License Terms healow No Show

Terms and Conditions

1. Definitions

a. “Confidential Information” means all technical, business, and other information of one party (the “Disclosing Party”) disclosed to or obtained by the other party (the “Receiving Party”) in connection with this Agreement (including the pricing, terms and conditions of this Agreement) whether prior to, on or after the date of this Agreement, that derives economic value, actual or potential, from not being generally known to others, including, without limitation, any technical or non-technical data, designs, methods, techniques, drawings, processes, products, inventions, improvements, methods or plans of operation, research and development, business plans and financial information of the Disclosing Party.

b. “Documentation” means the user and technical manuals and other documentation provided or made available to Customer describing the Service features, functionalities, requirements and specifications.

c. “Effective Date” is the date of the last signature below.

d. "healow No-Show Prediction Algorithm" is an algorithm that predicts the probability of a patient not showing up for an appointment based on historical scheduling data provided by Customer and generates a list of appointments that are a probable no shows.

e. “Hosting” means the hosting service that will be provided by healow. The healow Hosting Addendum is attached hereto as Exhibit A.

f. "Interface Vendor" means a third party vendor that has software with which the healow Services interface.

g. “IP Rights” means (i) rights in patents, patent applications and patentable subject matter, whether or not the subject of an application, (ii) rights in trademarks, service marks, trade names, trade dress and other designators of origin, registered or unregistered, (iii) rights in copyrightable subject matter or protectable designs, registered or unregistered, (iv) rights in software, databases and documentation, (v) trade secrets, (vi) rights in Internet domain names, uniform resource locators and e-mail addresses, (vii) rights in semiconductor topographies (mask works), registered or unregistered, (viii) know-how, and (ix) all other intellectual and industrial property rights of every kind and nature and however designated, whether arising by operation of law, contract, license or otherwise.

h. “Maintenance” includes maintaining and improving the functionality of the Services with periodic upgrades, and maintaining the functionality with period upgrades.

i. “Providers” mean those Physicians, Nurse Practitioners, Physician Assistants, Audiologists, Optometrists, Ophthalmologist, Therapists (including but not limited to: Opticians Therapists, Occupational Therapists, Physical Therapists, Music Therapist, Speech Therapists, Massage Therapists and Marriage and Family Therapists), Chiropractors, Anesthesiologists, Psychologists, Dentists, Hygienists, Licensed Social Workers, Midwife, Nutritionists, Dietitians, Counselors (including but not limited to Mental Health Counselors), Mental Health Practitioners, Neurophysiologists, Certified Registered Nurse Anesthetist (CRNA), care managers, care coordinators, Podiatrists and other individual that is employed by or under contract with Customer to provide services and/or bill within the medical field. The term Provider shall not include Customer personnel employed by or under contract with Customer as office managers, secretaries, or other administrative staff, or Nurses (other than those who provide services and/or bill), and (hereinafter referred to as “Customer Personnel”). For any category of Customer staff not identified above, healow and Customer shall agree in writing as to who is a Provider.

j. “Services” means all of the products, software, applications, and services that Customer is contracting for under this Agreement.

k. “Subscription Fee” means the ongoing fee to be paid by Customer in the Package section above.

l. “Support” includes telephone and online support of the Services.

m.“User(s)” means any individual(s) that Customer allows to use the Services.

2. Payment Terms

a. Ongoing fees:: Ongoing fees will begin upon activation of the Services and are due and payable monthly in advance via electronic funds transfer unless otherwise agreed to by healow in writing. Customer is solely responsible for adding and removing Users during the term of the Agreement.

  • i. The fees for the Services is set forth in the Agreement. The Services may contain embedded controls limiting usage beyond what Customer is contracted for. The amounts payable shall be due and payable on the date specified in this Agreement or if not specified then within thirty (30) days of receipt of invoice therefore and payment must be made in U.S. Dollars. healow will assess Customer a late payment charge on any amount which remains unpaid thirty (30) days after it is due, computed at the rate of one and one-half percent (1½%) per month or the highest allowable by law, whichever is lower, on the unpaid amount for every month the amount remains unpaid. All payments will be made without setoff, counterclaim, recourse or other defense.
  • ii. Unless otherwise specified, healow may increase the ongoing fees provided Customer receives at least sixty (60) days prior written notice of such increase. In no event will the ongoing fees (i) increase more frequently than annually, and (ii) increase more than five percent (5%) over the previous year’s fees.

b. Onetime fees:

  • i. Payment is due within thirty (30) days of the Effective Date.

c. Transactional fees:

  • i. Payment is due within thirty (30) days of receipt of invoice.

d. Taxes

  • i. Fees are exclusive of all taxes, including without limitation, sales, use, value-added or other taxes or levies on transactions made under this Agreement. Unless Customer provides a tax exemption certificate, Customer shall pay healow an amount equal to any tax healow is required to collect or pay upon the sale, license, or delivery of the Services to Customer by healow, exclusive of taxes imposed upon healow's net income.

