The client (“Client”) of gMed, Inc. (“gMed”) that has subscribed to the use of gMed’s gInsights product (“gInsights”) has indicated its consent to this gInsights Data Usage Acknowledgement (this “Acknowledgement”) electronically through gMed’s website and confirms such consent by its continued use of gInsights. Client hereby acknowledges and agrees as follows: Definitions. Capitalized terms used in this Acknowledgement without definition shall have the meanings given to them by HIPAA or by this Acknowledgement, as applicable. For purposes of this Acknowledgement, “HIPAA” means the Health Insurance Portability and Accountability Act of 1996, the Health Information Technology for Economic and Clinical Health Act and their implementing regulations, as each may be amended from time to time. General Acknowledgement. Client understands that gInsights in addition to providing certain reports based on a particular user’s data may also provide certain benchmarks or other information based on the data of other third party gInsights users or from other sources (e.g., data may be used to provide information for value based payment scenarios such as the Merit Based Incentive Payment System or other purposes). Use and Disclosure of PHI. gMed may use and disclose Protected Health Information received by gMed from or on behalf of the Client (“PHI”) as permitted or required under gMed’s agreements with Client (including this Acknowledgement) or as Required by Law, but shall not otherwise use or disclose PHI. gMed shall not use or disclose PHI received from the Client in any manner that would constitute a violation of HIPAA if so used or disclosed by the Client. To the extent gMed carries out any of the Client’s obligations under the HIPAA Privacy Rule, gMed shall comply with the requirements of the HIPAA Privacy Rule that apply to the Client in the performance of such obligations. Without limiting the generality of the foregoing, gMed is permitted to use or disclose PHI as set forth below: (a) gMed may use PHI internally for gMed’s proper management and administrative services or to carry out its legal responsibilities; (b) gMed may disclose PHI to a third party for gMed’s proper management and administration, provided that the disclosure is Required by Law or gMed obtains reasonable assurances from the third party to whom the PHI is to be disclosed that the third party will (1) protect the confidentially of the PHI, (2) only use or further disclose the PHI as Required by Law or for the purpose for which the PHI was disclosed to the third party and (3) notify gMed of any instances of which the person is aware in which the confidentiality of the PHI has been breached; (c) gMed may use PHI to provide Data Aggregation services as defined by HIPAA; (d) gMed may use PHI to create de-identified health information in accordance with the HIPAA de-identification requirements. Without limiting any other rights of gMed under this Agreement, gMed may use, create, sell, disclose to third parties and otherwise commercialize de-identified health information for any purposes not prohibited by law. gMed owns all right, title and interest in such de-identified health information and any data, information and material created by gMed with such de-identified health information. For the avoidance of doubt, the second and third sentences of this Section (d) shall survive the expiration or earlier termination of this Acknowledgement; (e) gMed may use and disclose PHI to develop, create, improve, update or otherwise change currently licensed or new products and services for Client and other customers of gMed; (f) gMed may use and disclose PHI for purposes of obtaining an authorization to use and disclose PHI or any other permission from an individual; and (g) gMed may use and disclose PHI for Research purposes as permitted by applicable law. General Statement. Without limiting any rights of gMed set forth in this Acknowledgement or otherwise permitted by any other agreements between Client and gMed, notwithstanding anything to the contrary in any agreement between Client and gMed, Client acknowledges and agrees that gMed (i) may use Client Data (as defined below) to create de-identified data in accordance with the HIPAA de-identification requirements; (ii) may use, create, sell, provide to third parties, and otherwise commercialize Client Data provided same has first been de-identified in accordance with HIPAA and (iii) owns all right, title and interest in such de-identified Client Data and any data, information and material created by gMed with such de-identified Client Data. For purposes of this Acknowledgement, “Client Data” means any electronic data, information or material that gMed receives from or on behalf of Client, Client’s patients and/or Client’s Authorized Users (or at any of their direction) through gInights or otherwise in connection with this Acknowledgement, including, without limitation, (i) any electronic data, information or material entered into gInsights by Client and its Authorized Users (or at any of their direction), (ii) any electronic data, information or material imported into gInsights relating to Client or any of its patients, (iii) any electronic data, information or material about a patient entered into gInsights and (iv) any electronic data, information or material provided or submitted by a third party through gInsights relating to the Client or any of its patients. For purposes of this Acknowledgement, “Authorized User” means Client’s employees, representatives, consultants, contractors or agents who are authorized to use gInsights. Return or Destruction of PHI upon Termination. Upon termination of Client’s right to use gInsights, gMed shall return or destroy all PHI received from Client or created or received by gMed on behalf of Client and which gMed still maintains as PHI. Notwithstanding the foregoing, to the extent that gMed determines, in its sole discretion, that it is not feasible to return or destroy such PHI, such PHI shall be used or disclosed solely for such purpose or purposes which prevented the return or destruction of such PHI.
Survival. The terms of this Acknowledgement shall survive the expiration or termination of Client’s right to use gInsights.Authority. Client represents and warrants that it has the legal power and requisite authority to enter into this Acknowledgement and that this Acknowledgement has been accepted on its behalf by a duly authorized representative of Client.
Conflict. This Acknowledgement is intended as a supplement to any other agreements between gMed and Client. In the event of a conflict between this Acknowledgement and any other agreement between gMed and the Client, the terms of this Acknowledgement shall prevail.
Governing Law. This Acknowledgement shall be governed by and construed in accordance with the laws of the State of Florida, without giving effect to any principles of conflicts of law.Jurisdiction. Client agrees that any action at law or in equity arising out of or relating to this Acknowledgement shall be filed only in the state or federal courts in and for Palm Beach County, Florida and Client hereby consents and submits to the personal and exclusive jurisdiction and venue of such courts for the purposes of litigating any such action. CLIENT AGREES THAT ANY CAUSE OF ACTION BROUGHT BY CLIENT ARISING OUT OF OR RELATED TO THIS ACKNOWLEDGEMENT MUST COMMENCE WITHIN ONE (1) YEAR AFTER THE CAUSE OF ACTION ACCRUES. OTHERWISE, SUCH CAUSE OF ACTION IS PERMANENTLY BARRED.
Waiver. A provision of this Acknowledgement may be waived only by a written instrument executed by the party entitled to the benefit of such provision. The failure of gMed to exercise or enforce any right or provision of this Acknowledgement will not constitute a waiver of such right or provision.
Severability. If any provision of this Acknowledgement shall be unlawful, void, or for any reason unenforceable, then that provision shall be deemed severable from this Acknowledgement and shall not affect the validity and enforceability of any remaining provisions.