such Protected Health Information and limit further uses and disclosures of such Protected Health Information to those purposes that make the return or destruction not feasible, for so long as EasyMarkit maintains such Protected Health Information.
a. Regulatory References. A reference in this Addendum to a section in HIPAA, the HIPAA Privacy Regulations or the HIPAA Security Regulations, or the HITECH Standards means the section as in effect or as amended from time to time, and for which compliance is required.
b. Amendment. Covered Entity and EasyMarkit agree that amendment of this Addendum may be required to ensure that Covered Entity and EasyMarkit comply with changes in state and federal laws and regulations relating to the privacy, security and confidentiality of Protected Health Information, including, but not limited to, changes under the HIPAA Privacy Regulations, the HIPAA Security Regulations and the HITECH Standards. EasyMarkit agrees that Covered Entity may terminate this Addendum upon thirty (30) days written notice in the event that EasyMarkit does not promptly enter into such amendment.
c. Survival. The respective rights and obligations of EasyMarkit under Section 6.c of this Addendum (Effect of Termination) shall survive the termination of this Addendum.
d. Interpretation. Any ambiguity in this Addendum shall be resolved in favor of a meaning that permits Covered Entity to comply with applicable law protecting the privacy, security and confidentiality of Protected Health Information, including, but not limited to, HIPAA, the HIPAA Privacy Regulations, the HIPAA Security Regulations and the HITECH Standards.
e. State Law. Nothing in this Addendum shall be construed to require EasyMarkit to use or disclose Protected Health Information without a written authorization from an individual who is a subject of the Protected Health Information, or written authorization from any other person, where such authorization would be required under state law for such use or disclosure.
f. No Third Party Beneficiaries. Nothing express or implied in this Addendum is intended or shall be deemed to confer upon any person other than Covered Entity, EasyMarkit, and their respective successors and assigns, any rights, obligations, remedies or liabilities.
g. Primacy. To the extent that any provisions of this Addendum conflict with the provisions of any other agreement or understanding between the parties, including without limitation the Agreement, this Addendum shall control with respect to the subject matter of this Addendum.