Email: info@CANportal.org
Email: info@CANportal.org
These Terms of Service constitute a legally binding agreement made between you, whether personally or on behalf of an entity (“you”) and the Coordinated Assistance Network ("CAN") concerning your access to canportal.org, which also includes any other media form, media channel, mobile website or mobile application related, linked, or otherwise connected thereto (collectively, the “Site”). CAN has set forth below a Series of Access and use Terms ("SATS"). Compliance with and acceptance of the SATS are required in order for you to have access to and use of the Site. We have also included below CAN's agent for receipt of notice regarding copyright claims and other communication regarding the Site. IF YOU DO NOT AGREE WITH OR DO NOT ACCEPT ANY OF THE SATS, YOU MUST IMMEDIATELY EXIT THE SITE AND REFRAIN FROM FURTHER ACCESS.
CAN reserves the right, at its sole discretion, to change,
modify, add or remove all or any portion of the Site or the
SATS. Changes to the SATS shall be immediately effective
when posted.
Supplemental terms and conditions or documents that may be
posted on the Site from time to time are hereby expressly
incorporated herein by reference. CAN reserves the right, in
its sole discretion, to make changes or modifications to
these Terms of Service at any time and for any reason. CAN
will alert you by sending notice to your registered email
address about any changes. It is your responsibility to
review this email and these supplemental or amended Terms of
Service to stay informed of updates. You will be subject to
and will be deemed to have been made aware of and to have
accepted, the changes in any revised Terms of Service by
your continued use of the Site after the date such revised
Terms of Service are emailed to you.
Events may arise that result in disruption or
discontinuation of access to the Site, removal of specific
Site Contents or corruption of Site Code. Therefore, CAN
reserves the right, without liability to: (1) discontinue
provision of access to the Site to any and all users without
notice; and (2) remove or modify any Site Content.
Your access to the Site and compliance with all policies and terms of service provide a limited, terminable license to view the Site contents and engage its interactive features. All information contained on the Site, such as text, graphics, logos, button icons, images, audio clips and the like are copyrighted by and proprietary to CAN, and may not be copied, reproduced, transmitted, displayed, performed, distributed, sublicensed, altered, stored for subsequent use or otherwise used in whole or in part in any manner without the prior written consent of CAN, except that the user may make such temporary copies in a single computer's RAM and hard drive cache as are necessary to browse the Site. The user may also make a single copy of the content displayed on any page of the Site to be used by the user for personal and noncommercial uses which do not harm the reputation of CAN or infringe on any copyright or trademark right of CAN, provided that the user does not remove any trademarks, copyright and any other notice contained in such content. Unless expressly permitted in writing from CAN, you shall not frame, link or commercially exploit any of the Site, Site contents or Site code.
Your access to the Site and compliance with all trademarks, service marks, trade names, trade dress, copyrights, patent rights and other proprietary rights in or associated with the Site, the Site Contents, and Site Code are the property of CAN or its licensors. Site Content includes, but is not limited to, text, images, graphics, audiovisual content and audio content. Site Code means any and all underlying elements of the Site, including, but not limited to source code, object code, and other sets of statements or instructions that relate to the operation or functions of the Site.
CAN is pleased to hear from its customers and Site users. We welcome your comments. However, due to legal requirements, we cannot provide compensation for, agree to consider, or agree to keep confidential, any submission of creative ideas, disclosures of inventions, other disclosures of potentially useful information, or submission of any other content. In the Site and in the Company, all content submitted by you via the Site are provided with a paid-up, perpetual, non-exclusive license, effective everywhere, to CAN to consider, use, re-publish, modify, disclose or otherwise exploit, at its sole discretion. If any applicable law, judicial decision or regulatory requirement restricts or limits the provisions of this paragraph, CAN's liability shall not exceed the amount set forth in THE LIMITATION OF LIABILITY paragraph of these SATS.
CAN may provide from time to time, at its sole discretion,
one or more chat areas, message boards, e-mail functions,
polls, surveys, and other features for use by visitors to
the Site. Such features are referred to herein as "Visitor
Features."
CAN may, in its sole discretion, discontinue provision of
any Visitor Features to any or all Site visitors and may, in
its sole discretion, remove any content provided by a Site
visitor. Certain Visitor Features may be provided free of
charge, but others may be subject to charges. Please consult
these SATS and any instructions associated with a Visitor
Feature to determine the charges, if any, for use of or
access to particular Visitor Features.
