<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
<link href="https://fonts.googleapis.com/css2?family=Poppins:wght@200;300;400;500;600;700;800&amp;display=swap" rel="stylesheet">
<link rel="stylesheet" href="/wp-content/themes/newsite/assets/css/bootnew.css">
<style type="text/css">
	.h3, h3 {
    font-size: 1.2rem !important;
    font-weight: 600 !important;
}
</style>

<section class="">
      <div class="container mt-1 mb-5">
         <div class="section-content">
            <div class="row large-10 large-offset-1 small-12 small-offset-0 top-padding bottom-padding">
			   <div style="width: 200px; margin: 30px auto 0px;">
  <img src="/wp-content/uploads/2024/07/josh-logo.png" style="max-width:200px" alt="JOSH Terms of Use">
</div>	
               <div class="callout font-pop" style="
                  font-size: 14px;
                  line-height: 1.47059;
                  font-weight: 400;
                  letter-spacing: -.022em;
                  border-radius: 4px;
                  margin: 1.47059em auto;
                  padding: 2.23529em 8.33333% 2.11765em;
                  color: #343434;
                  ">

<style type="text/css">
ol {
  list-style-type: upper-roman;
}
 ol.nest {
        list-style-type: none;
        counter-reset: item;
        margin: 0;
        padding: 0;
      }
      ol.nest > li {
        display: table;
        counter-increment: item;
        margin-bottom: 0.6em;
      }
      ol.nest > li:before {
        content: counters(item, ".") ". ";
        display: table-cell;
        padding-right: 0.6em;
      }
     ol.nest >  li li {
        margin: 0;
      }
     ol.nest >  li li:before {
        content: counters(item, ".") " ";
      }
    
</style>
<h3>TERMS OF USE </h3>

<p>Welcome to JOSH, a product of ModuleMD LLC. These Terms of Use ("Terms") govern your access to and use of the JOSH a web application and/or a mobile application (the "Platform"). By using the Platform, you agree to these Terms of Use. If you do not agree to these Terms, do not use the Platform.  </p>

  
<p>These Platform Terms of Use (these “Terms of Use”) is a legal agreement between you and ModuleMD, LLC (“ModuleMD, LLC”, “JOSH,” “we,” “us,” or “our”). These Terms of Use specify the terms under which you may access and use our proprietary software as a service (SaaS) platform, JOSH, that is made available to you as a web application and/or a mobile application (the “Platform”).  </p>

<p>By accessing or using the Platform, YOU ACKNOWLEDGE THAT YOU HAVE READ, UNDERSTOOD, AND AGREE TO BE BOUND BY THESE TERMS. ModuleMD, LLC reserves the right, at our sole discretion, to modify, discontinue, or terminate the Platform, or to modify these Terms at any time. Your continued use of the Platform after changes are posted constitutes your acceptance of the revised Terms. IF YOU DO NOT AGREE TO ANY OF THE TERMS IN THIS AGREEMENT, PLEASE DO NOT USE THE PLATFORM.  </p>

<p>If you accept or agree to the Agreement on behalf of a company or other legal entity, you represent and warrant that you have the authority to bind that company or other legal entity to the Agreement and, in such event, “you” and “your” will refer and apply to that company or other legal entity. </p>

<h3>THE SECTION BELOW TITLED “CLASS ACTION WAIVER” CONTAIN A BINDING AGREEMENT THAT AFFECT YOUR LEGAL RIGHTS. PLEASE READ. </h3>

  
<h3>USER RESPONSIBILITY </h3><p>

</p><p>The Platform is designed to facilitate clinical documentation by allowing clinicians to dictate patient visits. The App utilizes ambient listening and large language models (LLMs) to transcribe speech into text and format it into clinical notes. The App is a tool to assist clinicians and does not replace professional judgment or the verification of clinical documentation. </p>


<ol class="pl-4">  
<li><strong>Verification: </strong>You are responsible for verifying the accuracy of the transcriptions and formatting of clinical notes generated by the Platform. We do not guarantee the accuracy or completeness of the transcriptions.  
</li><li><strong>Professional Judgment:</strong> You agree to use your professional judgment in the interpretation and application of the information provided by the Platform. You must review and verify all data before relying on it in a clinical setting.  </li>
<li><strong>Compliance with Laws:</strong> You agree to use the Platform in compliance with all applicable laws, regulations, and professional standards.  
<lil>Patient Consent: You are responsible for obtaining necessary patient and/or patient guardian consent as required by law and your clinical and business policies.  
</lil><lil>Security: We implement industry-standard security measures to protect the data input into the Platform. However, we cannot guarantee absolute security. You are responsible for ensuring the security of your device and the confidentiality of any patient information.  
</lil></li></ol>
  

<p></p><h3>RIGHT TO ACCESS AND USE THE PLATFORM </h3>

<p>Subject to the Terms of Use of this Agreement, ModuleMD, LLC hereby grants you during the Term of this Agreement a limited, non-exclusive, non-transferable, non-sublicensable, revocable right, to authorize your Authorized Users to access and use the Platform solely for your internal business purposes to evaluate the Platform. </p>

 <p>Regarding the use of the Platform, the following actions are strictly prohibited and constitute a breach of agreement: </p>

<ol class="pl-4">
<li>Any attempts to reverse engineer, decompile, disassemble, or discern the source code or interface protocols of the Platform. </li>
<li>Modification, adaptation, or translation of the Platform or its components. </li>
<li>Unauthorized duplication of the Platform or its components. </li>
<li>Reselling, distributing, or sublicensing the Platform or its components. </li>
<li>Removal or alteration of proprietary markings or restrictive legends on the Platform. </li>
<li>Utilization of the Platform for unlawful activities, building competing products or services, or purposes not explicitly permitted in this Agreement. </li>
<li>Introduction of harmful code, such as viruses, worms, or Trojan Horses, to the Platform. </li>
<li>Saving, storing, or archiving any portion of the Platform's services, including data, outside the Platform without prior written consent. </li>
<li>Use of the Platform for service bureau, timeshare, or service provider activities for third-party benefit. </li>
<li>Circumvention of safeguards, processes, procedures, or technologies implemented for the protection of the Platform.  </li>
</ol>

 <p>If you violate this section, ModuleMD, LLC reserves the right in its sole discretion to immediately deny you access to the Platform, or any portion thereof, without notice.  </p>

 <p>ModuleMD, LLC reserves the right to change the availability of any feature, function, or content relating to the Platform, at any time, without notice or liability to you. </p>

  
<h3>USER SECURITY </h3>

 <p>Each User must create an account utilizing a unique username and a password (collectively “Login Credentials”). Login Credentials cannot be shared between Users or any third party. Login Credentials must be kept confidential. You agree to immediately notify us of any unauthorized use or suspected unauthorized use of any Login Credentials. You are fully responsible for all activities, and use or misuse of the Platform, that is associated with your Login Credentials. You will promptly inform us of any need to deactivate or change any Login Credentials. We have the right to disable any Platform account username or password at any time for any reason, including if in our sole discretion we believe that you have failed to comply with these Terms of Use. </p>

  
<h3>USE OF PERSONAL INFORMATION </h3>

 <p>Your use of the Platform may involve the transmission to us of certain personal information. Our policies with respect to the collection and use of such personal information are governed according to our Privacy Policy, which is hereby incorporated by reference in its entirety. </p>

