MASTER SERVICES AGREEMENT
Exhibit 10.21
This Master Services Agreement (the “Agreement”) is entered into as of 11/20/2023 (“Effective Date”), by and between Best Computer Systems, Inc., an Illinois corporation, d/b/a BestRx Pharmacy Software which has its principal place of business at 0000 Xxxxxxxxxxx Xx, Xxxxx 000X, Xxx Xxxxx, XX 00000 (“Company”) and DelivMeds having its principal place of business at 0000 Xxxxxxxx Xxxx Xxxxx 000, Xxxxx, XX 00000 ,(“Pharmacy”). This Agreement consists of the Agreement below and any Addenda (as defined below) executed by the parties, including any attachments to such Addenda.
The parties previously entered into agreements for services and have agreed to update the terms of the relationship through this Agreement. All non-conflicting terms of the previous agreement shall remain in full force and effect. In the event of a conflict between the terms of the previous agreement and this Agreement, this Agreement shall control. The parties agree that Company will provide Pharmacy with certain technology products and/or services and that, in turn, Pharmacy will compensate Company as set forth herein. Therefore, in consideration of the covenants, agreements and promises set forth below, and for other good and valuable consideration, the receipt and sufficiency of which is hereby acknowledged, the parties, intending to be legally bound, hereby agree as set forth in the pages that follow.
AGREEMENT
| 1. | DEFINITIONS. Capitalized terms not otherwise defined in this Agreement shall have the meanings below: |
| 1.1. | “Add-On Software” means any complementary software components or service(s) that Company makes available to Pharmacy. | |
| 1.2. | “Addendum” means a writing addressing a specific set of products or Services executed by each party. An Addendum may be a Statement of Work or another writing the parties intend to be incorporated by reference into this Agreement. | |
| 1.3. | “Deliverable” means Software, a report, or other work product created pursuant to a Statement of Work or other Addendum. | |
| 1.4. | “Documentation” means user guides, operating manuals, and specifications regarding the Software covered by this Agreement. | |
| 1.5. | “Estimate” refers to an Addendum or Exhibit in which Pharmacy has ordered Services or one or more Deliverables from Company, provided that Company may accept or reject any such Estimate in its sole discretion. | |
| 1.6. | “Pharmacy Data” means data in electronic form managed or stored by Pharmacy, which is entered into, imported to, or transmitted through the Software, including but not limited to PHI. | |
| 1.7. | “Intellectual Property” means trade secrets, trademarks, copyrightable subject matter, patents, and patent applications and other proprietary information, activities, and any ideas, concepts, innovations, inventions, and designs. | |
| 1.8. | “Protected Health Information” or “PHI” shall have the meaning set forth in HIPAA. All references herein to PHI shall be construed to include electronic PHI, or ePHI, as that term is defined by HIPAA. | |
| 1.9. | “Services” shall collectively refer to Software, point of sale system access, or other services which Company agrees to provide to Pharmacy under this Agreement or any applicable Estimate. |
| Page 1 |
| 1.10. | “Software” means any software program, computer programs, programming or modules specified in each Estimate or to which Company provides Pharmacy with access, including but not limited to any pharmacy management software, any mobile applications, any cloud data access or software functionality, or any customer portal access of any kind. For the avoidance of doubt, Add-on Software shall be considered part of the Software. | |
| 1.11. | “User” means any individual who uses the Software on Pharmacy’s behalf or through Pharmacy’s account or passwords, whether authorized or not. |
| 2. | LICENSE TO SOFTWARE |
| 2.1. | Grant of License. During the term of this Agreement, Company grants Pharmacy a limited, non-sublicensable, nonexclusive, non-transferable license to access and use the Software, provided that Pharmacy complies with the Restrictions on Use (Section 2.2) and other limitations contained herein. | |
| 2.2. | Restrictions on Use. Except as provided in this Agreement or as otherwise authorized by Company, Pharmacy has no right to: (a) decompile, reverse engineer, disassemble, print, copy, record or display the Software or otherwise reduce the Software to a human perceivable form in whole or in part; (b) publish, release, rent, lease, loan, sell, distribute or transfer the Software to another person or entity; (c) reproduce the Software for the use or benefit of anyone other than Pharmacy; (d) alter, modify, or create derivative works based upon the Software either in whole or in part; or (e) use or permit the use of the Software for commercial time-sharing arrangements or providing service bureau, data processing, rental, or other services to any third party. The rights granted under the provisions of this Agreement do not constitute a sale of the Software. Company retains all right, title, and interest in and to all current and future versions of all Software, including without limitation all software used to provide the Software and all graphics, User interfaces, logos, and trademarks reproduced through the Software, even if provided or developed as a result of performing services related to the Software and all technology, algorithms, and data models relating thereto, except to the limited extent set forth in this Agreement. This Agreement does not grant Pharmacy any intellectual property rights in the Software or any of its components, except to the limited extent that this Agreement specifically sets forth Pharmacy’s rights to access, use, or copy the Software during the Term of this Agreement. Pharmacy recognizes that the Software and its components are protected by copyright and other laws. | |
| 2.3. | Feedback. Pharmacy may, from time to time, provide suggestions, comments, feedback, or other input to Company with respect to the Software, Company may freely use such feedback as it sees fit in perpetuity, entirely without obligation or restriction of any kind on account of intellectual property rights or otherwise. | |
| 2.4. | Third-Party Software. Software may incorporate software and other technology owned and controlled by third parties (“Third-Party Software”). All Third-Party Software falls under the scope of this Agreement. Moreover, Company neither accepts liability, nor warrants the functionality, reliability, or accuracy of Third-Party Software. Pharmacy will take all reasonable actions necessary to utilize any Third-Party Software in accordance with applicable law and policies or rules promulgated by the owners of such Third-Party Software. |
| Page 2 |
| 3. | TERM AND TERMINATION |
| 3.1. | Term. The Term will automatically renew for successive one-month periods, unless either party opts out of such renewal by providing at least thirty (30) days’ written notice before the scheduled renewal date. | |
| 3.2. | Termination for Cause. Either party may terminate this Agreement or any individual Estimate for the other party’s material breach by providing written notice. The breaching party shall have thirty (30) days from receipt to cure such breach. | |