Users of Visitor Features are bound by and must comply with
the SATS, and must agree not to do one or more of the
following:
CAN expects that all of those who use and have access to the Site will follow the SATS and otherwise conduct themselves properly. CAN is not responsible for monitoring, verifying or substantiating content or code provided by third-party users of the Site. Therefore, you agree that CAN shall not be liable for any breach of the SATS by third parties or for other injurious behavior engaged in by third parties who use or gain access to the Site.
CAN is not necessarily affiliated with sites that may be
linked to or from the Site. CAN cannot monitor or otherwise
evaluate such sites, and CAN is not responsible for any of
their contents, features, codes, underlying materials, terms
of access or privacy policies. LINKS ARE PROVIDED FOR YOUR
CONVENIENCE ONLY AND THEIR USE IS AT YOUR SOLE DISCRETION
AND RISK.
WARRANTY DISCLAIMERS, DAMAGE LIMITATION, INDEMNIFICATION THE
SITE, OPERATION OF THE SITE CODE, SITE CONTENTS (INCLUDED
BUT NOT LIMITED TO LINKED SITE CONTENTS), AS WELL AS THE
OPERATION OF AND EFFECTS OF ACCESS TO THE SITE AND LINKED
SITES, ARE PROVIDED "AS IS," AND CAN, ITS LICENSORS AND
SUPPLIERS, SPECIFICALLY DISCLAIM ANY AND ALL EXPRESS OR
IMPLIED WARRANTIES OF: (1) SUITABILITY FOR ANY PARTICULAR
PURPOSE, (2) MERCHANTABILITY (3) COMPLETENESS, (4) ACCURACY;
(5) NON-INFRINGEMENT, AND (6) FREEDOM FROM TECHNICAL ERRORS
OR UNAUTHORIZED, INJURIOUS MATTER, SUCH AS VIRUSES OR OTHER
HARMFUL COMPONENTS.
NEITHER CAN, NOR ITS LICENSORS OR SUPPLIERS, WARRANT THAT
DEFECTS IN THE CONTENTS OR OPERATIONS OF THE SITE OR LINKED
SITES WILL BE CORRECTED OR THAT ACCESS WILL NOT BE
INTERRUPTED OR DISCONTINUED.
WARRANTIES, OR ASPECTS OF THEM, THAT ARE, BY LAW, INCAPABLE
OF BEING DISCLAIMED ARE NOT DISCLAIMED.
IRRESPECTIVE OF WHETHER A CLAIM IS BASED UPON CONTRACT OR
TORT PRINCIPLES, AND IRRESPECTIVE OF WHETHER THEY HAD NOTICE
OF THE POSSIBILITY OF SUCH DAMAGES, NEITHER CAN, ITS
DIRECTORS, OFFICERS, EMPLOYEES, CONTRACTORS, LICENSORS OR
SUPPLIERS SHALL BE LIABLE FOR ANY SPECIAL, INDIRECT OR
CONSEQUENTIAL DAMAGES.
You agree to indemnify, defend and hold harmless CAN, its
directors, officers, employees, contractors, licensors and
suppliers against all losses, expenses, damages and costs,
including reasonable attorneys' fees, resulting from any
violation of the SATS by you or by others that access the
Site through your terminal or to whom you have provided
access to Site Contents. CAN reserves the option, at its own
expense, to assume the exclusive defense and control of any
matter otherwise subject to indemnification by you, in which
event you shall cooperate with CAN in asserting any
available defenses. You shall be responsible for any damages
or fines assessed due to violation of the SATS by you or
others that access the Site through your terminal or to whom
you have provided access to Site Contents.
Products and services offered through the Site may be subject to license terms and terms of sale that are in addition to, or distinct from, the SATS. Therefore, the provision and acceptance of any such product or service shall be subject to any additional or distinct terms supplied by CAN or the third-party supplier of the product or service.
You consent to any transfer, in whole or part, of CAN's terms, interests, rights, and obligations hereunder to a subsequent owner of an interest in the Site. You also consent to any transfer, in whole or part, of your agreements hereunder to a subsequent owner, if any, of an interest in the Site.
The Site is controlled by CAN from its offices within the United States of America. CAN makes no representation that the Site, the Site Contents, links, or the Site Code are appropriate for use in countries other than the United States.