  
 <h3>CONTENT OWNERSHIP &amp; INTELLECTUAL PROPERTY  </h3>

 <p>The Platform contains various materials such as software, text, graphics, images, sound recordings, audiovisual works, and other content provided by or on behalf of ModuleMD, LLC, collectively referred to as "Content." This Content may be owned by ModuleMD, LLC or third parties and is protected under both United States and foreign laws. Unauthorized use of the Content may lead to copyright, trademark, or other legal violations.  </p>


 <p>You do not have any rights to the Content, and you may only use it as permitted under this Agreement. Any other use requires prior written consent from ModuleMD, LLC. When making copies of the Content, you must retain all copyright and proprietary notices. Selling, transferring, assigning, licensing, sublicensing, modifying, reproducing, displaying, publicly performing, distributing, or using the Content for public or commercial purposes is strictly prohibited without authorization. Posting or using the Content on other websites or networked computer environments is also expressly forbidden.  </p>


 <p>Any violation of this Agreement results in the immediate termination of your access and use of the Content and Platform, and you must destroy all copies of the Content in your possession.  </p>


 <p>The trademarks, service marks, and logos of ModuleMD, LLC and the JOSH application displayed on the Platform are owned by ModuleMD, LLC, while other trademarks and service marks may belong to third parties. The use of these trademarks without written permission is prohibited, and any unauthorized use or linking is strictly forbidden.  </p>


 <p>The Platform is protected by various laws, including trade dress, trademark, and unfair competition laws, and may not be copied or imitated. None of the Content may be retransmitted without express written consent from ModuleMD, LLC for each specific instance.  </p>

  
<h3>DATA DEFINITIONS, OWNERSHIP, AND USE </h3>

<p>For the purpose of this Agreement, the following data types are defined:  </p>

<ol class="pl-4">
<li>"Your Data": This refers to any data and information submitted to the Platform by you, including Patient Recordings and personal information. </li>
<li>"Patient Recordings": This includes both the audio/video recordings of sessions between you and patients (along with participating patient family and/or affiliates, to the extent participating in such sessions), as well as the information gathered during these sessions and uploaded to the Platform. </li>
<li>"Protected Health Information" or "PHI": This term is defined under the Health Insurance Portability and Accountability Act of 1996, as amended, and related regulations (HIPAA). </li>
<li>"Usage Data": This is the analytical data collected by ModuleMD, LLC and the JOSH application concerning the Platform's performance and usage, such as access dates/times, visited Platform sections, frequency of visits, and other performance metrics. </li>
<li>"Output": This refers to the medical documentation generated by processing Your Data through the Platform and provided to you via the Platform. 
</li></ol>

<p>You own all rights, title, and interest in and to Your Data and Output, including all modifications, improvements, adaptations, enhancements, or translations made thereto, and all intellectual rights therein. </p>

<p>You grant ModuleMD LLC and the JOSH application a non-exclusive, worldwide, royalty-free, fully paid-up, sublicensable right and license to use, reproduce, execute, store, archive, modify, perform, display, and distribute Your Data for the following purposes: </p>

<ol class="pl-4">
<li>To fulfill ModuleMD LLC and the JOSH application's obligations under this Agreement during its term. </li>

<li>ModuleMD LLC's internal business purposes, including analyzing, updating, and improving the Platform and ModuleMD LLC's analytics capabilities. </li>
</ol>

<p>We will process any PHI included in Your Data in accordance with the Business Associate Agreement (BAA) attached herein as Schedule A. You are solely responsible for the accuracy, quality, and legality of Your Data. In the event of a conflict between the terms of this Agreement and the BAA, the terms of the BAA shall control solely with respect to the processing of PHI. By providing Your Data, you agree to be legally bound by the Terms of Use of the BAA, which is incorporated into this Agreement. </p>

<p>Subject to the Business Associate Agreement (BAA), we may, at our discretion, use De-identified Data and disclose it to third parties. Additionally, we may link Your Data with your customer ID to customize and train our Platform according to your preferences and requirements obtained from Your Data. </p>

<p>Notwithstanding anything to the contrary herein, we may use, and may permit our third-party service providers to access and use, Your Data, as well as any Usage Data that we may collect, in an anonymous and aggregated form (“Aggregate Data”) for the purposes of operating, maintaining, managing, and improving our products and services including the Platform. Aggregate Data does not identify you. You hereby agree that we may collect, use, publish, disseminate, sell, transfer, and otherwise exploit such Aggregate Data. </p>
  

<h3>DATA EXCHANGE </h3>These Terms of Use do not include any data exchange services that you may require as part of your participation in programs that require such data exchange with other vendors, registries, or entities. The responsibility of transfer of data within guidelines of external programs lies solely with you. ModuleMD, LLC makes no representations concerning the completeness, accuracy of any information in presented to external programs (i.e., registries, incentive programs, etc.) or concerning the qualifications or competence of individuals who placed it there. <p></p>

  
<h3>PARTNER &amp; INTEGRATION CHANGES </h3>
<p>Partner Agreements between ModuleMD and other affiliated service providers are subject to change at any time. ModuleMD reserves the right to make any additions, cancellations, or changes to these partnerships without notice to the Client. In the event ModuleMD identifies those changes to Partner Agreements will directly impact the performance and/or operations of the Client with relation to the usage of ModuleMD Software or Services, ModuleMD will make best efforts to inform the client prior to effective changes. </p>
  
<h3>FEES </h3>

<p>In exchange for your access to and use of the Platform, you agree to pay the fees for the applicable subscription plan that you selected at registration. </p>

<p>A valid credit card must be on file for your account. By providing your credit card information, you authorize us to charge your card for the applicable subscription fees and any additional charges and processing fees incurred while using the Platform. </p>

<p>Subscription fees will be billed on a monthly or annual basis, as specified at the time of subscription.  </p>

<p>We reserve the right to update and modify our pricing structure with reasonable notice, with any updated pricing for your subscription plan to go into effect the period of service. We reserve the right to institute new or additional fees, at any time upon notice to you. By purchasing a subscription, you agree to pay us through a third-party payment processor of our choosing. We reserve the right to change our third-party payment processor at any time. </p>

<p>Failure to pay fees when due may result in the suspension or termination of your access to the Platform. </p>

  
<h3>GUIDELINES AND RULES </h3>

<p>By accessing and using the Platform, you agree to adhere to the following guidelines: </p>

<ol class="pl-4">
<li>You will not use the Platform for any illegal activities or purposes. </li>
<li>You will not access or use the Platform to gather market research for competing businesses. </li>
<li>You will not upload, post, or otherwise share content that infringes on any intellectual property rights, promotes third-party products or services, or contains defamatory, indecent, obscene, or hateful material. </li>
<li>You will not impersonate any person or entity or misrepresent your affiliation with any person or entity. </li>
<li>You will not attempt to reverse engineer, disassemble, or interfere with any software, products, or processes accessible through the Platform. </li>
<li>You will not obstruct or interfere with any advertisements or safety features on the Platform. </li>
<li>You will not attempt to circumvent, remove, or alter any protections in the Platform. </li>
<li>You will not use automated tools, such as bots or crawlers, to download or scrape data from the Platform, with exceptions for search engines and non-commercial public archives that comply with our robots.txt file.</li> 
<li>You will not engage in activities that may impose an unreasonable load on our technical infrastructure. </li>
<li>You will not interfere with or attempt to disrupt the proper operation of the Platform through the use of viruses, hacking, or other malicious means. </li>
</ol>