| 3.3. | Effect of Termination. If this Agreement or any Estimate is terminated by Pharmacy prior to the expiration of its then-current term, for any reason other than Company’s breach, Pharmacy agrees to immediately remit to Company an amount equal to the expected Fees that would have become payable to Company during the remaining then-current Term. Upon termination of this Agreement or any Estimate, Pharmacy shall cease use of the Software and delete, destroy, or return all Software documentation and downloadable components in its possession, except as legally required. Termination of this Agreement is without prejudice to any other right or remedy of the parties and shall not release either party from any liability (a) which at the time of termination, has already accrued, (b) which may accrue in respect of any act or omission prior to termination, or (c) from any obligation which is intended to survive termination. In the event that the Agreement is terminated by Pharmacy after the Effective Date but prior to the full migration of Pharmacy’s data into Company’s software, Pharmacy will compensate Company for all costs incurred by Company in the process of such migration at such commercially reasonable rates as may be identified by Company, including the payment of any data conversion fees incurred by Pharmacy pursuant to this Agreement or any Estimate. | |
| 3.4. | Delivery of Data. If Pharmacy requests Pharmacy Data collected by Company in the course of providing the Services within sixty (60) days of expiration or termination of this Agreement (to the extent such Pharmacy Data is collected and retained by Company, if any), Company will provide Pharmacy access to Pharmacy Data for a commercially reasonable fee. Company is under no obligation to retain or return Pharmacy Data after expiration or termination of this Agreement. Pharmacy understands and accepts that Pharmacy Data is generally stored on-premise at the Pharmacy, and that in such case Company makes no representation that Company will retain or be able to access or deliver any portion of the Pharmacy Data at any time. |
| 4. | FEES |
| 4.1. | Fees. The fees payable by Pharmacy to Company for the Software and Services as set out in one or more applicable Estimates or sign up forms signed by the Pharmacy (collectively, the “Fees”) shall be described in the Estimates attached hereto or entered from time to time by the parties. In the event that the parties agree to additional Services, such Services may be subject to applicable agreed-upon fees as may be set forth in an applicable Estimate. This Agreement is exclusive of all taxes. Pharmacy is responsible for and will remit (or will reimburse Company upon Company’ request) all taxes of any kind, including sales, use, or value-added, related to this Agreement. Excluding income taxes relating hereto, Pharmacy shall indemnify Company for any such taxes, duties, or governmental charges paid by Company in connection with any Estimates, Addendums, and Exhibits. |
| Page 3 |
| 4.2. | Payment Method. Company shall invoice Pharmacy on a monthly basis. In addition to the Fees, invoices may also include any reasonable expenses incurred by Company that have been approved for reimbursement by Pharmacy. Pharmacy shall have fourteen (14) days after the receipt of an invoice to provide full payment, unless otherwise stated on the invoice. If Pharmacy does not object to an invoice within fourteen (14) days of receipt or in accordance with such other term as may be set forth on the invoice, then Pharmacy shall be deemed to have acknowledged the propriety of the charges set forth in such invoice. Without limiting the foregoing, in its discretion, Company may require certain installation fees or implementation fees to be paid prior to the date that the Software or Services are made available for Pharmacy use. | |
| 4.3. | Fee Adjustments. The parties agree that the fees for services in this Agreement or any Estimate may be modified by the Company upon thirty (30) days’ notice to Pharmacy. | |
| 4.4. | Failure to Pay. In the event that any fees due to Company are not timely paid in accordance with this Agreement or any applicable invoice, as the case may be, Company may, at its option, (a) suspend access to the Software and performance of the Services until such time as the failure to pay has been remedied to Company’s satisfaction, or (b) to the extent permitted by law, terminate this Agreement and all applicable Estimates, Addendums, and Exhibits hereto without requiring a further cure period. |
| 5. | SOFTWARE MANAGEMENT AND DOWNTIME |
| 5.1. | Software Management. Company shall be responsible for providing and managing the Software and providing additional Services as agreed in writing. The parties understand the Software is periodically updated and may be further developed and/or modified. | |
| 5.2. | Outages; Downtime. No credits shall be given in the event Pharmacy’s access to Software is delayed, impaired, or otherwise disrupted (collectively, an “Outage”), whether Pharmacy’s access to the Software is provided through the local installation of the software at Pharmacy’s location or provided via cloud or remote access. Company is not responsible for any Outages or downtime resulting from any hardware issues, internet outages, or other causes beyond Company’s reasonable control, including without limitation any malware, virus, or other form of malicious code that is introduced to the Software through no grossly negligent or knowingly wrongful action of Company. In the event Company determines that it is necessary to intentionally interrupt the Software or that there is a potential for the Software to be interrupted for the performance of system maintenance, upgrade, or modification (collectively, “Scheduled Downtime”), Company will use good-faith efforts to notify Pharmacy of such Scheduled Downtime at least 24 hours in advance. In no event shall Scheduled Downtime constitute a failure of performance by Company. | |
| 5.3. | Maintenance of Backups. Except to the extent otherwise explicitly agreed in writing between the parties, Company shall not be responsible for the maintenance of the Pharmacy Data or any other data relevant to the Pharmacy or its end users or the creation of any backups thereof. Unless the Pharmacy specifically contracts with Company for Company to create or maintain backups of the Pharmacy Data, then Pharmacy shall bear the sole responsibility for creating and maintaining such backups in a manner consistent with industry best practices and all applicable laws, rules, regulations, ordinances, or other orders from a public authority. To the extent that the Company grants Pharmacy access to the Pharmacy Data via cloud access or through an online portal of any kind furnished by Company, it is Pharmacy’s responsibility to maintain backups and local copies except as expressly set forth herein or otherwise agreed in writing by the parties. |
| Page 4 |
| 6. | HARDWARE |
| 6.1. | Hardware Not Supported. Pharmacy acknowledges and agrees that, with respect to its use of the Software, the purchase and installation of appropriate computer and communication equipment and the appropriate operating systems and all connectivity is the sole cost and responsibility of Pharmacy. Unless otherwise expressly agreed in writing, Company does not and will not provide hardware or hardware support for the Pharmacy. Pharmacy accepts all responsibility for providing an appropriate and compliant hardware environment for the installation, maintenance, and use of the Software. To the extent that Pharmacy requires additional hardware support, it is Pharmacy’s responsibility to acquire such support through the original manufacturer or a third party at Pharmacy’s sole expense. Company will not be responsible for troubleshooting any hardware and shall have no liability with respect to the operation of any hardware under any circumstances. | |