If you believe that any Site Content or Site Code, including
but not limited to content provided by third parties via
Visitor Features, infringes a copyright or other proprietary
right, please forward to our Copyright Agent, Coordinated
Assistance Network at 2519 N McMullen booth Rd Suite 510
Clearwater, FL 33761, the following information:
1. Your name, address, telephone number, e-mail address and
other pertinent contact information;
2. A description of the copyrighted work or proprietary
right that you believe is infringed;
3. The URL or a description of where the allegedly
infringing content is located;
4. A statement by you, with respect to the copyright or
other proprietary right, that you have a good faith belief
that the disputed use is not authorized by either the owner
of the asserted right, by an agent of the owner, or by the
law;
5. An electronic or physical signature of the person
authorized to act on behalf of the owner of the asserted
right;
6. A statement by you, made under penalty of perjury, that
the above information in your notice is correct and that you
are the owner of the asserted right, or are authorized to
act on behalf of the owner.
These SATS, and all disputes arising from or related to
them, their interpretation, or their subject matters shall
be governed by, resolved and remedied in accordance with the
laws of the State of Florida (without resort to conflict of
law principles) as it applies to agreements entered into and
to be performed entirely within such State and to acts or
omissions occurring wholly within the State. Any claims
arising from or related to the SATS or their subject matters
shall be brought and resolved only in the appropriate State
or Federal Courts located in or closest to Tampa, Florida,
and you expressly consent to the jurisdiction and exclusive
venue of said courts. However, CAN, at its sole discretion,
can also institute or convert any action (no matter which
party initiates it) to an arbitration under the applicable
rules of the American Arbitration Association, said
arbitration to: (1) apply the choice-of-law specified above;
and (2) take place in Tampa, Florida.
If otherwise applicable hereto, the Uniform Computer
Information Transactions Act (as adopted by any State) and
the United Nations Convention for the International Sale of
Goods are hereby agreed not to be applicable to these SATS
and their subject matters. In addition, all dis-claimable or
waivable local and international provisions related to
choice of law or dispute resolution are waived or disclaimed
by you in favor of the above choice of Florida law,
jurisdiction and forms for dispute resolution.
You agree and represent that you have carefully considered
the SATS and that ambiguities, if any, shall not be enforced
against the drafter but shall be fairly read so as not to
prejudice the rights of CAN.
If any provision(s) of the SATS are deemed unenforceable in
a determination by a body with proper jurisdiction, the
Parties agree (without waiving rights of appeal) that the
unenforceable provision(s) shall be: (1) reconstituted to
approximate as closely as lawfully possible the evident
intent of the original provision(s); or (2) if option (1),
above, cannot be implemented, the unenforceable provision(s)
shall be excised from the SATS and the Parties shall
negotiate in good faith with respect to their modification.
If the Parties cannot agree to a modification, the SATS
shall be enforced, without the unenforceable provision, in a
fair manner and without undue prejudice to either Party.
These Terms of Service and SATS as well as any policies or operating rules posted by CAN on the Site or in respect to the Site constitute the entire agreement and understanding between you and CAN. CAN’s failure to exercise or enforce any right or provision of SATS or these Terms of Service shall not operate as a waiver of such right or provision. These SATS and Terms of Service operate to the fullest extent permissible by law. We may assign any or all of our rights and obligations to others at any time. We shall not be responsible or liable for any loss, damage, delay, or failure to act caused by any cause beyond our reasonable control. If any provision or part of a provision of these SATS and Terms of Service is determined to be unlawful, void, or unenforceable, that provision or part of the provision is deemed severable from these SATS or Terms of Service and does not affect the validity and enforceability of any remaining provisions. There is no joint venture, partnership, employment or agency relationship created between you and us as a result of these SATS or Terms of Service or use of the Site. You agree that these SATS and Terms of Service will not be construed against us by virtue of having drafted them. You hereby waive any and all defenses you may have based on the electronic form of these Terms of Use and the lack of signing by the parties hereto to execute these Terms of Use.