<p>We reserve the right to deny access to the Platform, in whole or in part, without notice, at our sole discretion, for any violation of these guidelines.  </p>

<h3>RESTRICTIONS </h3>

<p>The Platform is available only for individuals aged 18 years or older. If you are under 18 years of age, then please do not access and/or use the Platform. By entering into this Agreement, you represent and warrant that you are 18 years or older. </p>

  
<h3>DISCLAIMER AND LIMITATION OF LIABILITY </h3>

<p>THE PLATFORM, ITS CONTENT, AND SERVICES ARE PROVIDED ON AN "AS IS" AND "AS AVAILABLE" BASIS, WITHOUT ANY WARRANTIES, EXPRESS OR IMPLIED. MODULEMD, LLC AND ITS SUPPLIERS DISCLAIM ANY WARRANTIES, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AVAILABILITY, AND ERROR-FREE OR UNINTERRUPTED OPERATION. THE PLATFORM IS NOT INTENDED TO DIAGNOSE, TREAT, CURE, OR PREVENT ANY DISEASE OR HEALTH CONDITION. YOU ARE SOLELY RESPONSIBLE FOR ANY MEDICAL CONCLUSIONS OR TREATMENT DECISIONS BASED ON THE PLATFORM'S OUTPUT. MODULEMD, LLC WILL NOT BE LIABLE FOR ANY DAMAGES OR LOSSES RESULTING FROM YOUR USE OF THE PLATFORM, ITS CONTENT, OR SERVICES, INCLUDING ANY RELIANCE ON THE PLATFORM'S OUTPUT. THE PLATFORM AND ITS OUTPUT SHOULD NOT BE CONSIDERED A SUBSTITUTE FOR PROFESSIONAL MEDICAL ADVICE, DIAGNOSIS, OR TREATMENT. YOU AGREE TO USE THE PLATFORM AT YOUR OWN RISK. WE DO NOT GUARANTEE THE ACCURACY, RELIABILITY, OR COMPLETENESS OF THE PLATFORM, ITS CONTENT, OR SERVICES. </p>

  
<h3>INDEMNIFICATION </h3>

<p>YOU AGREE TO INDEMNIFY, DEFEND, AND HOLD HARMLESS MODULEMD LLC, ITS AFFILIATES, AND THEIR RESPECTIVE DIRECTORS, OFFICERS, EMPLOYEES, AND AGENTS (COLLECTIVELY, "MODULEMD LLC INDEMNITEES") FROM ANY CLAIMS, DAMAGES, LIABILITIES, AND EXPENSES ARISING FROM YOUR USE OF THE PLATFORM, ITS CONTENT, OR SERVICES OR YOUR VIOLATION OF THESE TERMS. </p> 

<p>IN CONNECTION WITH ANY WARRANTY, CONTRACT, OR COMMON LAW TORT CLAIMS: </p> 

<p>(I) MODULEMD LLC INDEMNITEES SHALL NOT BE LIABLE FOR ANY INCIDENTAL OR CONSEQUENTIAL DAMAGES, LOST PROFITS, OR DAMAGES RESULTING FROM LOST DATA OR BUSINESS INTERRUPTION ARISING FROM YOUR USE OR INABILITY TO ACCESS AND USE THE PLATFORM, ITS CONTENT, OR SERVICES, EVEN IF WE HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. </p> 

<p>(II) ANY DIRECT DAMAGES THAT YOU MAY SUFFER AS A RESULT OF YOUR USE OF THE PLATFORM, ITS CONTENT, OR SERVICES SHALL BE LIMITED TO A PAYMENT NOT EXCEEDING THE VALUE OF A ONE-MONTH SUBSCRIPTION.</p> 
 
<p>YOU ALSO AGREE TO INDEMNIFY, DEFEND, AND HOLD MODULEMD LLC INDEMNITEES HARMLESS FROM ANY LOSSES INCURRED IN CONNECTION WITH A THIRD-PARTY CLAIM ARISING FROM (I) YOUR BREACH OF THIS AGREEMENT, INCLUDING ANY BREACH OF YOUR REPRESENTATIONS AND WARRANTIES; (II) MISUSE OF THE PLATFORM, ITS CONTENT, OR SERVICES; (III) YOUR NEGLIGENCE, GROSS NEGLIGENCE, WILLFUL MISCONDUCT, FRAUD, MISREPRESENTATION, OR VIOLATION OF LAW; OR (IV) VIOLATION OF ANY THIRD-PARTY RIGHT, INCLUDING ANY COPYRIGHT, TRADEMARK, PROPERTY, OR PRIVACY RIGHT. YOUR INDEMNIFICATION OBLIGATIONS ARE SUBJECT TO OUR (I) PROMPTLY NOTIFYING YOU OF THE CLAIM; (II) PROVIDING REASONABLE COOPERATION IN THE DEFENSE OF THE CLAIM AT YOUR EXPENSE; AND (III) GRANTING YOU SOLE CONTROL OVER THE DEFENSE AND NEGOTIATIONS FOR A SETTLEMENT OR COMPROMISE. </p> 

  
<h3>REPRESENTATIONS AND WARRANTIES </h3>

<p>You represent and warrant that you have: (i) all rights and permissions necessary to provide us with or grant us access to and use of Your Data, and (ii) obtained all necessary and appropriate consents, permissions, and authorizations in accordance with all applicable laws and regulations with respect to Your Data provided hereunder, including but not limited to, consents from patients, their patents and/or legal guardians, including consents to record patient’s visit sessions and authorization for the use, exchange and disclosure of any applicable PHI (collectively, “Consents”). </p>

<h3>COMPLIANCE WITH APPLICABLE LAWS </h3>

<p>The Platform is based in the United States. We make no claims concerning whether the Platform may be viewed or be appropriate for use outside of the United States. If you access the Platform from outside of the United States, you do so at your own risk. Whether inside or outside of the United States, you are solely responsible for ensuring compliance with the laws of your specific jurisdiction. </p>

  
<h3>TERM AND TERMINATION </h3>

<p>Your right to access and use the Platform will commence upon your acceptance of these Terms of Use and will continue for the duration of the subscription plan that you selected at registration (the “Term”). </p>

<p>Thereafter, the Term will automatically renew for consecutive terms equivalent to the duration of your subscription plan, unless either of us notifies the other at least thirty (30) days prior to the expiration of the then-current renewal term of its intention to not renew. Upon cancellation, you will continue to have access to the services until the end of the current subscription period. No refunds will be issued for any unused portion of the subscription period. </p>

<p>We reserve the right to change, suspend, discontinue or terminate your access and use of all or any part of the Platform at any time without prior notice or liability. ModuleMD, LLC may terminate these Terms of Use and declare any unpaid amounts owed hereunder immediately due and payable.  </p>

  
<h3>SURVIVAL </h3>

<p>The termination of these Terms of Use shall not affect the continued enforceability and validity of the following Sections of this Agreement: </p>