| 6.2. | Recommended Hardware. From time to time, Company may provide a list of recommended or approved hardware for use in conjunction with the Software on a purely advisory basis. Such recommendations or approvals are subject to change at any time. The inclusion of any hardware component on such a list reflects the Company’s good-faith belief that the hardware is compatible with the Software as it is in existence at the time the list is provided to the Pharmacy, but is not and may not be construed to be a guarantee or warranty that such hardware is or will remain compatible with the Software. Pharmacy retains the sole responsibility for maintaining an appropriate and compliant hardware environment as described in Section 6.1, above, and Company shall not be liable for any claim resulting directly or indirectly from Pharmacy’s reliance on any recommendation or approval of hardware by Company. | |
| 6.3. | Hardware Warranties. Any and all warranty claims regarding any hardware, including any hardware which Pharmacy provides pursuant to a specific Estimate as described above, are expressly disclaimed by Company, and Pharmacy’s sole recourse with respect to such hardware-related warranty claims shall be to contact the original hardware manufacturer. |
| 7. | CUSTOM DEVELOPMENTS. During the Term of this Agreement, Pharmacy may request that Company perform Services or provide or create Software other than as originally agreed between the parties. Pharmacy may request such Software or Services from Company by submitting a written request, which may be accepted or rejected by Company in Company’s sole discretion. Pharmacy may also, from time to time, request modifications or customizations to the Software. Company, in its sole discretion, shall determine whether to perform such modifications or customizations. If Company approves such a request, the parties will enter a signed binding Estimate or separate written agreement regarding such custom development, and each such signed Estimate will be subject to the terms of this Agreement, except as explicitly set forth therein. Any and all resulting modifications, customizations, Services, and Software shall remain the property of Company. |
| 8. | REPRESENTATIONS AND WARRANTIES |
| 8.1. | Due Authority. Each party’s execution and performance hereof has been duly authorized by all necessary corporate action. |
| Page 5 |
| 8.2. | Cooperation. Pharmacy agrees to reasonably and timely cooperate with Company, including but not limited to providing Company with reasonable access to its equipment, software, and data, and using current operating system(s). | |
| 8.3. | Point Person. Pharmacy shall designate a principal point of contact (“Point Person”) who will be Company’s primary liaison with Pharmacy. | |
| 8.4. | Support. During the Term, if so required by an applicable Estimate, Company shall provide appropriate support via telephone or email regarding the use of the Software. Company represents that it will use commercially reasonable efforts to resolve Pharmacy issues to the extent feasible, and that it will use commercially reasonable efforts to make support available in a timely manner; at the time of execution of this Agreement, Company provides support between the hours of 7:00 AM and 9:00 PM Central Time Monday through Friday, between 7:30 AM and 5:00 PM Central Time on Saturday, and between 7:00 AM and 3:00 PM on Sunday, but each party understands and acknowledges that such hours may be modified by Company at any time in its sole discretion, with or without notice to Pharmacy. |
| 9. | DISCLAIMER OF WARRANTIES. COMPANY HEREBY DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING, WITHOUT LIMITATION, ALL IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, PERFORMANCE, SUITABILITY, TITLE, NON-INFRINGEMENT, OR ANY IMPLIED WARRANTY ARISING FROM STATUTE, COURSE OF DEALING, COURSE OF PERFORMANCE, OR USAGE OF TRADE. WITHOUT LIMITING THE GENERALITY OF THE FOREGOING: (a) COMPANY DOES NOT REPRESENT OR WARRANT THAT THE SOFTWARE WILL PERFORM WITHOUT INTERRUPTION OR ERROR; (b) COMPANY DOES NOT REPRESENT OR WARRANT THAT THE SOFTWARE IS SECURE FROM HACKING, MALWARE, VIRUSES, OR OTHER DEFECTS OR OTHER UNAUTHORIZED INTRUSION OR THAT PHARMACY DATA WILL REMAIN PRIVATE OR SECURE; (c) COMPANY DOES NOT REPRESENT OR WARRANT THAT THE CONTENT DOES NOT INCLUDE TECHNICAL INACCURACIES OR TYPOGRAPHICAL ERRORS, THAT DEFECTS WILL BE CORRECTED, OR THAT THIS SERVICE OR THE SERVER THAT MAKES IT AVAILABLE ARE FREE OF VIRUSES OR OTHER HARMFUL COMPONENTS; AND (c) COMPANY DOES NOT REPRESENT OR WARRANT THAT ANY SERVICES WILL BE FREE FROM LOSS, ERROR, OR LIABILITY ARISING OUT OF ANY THIRD PARTY ACTION. “THIRD PARTY ACTION” REFERS TO ANY ACTION THAT IS NOT TAKEN BY COMPANY OR ITS AGENTS, SUCH AS CYBERCRIME, OR ANY ACT OR OMISSION OF THE PHARMACY, INCLUDING BUT NOT LIMITED TO FAILURE TO ENCRYPT. COMPANY MAKES NO WARRANTY OF ANY KIND THAT THE SERVICES, PRODUCTS, UPGRADES, SOFTWARE, EQUIPMENT, OR RELATED MATERIALS WILL BE COMPATIBLE WITH ANY THIRD PARTY SOFTWARES, COMPUTER SYSTEMS, OR NETWORKS, EXCEPT TO THE EXTENT EXPRESSLY SET FORTH IN THE SPECIFICATIONS AS DESCRIBED IN THIS AGREEMENT. COMPANY DOES NOT WARRANTY THIRD PARTY PRODUCTS. PHARMACY ACCEPTS THE SOFTWARE “AS-IS” AND “AS AVAILABLE.” |
| Page 6 |
| 10. | CONFIDENTIALITY |
| 10.1. | Confidential Information. “Confidential Information” refers to the following items: (a) any document marked “Confidential”; (b) any information orally designated as “Confidential” at the time of disclosure, provided the disclosing party confirms such designation in writing within five (5) business days; (c) all elements of the Software and Documentation, whether or not designated confidential; and (d) any other nonpublic, sensitive information reasonably considered a trade secret or otherwise confidential. Notwithstanding the foregoing, Confidential Information does not include information that: (i) is in the other party’s possession at the time of disclosure, other than as a result of a party’s improper action or inaction; (ii) is independently developed without use of or reference to Confidential Information; (iii) becomes known publicly, before or after disclosure, other than as a result of a party’s improper action or inaction; (iv) is approved for release in writing by the disclosing party; (v) is required to be disclosed by law; or (vi) PHI, which shall be governed by the Business Associate Agreement rather than this Section. | |
| 10.2. | Nondisclosure. The parties shall not use Confidential Information for any purpose other than to fulfill the terms of this Agreement (the “Purpose”). Each party: (a) shall ensure that its employees, agents, and contractors are bound by confidentiality obligations no less restrictive than those contained herein, and (b) shall not disclose Confidential Information to any other third party without prior written consent from the disclosing party. Without limiting the generality of the foregoing, the receiving party shall protect Confidential Information with the same degree of care it uses to protect its own confidential information of similar nature and importance, but with no less than reasonable care. A receiving party shall promptly notify the disclosing party of any misuse or misappropriation of Confidential Information of which it is aware. This Agreement does not transfer ownership of Confidential Information or grant a license thereto. | |