In order to resolve a complaint regarding the Site or to receive further information regarding use of the Site, please contact us at cfitz@canportal.org
In addition to all Terms of Service, a Business Associate Agreement (“BAA”) is entered into effective of accepting these SATS by and between The Coordinated Assistance Network (“Covered Entity”) and your non-profit organization (“Business Associate”)(each a “Party” and collectively, the “Parties”)
A. Covered Entity is a “Covered Entity” as that term is
defined under the Health Insurance Portability and
Accountability Act of 1996 (Public Law 104-91), as amended,
(“HIPAA”), and the regulations promulgated thereunder by the
Secretary of the U.S. Department of Health and Human
Services (“Secretary”), including, without limitation, the
regulations codified at 45 C.F.R. Parts 160 and 164 (“HIPAA
Regulations”);
B. Business Associate performs Services for or on behalf of
Covered Entity, and in performing said Services; Business
Associate creates, receives, maintains, or transmits
Protected Health Information (“PHI”);
C. The Parties intend to protect the privacy and provide for
the security of PHI Disclosed by Covered Entity to Business
Associate, or received or created by Business Associate,
when providing Services in compliance with HIPAA, the Health
Information Technology for Economic and Clinical Health Act
(Public Law 111-005) (“the HITECH Act”) and its implementing
regulations and guidance issued by the Secretary, and other
applicable state and federal laws, all as amended from time
to time; and
D. As a Covered Entity, Covered Entity is required under
HIPAA to enter into a BAA with Business Associate that meets
certain requirements with respect to the Use and Disclosure
of PHI, which are met by this BAA.
AGREEMENT In consideration of the Recitals and for other
good and valuable consideration, the receipt and adequacy of
which is hereby acknowledged, the Parties agree as follows:
The following terms shall have the meaning set forth below.
Capitalized terms used in this BAA and not otherwise defined
shall have the meanings ascribed to them in HIPAA, the HIPAA
Regulations, or the HITECH Act, as applicable.
1.1. “Breach” shall have the meaning given under 42 U.S.C. §
17921(1) and 45 C.F.R. § 164.402.
1.2. “Designated Record Set” shall have the meaning given
such term under 45 C.F.R. § 164.501.
1.3. “Disclose” and “Disclosure” mean, with respect to PHI,
the release, transfer, provision of access to, or divulging
in any other manner of PHI outside of Business Associate or
to other than members of its Workforce, as set forth in 45
C.F.R. § 160.103.
1.4. “Electronic PHI” or “e-PHI” means PHI that is
transmitted or maintained in electronic media, as set forth
in 45 C.F.R. § 160.103.
1.5. “Protected Health Information” and “PHI” mean any
information, whether oral or recorded in any form or medium,
that: (a) relates to the past, present or future physical or
mental health or condition of an individual; the provision
of health care to an individual, or the past, present or
future payment for the provision of health care to an
individual; (b) identifies the individual (or for which
there is a reasonable basis for believing that the
information can be used to identify the individual); and (c)
shall have the meaning given to such term under the Privacy
Rule, including, but not limited to, 45 C.F.R. § 160.103.
Protected Health Information includes e-PHI.
1.6. “Security Incident” shall have the meaning given to
such term under 45 C.F.R. § 164.304.
1.7. “Services” shall mean the services for or functions on
behalf of Covered Entity performed by Business Associate
pursuant to any service agreement(s) between Covered Entity
and Business Associates which may be in effect now or from
time to time (“Underlying Agreement”), or, if no such
agreement is in effect, the services or functions performed
by Business Associate that constitute a Business Associate
relationship, as set forth in 45 C.F.R. § 160.103.
1.8. “Unsecured PHI” shall have the meaning given to such
term under 42 U.S.C. § 17932(h), 45 C.F.R. § 164.402, and
guidance issued pursuant to the HITECH Act including, but
not limited to the guidance issued on April 17, 2009 and
published in 74 Federal Register 19006 (April 27, 2009) by
the Secretary
1.9. “Use” or “Uses” mean, with respect to PHI, the sharing,
employment, application, utilization, examination or
analysis of such PHI within Business Associate’s internal
operations, as set forth in 45 C.F.R. § 160.103. 1.10.