3. General

a. License. Subject to the terms and conditions of this Agreement, healow grants and Customer accepts a nonexclusive, nontransferable, revocable license for the Users to access and use the functionality of the Services during the term of this Agreement. Use of the Services by Users are subject to the terms of this Agreement. Customer shall be liable for any breach of this Agreement by its Users.

b. Customer Modifications and Enhancements. Customer may not make any modifications or enhancements to the Services without healow’s prior written consent.

c. Proper Use of Services. The Customer acknowledges that the continued integrity of the Services and healow performance of its obligations described in this Agreement are dependent upon Customer’s use of the Services in accordance with the Documentation available to Customer and the terms and conditions of this Agreement. Customer may not attempt to sell, sublicense, lease, permit, rent or transfer in any way whatsoever the Services. Customer agrees that it will not, at any time, without the prior written consent of healow, duplicate, decompile, disassemble, or reverse engineer any software included within the Services, including without limitation the applications, or to develop functionally similar software or permit any third party to do any of the foregoing. Customer will not insert or use any bots, internet browser extensions, screen scraping, or other unauthorized automated processing within the database. Customer agrees to not grant access to any third party or allow any third party to use the Services for any purpose without the prior written consent of healow.

d. Ownership and Proprietary Rights. Healow and/or its licensor(s) retain all right, title, and interest in and to Services and any updates, changes, derivative works, enhancements, and/or modifications thereto. This Agreement does not grant Customer any IP Rights in the Services or any of its components. As between healow and Customer, healow and/or its licensor(s) are, and will be, the sole owners of (inclusive of all IP Rights therein) (i) the Services, (ii) the software, (iii) any other templates, ideas, methodologies, designs, materials, or technology developed or provided by healow.

e. Feedback. To the extent that Customer provides any comments, instructions, suggestions, information, and/or other feedback to healow regarding any Services and/or otherwise (collectively, “Feedback”), Customer hereby assigns to healow all right, title, and interest including, without limitation, all IP Rights, in and to such Feedback. All Feedback shall be considered the Confidential Information of healow.

f. Indemnity. Customer shall indemnify and hold healow and its affiliates harmless against any and all liabilities, damages, losses, or expenses (including reasonable attorneys fees) incurred by or imposed upon healow in connection with any claims, suits, actions, demands or judgments resulting from or arising out of use of the Services, including any third party claims alleging that the content Customer creates using the Services infringes the intellectual property rights of another party

g. Ownership of Customer Data. All Customer data and information that is compiled or passes through the Services and that specifically relates to patients, patient care, or physician procedures or diagnosis (collectively, the “Customer Data”), and all right, title and interest therein, is and shall remain the exclusive property of Customer. Notwithstanding the foregoing, Customer hereby grants healow a perpetual, unlimited license to use and disclose the Customer Data, in any form or format, for data benchmarking, warehousing, product development and improvement, resource utilization, and similar data analysis services; provided, however, that healow shall protect and maintain the confidentiality of all individual identifiable patient and hospital data and healow shall comply with HIPAA, as applicable, with respect to such data.

h. Protected Health Information. Use and disclosure of protected health information (“PHI”) as defined in the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) shall be subject to and in accordance with the terms of healow Business Associate Addendum, located in Exhibit B. healow and Customer agrees that this Agreement may be amended from time to time if necessary to comply with HIPAA. Customer shall be responsible for entering into any Business Associate Agreements with third parties (such as Interface Vendors) that may be necessary to permit healow to provide the Services set forth herein.

i. Customer Responsibilities. Customer is responsible for all hardware and network to be installed and set up properly with appropriate security controls prior to healow software installation. Customer is responsible for any delays due to network set up that result in rescheduling of install and training date and travel arrangements. Customer will incur any expenses involved with having to reschedule install and training dates. Customer is responsible for ensuring that its network is free of malware and any other software or hardware that would expose credit or debit card information.

j. Customer is solely responsible for obtaining all necessary patient consents to permit healow to provide the Services.

k. Software Usage Audit: If Customer utilizes the Services beyond what Customer is contracted for, Customer will be required to purchase the applicable licenses and may incur a 10% penalty on the fees. healow may conduct an audit of Customer’s use of the Services at any time to review usage. All fees assessed due to irregularities found during the audit may be retroactive to the date of the first usage.

l. Customer acknowledges that data conversion and transmission is subject to the likelihood of human and machine errors, omissions, delays and losses, including inadvertent loss of data or damage to media, that may give rise to loss or damage. healow shall not be liable for any such errors, omissions, delays, or losses. Customer is responsible for adopting reasonable measures to limit the impact of such problems, including adopting procedures to ensure the accuracy of input data; examining and confirming results prior to use; and adopting procedures to identify and correct errors and omissions, replace lost or damaged media, and reconstruct data. Customer understands and agrees that use of or connection to the Internet is inherently insecure and that connection to the Internet provides opportunity for unauthorized access by a third party to computer systems, networks, and any and all information stored therein. All information transmitted and received through the Internet is subject to unauthorized interception, diversion, corruption, loss, access, and disclosure. healow and its suppliers shall not be responsible for any adverse consequences whatsoever of Customer or any end users’ connection to or use of the Internet, and shall not be responsible for any use by Customer or any end user of an Internet connection in violation of any law, rule, or regulation or any violation of the intellectual property rights of another.

m. Customer understands and agrees that healow may use data generated by the Services for troubleshooting, machine learning, and product improvement.

n. Data Integrity. Customer represents and warrants that any data provided to healow has completed industry standard security scan and does not contain any viruses, ransomware, trojan horses, or other technological means that may disrupt, damage, or interfere with the use of healow systems, nor does said data have any corruption or vulnerabilities.  Customer shall indemnify, defend, and hold healow harmless from any claim or action to the extent that it is based on corrupted data provided by Customer for use within healow systems.

4. Support Services

a. healow shall provide support.

Technical Assistance: Availability
Online Portal 24x7

healow is not responsible for issues (including any security issues) related to Customer’s computer or electronic device or internal and external network or system.

b. Customer will receive any available upgrades, without additional fee as long as this Agreement is in effect.

c. Customer is aware that healow may run and deploy, any and all upgrades and/or patches related to a security fix and/or patient safety issue that are available on healow Cloud.