<p class="pl-4">CONTENT OWNERSHIP &amp; INTELLECTUAL PROPERTY  </p>

<p class="pl-4">DATA DEFINITIONS, OWNERSHIP, AND USE </p>

<p class="pl-4">FEES </p>

<p class="pl-4">RESTRICTIONS </p>

<p class="pl-4">DISCLAIMER AND LIMITATION OF LIABILITY </p>

<p class="pl-4">INDEMNIFICATION </p>

<p class="pl-4">REPRESENTATIONS AND WARRANTIES </p>

<p class="pl-4">COMPLIANCE WITH APPLICABLE LAWS </p>

<p class="pl-4">TERM AND TERMINATION </p>

<p class="pl-4">PROTECTION OF DATA INTERESTS THROUGH RETURN OF DATA </p>

<p class="pl-4">CLASS ACTION WAIVER </p>

<p class="pl-4">EQUITABLE RELIEF </p>

<p class="pl-4">FORCE MAJEURE </p>

<p class="pl-4">GOVERNING LAW </p>

<p class="pl-4">SEVERABILITY </p>

<p class="pl-4">ASSIGNMENT, WAIVER, AND ENTIRE AGREEMENT </p>

<p class="pl-4">VENUE  </p>

<p class="pl-4">YOUR AUTHORITY </p>

  
<p>These provisions shall remain in full force and effect even after the termination of these Terms of Use. </p>

  
<h3>PROTECTION OF DATA INTERESTS THROUGH RETURN OF DATA </h3>

<p>You acknowledge and understand that you may not be able to meet its statutory obligations to maintain records of the care it has provided to patients and its other legal and contractual obligations if it is not able to access Your Data. You acknowledge and agree that ModuleMD, LLC has provided a reasonable mechanism to enable you to transfer Data from the Platform to an alternate arrangement established by you. Your failure to collect Data for any reason prior to your termination will result in the archiving of Data in a ModuleMD, LLC server to remain for an approximate period of one (1) calendar year from the date of termination of these Terms of Use. If you require Data after cancellation and before the archival period, you may resubscribe. If data is requested after the archival period, additional fees may apply. Fees will be calculated based on volume and extent of archival retrieval and data transfer effort required for requested Client Data. Archived Client Data is subject to additional storage fees based upon the volume and size of archived Client Data during the data storage duration of up to one (1) year. Upon expiration of archived storage period of one (1) year, all Client Data will be destroyed. CLIENT ACKNOWLEDGES THAT CLIENT MAY HAVE OBLIGATIONS TO MAINTAIN MEDICAL RECORDS AND OTHER CLIENT DATA FOR THE STATUTORY PERIOD REQUIRED BY STATE LAW OR FEDERAL LAW AND MAY HAVE OTHER REQUIREMENTS TO MAINTAIN CLIENT DATA UNDER ITS PROVIDER AGREEMENTS WITH PAYORS AND UNDER OTHER AGREEMENTS. CLIENT ACKNOWLEDGES AND AGREES THAT MODULEMD, LLC HAS NOT AGREED TO AND IS UNDER NO OBLIGATION TO ACT AS A CUSTODIAN OF CLIENT’S MEDICAL RECORDS AFTER THE TERMINATION OF THESE TERMS OF USE. CLIENT AGREES TO INDEMNIFY AND HOLD MODULEMD, ITS EMPLOYEES, OWNERS AND AGENTS HARMLESS AGAINST ALL ACTIONS, CLAIMS, DEMANDS, LIABILITIES, LOSSES, DAMAGES, COSTS, AND EXPENSES (INCLUDING REASONABLE ATTORNEYS FEES) TO THE EXTENT RESULTING, DIRECTLY OR INDIRECTLY, FROM THE DESTRUCTION OF CLIENT DATA AT THE END OF ONE YEAR AFTER TERMINATION OF THESE TERMS OF USE. </p>

  
<h3>CLASS ACTION WAIVER </h3>

<p>You agree that any arbitration or proceeding shall be limited to the Dispute between us and you individually. To the full extent permitted by law, (i) no arbitration or proceeding shall be joined with any other; (ii) there is no right or authority for any Dispute to be arbitrated or resolved on a class action-basis or to utilize class action procedures; and (iii) there is no right or authority for any Dispute to be brought in a purported representative capacity on behalf of the general public or any other persons. YOU AGREE THAT YOU MAY BRING CLAIMS AGAINST US ONLY IN YOUR INDIVIDUAL CAPACITY AND NOT AS A PLAINTIFF OR CLASS MEMBER IN ANY PURPORTED CLASS OR REPRESENTATIVE PROCEEDING. </p>

  
<h3>EQUITABLE RELIEF </h3>

<p>You acknowledge and agree that in the event of a breach or threatened violation of our intellectual property rights and confidential and proprietary information by you, we will suffer irreparable harm and will therefore be entitled to injunctive relief to enforce this Agreement. We may, without waiving any other remedies under this Agreement, seek from any court having jurisdiction any interim, equitable, provisional, or injunctive relief that is necessary to protect our rights and property pending the outcome of the arbitration referenced above. You hereby irrevocably and unconditionally consent to the personal and subject matter jurisdiction of the federal and state courts in the State of Michigan for purposes of any such action by us. </p>

  
<h3>FORCE MAJEURE </h3>

<p>Neither Party hereto shall be deemed in default for any delay or failure in performance hereunder resulting from a Force Majeure Event. Neither Party shall be liable to the other Party for any delay or omission in the performance of any obligation under these Terms of Use, other than the obligation to pay monies, where the delay or omission is due to a Force Majeure Event. If a Force Majeure Event prevents or delays the performance by a Party of any obligation under these Terms of Use, then the Party claiming a Force Majeure Event occurred shall promptly notify the other Party thereof in writing. Except as expressly provided otherwise in these Terms of Use, the date and time for the performance by any Party of any obligation under these Terms of Use shall be postponed automatically to the extent, and for the period of time, that the Party is prevented from doing so by an event of Force Majeure. </p>

  
<h3>GOVERNING LAW </h3>

<p>These Terms of Use, and any action arising out of or related to it, shall be governed by and construed in accordance with the laws of the State of Michigan; however, except as otherwise expressly stated herein, the Parties specifically waive and disclaim the applicability of the Uniform Commercial Code, Uniform Electronic Transactions Act, and Uniform Computer Information Transactions Act to these Terms of Use. In the event any action or proceeding is brought in connection with these Terms of Use, the prevailing Party shall be entitled to recover its costs and reasonable attorneys’ fees. Except for Client and ModuleMD, no other party may sue or be sued under these Terms of Use. </p>

  
<h3>SEVERABILITY </h3>

<p>If any provision of these Terms of Use is held to be invalid or otherwise unenforceable, the validity, legality and enforceability of the remaining provisions shall in no way be affected or impaired. </p>

  
<h3>ASSIGNMENT, WAIVER, AND ENTIRE AGREEMENT </h3>

<p>This section outlines the terms related to assignment, waiver, and the entire agreement between you and ModuleMD LLC: </p>

<ol class="pl-4">
<li><strong>Assignment: </strong>You may not assign any of your rights, duties, or obligations under these Terms to any person or entity, in whole or in part, without written consent from ModuleMD LLC. </li>


