User agrees to keep their password confidential so that no one else may access the Account and will notify Peer Capsule immediately upon discovering any loss, theft, or unauthorized use of the Account.
The content, organization, graphics, design, compilation, magnetic translation, digital conversion, and all other matters related to the Site, including without limitation, the “look and feel” of this Site, are protected under applicable copyrights and another proprietary (including but not limited to intellectual property) rights and are the property of Peer Capsule or our affiliates or content providers. You don’t have the right to use, copy, distribute, display, publish, transmit or create derivative works of any content or material on this Site except as expressly granted in the “Limited Right to Use” section of this Agreement.
All trademarks and trade names used on this Site, including but not limited to Peer Capsule, are trademarks or registered trademarks of Peer Capsule or its affiliates or other third parties. The copying, redistribution, use, or publication by you of any such marks, except as expressly granted in the “Limited Right to Use” section of this Agreement, is strictly prohibited.
You may view, print, or download any content, graphic, form, or document from the Site so long as such activity is for your own personal and non-commercial use. You may not modify, copy, transmit, display, perform, reproduce, license, publish, distribute, assign, sublicense, sell, create a derivative work from or make other use of the content of this Site. No part of any content, form, or document accessible at this Site may be reproduced in any form or incorporated into any information retrieval system, electronic or mechanical, other than for your personal use. In no case may you resell, redistribute, or put to any commercial use, any content or information on this Site.
Your activities on the Site shall not: (a) violate any law, statute, ordinance or regulation (including, but not limited to, those governing export control, consumer protection, unfair competition, anti-discrimination or false advertising); (b) contain or subject this Site to any viruses, Trojan horses, worms, time bombs, cancelbots, easter eggs or other computer programming routines that may damage, detrimentally interfere with, surreptitiously intercept or expropriate any system, data or personal information; (c) create liability or cause Peer Capsule to lose (in whole or in part) the services of its ISPs or other suppliers; (d) modify or alter any part of this Site, including, without limitation by (i) providing a link directly or indirectly to any other site from this Site or (ii) modifying or altering any material on this Site.
You may not use the Site in any manner that could damage, disable, overburden, or impair this Site or any network associated with this Site or interfere with any other parties’ use or enjoyment of this Site. You may not attempt to gain unauthorized access to this Site, any computer system or network connected to or affiliated with this Site through hacking, password mining, or any other means. You may not attempt to obtain any materials or information through any means not intentionally made available at this Site.
This Site may contain e-mail services, bulletin board services, chat areas, newsgroups, and/or other message or communication facilities made available to you to communicate with others (“Communication Services”). You agree to use the Communication Services only to post, send, and receive messages and material that are proper and do not violate any other terms and conditions of this Agreement or applicable Law. By way of example only, you agree that you will not use the Communication Services in connection with surveys, contests, pyramid schemes, chain letters, junk e-mail, spamming or any duplicative or unsolicited messages (commercial or otherwise); defame, abuse, harass, stalk, threaten or otherwise violate the legal rights (such as rights of privacy and publicity) of others; publish, post, upload, distribute or disseminate any inappropriate, profane, defamatory, obscene, indecent or unlawful topic, name, material or information; publish, post, upload, distribute or disseminate any topic, name, material or information that incites discrimination, hate or violence towards one person or a group because of their belonging to a race, a religion or a nation, or that insults the victims of crimes against humanity by contesting the existence of those crimes; upload, or otherwise make available, files that contain images, photographs, software or other material protected by intellectual property laws, including, by way of example, copyright or trademark laws (or by rights of privacy or publicity) unless you own or control the rights thereto or have received all necessary consents to do the same; use any material or information, including images in any manner that infringes any copyright, trademark, patent, trade secret, or other proprietary right of any party; upload files that contain viruses, Trojan horses, worms, time bombs, cancelbots, corrupted files, or any other similar software or programs that may damage the operation of another’s computer or property of another; advertise or offer to sell or buy any goods or services for any business purpose, unless such Communication Service specifically allows such messages; download any file posted by another User of a Communication Service that you know, or reasonably should know, cannot be legally distributed in such manner; falsify or delete any author attributions, legal or other proper notices or proprietary designations or labels of the origin or source of software or other material contained in a file that is uploaded; restrict or inhibit any other User from using and enjoying the Communication Services; violate any code of conduct or other guidelines which may be applicable for any particular Communication Service; or harvest or otherwise collect information about others, including e-mail addresses.