| 10.3. | Injunction. Pharmacy agrees that breach of this Section 10 would cause Company irreparable injury, for which monetary damages would not provide adequate compensation, and that in addition to any other remedy, Company will be entitled to injunctive relief against such breach or threatened breach, without proof of actual damage or posting a bond or other security. | |
| 10.4. | Termination & Return. With respect to each item of Confidential Information, the obligations of nondisclosure will terminate three (3) years after the date of disclosure; provided that, such obligations related to Confidential Information constituting Company’ trade secrets shall continue so long as such information remains subject to trade secret protection pursuant to applicable law. Upon termination of this Agreement, a party shall return all copies of Confidential Information to the other or certify, in writing, the destruction thereof. | |
| 10.5. | Open Records and Other Laws. Notwithstanding anything in this Section to the contrary, the parties expressly acknowledge that Confidential Information may be disclosed if such Confidential Information is required to be disclosed by law, a lawful public records request, or judicial order, provided that prior to such disclosure, written notice of such required disclosure shall be given promptly and without unreasonable delay by the receiving party in order to give the disclosing party the opportunity to object to the disclosure and/or to seek a protective order. The receiving party shall reasonably cooperate in this effort. |
| Page 7 |
| 11. | INDEMNIFICATION |
| 11.1. | Company Indemnification. Company shall defend and indemnify Pharmacy from any damages, costs, liabilities, expenses (including reasonable and actual attorney’s fees) (“Damages”) actually incurred or finally adjudicated as to any third-party claim or action alleging that the Software delivered pursuant to this Agreement infringe or misappropriate any third party’s patent, copyright, trade secret, or other intellectual property rights enforceable in the applicable jurisdiction (each an “Indemnified IP Claim”). If an Indemnified IP Claim under this Section occurs or if Company determines that an Indemnified IP Claim is likely to occur, Company shall at its option: (a) obtain a right for Pharmacy to continue using such Software; (b) modify such Software to make it a non-infringing equivalent; or (c) replace such Software with a non-infringing equivalent. If (a), (b), or (c) above are not reasonably available, either party may, at its option, terminate this Agreement and/or the relevant Estimate. Company will refund any pre-paid Fees on a pro-rata basis for the allegedly infringing Software provided. Notwithstanding the foregoing, Company shall have no obligation hereunder for any claim resulting or arising from: (x) Pharmacy’s breach of this Agreement; (y) modifications made to the Software that were not performed or provided by or on behalf of Company; or (z) the combination, operation or use by Pharmacy or anyone acting on Pharmacy’s behalf of the Software in connection with a third-party product or service (the combination of which causes the infringement). This Section 11.1 states Company’ sole obligation and liability, and Pharmacy’s sole remedy, for potential or actual intellectual property infringement by the Software. | |
| 11.2. | Pharmacy Indemnification. Pharmacy shall indemnify, defend and hold Company, its affiliates and their respective directors, officers, shareholders, employees, representatives, agents, successors and permitted assigns (“Company Indemnified Parties”) harmless from and against any and all third party claims, that arise out of or in connection with: (a) a breach or inaccuracy of any representation, warranty, or covenant made by Pharmacy in this Agreement or a material breach of this Agreement by Pharmacy; (b) any negligence, willful or reckless actions or omissions, or misconduct of Pharmacy, its affiliates or any of their respective employees, agents, or subcontractors; (c) any personal injury, including death, or damage to tangible property caused by the acts or omissions of Pharmacy, its affiliates or any of their respective employees, agents, or subcontractors, including, but not limited to, patient care acts or omissions based in whole or in part on use of the Software, or utilization of the Services by any of the foregoing persons; or (d) any misuse or misappropriation of data extracted from Software provided as part of the Services by Pharmacy or any third party other than Company. Notwithstanding the foregoing, Pharmacy shall not be liable for any third party claims to the extent caused by grossly negligent or willful acts or omissions of the Company Indemnified Parties. |
| 12. | LIMITATION OF LIABILITY |
| 12.1. | LIMITATION OF DAMAGES. UNDER NO CIRCUMSTANCES SHALL COMPANY OR PHARMACY BE LIABLE FOR ANY CONSEQUENTIAL, INDIRECT, SPECIAL, PUNITIVE, OR INCIDENTAL DAMAGES, INCLUDING CLAIMS FOR DAMAGES FOR LOST PROFITS, GOODWILL, USE OF MONEY, INTERRUPTED OR IMPAIRED USE OF THE SOFTWARE, AVAILABILITY OF DATA, STOPPAGE OF WORK, OR IMPAIRMENT OF OTHER ASSETS. |
| Page 8 |
| 12.2. | LIMITATION OF LIABILITY; EXCLUSIONS. COMPANY’S MAXIMUM AGGREGATE LIABILITY FOR ALL CLAIMS OF LIABILITY ARISING OUT OF OR IN CONNECTION WITH THIS AGREEMENT, SHALL NOT EXCEED THE FEES FOR SUPPORT AND MAINTENANCE OR OTHER SOFTWARE FEES PAID TO COMPANY (BUT EXLCUDING ANY TRANSACTIONAL FEES SUCH AS INSURANCE CLAIM SWITCH FEES, E-PRESCRIBING TRANSACTIONAL FEES, OR OTHER PASS-THROUGH COSTS PAYABLE DIRECTLY OR INDIRECTLY TO THIRD PARTIES) PAID BY PHARMACY OR ON BEHALF OF PHARMACY IN THE CASE OF A THIRD-PARTY PAYER UNDER THE APPLICABLE ESTIMATE GIVING RISE TO THE CLAIM WITHIN THE PRECEDING 12-MONTH PERIOD. COMPANY WILL USE COMMERCIALLY REASONABLE EFFORTS TO PROTECT THE SOFTWARE FROM ANY UNAUTHORIZED INTRUSIONS OR ATTACKS AND TO MITIGATE SECURITY INCIDENTS, INCLUDING BUT NOT LIMITED TO THE INTRODUCTION OF VIRUSES, WORMS, TRAP DOORS, BACK DOORS, TIMERS, CLOCKS, COUNTERS, OR OTHER LIMITING ROUTINES, INSTRUCTIONS, OR DESIGNS THAT CAUSES THE SOFTWARE TO BECOME INOPERABLE OR INCAPABLE OF FULL USE (COLLECTIVELY, “DISABLING CODE”), BUT SUCH INCIDENTS MAY NOT BE MITIGATED ENTIRELY OR RENDERED HARMLESS; COMPANY WILL NOT BE LIABLE FOR ANY UNAUTHORIZED INTRUSION, ATTACK, SECURITY INCIDENT, OR DISABLING CODE THAT OCCURS IN SPITE OF COMPANY’S COMMERCIALLY REASONABLE EFFORTS. TO THE MAXIMUM EXTENT PERMITTED BY LAW, COMPANY AND ITS PARTNERS, AFFILIATES AND SUBSIDIARIES SHALL NOT BE RESPONSIBLE FOR CLAIMS, LOSSES, DAMAGES, OR LIABILITY ARISING FROM THE FOLLOWING SOURCES: (A) ANY CYBERCRIME INCLUDING, BUT NOT LIMITED TO, ANY PASSIVE OR ACTIVE ATTACKS, MALWARE, DENIAL-OF-SERVICE ATTACKS, OR CYBER FRAUD; (B) ANY BREACH OF SECURITY OR BREACH OF THE PHARMACY’S NETWORK(S), DATABASE(S), SERVER(S) OR COMPUTER SYSTEM(S) BY A THIRD PARTY; (C) ANY LOSS OF USE OR LACK OF AVAILABILITY OF COMPUTING DEVICES, FAILED MESSAGES, OR TRANSMISSION ERRORS; (D) ANY LOSS OF OR RECOVERY OF DATA, PROGRAMS, OR LOSS OF USE OF COMPUTER SYSTEM(S) OR NETWORK(S); (E) ANY EVENT CONSTITUTING NONPERFORMANCE BY COMPANY; (F) ANY FAILURE BY PHARMACY TO IMPLEMENT ANY RECOMMENDED UPGRADE, ENHANCEMENT, OR MODIFICATION; (G) ANY FAILURE OR SHORTCOMING OF ANY KIND OF ANY THIRD-PARTY SOFTWARE INCORPORATED INTO THE SERVICES OR SOFTWARE PROVIDED TO PHARMACY HEREUNDER; AND (H) ANY EVENT OCCURRING AFTER THE COMPLETION OR TERMINATION OF THIS AGREEMENT. PHARMACY AND USERS ARE ENTIRELY AND SOLELY RESPONSIBLE FOR MAINTAINING THE CONFIDENTIALITY OF ANY LOGINS, PASSWORDS, AND ANY OTHER PERSONAL INFORMATION (COLLECTIVELY, THE “ACCOUNT ACCESS INFORMATION”). PHARMACY IS ENTIRELY RESPONSIBLE FOR ANY AND ALL ACTIVITIES THAT OCCUR IN CONNECTION WITH ACCOUNT ACCESS INFORMATION. PHARMACY FURTHER AGREES THAT IT MAY BE HELD LIABLE FOR LOSSES INCURRED BY COMPANY OR ANY THIRD PARTY DUE TO A THIRD PARTY’S USE OF PHARMACY’S ACCOUNT ACCESS INFORMATION. |