<li><strong>Waiver:  </strong>Our failure to act on or enforce any provision of the Agreement shall not be construed as a waiver of that provision or any other provision in this Agreement. No waiver shall be effective against us unless made in writing, and no such waiver shall be construed as a waiver in any other or subsequent instance. </li>


<li><strong>Entire Agreement: </strong> Except as expressly agreed by us and you in writing, the Agreement constitutes the entire agreement between you and us concerning the subject matter, superseding all previous or contemporaneous agreements, whether written or oral, between the parties with respect to the subject matter. The section headings are provided merely for convenience and shall not be given any legal import. This Agreement will inure to the benefit of our successors, assigns, licensees, and sublicensees. </li>

</ol>

  
<h3>VENUE </h3>

<p>Any dispute or claim arising out of, or in connection with, these Terms of Use shall be finally settled through a court of law in the State of Michigan. Each Party to these Terms of Use consents to personal jurisdiction in a court of competent jurisdiction located in the State of Michigan and waives any claim of lack of personal jurisdiction in Michigan and any claim that Michigan is a forum nonconveniens. </p>

  
<h3>YOUR AUTHORITY </h3>

<p>You represent and warrant that (i) you are an entity duly organized, validly existing and in good standing in the jurisdiction of its organization; (ii) You have obtained all approvals, permits or other authorizations required to enter into and perform its obligations under these Terms of Use hereby; (iii) the purchase of any Services contemplated herein does not violate or conflict with any law, regulation, decree, order, judgment, contract, agreement, or other document applicable to you or your properties; and (iv) all financial statements and other information provided by you to ModuleMD, LLC are true, accurate and complete in all material respects. </p>

  
<h3>REVIEW OF AGREEMENT </h3>

  
<p>EACH PARTY ACKNOWLEGES THAT IT HAS CAREFULLY READ THESE TERMS OF USE IN ITS ENTIRETY, UNDERSTANDS IT, AND AGREES TO BE BOUND BY ITS TERMS. ADDITIONALLY, EACH PARTY FURTHER REPRESENTS AND WARRENTS THAT IT HAS ALL THE RIGHTS NECESSARY TO COMPLY WITH AND BE BOUND BY THESE TERMS OF USE. </p>

  
<h3>SCHEDULE A </h3>

<h3 class="tx-center">BUSINESS ASSOCIATE AGREEMENT </h3>

<p>This Business Associate Agreement ("BAA") is entered into by and between ModuleMD, LLC ("Business Associate") and YOU ("Covered Entity"), and shall become effective upon your use and access of the JOSH application (the "Platform"). The "Effective Date" shall be the date you commence use of the Platform. By using the Platform, you agree to be bound by the Terms and Conditions of this BAA. If you do not agree to these Terms, you are prohibited from using the Platform. </p>

 <h3 class="tx-center">RECITALS </h3>
  

<p>The Use or Disclosure of Protected Health Information by covered entities and business associates (and a subcontractor of a business associate) is regulated by applicable provisions of the Standards for Privacy of Individually Identifiable Health Information, the Security Standards for the Protection of Electronic Protected Health Information, the Breach Notification Rule, and the Enforcement Rule, located at 45 CFR Parts 160 and 164, subparts A, C, D and E, promulgated by the United States Department of Health and Human Services, pursuant to the Health Insurance Portability and Accountability Act of 1996, Public Law 104-191, as amended by Title XIII, Subtitle D of the Health Information Technology for Economic and Clinical Health Act of 2009, Public Law No. 111-5 . </p>

<p>ModuleMD and Provider are parties to one or more agreements or arrangements pursuant to which ModuleMD provides certain services (“Services”) on behalf of Provider who is either a covered entity or business associate and as such is required to comply with HIPAA. Such services involve the Use or Disclosure of Protected Health Information of Individuals created, received, maintained or transmitted by ModuleMD on behalf of Provider. This Agreement also applies to any additional services involving the Use or Disclosure of Protected Health Information which Provider may request ModuleMD to perform in the future. </p>

<p>The purpose of this Business Associate Agreement (“Agreement”) is to set forth ModuleMD’s and Provider’s obligations and agreement regarding the Use and Disclosure of such Protected Health Information. </p>

<p>To the extent that ModuleMD and Provider previously entered into a Business Associate Agreement, or any amendments to such, this Agreement specifically supersedes all such prior agreements. </p>

  
 <h3 class="tx-center">TERMS </h3>

<p>Consistent with the above Background which is hereby incorporated into this Agreement, ModuleMD and Provider (the “Parties”) agree as follows: </p>


<ol class="nest pl-4"> 
<li><strong>Definitions.</strong> In addition to those terms already defined, the capitalized terms used in this Agreement will have the same meaning as those terms in the HIPAA Rules unless the context requires otherwise. These terms include the following:  

<ol class="nest pl-4"> 
<li><u>Breach.</u> The acquisition, access, use or disclosure of PHI in a manner not permitted under the Privacy Rule, which compromises the security or privacy of such information, subject to the exceptions set forth in the HITECH Act and in 42 CFR 164.402(1), as may be amended. </li>

<li><u>Breach Notification Rule. </u>The breach of unsecured PHI requirements described in Section 13402 of the HITECH Act and 45 CFR Part 160 and Subpart D of Part 164, as may be amended. </li>

<li>Designated Record Set. A group of records maintained by or for a covered entity that is: (i) the medical records and billing records about individuals maintained by or for a covered health care provider; (ii) the enrollment, payment, claims adjudication, and case or medical management record systems maintained by or for a health plan; or (iii) used, in whole or in part, by or for Provider to make decisions about individuals (45 CFR 164.501). </li>

<li><u>Disclosure.</u> The release, transfer, provision of, access to, or divulging in any other manner of information outside the entity holding the information (45 CFR 160.103). </li>

<li>Electronic Health Record. An electronic record of health-related information on an Individual that is created, gathered, managed, and consulted by authorized health care clinicians and staff (Section 13400(5) of the HITECH Act). </li>

<li><u>Electronic Media.</u> Electronic Media means (i) electronic storage material on which data is or may be recorded electronically, including, for example, devices in computers (hard drives) and any removable/transportable digital memory medium, such as memory sticks, magnetic tape or disk, optical disk, or digital memory card; and (ii) transmission media used to exchange information already in electronic storage media; transmission media include, for example, the Internet, extranet or intranet, leased lines, dial-up lines, private networks, and the physical movement of removable/transportable electronic storage media. However, certain transmissions, including paper, via facsimile, and of voice, via telephone are not considered to be transmissions via Electronic Media if the information being exchanged did not exist in electronic form immediately before the transmission. </li>

<li><u>Electronic PHI.</u> PHI that is transmitted by or maintained in Electronic Media (45 CFR 160.103). </li>

<li><u>Enforcement Rule.</u> The HIPAA enforcement rule, which pertain to compliance and investigations, the imposition of civil money penalties for violations of the HIPAA Administrative Simplification Rules, and procedures for hearings (45 CFR Part 160, Subparts C, D, and E). </li>

<li><u>HIPAA.</u> The Health Insurance Portability and Accountability Act of 1996, Public Law 104-191, as may be amended. </li>

<li><u>HIPAA Rules. </u>As used in this Agreement, collectively the Privacy Rule, Security Rule, Breach Notification Rule and Enforcement Rule, as may be amended. </li>