5. Warranties and Disclaimers

a. Customer warrants that:

  • i. Customer, Users and Customer’s representatives will work with healow in a professional and reasonable manner during the term of this Agreement.
  • ii. Customer represents and warrants to healow that the use of the Services by Customer or User will not violate any applicable law, rule or regulation.

b. Third Party Components. Customer acknowledges and agrees that the Services may contain or interface with third-party applications, software and/or materials and open source software (collectively, “Third-Party Software Components”) and Customer will comply with any applicable end user license agreements (“Third-Party EULAs”). NOTWITHSTANDING ANYTHING IN THIS AGREEMENT TO THE CONTRARY, ALL Third-Party Software Components ARE PROVIDED “AS IS,” WITHOUT WARRANTIES OR CONDITION OF ANY KIND, EXPRESS OR IMPLIED.

c. DISCLAIMERS. THE SERVICES ARE PROVIDED “AS IS” AND HEALOW MAKES NO OTHER EXPRESS OR IMPLIED WARRANTIES, CONDITIONS OR REPRESENTATIONS TO CUSTOMER REGARDING THE USE OF THE SERVICES, INCLUDING WITHOUT LIMITATION, REPRESENTATIONS OR WARRANTIES REGARDING THE ACCURACY OF THE SERVICES, ANY IMPLIED WARRANTY OR CONDITION OF MERCHANTABILITY, NON-INFRINGEMENT OR FITNESS FOR A PARTICULAR PURPOSE, ALL OF WHICH ARE HEREBY EXPRESSLY EXCLUDED AND DISCLAIMED.

d. LIMITATION OF LIABILITY. HEALOW LIABILITY TO CUSTOMER FOR ANY LOSSES OR DAMAGES, IN CONTRACT, TORT OR OTHERWISE, ARISING OUT OF THE SUBJECT MATTER OF THIS AGREEMENT SHALL BE LIMITED TO THOSE ACTUAL AND DIRECT DAMAGES WHICH ARE REASONABLY INCURRED BY CUSTOMER AND SHALL NOT EXCEED THE MONTHLY SUBSCRIPTION FEE PAID BY CUSTOMER WITH RESPECT TO THE SERVICES GIVING RISE TO THE LIABILITY OVER THE MONTHS IN WHICH LIABILITY OCCURRED NOT TO EXCEED TWELVE (12) MONTHS. HEALOW WILL NOT BE LIABLE FOR SPECIAL, PUNITIVE, INDIRECT, INCIDENTAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES OR LOSS OF DATA, LOST PROFITS, OR LOSS OF GOODWILL IN ANY WAY ARISING FROM OR RELATING TO THIS AGREEMENT, THE SOFTWARE, APPLICATIONS OR SERVICES, EVEN IF HEALOW HAS BEEN NOTIFIED OF THE POSSIBILITY OF SUCH DAMAGES OCCURRING.

e. No substitute for Professional Judgment. Notwithstanding anything to the contrary contained herein, Customer on behalf of itself and its Users acknowledge that the Services are intended to assist User as a tool not intended as a substitute or replacement for professional medical judgment, diagnosis, or treatment. Customer is responsible for reviewing the data suggested by the Services and confirming the accuracy of such data at the time of its use. Customer understands and agrees that artificial intelligence tools and technologies, including the Services, can make mistakes and do not always provide accurate or complete information. Anyone relying on information obtained from using the Services does so at the Customer’s own risk. Customer understands and agrees that it is solely Customer’s responsibility to review the data and determine if the content is accurate, complete, and fit for the intended purpose. healow shall have no indemnification or liability obligations related to any failure to exercise such professional judgment. In the event that the Services or any report or information generated by the Services is used in connection with any diagnosis or treatment by Customer and/or any of Customer’s employees, agents, representatives, and the like, Customer agrees to accept all responsibilities in connection therewith, including responsibility for injury, damage, and/or loss related to such diagnosis or treatment, irrespective of whether such injury, damage and/or loss results from your use of the Services.

f. Non-Solicitation. Where allowable by law, during the term of this Agreement and for one year after the termination of this Agreement, Customer agrees not to directly or indirectly offer employment to or to hire any healow employee without the prior written consent of healow.

6. Confidentiality

a. Nondisclosure. As consideration for and as a condition to a Disclosing Party furnishing any Confidential Information to a Receiving Party, each party agrees (i) to affirmatively treat as private; (ii) not to disclose to any third party unless required by law, rule, regulation or court order or by any governmental, judicial or regulatory process; and (iii) except as permitted herein, not to copy or otherwise reproduce any Confidential Information. Each party warrants that it will apply commercially reasonable safeguards to protect the Confidential Information against unlawful or otherwise unauthorized access, use, or disclosure and that it will take any other steps reasonably necessary to safeguard Confidential Information. The pricing contained herein is considered healow Confidential Information and may not be disclosed to any third party without healow’ prior written consent.

b. Permitted Use of Confidential Information. Each party agrees that it shall not use Confidential Information for any purpose other than for the use or provision of the Services hereunder, as applicable. Each party may, however, disclose Confidential Information to employees acting on that party’s behalf and third-parties approved by healow (“Authorized Representatives”) who demonstrate a need to know such information for performing tasks on behalf of that party using the Confidential Information; provided, however, that no Authorized Representative shall use or disclose the Confidential Information in any manner other than as permitted by this Agreement. Each party agrees that before disclosing any Confidential Information to an Authorized Representative, the Authorized Representative shall be informed of the confidential nature of such information and shall agree to abide by this Agreement and its standards of confidentiality.