It is the sole responsibility of Users to maintain the privacy of the information exchanged through this Site, whether they are directly disclosing this information through tools on this Site, contacting parties met during, prior to, or as a result of using the Services at this Site or otherwise disclosing said information to any third party. Disclosing Users are liable for the consequences of their disclosure and should seek authorization for the disclosure of medical information (especially personal, demographic, or identifying information regarding patients and/or research participants) PRIOR TO disclosing such information to other Users via Peer Capsule or other means. Recipients of information are solely responsible for the reasonable protection and safekeeping of disclosed information, and Users of this Site agree to use all and any information that is disclosed to them only as it was intended by the disclosing User.
Peer Capsule may immediately remove User’s material or information from Peer Capsule's servers, in whole or in part, that Peer Capsule, in its sole and absolute discretion, determines to infringe the proprietary rights of a third party, violates any of the terms of this Agreement, or is otherwise objectionable.
User acknowledges that Peer Capsule may provide access to content supplied by third parties and other Users. Accordingly, the User acknowledges that Peer Capsule has no editorial control over such content. Any opinions, advice, statements, services, offers, diagnoses, or other information or content expressed or made available by third parties, including other Users, are those of the respective author(s) or distributor(s) and not of Peer Capsule. It is the responsibility of Users to evaluate the accuracy, completeness, or usefulness of any information, opinion, advice, or other content available through the Services and to seek the advice of professionals and other sources, as appropriate, regarding the evaluation of any specific information, opinion, advice, diagnosis, treatment recommendation or other content.
Peer Capsule reserves the right, in its sole discretion and judgment, and without liability of any kind to you, to terminate your access to the Site for any reason, at any time, without notice.
You represent and warrant that you possess the legal right and ability to legally obligate yourself to this Agreement. You represent and warrant that you will use this Site in accordance with this Agreement and all applicable professional and ethical standards and requirements and all laws and regulations. You represent and warrant that all information entered in the member registration profile is correct and complete and that you will comply with your obligations as stated in this Agreement.
You agree to indemnify, defend and hold harmless Peer Capsule and its officers, directors, consultants, employees, agents, partners, promoters, co-branders, licensors, suppliers, sponsors, and affiliates from and against any claims, actions or demands, liabilities and settlements including, without limitation, reasonable legal, attorney, and accounting fees, resulting from, or alleged to result from, (a) your violation of this Agreement; (b) any activity related to your use of this Site by you or any other person accessing this Site using your account; (c) a breach of any of your representations, warranties, or agreements under this Agreement; (d) a violation of the intellectual property rights of any third parties; (e) content submitted, posted, transmitted or made available through your use or connection to this Site; and (f) any violation of any law related to confidentiality of patient health information, or any misconduct in connection with the use of this Site, including, without limitation, medical malpractice and the unauthorized practice of medicine.
ALL INFORMATION AND SERVICES PROVIDED FROM, AT OR THROUGH THIS SITE ARE PROVIDED “AS IS,” “WHERE IS,” “AS AVAILABLE” AND “WITH ALL FAULTS” TO THE MAXIMUM EXTENT PROVIDED BY LAW, ANY AND ALL WARRANTIES, EXPRESS OR IMPLIED, ARE DISCLAIMED (INCLUDING, BUT NOT LIMITED TO, TITLE, NON-INFRINGEMENT, ACCURACY, AND THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE). THE INFORMATION AND SERVICES PROVIDED AT THIS SITE MAY CONTAIN ERRORS, PROBLEMS, OR OTHER LIMITATIONS. Peer Capsule SHALL HAVE NO LIABILITY WHATSOEVER FOR YOUR USE OF ANY INFORMATION OR SERVICES PROVIDED AT THIS SITE.