<li><u>HITECH Act.</u> The Health Information Technology for Economic and Clinical Health Act, which is Title XIII of Division A, and Title IV of Division B, of the American Recovery and Reinvestment Act of 2009, Public Law No. 111-5, as may be amended. </li>

<li><u>Individual.</u> The person who is the subject of Protected Health Information (45 CFR 160.103). </li>

<li><u>Individually Identifiable Health Information.</u> Information that is a subset of health information, including demographic information collected from an Individual, and: (1) is created or received by a health care provider, health plan, employer, or health care clearinghouse; and (2) relates to the past, present, or future physical or mental health or condition of an Individual; the provision of health care to an Individual; or the past, present, or future payment for the provision of health care to an Individual; and (i) that identifies the Individual; or (ii) with respect to which there is a reasonable basis to believe the information can be used to identify the Individual (45 CFR 160.103). </li>

<li><u>Privacy Rule. </u>Privacy Rule shall mean the Standards for Privacy of Individually Identifiable Health Information at 45 CFR Part 160 and Subparts of A and E of Part 164, as may be amended. </li>

<li><u>Protected Health Information or PHI.</u> Individually Identifiable Health Information that is (i) transmitted by Electronic Media; (ii) maintained in Electronic Media; or (iii) transmitted or maintained in any other form or medium. Protected Health Information excludes Individually Identifiable Health Information: (i) in education records covered by the Family Educational Rights and Privacy Act, as amended, 20 U.S.C. 1232g; (ii) in records described at 20 U.S.C. 1232g(a)(4)(B)(iv); (iii) in employment records held by a Provider in its role as employer; and (iv) regarding a person who has been deceased for more than 50 years (45 CFR 160.103). </li>

<li><u>Required by Law.</u> A mandate contained in law that compels an entity to make a Use or Disclosure of Protected Health Information and that is enforceable in a court of law (45 CFR 164.103). </li>

<li><u>Secretary.</u> The Secretary of the United States Department of Health and Human Services or designee (45 CFR 160.103). </li>

<li><u>Security Incident.</u> The attempted or successful unauthorized access, use, disclosure, modification, or destruction of information or interference with system operations in an information system (45 CFR 164.304). </li>

<li><u>Security Rule.</u> The Security Standards for the Protection of Electronic Protected Health Information, 45 CFR Part 160 and Subparts A and C of Part 164, as may be amended. </li>

<li><u>Services Agreement. </u>The underlying agreement(s) that set forth the terms of the services that ModuleMD has agreed to provide for Provider and that require the Use or Disclosure of PHI. </li>


<li><u>Subcontractor.</u> A person to whom ModuleMD delegates a function, activity or service, other than in the capacity of a member of the workforce of ModuleMD; a Subcontractor that creates, receives, maintains or transmits PHI on behalf of a business associate is deemed to be a “business associate” (45 CFR 160.103). </li>


<li><u>Unsecured PHI.</u> PHI not secured through the use of a technology or methodology specified in guidance by the Secretary that renders PHI unusable, unreadable or indecipherable to unauthorized persons (45 CFR 164.402). </li>

<li><u>Use.</u> The sharing, employment, application, utilization, examination, or analysis of Individually Identifiable Health Information, in any form or medium whatsoever, within an entity that maintains such information (45 CFR 160.103). </li>
</ol>

</li>


<li><strong>Obligations and Activities of Business Associate.</strong> ModuleMD agrees to maintain the confidentiality of any PHI created, received, maintained or transmitted by ModuleMD on behalf of Provider in accordance with all applicable federal, state and local laws and regulations, and more specifically, in accordance with the following: 

<ol class="nest pl-4">
<li><u>Uses and Disclosures of PHI.</u> ModuleMD shall not Use or Disclose PHI created, received, maintained or transmitted by ModuleMD on behalf of Provider other than as permitted or required by this Agreement or as Required by Law. </li>

<li><u>Minimum Necessary.</u> ModuleMD shall limit Uses and Disclosures of, and requests for, PHI to the minimum necessary to accomplish the intended purpose of the Use, Disclosure or request. ModuleMD acknowledges that the Secretary of Health and Human Services is required by the HITECH Act to issue guidance on what constitutes the “minimum necessary” for the purposes of the Privacy Rule. Subcontractor agrees to comply with the guidance, once issued by the Secretary, and to only request, use, or disclose the minimum amount of PHI described in such guidance. </li>

<li><u>Mitigation of Harmful Effects. </u>ModuleMD shall mitigate, to the extent practicable, any harmful effect that is known to ModuleMD of a Use or Disclosure of PHI by ModuleMD, its Subcontractors or agents, if any, in violation of the requirements of this Agreement. </li>

<li><u>Safeguards to Protect PHI. </u>ModuleMD shall establish and use appropriate administrative, technical, and physical safeguards (and comply, where applicable, with the relevant Security Rule safeguards with respect to any Electronic PHI) to reasonably and appropriately protect the confidentiality, integrity and availability of PHI and prevent the Use or Disclosure of PHI other than as provided for by this Agreement. </li>

<li><u>Reporting of Improper Use or Disclosure of PHI.</u> As more fully described in Section 7, ModuleMD shall report to Provider any Use or Disclosure of PHI not authorized by this Agreement of which ModuleMD becomes aware, including any actual or perceived Breaches of Unsecured PHI and any Security Incident of which it becomes aware. </li>

<li><u>Subcontractors.</u> ModuleMD will ensure that any Subcontractor that creates, receives, maintains or transmits PHI or, if applicable, Electronic PHI on behalf of ModuleMD agrees in writing to the same restrictions and conditions that apply to ModuleMD with respect to such information, including, but not limited to, the safeguard requirements, breach reporting requirements and the termination requirements. ModuleMD will satisfy this requirement by entering into a written business associate agreement with a Subcontractor (“Subcontractor Agreement), which shall comply with the applicable Privacy Rule and Security Rule requirements. </li>

<li><u>Requests to Access or Amend PHI in a Designated Record Set.</u> In the event that ModuleMD maintains any PHI in a Designated Record Set, upon request, ModuleMD will make available to Provider PHI in such manner and format necessary for Provider to respond to and process an Individual’s request for access or amendment to the PHI. As directed by Provider, ModuleMD will incorporate any amendments to PHI in a Designated Record Set. Nothing in this Agreement shall be interpreted to require either party to provide an Individual access to: (i) information compiled in reasonable anticipation of, or for use in, a civil, criminal or administrative action or proceeding; (ii) psychotherapy notes; or (iii) information that is protected from disclosure under the Clinical Laboratory Improvements Amendments of 1988. </li>

<li><u>Accounting of Disclosures. </u>ModuleMD will document such Disclosures of PHI and information related to such Disclosures as would be required for Provider to respond to a request by an Individual for an accounting of disclosures of PHI in accordance with 45 CFR 164.528 (which does not require an accounting of any PHI divulged to Covered Entity if Covered Entity is considered to be holding such PHI) (which does not require the reporting of any PHI divulged, and as applicable, Section 13405(c) of the HITECH Act and its implementing regulations. 