c. Notice of Required Disclosure. In the event that a party is required by any governmental, judicial or regulatory process or by any law, rule, regulation or court order (by oral questions; interrogatories; requests for production, information, or documents; subpoena; civil investigative demand; or any other similar process) to disclose any Confidential Information supplied to it or its to Authorized Representatives in the course of these dealings, it is agreed that the party who has received such request will provide the other party that the Confidential Information concerns or relates to with prompt written notice of such request(s) so that the other party may seek an appropriate protective order and/or waive compliance with the provisions of this Agreement.

d. Return of Confidential Information. Each party agrees that it will promptly return or destroy all Confidential Information and/or all tangible materials embodying Confidential Information (in any form and including, without limitation, all summaries, copies, and excerpts of Confidential Information) following the occurrence of any event that makes the parties’ possession of the Confidential Information unnecessary or upon written request of the other party, without retaining any copy or reproductions thereof. Each party shall reasonably expunge electronic copies of such Confidential Information as is practicable and not prohibited by law. Confidential Information that cannot be returned or destroyed will be kept confidential and will continue to be subject to this Agreement for the term of this Agreement. Each party agrees that it will provide written certification of its compliance with this Section upon written request by the other party.

e. Remedies. The parties agree that the Confidential Information is of a special, unique, and extraordinary character and that disclosure or other use of such information in violation of this Agreement will cause immediate and irreparable harm. The parties agree that each party shall be entitled to seek injunctive relief to further prevent use and/or disclosure in addition to other remedies available to it in law or in equity for breach of this Agreement.

f. Notwithstanding the foregoing, nothing in this Agreement shall be construed to prohibit or restrict Customer from discussing problems and concerns with the Services with other parties in accordance with the ONC Cures Act Final Rule.

7. Term and Termination

a. Initial Term. Initial Term begins upon the Effective Date and ends twelve (12) months after the Effective Date.

b. Automatic Renewal. Upon expiration of the Initial Term, the Agreement shall automatically renew for successive one (1) year periods unless Customer or healow gives prior written notice of its intent to terminate the Agreement, at least sixty (60) days prior to the anniversary of the Effective Date.

c. Termination for Cause. healow may terminate this Agreement immediately without liability in the event that Customer (i) materially breaches the terms of this Agreement, including without limitation, sections 3 or 5(b), (ii) makes a voluntary or involuntary assignment for the benefit of creditors or enters into bankruptcy proceedings, (iii) defaults in its payments of the license fee for two successive billing periods or causes its subscription to expire, or (iv) violates any laws or regulations applicable to the Services provided under this Agreement. Customer will still be financially responsible for payment of the Services used prior to the effective date of termination.

d. Termination for Inaccuracy of Data. The accuracy of the healow No-Show Prediction Algorithm is dependent upon the data provided for analysis in the healow system. If the preliminary analysis renders a poor accuracy due to insufficient data or data not meeting the requirements for accuracy, then healow may terminate this addendum at its own discretion without cause at any time.

8. Miscellaneous

a. Assignment. This Agreement shall bind and inure to the benefit of the parties hereto and their respective heirs, successors, and assigns; provided, however, that such assignment shall not relieve either party of its obligations to the other as provided herein. Neither party may assign this Agreement in whole or in part without the prior written consent of the other party. Any attempted assignment, transfer or other conveyance in violation of the foregoing shall be null and void.

b. Force Majeure. A Force Majeure Event is an event beyond the control of a party that prevents or impedes a party from performing one or more of its contractual obligations under this Agreement, excluding Customer’s obligation to pay any amounts due, including but not limited to (i) war (whether declared or not), hostilities, invasion, act of foreign enemies, extensive military mobilization; (ii) civil war, riot, rebellion, and revolution, military or usurped power, insurrection, act of terrorism, criminal acts, sabotage, piracy, national and regional emergencies; (iii) currency and trade restriction, embargo, sanction, blockades; (iv) act of authority whether lawful or unlawful, compliance with any law or governmental order, expropriation, seizure of works, requisition, nationalization; (v) plague, epidemic, natural disaster or extreme natural event; (vi) explosion, fire, destruction of equipment, prolonged break-down of transport, telecommunication, information system, or energy; (vii) internet disruptions and cyberattacks; (viii) general labor disturbance such as boycott, strike and lock-out, go-slow, occupation of factories and premises (“Force Majeure Event”). The party claiming abatement of its obligation hereunder shall reasonably notify the other of the cause or event giving rise to such claim and shall take all reasonable steps to limit the effect and duration of such cause or event. The party invoking this clause is relieved from its duty to perform its applicable obligations under the Agreement and from any liability in damages or from any other contractual remedy for breach of contract for so long as the Force Majeure Event prevents or impedes performance by the affected party. The Agreement may be terminated by either party if the duration of the Force Majeure Event exceeds 60 days.

c. Excluded Party. Customer hereby represents and warrants that Customer and its employees, owners, directors and officers are not, and at no time have been, excluded from participation in any federally funded health care program, including, but not limited to, the Medicare and Medicaid programs (collectively, the “Governmental Program.”). Customer hereby agrees to immediately notify healow of any threatened, proposed, or actual exclusion of it or its employees, owners, directors and officers from any Governmental Program. In the event that Customer or its employees, owners, directors and officers are excluded from participation in any Governmental Program during the term of this Agreement, or if at any time after the Effective Date of this Agreement it is determined that Customer is in breach of this Section, this Agreement may, at the sole discretion of healow, terminate as of the effective date of such exclusion or breach.