“Workforce” shall have the meaning given to such term under
45 C.F.R. § 160.103.
2.1. Permitted Uses and Disclosures of Protected Health
Information Business Associate shall not Use or Disclose PHI
other than for the purposes listed on the signature page
hereto for performing the Services, as permitted or required
by this BAA, or as Required by Law. Business Associate shall
not Use or Disclose PHI in any manner that would constitute
a violation of Subpart E of 45 C.F.R. Part 164 if so Used or
Disclosed by Covered Entity. However, Business Associate may
Use or Disclose PHI (i) for the proper management and
administration of Business Associate; (ii) to carry out the
legal responsibilities of Business Associate, provided that
with respect to any such Disclosure either: (a) the
Disclosure is Required by Law; or (b) Business Associate
obtains a written agreement from the person to whom the PHI
is to be Disclosed that such person will hold the PHI in
confidence and will not Use and further Disclose such PHI
except as Required by Law and for the purpose(s) for which
it was Disclosed by Business Associate to such person, and
that such person will notify Business Associate of any
instances of which it is aware in which the confidentiality
of the PHI has been breached; (iii) for Data Aggregation
purposes for the Health Care Operations of Covered Entity.
To the extent that Business Associate carries out one or
more of Covered Entity’s obligations under Subpart E of 45
C.F.R. Part 164, Business Associate must comply with the
requirements of Subpart E that apply to the Covered Entity
in the performance of such obligations.
2.2. Prohibited Marketing and Sale of PHI Notwithstanding
any other provision in this BAA, Business Associate shall
comply with the following requirements: (i) Business
Associate shall not Use or Disclose PHI for fundraising or
marketing purposes, except to the extent expressly
authorized or permitted by this BAA and consistent with the
requirements of 42 U.S.C. § 17936, 45 C.F.R. §§ 164.514(f),
and 164.508(a)(3)(ii), and (iii) Business Associate shall
not directly or indirectly receive remuneration in exchange
for PHI except with the prior written consent of Covered
Entity and as permitted by the HITECH Act, 42 U.S.C. §
17935(d)(2), and 45 C.F.R. § 164.502(a)(5)(ii).
2.3. Adequate Safeguards of PHI Business Associate shall
implement and maintain appropriate safeguards to prevent Use
or Disclosure of PHI other than as provided for by this BAA.
Business Associate shall reasonably and appropriately
protect the confidentially, integrity, and availability of
e-PHI that it creates, receives, maintains or transmits on
behalf of Covered Entity in compliance with Subpart C of 45
C.F.R. Part 164 to prevent Use or Disclosure of PHI other
than as provided for by this BAA.
2.4. Mitigation Business Associate agrees to mitigate, to
the extent practicable, any harmful effect that is known to
Business Associate of a Use or Disclosure of PHI by Business
Associate in violation of the requirements of this BAA.
2.5. Reporting Non-Permitted Use or Disclosure
2.5.1. Reporting Security Incidents and Non-Permitted Use or
Disclosure Business Associate shall report to Covered Entity
in writing each Security Incident or Use or Disclosure that
is made by Business Associate, members of its Workforce or
Subcontractors that is not specifically permitted by this
BAA no later than three (3) business days after becoming
aware of such Security Incident or non-permitted Use or
Disclosure, in accordance with the notice provisions set
forth herein. Business Associate shall investigate each
Security Incident or non-permitted Use or Disclosure of
Covered Entity’s PHI that it discovers to determine whether
such Security Incident or non-permitted Use or Disclosure
constitutes a reportable Breach of Unsecured PHI. Business
Associate shall document and retain records of its
investigation of any Breach, including its reports to
Covered Entity under this Section 2.5.1. Upon request of
Covered Entity, Business Associate shall furnish to Covered
Entity the documentation of its investigation and an
assessment of whether such Security Incident or
non-permitted Use or Disclosure constitutes a reportable
Breach. If such Security Incident or non-permitted Use or
Disclosure constitutes a reportable Breach of Unsecured PHI,
then Business Associate shall comply with the additional
requirements of Section 2.5.2 below.
2.5.2. Breach of Unsecured PHI If Business Associate
determines that a reportable Breach of Unsecured PHI has
occurred, Business Associate shall provide a written report
to Covered Entity without unreasonable delay but no later
than thirty (30) calendar days after discovery of the
Breach. To the extent that information is available to
Business Associate, Business Associate’s written report to
Covered Entity shall be in accordance with 45 C.F.R.
§164.410(c). Business Associate shall cooperate with Covered
Entity in meeting Covered Entity’s obligations under the
HITECH Act with respect to such Breach. Covered Entity shall
have sole control over the timing and method of providing
notification of such Breach to the affected individual(s),
the Secretary and, if applicable, the media, as required by
the HITECH Act. Business Associate shall reimburse Covered
Entity for its reasonable costs and expenses in providing
the notification, including, but not limited to, any
administrative costs associated with providing notice,
printing and mailing costs, and costs of mitigating the harm
(which may include the costs of obtaining credit monitoring
services and identity theft insurance) for affected
individuals whose PHI has or may have been compromised as a
result of the Breach.