<ol class="nest pl-4">
	 <li>Within five (5) days of notice by Provider to ModuleMD that it has received a request for an accounting of Disclosures of PHI regarding an Individual during the six (6) years prior to the date on which the accounting was requested, ModuleMD will make available to Provider information to permit Provider to respond to the request for an accounting of disclosures of PHI, as required by 45 C.F.R. § 164.528. </li><li>Upon the effective date of the appropriate implementing regulations for Section 13405(c) of the HITECH Act, in the case of an electronic health record maintained or hosted by ModuleMD on behalf of Provider, the accounting period shall be three (3) years and the accounting shall comply with the requirements of the implementing regulations for Section 13405(c) of the HITECH Act, which regulations may require ModuleMD to account for disclosures made for treatment, payment and health care operations purposes. </li>

<li> In the event the request for an accounting is delivered directly to ModuleMD, ModuleMD shall within two (2) days forward such request to Provider. </li>
</ol>


</li>

<li><u>Availability of Books and Records. </u>ModuleMD agrees to make its internal practices, policies, procedures, books and records and documentation relating to the Use and Disclosure of PHI (including Electronic PHI) received from, or created or received by ModuleMD on behalf of Provider available to the Secretary of the United States Department of Health and Human Services, in a time and manner designated by the Secretary, for purposes of the Secretary determining compliance with the HIPAA Rules. </li>

<li><u>Carrying Out Provider’s Obligations.</u> To the extent ModuleMD is asked to carry out any of Provider’s obligations under the Privacy Rule, ModuleMD shall comply with the requirements of the Privacy Rule that apply to Provider in the performance of such obligation. </li>

<li><u>Requests for Restrictions on Certain PHI Disclosures to Health Plans.</u> Upon Provider’s request, ModuleMD shall comply with any request of an Individual to not Disclose PHI to a health plan if the Disclosure is for purposes of carrying out Payment or Health Care Operations and is not otherwise Required by Law, and the PHI pertains solely to a health care item or service for which the provider of the item or service has been paid out of pocket in full. </li>

<li><u>Restrictions on Marketing, Fundraising and the Sale of PHI. </u>ModuleMD shall not engage in any marketing or fundraising on its own behalf that involves the Use or Disclosure of PHI. ModuleMD shall not directly or indirectly receive remuneration in exchange for any PHI of an Individual unless a valid authorization is obtained or an exception described in 45 CFR 164.502(a)(5)(ii)(B)(2) applies. </li>


<li><u>Electronic PHI.</u> To the extent ModuleMD creates, receives, maintains or transmits Electronic PHI on behalf of Provider, ModuleMD shall: 

<ol class="nest pl-4">
	<li> Implement Administrative, Physical and Technical Safeguards that reasonably and appropriately protect the confidentiality, integrity and availability of the Electronic PHI it creates, receives, maintains or transmits on behalf of Provider, and comply with the policies and procedures and documentation requirements, in accordance with the applicable requirements of the Security Rule. </li>

<li>Ensure that any Subcontractor that creates, receives, maintains or transmits Electronic PHI on behalf of ModuleMD enters into a written agreement with ModuleMD in which the Subcontractor agrees to protect the security of Electronic PHI by complying with the applicable safeguards, policies, procedures and documentation requirements described in Section 2.13-1. </li>

<li>As more fully described in Section 7, report to Provider any Security Incident of which ModuleMD becomes aware, including any Breaches of Unsecured PHI, without unreasonable delay and within five (5) days of becoming aware of such Security Incident or Breach of Unsecured PHI. </li>


</ol>
</li>
</ol>
</li>


<li>
<strong>Permitted Uses and Disclosures by ModuleMD.</strong> Except as otherwise limited in this Agreement: 

<ol class="nest pl-4">
<li>Use or Disclosure for ModuleMD Services. ModuleMD may Use or Disclose PHI for the purpose of providing the Services for Provider. </li>

<li>Uses for ModuleMD’s Management and Administration. ModuleMD may Use PHI for the proper management and administration of ModuleMD or to carry out ModuleMD’s own legal responsibilities. </li>

<li>Disclosures for ModuleMD’s Management and Administration. ModuleMD may Disclose PHI to a third party for the proper management and administration of ModuleMD or to carry out ModuleMD’s own legal responsibilities provided the Disclosure is Required By Law, or ModuleMD obtains reasonable assurances from the third party to whom the information is Disclosed that such PHI will be held secure and confidential and only be Disclosed as Required by Law or for the purpose for which it was Disclosed to the third party, and that any breaches of confidentiality of the PHI which become known to such third party will be reported to the ModuleMD. </li>

<li>Use or Disclosure for Data Aggregation Services. Upon Provider’s request, ModuleMD may Use or Disclose PHI to provide Data Aggregation services relating to the Health Care Operations of Provider. </li>

</ol>


</li>


<li><strong>Obligations of Provider. </strong>
<ol class="nest pl-4">
<li><u>Notice to ModuleMD.</u> Provider shall notify ModuleMD of any limitations in its Notice of Privacy Practices to the extent that such limitations may affect ModuleMD’s Use or Disclosure of PHI. </li>

<li><u>Changes in or Revocation of Permission to Use or Disclose PHI. </u>Provider shall notify ModuleMD of any changes in, or revocation of, permission by an Individual to Use or Disclose PHI, if such changes affect ModuleMD's Use or Disclosure of PHI. </li>

<li><u>Restrictions to the Use or Disclosure of PHI.</u> Provider shall notify ModuleMD of any restriction to the Use or Disclosure of PHI, which Provider has agreed to, or must make, to the extent that such restriction may affect ModuleMD’s Use or Disclosure of PHI. </li>

<li><u>Impermissible Requests by Covered Entity.</u> Provider shall not request ModuleMD to Use or Disclose PHI in any manner that would not be permitted by the HIPAA Privacy Rule if done by Provider except to permit ModuleMD to Use or Disclose PHI to provide data aggregation services, for the management and administration of ModuleMD and to carry out the legal responsibilities of ModuleMD. </li>
</ol>
</li>


<li><strong>Term and Termination. </strong>
<ol class="nest pl-4">
<li><u>Term.</u> This Agreement takes effect on the date this Agreement is signed (i.e., the last date of signature by one of the Parties). However, if ModuleMD commences services for Provider before this Agreement is signed, the Parties shall be subject to the obligations under the HIPAA Rules that were in effect at that time. The requirements under this Agreement are continuing and survive termination of this Agreement or the Services Agreement or arrangement between Provider and ModuleMD until all PHI, received from, or created by or received by ModuleMD on behalf of Provider, that ModuleMD still maintains in any form is returned to Provider. If it is not feasible to return or destroy PHI, ModuleMD shall extend protections to such information, in accordance with Section 5.3-2. </li>

<li><u>Termination.</u> Upon Provider’s knowledge of a pattern of activity or practice of ModuleMD that constitutes a material breach or violation of ModuleMD’s obligations under this Agreement, Provider shall notify ModuleMD of the breach or violation and provide ModuleMD with a reasonable opportunity to cure the breach, if curable, or end the violation. If curing the breach or ending the violation is not possible, or if ModuleMD does not cure a curable breach or end the violation within a reasonable time specified by Provider, Provider may immediately terminate this Agreement and the Services Agreement with ModuleMD. </li>


<li>Effect of Termination. 