| Page 9 |
| 12.3. | PROFESSIONAL JUDGMENT. ULTIMATE RESPONSIBILITY FOR ANY DECISION RELATED TO PATIENT CARE REMAINS SOLELY THE RESPONSIBILITY OF PHARMACY. UNDER NO CIRCUMSTANCES IS COMPANY RESPONSIBLE OR LIABLE FOR ANY PERSONAL BODILY INJURY, UP TO AND INCLUDING DEATH, OF ANY PATIENT CAUSED DIRECTLY OR INDIRECTLY BY PHARMACY’S USE OF THE SERVICES. COMPANY IS NOT RESPONSIBLE FOR ANY MISHANDLING, MISUSE, OR UNAUTHORIZED REPRODUCTION OF ANY DATA EXTRACTED FROM SOFTWARE PROVIDED TO PHARMACY EXCEPT AS EXPRESSLY PROVIDED IN THIS AGREEMENT. FURTHERMORE, COMPANY IS NOT RESPONSIBLE FOR ANY TYPE OF DATA BREACH OR RELEASE OF ANY PERSONAL AND CONFIDENTIAL INFORMATION OBTAINED THROUGH THE USE OF THE SOFTWARE EXCEPT AS REQUIRED BY APPLICABLE LAW. COMPANY MAKES NO REPRESENTATIONS NOR BEARS ANY RESPONSIBILITY FOR ANY INTERPRETATION OR COMMUNICATION OF ANY DATA EXTRACTED FROM THE SOFTWARE PROVIDED TO PHARMACY OR RECEIVED AS PART OF THE SERVICES. PHARMACY IS SOLELY RESPONSIBLE FOR ANY AND ALL PROFESSIONAL MALPRACTICE CLAIMS OR SIMILAR CAUSES OF ACTION, AND EXPRESSLY RELEASES COMPANY FROM ANY LIABILITY WITH RESPECT TO ANY SUCH CLAIM. TO THE MAXIMUM EXTENT PERMITTED BY LAW, PHARMACY HEREBY WAIVES ANY AND ALL RIGHTS TO FUTURE CLAIMS AGAINST COMPANY BASED ON ANY CAUSE OF ACTION OR THEORY RELATED TO HARM TO ANY OF PHARMACY’S PATIENTS. THIS LIMITATION OF LIABILITY CANNOT BE WAIVED AND IS BASED ON AND INCLUDES ANY AND ALL DAMAGES THAT MAY ARISE UNDER ANY LEGAL THEORY, INCLUDING THEORIES BASED IN CONTRACT, TORT (INCLUDING NEGLIGENCE) OR STRICT LIABILITY. | |
| 12.4. | THE FOREGOING LIMITATIONS, EXCLUSIONS, AND DISCLAIMERS SHALL APPLY REGARDLESS OF WHETHER THE CLAIM FOR SUCH DAMAGES IS BASED IN CONTRACT, WARRANTY, STRICT LIABILITY, NEGLIGENCE, TORT OR OTHERWISE. INSOFAR AS APPLICABLE LAW PROHIBITS ANY LIMITATION HEREIN, THE PARTIES AGREE THAT SUCH LIMITATION SHALL BE AUTOMATICALLY MODIFIED, BUT ONLY TO THE EXTENT SO AS TO MAKE THE LIMITATION PERMITTED TO THE FULLEST EXTENT POSSIBLE UNDER SUCH LAW. THE PARTIES AGREE THAT THE LIMITATIONS SET FORTH HEREIN ARE AGREED ALLOCATIONS OF RISK CONSTITUTING IN PART THE CONSIDERATION FOR COMPANY’ SOFTWARE AND SERVICES, AND SUCH LIMITATIONS WILL APPLY NOTWITHSTANDING THE FAILURE OF THE ESSENTIAL PURPOSES OF ANY LIMITED REMEDY AND EVEN IF A PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH LIABILITIES. | |
| 12.5. | THIS SECTION 12 SHALL SURVIVE EXPIRATION OR TERMINATION OF THE AGREEMENT. |
| 13. | INTELLECTUAL PROPERTY, DATA, & PRIVACY |
| 13.1. | Access to Necessary Data; Certain Disclosures. Pharmacy shall timely provide Company with access to its patient record systems, claims data, Pharmacy Data, and such other systems as Company shall reasonably request in order to perform the Services. Pharmacy agrees that Company shall have the right, from time to time, to extract and analyze PHI from Pharmacy’s patient record system, claims data, other patient data storage systems, and other Pharmacy Data in the course of providing the Services. |
| Page 10 |
| 13.2. | Ownership of Intellectual Property. Company owns all right, title and interest in and to the Software, including all copyrights, patents, trade secret rights, trademarks, and other intellectual property rights in the Software. Pharmacy will not copy, reproduce, republish, upload, post, transmit, export, or distribute in any way any material, data, or other information from or about the Software, except as specifically provided in this Agreement, without prior written approval from Company. Pharmacy acknowledges and consents to the fact that Company utilizes certain third-party data feeds that include PHI, and that by entering this Agreement, Pharmacy consents to enrollment in such feeds, including without limitation data feeds maintained by IQVIA, Symphony Health, and Surescripts Medication History; if, at any time, the Pharmacy determines it wishes to not send data to any of these entities, Pharmacy must provide a written opt-out notification to Company. Pharmacy covenants that Pharmacy will only supply, and authorize any applicable third parties to supply, PHI that Pharmacy has the right to supply for the purposes set forth in this Agreement. Company does not claim any ownership right in PHI, although Company will have the right to utilize the PHI as permitted by the Business Associate Agreement set forth in Exhibit A and this Agreement. Pharmacy hereby grants Company a nonexclusive royalty free license to use Pharmacy Data, including PHI, for any and all legally permissible purposes, including but not limited to the creation of de-identified data in accordance with 45 CFR § 164.514(a)-(c) (“De-Identified Data”) or legally permissible disclosures of information which is or which contains PHI to parties with which Company has entered a business associate agreement. Company alone shall hold all right, title, and interest to all proprietary and intellectual property rights of the Deliverables (including, without limitation, patents, trade secrets, copyrights, and trademarks), as well as title to any copy of software made by or for Pharmacy (if applicable). Pharmacy hereby explicitly acknowledges and agrees that nothing in this Agreement or a separate Estimate gives the Pharmacy any right, title, or interest to the intellectual property or proprietary know-how in or incorporated into the Deliverables, and that no Deliverable shall be characterized as a work made for hire. Notwithstanding any provision herein, to the maximum extent permitted by applicable law, Company may, without restriction, use, reproduce, license, or otherwise exploit data provided to Company by Pharmacy in any manner and to the maximum extent permitted by applicable law, including the sharing, licensing, reproduction, or other form of transmission permitted by applicable law of information which is or which contains PHI received from the Pharmacy to any party which is party to a business associate agreement or comparable agreement with Company. Further, to the extent that data received from, regarding, or pertaining to the Pharmacy does not contain PHI, then Company shall have the right to share such data with third parties without restriction. “Anonymized Data” means any aggregate information, analysis, rule, projection, statistic or similar summary or conclusion that Company has obtained through processing or analysis of any Software data or PHI (but excluding the original PHI); provided that Anonymized Data shall be rendered anonymous in such a way that the data subject is no longer identifiable. Pharmacy obtains no ownership right, title or interest from Company in or to De-Identified Data and/or Anonymized Data. Nothing herein shall restrict, to the extent permitted by law, Company’s right to share demographic information or other population-level data with any of its vendors or partners, nor to share information which is or which contains PHI to the extent permitted by law with a vendor or partner who is party to a business associate agreement or comparable agreement with Company. | |