2.6. Availability of Internal Practices, Books, and Records
to Government Business Associate agrees to make its internal
practices, books and records relating to the Use and
Disclosure of PHI received from or created or received by
the Business Associate on behalf of Covered Entity available
to the Secretary for purposes of determining Covered
Entity’s compliance with HIPAA, the HIPAA Regulations, and
the HITECH Act. Except to the extent prohibited by law,
Business Associate shall notify Covered Entity of all
requests served upon Business Associate for information or
documentation by or on behalf of the Secretary. Business
Associate agrees to provide to Covered Entity proof of its
compliance with the HIPAA Security Standards.
2.7. Access to and Amendment of Protected Health Information
To the extent that Business Associate maintains a Designated
Record Set on behalf of Covered Entity and within fifteen
(15) days of a request by Covered Entity, Business Associate
shall (a) make the PHI it maintains (or which is maintained
by its Subcontractors) in Designated Record Sets available
to Covered Entity for inspection and copying, or to an
individual to enable Covered Entity to fulfill its
obligations under 45 C.F.R. § 164.524, or (b) amend the PHI
it maintains (or which is maintained by its Subcontractors)
in Designated Record Sets to enable the Covered Entity to
fulfill its obligations under 45 C.F.R. § 164.526. Business
Associate shall not Disclose PHI to a health plan for
payment or Health Care Operations purposes if and to the
extent that Covered Entity has informed Business Associate
that the patient has requested this special restriction and
has paid out of pocket in full for the health care item or
service to which the PHI solely relates, consistent with 42
U.S.C. § 17935(a) and 42 C.F.R. § 164.522(a)(1)(vi). If
Business Associate maintains PHI in a Designated Record Set
electronically, Business Associate shall provide such
information in the electronic form and format requested by
the Covered Entity if it is readily reproducible in such
form and format, and, if not, in such other form and format
agreed to by Covered Entity to enable Covered Entity to
fulfill its obligations under 42 U.S.C. § 17935(e) and 45
C.F.R. § 164.524(c)(2). Business Associate shall notify
Covered Entity within fifteen (15) days of receipt of a
request for access to PHI.
2.8. Accounting To the extent that Business Associate
maintains a Designated Record Set on behalf of Covered
Entity, within thirty (30) days of receipt of a request from
Covered Entity or an individual for an accounting of
disclosures of PHI, Business Associate and its
Subcontractors shall make available to Covered Entity the
information required to provide an accounting of disclosures
to enable Covered Entity to fulfill its obligations under 45
C.F.R. § 164.528 and its obligations under 42 U.S.C. §
17935(c). Business Associate shall notify Covered Entity
within fifteen (15) days of receipt of a request by an
individual or other requesting party for an accounting of
disclosures of PHI.
2.9. Use of Subcontractors Business Associate shall require
each of its Subcontractors that creates, maintains,
receives, or transmits PHI on behalf of Business Associate,
to execute a Business Associate Agreement that imposes on
such Subcontractors the same restrictions, conditions, and
requirements that apply to Business Associate under this BAA
with respect to PHI.
2.10. Minimum Necessary Business Associate (and its
Subcontractors) shall, to the extent practicable, limits its
request, Use, or Disclosure of PHI to the minimum amount of
PHI necessary to accomplish the purpose of the request, Use
or Disclosure, in accordance with 42 U.S.C. § 17935(b) and
45 C.F.R. § 164.502(b)(1) or any other guidance issued
thereunder.
3.1. Term The term of this Agreement shall be effective as
of the Effective Date and shall terminate as of the date
that all of the PHI provided by Covered Entity to Business
Associate, or created or received by Business Associate on
behalf of Covered Entity, is destroyed or returned to
Covered Entity, or, if it is infeasible to return or destroy
the PHI, protections are extended to such information, in
accordance with Section 3.3, or on the date that Covered
Entity terminates for cause as authorized in Section 3.2,
whichever is sooner.