d. Headings. The headings in this Agreement are for information and convenience only and shall not affect the construction thereof.

e. Entire Agreement. This Agreement sets forth the entire Agreement between healow and Customer with respect to the subject matter hereof and supersedes any contemporaneous verbal agreements or prior electronic correspondences. No modification, amendment, waiver, termination, or discharge of this Agreement or any provisions hereof shall be binding upon either party unless confirmed by written instrument signed by both parties.

f. Notices. Any notices (aside from notices from Customer to terminate this Agreement) required to be given by one party to another hereunder shall be deemed duly given when (i) sent in writing, postage prepaid, via certified or registered mail, with return receipt, , (ii) sent via email to healow at notices@healow.com, or (iii) sent via healow’s online portal. A notice from Customer to healow to terminate this Agreement shall only be deemed duly given when Customer creates a case to terminate the Agreement in healow’s online support portal. Notices sent via email or delivered via the online portal will be deemed given on the day received.

g. Governing Law. This Agreement, its validity, construction, and effect shall be governed by the laws of the Commonwealth of Massachusetts.

h. Arbitration. Any and all controversies, claims, or disputes arising out of, relating to, or connected with this Agreement or Customer’s use of the Services shall be referred to and settled by individualized arbitration administered by the American Arbitration Association ("AAA") in accordance with the provisions set forth under the AAA's Commercial Arbitration Rules and any other applicable rules and procedures ("Rules") by a panel of three arbitrators appointed in compliance with the Rules. This includes all disputes over arbitrability.

  • i. The Parties to this Agreement further acknowledge and agree that:
    1. 1. the location of the arbitration, including the location of all arbitration hearings, shall be Boston, Massachusetts;
    2. 2. the arbitral award shall address the costs and expenses of arbitration and all matters related thereto, including, the allocation of same between the parties;
    3. 3. the award of the arbitrators shall be final and binding upon the parties; and
    4. 4. the parties submit to the jurisdiction of the federal courts of Massachusetts for the purposes of ratifying any award made pursuant to arbitration proceedings conducted in accordance with this clause and/or may enforce the award through such courts.
  • ii. By using the Services, Customer expressly waives its right to pursue all controversies, claims, or disputes in court and instead must submit any such controversies, claims, or disputes to arbitration as described above.
  • iii. Any legal fees or expenses incurred by Customer during any dispute, shall be the sole responsibility of Customer.

i. Waiver Of Class And Joint Claims: Any arbitration (or, if arbitration of the action is not permitted by law, litigation) shall be solely on behalf of an individual person, and shall not be consolidated or joined with the claims of any other person or brought on behalf of a putative class unless previously agreed to in writing by both healow and Customer. This provision shall survive the termination of this Agreement, regardless of the cause of such termination.

j. Authority. Each representative signing below hereby represents that each is authorized to enter into this Agreement.

k. Counterparts. This Agreement may be executed in any number of counterparts which, when taken together, will constitute one original, and photocopy, facsimile, electronic or other copies shall have the same effect for all purposes as an ink-signed original. Each party hereto consents to be bound by electronic, photocopy or facsimile signatures of such party’s representative hereto.

l. Severability and Survivability. In the event any provision of this Agreement is held to be invalid or unenforceable, the remainder of this Agreement shall remain in full force and effect. The Sections of this Agreement that are intended to survive the expiration or termination of this Agreement shall survive, including but not limited to: 3(d), 3(e), 5(d), 5(f), 6, 8(g), 8(h), and 8(i).

m. Relationship. It is mutually understood and agreed that the relationship between the parties is that of independent contractors. Neither party is the agent, employee, or servant of the other. Nothing in this Agreement is intended to create any partnership, joint venture, lease or equity relationship, expressly or by implication between the parties.

EXHIBIT A – healow Hosting Addendum

Article 1

Hosting Services

1.1 healow Responsibilities. Subject to the terms of this Agreement, healow will: (a) make the Services using the web based software applications (“Hosted Applications”) available to Customer via the Internet based on a Cloud basis; (b) make the Documentation for the Hosted Applications available to Customer; and (c) provide to Customer a user name, password and other information required to use the Hosted Applications.

1.2 Customer Responsibilities.

(a) Customer is responsible for: (i) procuring, at its expense, the necessary environment at the Customer’s location(s) to use the Hosted Applications via the Internet, including, without limitation, all computer hardware, software and equipment, Internet access and telecommunications services (collectively, the “Customer Systems”); (ii) complying with all laws, rules and regulations related to the Customer Systems; (iii) keeping its user name and password secret and confidential, and, for any communications or transactions that are made, using the same; (iv) changing its user name and password if it believes that the same has been stolen or might otherwise be misused; (v) maintaining security of its environment that it controls; (vi) verifying identity of Users to whom it provides access to the information within the Hosted Application (vii) obligations under any third party agreements to which Customer is a party, including, without limitation, any agreement pursuant to which Customer procures the Customer Systems or any portion thereof, regardless of whether healow provides Customer with any assistance in such procurement.

(b) Customer shall bear all costs of obtaining, installing and maintaining the Customer Systems.

1.3 Definitions.

  • (a) “Services”, solely as the word is used in this EXHIBIT A – healow Hosting Addendum, shall mean the Hosting services set forth in Section 1.4 below which are subject to payment of the Hosting fees.
  • (b) “System” shall mean the server(s) on which the Website is hosted and all other equipment utilized by healow to provide the Services hereunder.
  • (c) “Website” shall mean the URL or any healow domain provided to the Customer to access the Hosted Application.
  • (d) “Documentation” means the user and technical manuals and other documentation provided or made available to Customer describing the Hosted Applications’ features, functionalities, requirements and specifications.