| 13.3. | Third-Party Software. Software may incorporate software and other technology owned and controlled by third parties (“Third-Party Software”). All Third-Party Software falls under the scope of this Agreement. Moreover, Company neither accepts liability, nor warrants the functionality, reliability, or accuracy of Third-Party Software. Pharmacy will take all reasonable actions necessary to utilize any Third-Party Software in accordance with applicable law and policies or rules promulgated by the owners of such Third-Party Software. |
| Page 11 |
| 13.4. | Risk of Exposure. Pharmacy recognizes and agrees that hosting data online involves risks of unauthorized disclosure and that, in accessing and using the Software, Pharmacy assumes such risks. Pharmacy has sole responsibility for obtaining, maintaining, and securing its connections to the Internet. Company makes no representations to Pharmacy regarding the reliability, performance or security of any network or provider. Company makes no representations to Pharmacy regarding the potential for introduction of any Disabling Code to the Software or to Pharmacy’s systems. Pharmacy shall institute security measures necessary to safeguard any remote access to the Software from unauthorized access by persons other than its authorized users. Pharmacy shall notify Company immediately and assist Company in remedying any instance of unauthorized access to, or use of, the Software. Company makes no representations regarding the reliability, performance, or security of any network or provider. |
| 14. | COMPLIANCE PROVISIONS |
| 14.1. | Compliance with Laws. Both parties shall comply with and give all notices required by all applicable federal, state, and local laws, ordinances, rules, regulations, and lawful orders of any public authority bearing on the performance of this Agreement. Without limiting the generality of the foregoing, Pharmacy represents and warrants that it will utilize the Software and any other resource owned by or provided by the Company, including without limitation any Software or any service allowing for the transmission or receipt of text messages, emails, or other written communication, in a manner that is fully consistent with all applicable telecommunications and healthcare privacy laws, ordinances, rules, and regulations of any public authority. | |
| 14.2. | HIPAA; Business Associate Addendum. Both parties agree to conduct their activities in compliance with the Health Insurance Portability and Accountability Act of 1996, including 45 CFR Parts 160 and 164 (“HIPAA”), and agree not to use or further disclose any Protected Health Information concerning a patient other than as permitted by this Agreement and the requirements of the federal privacy regulations as contained in 45 CFR Parts 160 and 164 (the “Federal Privacy Regulations”) and the federal security standards as contained in 45 CFR Parts 160 and 164 (the “Federal Security Regulations”). Both parties will implement appropriate safeguards to prevent the use or disclosure of a patient’s Protected Health Information other than as provided for by this Agreement. Each party will promptly report to the other party any use or disclosure of a patient’s Protected Health Information not provided for by this Agreement of which each party becomes aware. In the event a party subcontracts for services under this Agreement, each shall include provisions in such agreements whereby the subcontractor and agent agree to the same restrictions and conditions that apply to the parties with respect to such patient’s Protected Health Information. Both parties will make their internal practices, books, and records relating to the use and disclosure of a patient’s Protected Health Information available to the Secretary of Health and Human Services to the extent required for determining compliance with the Federal Privacy Regulations and the Federal Security Regulations. Notwithstanding the foregoing, no attorney-client, accountant-client, or other legal privilege shall be deemed waived by the parties by virtue of this Section. The parties agree to the terms of the Business Associate Addendum attached hereto as Exhibit A and incorporated herein by reference. |
| 15. | PHI ACCURACY & COMPLETENESS |
| 15.1. | Company provides the Software to allow Pharmacy (and its respective Users) to document, import, review, interpret, and disclose Pharmacy Data, and as such, Company gives no representations or guarantees about the accuracy or completeness of Pharmacy Data (including PHI) entered, uploaded, or disclosed through the Software by Pharmacy. This includes, but is not limited to, Pharmacy data used to populate the Pharmacy’s database in the Software at the outset of this Agreement. |
| Page 12 |
| 15.2. | Pharmacy is solely responsible for any decisions or actions taken involving patient care or patient care management, whether or not those decisions or actions were made or taken using information received through the Software or based in whole or in part on Reporting Services or Interpretive Services provided under this Agreement. |
| 16. | MISCELLANEOUS |
| 16.1. | Independent Contractors. The parties are independent contractors. Neither party is the agent of the other, and neither may make commitments on the other’s behalf. | |
| 16.2. | Notices. Notices provided under this Agreement must be in writing and delivered by (a) certified mail, return receipt requested to a party’s principal place of business as forth in the recitals on page 1 of this Agreement, (b) hand delivered, (c) facsimile with receipt of a “Transmission Confirmed” acknowledgment, (d) e-mail, or (e) delivery by a reputable overnight carrier service. In the case of delivery by facsimile or e-mail, the notice must be followed by a copy of the notice being delivered by a means provided in (a), (b) or (e). The notice will be deemed given on the day the notice is received. | |
| 16.3. | Merger Clause. In entering into this Agreement, neither party is relying upon any representations or statements of the other that are not fully expressed in this Agreement; rather each party is relying on its own judgment and due diligence and expressly disclaims reliance upon any representations or statement not expressly set forth in this Agreement. In the event the Pharmacy issues a purchase order, letter, or any other document addressing the Software or Services to be provided and performed pursuant to this Agreement, it is hereby specifically agreed and understood that any such writing is for the Pharmacy’s internal purposes only, and that any terms, provisions, and conditions contained therein shall in no way modify this Agreement. This Agreement will not be construed against any party by reason of its preparation. To the extent permitted by applicable law, the parties hereby waive any provision of law that would render any clause of this Agreement invalid or otherwise unenforceable in any respect. If a provision of this Agreement is held to be invalid or otherwise unenforceable, such provision will be interpreted to fulfill its intended purpose to the maximum extent permitted by applicable law, and the remaining provisions of this Agreement will continue in full force and effect. This Agreement may not be amended except through a written agreement signed by authorized representatives of each party. | |