<ol class="nest pl-4">
	<li><u>Return or Destroy PHI. </u>Except for PHI retained by ModuleMD as necessary for proper management and administration activities of ModuleMD or to carry out ModuleMD’s own legal responsibilities, or as otherwise provided in Section 5.3-2, upon termination of this Agreement, for any reason, ModuleMD shall return or destroy all PHI received from Provider, or created or received by ModuleMD on behalf of Provider that ModuleMD still maintains in any form. </li>

<li><u>Secure PHI if Return or Destruction is Not Feasible.</u> In the event ModuleMD and Provider determine that returning or destroying the PHI is infeasible, ModuleMD shall provide to Provider written notification of the conditions that make return or destruction infeasible and ModuleMD shall extend the protections of this Agreement to such PHI and limit further Uses and Disclosures of such PHI to those purposes that make the return or destruction infeasible, for so long as ModuleMD and/or its Subcontractors or agents maintains such PHI. </li>

<li><u>Termination of Subcontractor Agreements.</u> Upon termination of this Agreement, ModuleMD agrees that it will terminate its Subcontractor Agreements with any Subcontractor to whom ModuleMD has delegated functions ModuleMD was performing on behalf of Provider and require its Subcontractors to return or destroy all PHI received from ModuleMD, or created or received by Subcontractor on behalf of ModuleMD that Subcontractor still maintains in any form. </li>

</ol>
</li>


</ol>
 

</li>


<li><strong> Independent Contractor Status.</strong> In the performance of Services on behalf of Provider, ModuleMD is an independent contractor of Provider and shall not be considered an agent of Provider. </li>

<li><strong>Notification of Breaches of Unsecured PHI, Security Incidents and/or Improper Uses or Disclosures of PHI.</strong> ModuleMD shall notify Provider of its discovery of a Breach of Unsecured PHI, Security Incident or improper Use or Disclosure of PHI, without unreasonable delay, within five (5) business days after ModuleMD becomes aware of such Breach of Unsecured PHI, Security Incident or improper Use or Disclosure of PHI. To the extent known, the report shall include identification of the Individuals whose Unsecured PHI has been (or is reasonably believed to have been) accessed, acquired, or disclosed during the Breach or Security Incident; and a brief description of what happened including the date of the Breach or Security Incident, the date of discovery of the Breach, or Security Incident and the type of Unsecured PHI involved in the Breach or Security Incident. A Breach, whether actual or perceived, will be treated as discovered as of the first day that such Breach is known or reasonably should have been known to the ModuleMD. The Parties shall cooperate fully and in good faith with each other in connection with resolving any Breaches of Unsecured PHI, Security Incident or improper Uses or Disclosures of PHI, including, but not limited to, investigating the Breach, Security Incident or improper Use or Disclosure or Breach, preparing any required notifications to Individuals and others, mitigating the harm, and taking corrective action, as applicable, and shall be responsible for all costs incurred by Provider for those activities. </li>

<li><strong>Indemnification.</strong> ModuleMD shall, at its sole cost and expense, defend, indemnify and hold harmless Provider and its officers, directors, employees and agents from and against any and all claims, demands, costs, expenses, liabilities and losses, including reasonable attorneys’ fees and punitive damages, which may arise against Provider as a result of any breach of ModuleMD’s duties under this Agreement. To the extent ModuleMD has limited its liability under the terms of a separate agreement between the Parties, all limitations will exclude any damages to Provider arising out of this Section. </li>

<li><strong>Injunctive Relief.</strong> ModuleMD acknowledges that its unauthorized Use or Disclosure of PHI would cause irreparable harm to Provider and the Individuals it serves, and in such event, Provider shall be entitled to avail itself of all rights and remedies available to Provider, including obtaining injunctive relief and collecting damages. </li>

<li><strong>Ownership Rights to PHI. </strong>Under no circumstances shall ModuleMD be deemed in any respect to be the owner of any PHI received from Provider, or created or received by ModuleMD on behalf of Provider. </li>


<li><strong>Miscellaneous.  </strong>
<ol class="nest pl-4">
<li><u>Regulatory References.</u> A reference in this Agreement to a provision in the HIPAA Rules means the provision as in effect or as amended, and for which compliance is required. </li>

<li><u>Amendment.</u> The Parties agree to take such action that is necessary from time to time to amend this Agreement to comply with the requirements of the HIPAA Rules, HIPAA, the HITECH Act and any other applicable law. Until such time as amendments can be made, this Agreement shall be deemed to be automatically amended to comply with the new requirements. </li>

<li><u>Interpretation.</u> Any ambiguity in this Agreement shall be resolved in favor of a meaning that permits the Parties to comply with the HIPAA Rules. </li>

<li><u>Notices.</u> In the event the Services Agreement does not set forth a notice provision, the provisions of this Section  11.4
shall apply when notice must be given under this Agreement; otherwise the notice provisions of the Services Agreement shall apply. Any notice, demand or communication required, permitted or desired to be given under this Agreement shall be deemed properly given when personally delivered, delivered by an overnight delivery service (e.g., Fed Ex, UPS, U.S. Express Mail) requiring a party’s signature to acknowledge delivery, by electronic facsimile (confirmed by first class mail placed in the mail no later than the following day) or mailed by registered or certified mail, return receipt requested, to the address indicated below each party’s signature (or to such other address as one party may notify the other party in writing). Notice shall be deemed to have been given upon transmittal thereof as to communications transmitted by electronic facsimile, upon personal delivery or upon delivery by an overnight delivery service, or the second business day after mailing by certified mail. </li>

<li><u>No Third Party Beneficiaries.</u> Nothing express or implied in this Agreement is intended to, nor shall it, confer upon any person other than the Parties and their respective successors and permitted assigns, any rights, remedies, obligations or liabilities whatsoever. </li>

<li><u>Priority of Agreement.</u> If any provision of this Agreement is inconsistent with the terms of the Services Agreement, the terms of this Agreement shall prevail (except as otherwise provided in Section 11.7). </li>

<li><u>Governing Law.</u> This Agreement shall be governed by and construed in accordance with the laws of the State of Michigan, without regard to its conflict of laws principles except to the extent Michigan law has been pre-empted by HIPAA or another federal privacy law. The parties agree that any action relating to this Agreement shall be brought solely in the Federal District Court for the Eastern District of Michigan or in the Genessee County Circuit Court. However, if the action also relates to the Services Agreement, the jurisdiction and venue specified in the Services Agreement will control over this provision. </li>

<li><u>Survival.</u> The respective rights and obligations of the ModuleMD under the termination provision of this Agreement and the Breach Notification provision shall survive the termination or expiration of this Agreement. </li>

<li><u>Counterparts and Copies.</u> This Agreement may be executed in several counterparts, each of which shall be deemed an original, and which together shall constitute one instrument. Copies (whether telefacsimile, electronic, photo static or otherwise) shall be deemed to be originals and may be relied on to the same extent as the originals, absent manifest fraud. </li>

<li><u>Effective Date.</u> This Agreement shall become effective as of the later of the date on which Provider signed this Agreement or ModuleMD signed this Agreement. </li>

<li><u>Authority to Execute.</u> Each party represents and warrants that it has the authority to execute and bind the party to this Agreement. </li>
</ol>
</li>

 
</ol>

 
</div>
            </div>
         </div>
      </div>
   </section>