1.4 Services to be provided.

  • (a) healow shall provide all hosting-related maintenance including, back-ups, server maintenance and trouble-shooting.
  • (b) Network Connectivity. healow shall provide the Website with connection to the Internet for approximately twenty-four (24) hours seven days a week excluding periods of time necessary for Website maintenance and Internet performance issues. healow reserves the right to have planned outages for hardware and software maintenance.
  • (c) Administration. healow shall provide regular routine and other systems administration and support services necessary to maintain the Website. healow shall provide Customer with one (1) business day of notice prior to service interruptions due to planned maintenance. Any service interruption for planned maintenance shall not exceed the time reasonably necessary to complete such maintenance.
  • (d) Security. healow shall take reasonable measures to prevent unauthorized access to the Website. In this regard, healow shall use at least the same security measures it uses to protect its own proprietary information. For security and administrative reasons only, the hosted application support and maintenance team will have access to all files on the server. healow is not responsible if Customer makes changes to default security settings which allow access to Customer Data.

1.5 Acceptable use policy.

  • (a) Acceptable Use Policy. Customer shall use the Hosted Applications only for lawful purposes, in compliance with all applicable laws. Customer shall be responsible for all use of the Hosted Applications by its Users, regardless of whether such use is known to or authorized by Customer. The Hosted Applications are provided for use in conformance with the terms and conditions of this Agreement. healow reserves the right to investigate suspected violations of this Agreement. If healow becomes aware of possible violations, healow may initiate an investigation including gathering information from Customer and examination of material on healow’ servers. During the investigation, healow, in its sole discretion, may suspend access to the Website, Hosted Application, and/or remove the Website content and other material from healow’ servers. If healow determines, in its sole discretion, that a violation of this Agreement has occurred, it may take responsive action, including, without limitation, permanent removal of the Website content, or any portion thereof, from healow’ servers, issuance of warnings to Customer or the suspension or termination of this Agreement to Customer.
  • (b) Passwords. Customer is responsible for maintaining the confidentiality of any password(s) and access codes used to access the Hosted Applications and Website, and is fully responsible for all activities that occur under those password(s) and access codes. Customer agrees to notify healow immediately of any unauthorized use of its password(s). Customer shall be solely responsible for the security of its passwords. Continued failure by Customer to maintain password security may result in the suspension or termination of Services.

System Security. Customer shall be prohibited from using the Services to compromise the security of the Services, the System, the Website, Hosted Application, or any other website on the Internet. Customer use or distribution of tools designed for compromising security is strictly prohibited, including, without limitation, password guessing programs, cracking tools, penetration and vulnerability scans or network probing tools. If Customer is involved in violations of security, healow reserves the right to release identification information of Customer to systems administrators at other websites in order to assist them in resolving security incidents. healow shall also fully cooperate with law enforcement authorities in investigating suspected lawbreakers.

1.6 System Monitoring. healow reserves the right to monitor the System electronically from time to time and to access and disclose any information as permitted or required by any law or regulation, to operate its System properly, or to protect itself or other Customers, provided that, healow shall provide Customer prior notice of any such disclosure. healow shall fully cooperate with law enforcement authorities in investigating suspected violators. It is not healow’ intention that the Services, System or healow’ facilities be used in contravention of the Communications Decency Act of 1996, 47 U.S.C. Section 223, or any other applicable law. Customer shall indemnify and defend healow for any claims, suits, losses or actions against healow arising from, related to or in connection with any violation by Customer of the Communications Decency Act.

1. 7 Warranty of Content. In addition to the warranties set forth in the Agreement, the parties to this Agreement warrant that they shall not use on the Website any content or other intellectual property that: (i) infringes on the intellectual property rights or any rights of publicity or privacy of any third party; (ii) violates any law, statute, ordinance or regulation (including, without limitation, laws and regulations governing export control, unfair competition, antidiscrimination or false advertising); (iii) is defamatory, libelous, unlawfully threatening or unlawfully harassing; (iv) is obscene, child pornographic or harmful to minors; or (v) contains any viruses, Trojan horses, worms, time bombs, bots or other computer programming including routines that interfere with, are intended to damage, surreptitiously intercept or expropriate any system, data or personal information or healow infrastructure. Violations of this Section not only constitute a material breach of the Agreement and trigger immediate termination by a party not in breach, but may also subject such party to criminal and/or civil liability.

Article 2

Compliance with Laws.

2.1 Compliance with Laws

  • (a) The parties shall comply with all applicable laws and regulations concerning security and privacy with respect to their obligations under this Agreement, including, without limitation, the Health Insurance Portability and Accountability Act of 1996 and all regulations promulgated there under (“HIPAA”).

Article 3

Service Levels

1. Availability

A. Uptime

healow agrees that the Hosted Applications will be available 99.9% of the time during the hours of 5:00 AM to 12:00 AM local time of the data center, seven (7) days per week (the “Up-Time Commitment”). The Up-Time Commitment will be measured monthly.

B. Exclusions

Calculation of the Up-Time Commitment shall exclude unavailability of the Hosted Applications caused by any of the following:

  • i. Scheduled, announced downtime for maintenance; provided, however, that such downtime shall not exceed two (2) hours, per event, unless the parties mutually agree otherwise; healow has a daily maintenance windows from 1AM-3AM local standard time of the data center;
  • ii. Failures in the Internet that are outside healow’ control;
  • iii. Hardware, communication lines or application problems (e.g., Internet, ISDN, DSL, etc.) of Customer that prevent/disrupt access; or
  • iv. Failures by Customer to comply with the healow’ specifications outlined in the Documentation for the Hosted Applications.