| 16.4. | Assignment & Successors. Pharmacy may not assign, subcontract, delegate, or otherwise transfer this Agreement or any of its rights or obligations hereunder, nor may it contract with third parties to perform any of its obligations hereunder except as contemplated in this Agreement, without the Company’s prior written consent. Company may assign, subcontract, delegate, or otherwise transfer this Agreement or any of its rights or obligations hereunder, or may contract with third parties to perform any of its obligations hereunder, by providing notice to, but without the need for consent from, Pharmacy. Either party may, without the prior consent of the other, assign all its rights under this Agreement to (i) a purchaser of all or substantially all assets related to this Agreement, or (ii) a third party participating in a merger, acquisition, sale of assets, or other corporate reorganization in which either party is participating (collectively, a “Change in Control”); provided however, that the non-assigning party is given notice of the Change in Control, and that in the event the Change of Control occurs with respect to the Pharmacy, the Pharmacy will cause a true and accurate copy of this Agreement and all Exhibits and Addenda hereto to be delivered to the assignee. |
| Page 13 |
| 16.5. | Marketing. Pharmacy hereby grants Company a license to include Pharmacy’s primary logo in any Pharmacy list or press release announcing this Agreement. | |
| 16.6. | RelayHealth Amendment. If the applicable Estimates to be performed pursuant to this Agreement include services from NDCHealth Corporation or its affiliates (“RelayHealth”), Pharmacy will sign an addendum incorporating certain additional terms in the form set forth in a separate agreement. | |
| 16.7. | Xxxxxx & Breach; Survival. Neither party will be deemed to have waived any of its rights under this Agreement unless it is an explicit written waiver made by an authorized representative. No waiver of a breach of this Agreement will constitute a waiver of any other breach of this Agreement. Unless otherwise stated, all of Company’s and Pharmacy’s respective obligations, representations and warranties under this Agreement which are not, by the expressed terms of this Agreement, fully to be performed while this Agreement is in effect shall survive the termination of this Agreement. | |
| 16.8. | Choice of Law and Venue. This Agreement, any related Addenda, and any CLAIM, DISPUTE, OR CONTROVERSY (WHETHER IN CONTRACT, TORT, OR OTHERWISE, INCLUDING STATUTORY, CONSUMER PROTECTION, COMMON LAW, INTENTIONAL TORT, AND EQUITABLE CLAIMS) BETWEEN PHARMACY AND COMPANY, including their affiliates, contractors, and agents, and each of their respective employees, directors, and officers (a “Dispute”) will be governed by the laws of the State of Illinois without regard to conflicts of law. In any Dispute, each party will bear its own attorneys’ fees and costs and expressly waives any statutory right to attorneys’ fees. The parties agree that any Dispute shall be brought exclusively in the state or federal courts located in DuPage County, Illinois. The parties agree to submit to the personal jurisdiction of such courts. | |
| 16.9. | Dispute Limitations and Resolution. The parties agree to waive, to the maximum extent permitted by law, any right to a jury trial with respect to any Dispute. NEITHER PARTY SHALL BE ENTITLED TO JOIN OR CONSOLIDATE CLAIMS BY OR AGAINST THE OTHER PARTY, OR PURSUE ANY CLAIM AS A REPRESENTATIVE OR CLASS ACTION OR IN A PRIVATE ATTORNEY GENERAL CAPACITY. Neither party shall be liable for any claim brought more than two (2) years after the cause of action for such claim first arose. Pharmacy and Company will attempt to resolve any Dispute through negotiation or by utilizing a mediator agreed to by the parties, rather than through litigation. Negotiations and mediations will be treated as confidential. If the parties are unable to reach a resolution within thirty (30) days of notice of the Dispute to the other party, the parties may pursue all other courses of action available at law or in equity. | |
| 16.10. | Order of Precedence. In the event of any conflict between this Agreement, Addenda or other attachments incorporated herein, the following order of precedence will govern: (1) the applicable Estimate, with most recent Estimate taking precedence over earlier ones; this Agreement; (2) this Agreement; (3) any Business Associate Agreement; and (4) any Company policy posted online or embedded in the Software, including without limitation its privacy policy. No amendments incorporated into this Agreement after execution of the Agreement will amend such Agreement unless it states its intent to do so. |
| 16.11. | Counterparts; Signatures. This Agreement may be executed in one or more counterparts. Each counterpart will be an original, and all such counterparts will constitute one instrument. Electronic signatures on this Agreement or on any Addendum (or copies of signatures sent via electronic means) are the equivalent of handwritten signatures. |
| Page 14 |
IN WITNESS WHEREOF, the parties have executed this Agreement as of the Effective Date.
| Best Computer Systems, Inc. | Pharmacy | |||
| Pharmacy Name: | Delivmeds | |||
| Sign: |  |
Sign: | /s/ Xx. Xxxxxxx Xxxxxx, PharmD, BCGP | |
| Name: | Xxxxx Xxxxx | Name: | Xx. Xxxxxxx Xxxxxx, PharmD, BCGP | |
| Title: | Vice President | Title: | Executive Vice President | |
| Page 15 |
EXHIBIT A
BUSINESS ASSOCIATE AGREEMENT
This Business Associate Agreement (“Agreement”) is made effective as of 11/20/2023, by and Between _______________________(“Covered Entity”), located at DelivMeds 0000 Xxxxxxxx Xxxx Xxxxx 000, Xxxxx, XX 00000 and Best Computer Systems, Inc. d/b/a BestRx Pharmacy Software (“Business Associate”), of 0000 Xxxxxxxxxxx Xx, Xxx 000X, Xxx Xxxxx, Xxxxxxxx 00000 (collectively, the “Parties”).
WHEREAS, Business Associate, in connection with its services, may maintain, transmit, create or receive data for or from Covered Entity that constitutes Protected Health Information (“PHI”); WHEREAS, Covered Entity is or may be subject to the requirements of the Federal Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), the Health Information Technology for Economic and Clinical Health Act (“HITECH”), and related regulations; WHEREAS, with respect to the foregoing, Business Associate is or may be subject to the requirements of HIPAA, HITECH and related regulations;
NOW, THEREFORE, in consideration of the mutual promises and covenants contained herein, the Parties hereby agree as follows:
1. Definitions.
a. General. The following terms used in this Agreement shall have the same meaning as those terms in the HIPAA Rules: Breach, Data Aggregation, Designated Record Set, Disclosure, Electronic Protected Health Information, Health Care Operations, Individual, Minimum Necessary, Notice of Privacy Practices, Protected Health Information, Required by Law, Secretary, Security Incident, Subcontractor, Unsecured Protected Health Information, and Use.
b. Specific.
i. Business Associate. “Business Associate” shall generally have the same meaning as the term “business associate” at 45 CFR 160.103, and in reference to the party to this Agreement, shall mean Best Computer Systems, Inc..
. Covered Entity. “Covered Entity” shall generally have the same meaning as the term “covered entity” at 45 CFR 160.103, and in reference to the party to this Agreement, shall mean DelivMeds.
i. Electronic Health Record. “Electronic Health Record” shall have the same meaning as the term “electronic health record’ in the HITECH Act, Section 13400.
ii. HIPAA. “HIPAA” collectively refers to the HIPAA Statute, including the Privacy, Security, Breach Notification, and Enforcement Rules at 45 CFR Part 160 and Part 164, the HITECH Act, and any associated Regulations, as such may be amended from time to time.