3.2. Termination for Cause Upon Covered Entity’s knowledge
of a material breach or violation of this BAA by Business
Associate, Covered Entity shall either:
a. Notify Business Associate of the breach in writing, and
provide an opportunity for Business Associate to cure the
breach or end the violation within ten (10) business days of
such notification; provided that if Business Associate fails
to cure the breach or end the violation within such time
period to the satisfaction of Covered Entity, Covered Entity
may immediately terminate this BAA upon written notice to
Business Associate; or
b. Upon written notice to Business Associate, immediately
terminate this BAA if Covered Entity determines that such
breach cannot be cured
3.3. Disposition of Protected Health Information Upon
Termination or Expiration
3.3.1. Upon termination or expiration of this BAA, Business
Associate shall either return or destroy all PHI received
from or created or received by Business Associate on behalf
of Covered Entity, that Business Associate still maintains
in any form and retain no copies of such PHI. If Covered
Entity requests that Business Associate return PHI, PHI
shall be returned in a mutually agreed upon format and
timeframe, at no additional charge to Covered Entity.
3.3.2. If return or destruction is not feasible, Business
Associate shall (a) retain only that PHI which is necessary
for Business Associate to continue its proper management and
administration or to carry out its legal responsibilities;
(b) return to Covered Entity the remaining PHI that Business
Associate still maintains in any form; (c) continue to
extend the protections of this BAA to the PHI for as long as
Business Associate retains the PHI; (d) limit further Uses
and Disclosures of such PHI to those purposes that make the
return or destruction of the PHI infeasible and subject to
the same conditions set out in Section 2.1 and 2.2 above,
which applied prior to termination; and (e) return to
Covered Entity the PHI retained by Business Associate when
it is no longer needed by Business Associate for its proper
management and administration or to carry out its legal
responsibilities.
4.1. Amendment to Comply with Law This BAA shall be deemed
amended to incorporate any mandatory obligations of Covered
Entity or Business Associate under the HITECH Act and its
implementing HIPAA Regulations. Additionally, the Parties
agree to take such action as is necessary to amend this BAA
from time to time as necessary for Covered Entity to
implement its obligations pursuant to HIPAA, the HIPAA
Regulations, or the HITECH Act.
4.2. Indemnification Business Associate hereby agrees to
indemnify and hold harmless Covered Entity, its affiliates,
and their respective officers, directors, managers, members,
shareholders, employees and agents from and against any and
all fines, penalties, damage, claims or causes of action and
expenses (including, without limitation, court costs and
attorney’s fees) arising from any violation of HIPAA the
Business Associate incurs, from violations against the HIPAA
Regulations, or the HITECH Act or from any negligence or
wrongful acts or omissions, including but not limited to
failure to perform its obligations, that results in a
violation of HIPAA, the HIPAA Regulations, or the HITECH
Act, by Business Associate or its employees, directors,
officers, subcontractors, agents or members of Business
Associate’s Workforce.
4.3. Notices Any notices required or permitted to be given
hereunder by either Party to the other shall be given in
writing: (1) by personal delivery; (2) by electronic mail or
facsimile with confirmation sent by United States first
class registered or certified mail, postage prepaid, return
receipt requested; (3) by bonded courier or by a nationally
recognized overnight delivery service; or (4) by United
States first class registered or certified mail, postage
prepaid, return receipt, in each case, addressed to a Party
on the signature page(s) to this Agreement or to such other
addresses as the Parties may request in writing by notice
given pursuant to this Section 4.3. Notices shall be deemed
received on the earliest of personal delivery; upon delivery
by electronic facsimile with confirmation from the
transmitting machine that the transmission was completed;
twenty-four (24) hours following deposit with a bonded
courier or overnight delivery service; or seventy-two (72)
hours following deposit in the U.S. mail as required herein
4.4. Relationship of Parties Business Associate is an
independent contractor and not an agent of Covered Entity
under this BAA. Business Associate has the sole right and
obligation to supervise, manage, contract, direct, procure,
perform or cause to be performed all Business Associate
obligations under this BAA.
4.5. Survival The respective rights and obligations of the
Parties under Sections 3.3 and 4.2 of this BAA shall survive
the termination of this BAA.
Applicable Law and Venue This Agreement shall be governed by
and construed in accordance with the laws of the state of
Florida (without regards to conflict of laws principles).
The Parties agree that all actions or proceedings arising in
connection with this BAA shall be tried and litigated
exclusively in the State or federal (if permitted by law and
if a Party elects to file an action in federal court) courts
located in The United States.