C. Broadband Requirements

  • (a) It is Customer’s responsibility to provide internet service provider (ISP). healow uses Transport Layer Security (TLS) connectivity to healow’ collocation facility with bandwidth to support application services selected by Customer for performance and usability.
  • (b) The healow Service Levels above are based on healow hardware requirements.

EXHIBIT B – Business Associate Addendum

This Business Associate Addendum (“Addendum”) is entered into by and between healow, LLC, a Massachusetts limited liability company, (“healow”) and Customer as an integrated part of that certain Software License and Support Agreement (“Agreement”) entered into contemporaneously with this Addendum between healow and Customer, and sets forth in writing certain understandings and procedures governing healow’s use of protected health information as that term is defined under the Health Insurance Portability and Accountability Act of 1996, the Health Information Technology for Economic and Clinical Health Act, and any regulations adopted under those laws by the United States Department of Health and Human Services and as those regulations may be amended from time to time.

1. Definitions

  • a. Catch-all definition: The following terms used in this Addendum (whether or not capitalized) shall have the same meaning as those terms in the HIPAA Rules: Breach, Data Aggregation, Designated Record Set, Disclosure, Health Care Operations, Individual, Minimum Necessary, Notice of Privacy Practices, Protected Health Information, Required By Law, Secretary, Subcontractor, Unsecured Protected Health Information, and Use.
  • b. Specific definitions:
    • i. healow. “healow” shall generally have the same role as a “business associate” under 45 C.F.R. § 160.103, and in reference to the party to this Addendum shall refer to the entity defined as healow above.
    • ii. Customer. “Customer” shall generally have the same meaning as the term “covered entity” at 45 C.F.R. § 160.103, and in reference to the party to this Addendum, shall refer to the entity defined as Customer above.
    • iii. HIPAA Rules. “HIPAA Rules” shall mean the Privacy, Security, Breach Notification, and Enforcement Rules at 45 C.F.R. Part 160 and Part 164.
    • iv. Successful Security Incident. "Successful Security Incident" shall mean a security incident that results in the unauthorized access, use, disclosure, modification, or destruction of Protected Health Information.
    • v. Unsuccessful Security Incident. “Unsuccessful Security Incident” shall mean a security incident that does not result in unauthorized access, use, disclosure, modification, or destruction of PHI (including, for example, and not for limitation, pings on Business Associate’s firewall, port scans, attempts to log onto a system or enter a database with an invalid password or username, denial-of-service attacks that do not result in the system being taken off-line, or malware such as worms or viruses).

2. Obligations and Activities of healow

a. healow agrees to:

  • i. Not use or disclose Protected Health Information other than as permitted or required by this Addendum or as required by law;
  • ii. Use appropriate safeguards, and comply with Subpart C of 45 C.F.R. Part 164 with respect to electronic Protected Health Information, to prevent use or disclosure of Protected Health Information other than as provided for by this Addendum;
  • iii. Report to Customer in writing any use or disclosure of Protected Health Information not permitted under this Addendum of which healow becomes aware, including breaches of Unsecured Protected Health Information as required at 45 C.F.R. § 164.410 and any Successful Security Incident, within ten (10) business days of any Breach or Successful Security Incident. The Parties acknowledge and agree that this Section constitutes notice by Business Associate to Covered Entity of the ongoing existence and occurrence of Unsuccessful Security Incidents;
  • iv. In making any written report under Section 2(a)(iii) of this Addendum, abide by any reasonable written breach notification procedures actually received by healow from Customer;
  • v. In accordance with 45 C.F.R. §§ 164.502(e)(1)(ii) and 164.308(b)(2), if applicable, ensure that any subcontractors that create, receive, maintain, or transmit Protected Health Information on behalf of healow agree to the substantially same restrictions, conditions, and requirements that apply to healow with respect to such information;
  • vi. Make available Protected Health Information in a Designated Record Set to Customer as necessary to satisfy Customer’s obligations under 45 C.F.R. § 164.524 within thirty (30) business days of receipt of such request. Customer agrees to maintain and properly store a copy of all Protected Health Information used by or disclosed to healow;
  • vii. Make any amendment(s) to Protected Health Information in a Designated Record Set as directed or agreed to by Customer pursuant to 45 C.F.R. § 164.526, or take other measures as necessary to satisfy Customer’s obligations under 45 C.F.R. § 164.526;
  • viii. Maintain and make available the information required to provide an accounting of disclosures to the Customer as necessary to satisfy Customer’s obligations under 45 C.F.R. § 164.528 by providing such information within thirty (30) business days of receipt of such request;
  • ix. To the extent healow is to carry out one or more of Customer’s obligation(s) under Subpart E of 45 C.F.R. Part 164, comply with the requirements of Subpart E that apply to Customer in the performance of such obligation(s); and
  • x. Make its internal practices, books, and records available to the Secretary for purposes of determining compliance with the HIPAA Rules.