2. Obligations and Activities of Business Associate.
a. Business Associate agrees to not use or disclose PHI other than as permitted or required by the Agreement or as required by law.
| Page 16 |
b. Business Associate agrees to use appropriate safeguards, and comply with Subpart C of 45 CFR Part 164 with respect to Electronic PHI, to prevent use or disclosure of PHI other than as provided for by the Agreement.
c. Business Associate agrees to report to Covered Entity any use or disclosure of PHI not provided for by the Agreement of which it becomes aware, including breaches of unsecured PHI as required at 45 CFR 164.410, and any security incident of which it becomes aware.
d. In accordance with 45 CFR 164.502(e)(1) and 164.308(b)(2), if applicable, Business Associate agrees to ensure that any subcontractors that create, receive, maintain, or transmit PHI on behalf of the Business Associate agree to the same restrictions, conditions, and requirements that apply to the Business Associate with respect to such information.
e. In accordance with 45 CFR 164.524, Business Associate agrees to make available PHI in a designated record set to the Covered Entity within twenty (20) days of a request by Covered Entity for access to PHI about an individual. In the event that any individual requests access to PHI directly from Business Associate, Business Associate shall forward such request to Covered Entity within twenty (20) days of receiving such request.
f. In accordance with 45 CFR 164.526, Business Associate agrees to make any amendment(s) to PHI in a designated record within twenty (20) days of a request by Covered Entity. Business Associate shall provide such information to Covered Entity for amendment and incorporate any amendments in the PHI as required by 45 CFR 164.526. In the event a request for an amendment is delivered directly to Business Associate, Business Associate shall forward such request to Covered Entity within twenty (20) days of receiving such request.
g. Except for disclosures of PHI by Business Associate that are excluded from the accounting obligation as set forth in 45 CFR 164.528 or regulations issued pursuant to HITECH, Business Associate shall record for each disclosure the information required to be recorded by Covered Entities pursuant to 45 CFR 164.528. Within twenty (20) days of notice by Covered Entity to Business Associate that it has received a request for an account of disclosures of PHI, Business Associate shall make available to Covered Entity, or if requested by Covered Entity, to the individual, the information required to be maintained pursuant to this Agreement. In the event the request for an accounting is delivered directly to Business Associate, Business Associate shall forward such request to Covered Entity within twenty (20) days of receiving such request.
h. To the extent the Business Associate is to carry out one or more of Covered Entity’s obligation(s) under Subpart E of 45 CFR Part 164, Business Associate agrees to comply with the requirements of Subpart E that apply to the Covered Entity in the performance of such obligation(s).
i. Business Associate agrees to make its internal practices, books, and records relating to the use and disclosure of PHI available to the Secretary for purposes of determining compliance with HIPAA.
3. Permitted Uses and Disclosures by Business Associate
a. Business Associate may use or disclose PHI for the following purposes: As necessary to perform the services as agreed to between the Parties, notwithstanding the restrictions on such uses and disclosures as set forth in HIPAA and this Agreement.
| Page 17 |
b. Business Associate may only de-identify PHI if permitted by Covered Entity and in any event may only de-identify PHI in accordance with 45 CFR 164.514(a)-(c).
c. Business Associate may use or disclose PHI as required by law or where Business Associate obtains reasonable assurances from the person to whom the information is disclosed that the information will remain confidential and used or further disclosed only as required by law or for the purposes for which it was disclosed to the person, and the person notifies Business Associate of any instances of which it is aware in which the confidentiality of the information has been breached.
d. Business Associate may not use or disclose PHI in a manner that would violate Subpart E of 45 CFR Part 164 if done by Covered Entity except for the specific uses and disclosures set forth herein.
4. Permissible Requests by Covered Entity
a. Except as otherwise permitted by this Agreement, Covered Entity shall not request Business Associate to use or disclose PHI in any manner that would not be permissible under Subpart E of 45 CFR Part 164 if done by Covered Entity.
5. Term and Termination
a. Term. The Term of this Agreement shall be effective as of 11/20/2023, and shall terminate on the date the business relationship, or any services agreements, between the Parties end or are terminated or on the date Covered Entity terminates for cause as authorized in paragraph (b) of this Section.
b. Termination for Cause. Business Associate authorizes termination of this Agreement by Covered Entity, if Covered Entity determines Business Associate has violated a material term of the Agreement and Business Associate has not cured the breach or ended the violation within ____20______ days written notice. If it is determined by Covered Entity that cure is not possible, Covered Entity may immediately terminate this Agreement. The termination of this Agreement shall automatically terminate the business relationship and any services agreements between the Parties.
c. Obligations of Business Associate Upon Termination. Upon termination of this Agreement, Business Associate shall either return or destroy all PHI that Business Associate still maintains in any form. Business Associate shall not retain any copies of such PHI. In the event Business Associate determines that returning or destroying the PHI is infeasible, the terms of this Agreement shall survive termination with respect to such PHI and limit further uses and disclosures of such PHI for so long as Business Associate maintains such PHI. In addition, Business Associate shall continue to use appropriate safeguards and comply with Subpart C of 45 CFR Part 164 with respect to electronic PHI to prevent use or disclosure of the PHI for as long as business associate retains the PHI.
d. Survival. The obligations of Business Associate under this Section shall survive the termination of this Agreement.
6. General Provisions.
a. This agreement sets forth the entire understanding of the Parties. Any amendments must be in writing and signed by both Parties. This Agreement shall be construed under the laws of whichever state the Covered Entity does business in, without regard to conflict of law provisions. Any ambiguity in the terms of this Agreement shall be resolved to permit compliance with HIPAA. Any references in this Agreement to a section in HIPAA means the section as in effect or as may be amended. This Agreement may be modified or amended from time to time as is necessary for compliance with the requirements of HIPAA and other applicable law. Amendments must be made in writing and signed by the Parties. The failure of either Party to enforce any provision of this Agreement shall not be construed as a waiver or limitation of that Party’s right to subsequently enforce and compel strict compliance with every provision of this Agreement. The terms of this Agreement are hereby incorporated into any service or business agreement that may be entered into between the Parties with the intent to form a business relationship. In the event of a conflict of terms between this Agreement and any such service or business agreement the terms of this Agreement shall prevail.
| Page 18 |
IN WITNESS WHEREOF, I have hereunto set my hand to this HIPAA Business Associate Agreement as of the date set forth above.
| Covered Entity | Business Associate | |
| DelivMeds | Best Computer Systems, Inc. | |
| 0000 Xxxxxxxx Xxxx Xxxxx 000 | 0000 Xxxxxxxxxxx Xx | |
| Tampa, FL 33634 | Ste 200S | |
| Oak Brook, IL 60523 |
| By: | /s/ Xx. Xxxxxxx Xxxxxx, PharmD, BCGP | By: |  | |
| Name: | Xx. Xxxxxxx Xxxxxx, PharmD, BCGP | Name: | Xxxxx Xxxxx | |
| Title: | Executive Vice President | Title: | Vice President | |
| Date: | 11/20/2023 |
| Page 19 |
This page intentionally left blank.
| Page 20 |