3.Permitted Uses and Disclosures by healow

  • a. healow may use or disclose Protected Health Information as necessary to perform the services set forth in the Addendum or under any other agreement now or hereinafter in place between Customer and healow. healow is also authorized to use Protected Health Information to aggregate data or de-identify the information in accordance with 45 C.F.R. § 164.514(a)–(c). healow may use aggregated data or de-identified information for the purpose of testing or maintaining its software, product development and improvement, or for any other purpose permitted by law. healow may disclose aggregated data or de-identified information to affiliates and third party vendors used by Customer for the purpose of providing services to Customer and for the purpose of product improvement.
  • b. healow may use or disclose Protected Health Information as required by law.
  • c. healow will, to the extent practicable, use and disclosure Protected Health Information consistent with minimum necessary standards in order to carry out the intended purpose of the use or disclosure.
  • d. healow may not use or disclose Protected Health Information in a manner that would violate Subpart E of 45 C.F.R. Part 164 if done by Customer except for the specific uses and disclosures set forth below.
  • e. healow may use or disclose Protected Health Information for its proper management and administration or to carry out the healow’s legal responsibilities.
  • f. healow may use Protected Health Information to report violations of law to appropriate federal and state authorities, consistent with 45 CFR 164.502(j)(1).

4. Provisions for Customer to Inform healow of Privacy Practices and Restrictions

  • a. Customer shall notify healow of any limitation(s) in Customer’s notice of privacy practices under 45 C.F.R. § 164.520, to the extent that such limitation may affect healow’s use or disclosure of Protected Health Information.
  • b. Customer shall notify healow of any changes in, or revocation of, the permission by an individual to use or disclose his or her Protected Health Information, to the extent that such changes may affect healow’s use or disclosure of Protected Health Information.
  • c. Customer shall notify healow of any restriction on the use or disclosure of Protected Health Information that Customer has agreed to or is required to abide by under 45 C.F.R. § 164.522, to the extent that such restriction may affect healow’s use or disclosure of Protected Health Information.

5. Permissible Requests by Customer

  • a. Customer shall not request healow to use or disclose Protected Health Information in any manner that would not be permissible under Subpart E of 45 C.F.R. Part 164 if done by Customer, except that healow may use or disclose Protected Health Information as described above.

6. Term and Termination

  • a. Term. The Term of this Addendum shall be effective as of the Effective Date, and shall continue according to the terms of the Agreement or on the date Customer terminates for cause as authorized in paragraph (b) of this Section, whichever is sooner.
  • b. Termination for Cause. healow authorizes termination of this Addendum by Customer, if Customer determines healow has violated a material term of this Addendum and healow has not cured the breach or ended the violation within thirty (30) business days after written notice from Customer of the violation and associated term of this Addendum.
  • c. Obligations of healow Upon Termination. Upon termination of this Addendum for any reason, healow, with respect to Protected Health Information received from Customer, or created, maintained, or received by healow on behalf of Customer, shall:
    • i. Retain only that Protected Health Information which is necessary for healow to continue its proper management and administration or to carry out its legal responsibilities;
    • ii. Return to Customer or destroy the remaining Protected Health Information that healow still maintains in any form;
    • iii. Continue to use appropriate safeguards and comply with Subpart C of 45 C.F.R. Part 164 with respect to electronic Protected Health Information to prevent use or disclosure of the Protected Health Information, other than as provided for in this Section, for as long as healow retains the Protected Health Information;
    • iv. Not use or disclose the Protected Health Information retained by healow other than for the purposes for which such Protected Health Information was retained and subject to the same conditions set out at Section 3(e) of this Addendum; and
    • v. Return to Customer or destroy the Protected Health Information retained by healow when it is no longer needed by healow for its proper management and administration or to carry out its legal responsibilities.
    • vi. In the event healow determines that returning or destroying the Protected Health Information is infeasible, healow shall continue to extend the protections to such Protected Health Information as required by the HIPAA Rules and limit further use and disclosure for so long as healow retains such Protected Health Information.
  • d. Survival. The obligations of healow under this Section shall survive the termination of this Addendum.

7. Miscellaneous

  • a. healow Contact Information. Please report any incidents involving PHI to privacy@healow.com.
  • b. Regulatory References. A reference in this Addendum to a section in the HIPAA Rules means the section as in effect or as amended.
  • c. Amendment. Customer and healow mutually agree that healow may amend this Addendum from time to time as is necessary for compliance with the requirements of the HIPAA Rules and any other applicable law.
  • d. Interpretation. Any ambiguity in this Addendum shall be interpreted to permit compliance with the HIPAA Rules.
  • e. Governing Law. This Addendum will be governed by the laws of the United States of America and by the laws of the Commonwealth of Massachusetts. The parties irrevocably consent to the exclusive personal jurisdiction of the federal and state courts located in Massachusetts, as applicable, for any matter arising out of or relating to this Addendum without regard to any choice of law principles, except that in actions seeking to enforce any order or any judgment of such federal or state courts located in Massachusetts, such personal jurisdiction will be nonexclusive.
  • f. Execution. Each representative signing below hereby represents that each is authorized to enter into this Addendum.
  • g. Complete Agreement. This Addendum constitutes the final, complete and exclusive Addendum between the Parties with respect to its subject matter and supersedes all past and contemporaneous agreements, promises, and understandings, whether oral or written. This Addendum may not be amended or modified except by a writing signed by both Parties and identified as an amendment to this Addendum.
  • h. Counterparts. This Addendum may be executed in any number of counterparts which, when taken together, will constitute one original, and photocopy, facsimile, electronic or other copies shall have the same effect for all purposes as an ink-signed original. Each Party hereto consents to be bound by electronic, photocopy or facsimile signatures of such Party’s representative hereto.
  • i. Severability. In the event any provision of this Addendum is held to be invalid or unenforceable, the remainder of this Addendum shall remain in full force and effect.
  • j. Relationship. It is mutually understood and agreed that the relationship between the Parties is that of independent contractors. Neither Party is the agent, employee, or servant of the other. Nothing in this Addendum is intended to create any partnership, joint venture, lease or equity relationship, expressly or by implication between the Parties.