IN ADDITION, IN NO EVENT SHALL Peer Capsule OR ANY OF ITS OWNERS, CONSULTANTS, EMPLOYEES, SUPPLIERS, SPONSORS OR OTHER REPRESENTATIVES BE LIABLE FOR ANY SPECIAL, PUNITIVE, INDIRECT, INCIDENTAL OR CONSEQUENTIAL DAMAGES, OR ANY OTHER DAMAGES OF ANY KIND, INCLUDING, BUT NOT LIMITED TO, PERSONAL INJURY, WRONGFUL DEATH, LOSS OF USE, LOSS OF PROFITS, INTERRUPTION OF SERVICE OR LOSS OF DATA, WHETHER IN ANY ACTION IN WARRANTY, CONTRACT, TORT (INCLUDING, BUT NOT LIMITED TO, NEGLIGENCE OR FUNDAMENTAL BREACH), OR OTHERWISE, ARISING OUT OF OR IN ANY WAY CONNECTED WITH THE USE OF, OR THE INABILITY TO USE, THIS SITE OR THE MATERIAL CONTAINED IN OR ACCESSED THROUGH THIS SITE, EVEN IF AN AUTHORIZED REPRESENTATIVE OF Peer Capsule IS ADVISED OF THE LIKELIHOOD OR POSSIBILITY OF THE SAME. IN NO EVENT IS Peer Capsule LIABLE FOR ANY DAMAGES CAUSED BY YOUR OR ANY THIRD PARTY’S ACTS OR OMISSIONS.
WHEN USING THIS SITE, INFORMATION WILL BE TRANSMITTED OVER A MEDIUM THAT IS BEYOND THE CONTROL AND JURISDICTION OF Peer Capsule AND THIS SITE AND THEIR SPONSORS AND SUPPLIERS. ACCORDINGLY, Peer Capsule ASSUMES NO LIABILITY FOR OR RELATING TO THE DELAY, FAILURE, INTERRUPTION OR CORRUPTION OF ANY DATA OR OTHER INFORMATION TRANSMITTED IN CONNECTION WITH USE OF THIS SITE.
YOU ACKNOWLEDGE THAT THIS SITE AND THE INFORMATION PROVIDED AT THIS SITE WOULD NOT BE PROVIDED WITHOUT THE FOREGOING DISCLAIMERS AND LIMITATIONS. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF CERTAIN WARRANTIES OR THE LIMITATION OR EXCLUSION OF LIABILITY FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES. ACCORDINGLY, THE ABOVE DISCLAIMERS AND LIMITATIONS MAY NOT APPLY TO YOU IF YOU RESIDE IN SUCH A JURISDICTION. IN NO EVENT WILL Peer Capsule's TOTAL CUMULATIVE DAMAGES EXCEED US$100.
Reliance on the contents of this Site for any purpose by you is at your sole risk. All standards, specifications, technical discussions, and reports included on this Site are advisory only. Peer Capsule is not responsible for any errors of any kind (typographical or otherwise). The contents of this Site are not intended to substitute your own clinical judgment as a healthcare professional. Prior to undertaking any treatment or counseling based on the contents of this Site, you should always exercise your professional judgment and confirm the truthfulness and reliability of said contents with sources not related to this Site.
The information available on this site reflects the views of only the Users and any other authors exchanging information in any form via this Site and platform, or as a result of connection facilitated by this Site, and are not the views of Peer Capsule. These materials may discuss uses and dosages for therapeutic products that may have not been approved by the United States Food and Drug Administration, or a similar agency in your country and state of residence. Prior to treating, advising, or otherwise counseling patients, Users should first determine any restrictions or limitations their jurisdiction places on the use of any therapeutic product or treatment regimen shared by Users on this Site. It is the sole responsibility of each User to evaluate all information exchanged herein before prescribing new drugs or treatments, and all Users consent that they are to be held solely responsible for the consequences of their professional actions whether such actions are the product of discussions commenced herein or not. All users should verify all information and data before treating patients or utilizing any therapies noted on this Site.
This Site may contain clinical tools, applications, and databases. The results of these tools, applications, and databases are not intended to be construed as a recommendation as to a particular treatment plan or medical diagnosis. Users employing these tools, applications, and databases should always exercise their own clinical judgment in conjunction with consulting additional sources of information.
By submitting content and other data to the Site, you automatically grant to Peer Capsule, or warrant that the owner of such material has expressly granted to Peer Capsule, the royalty-free, worldwide, perpetual, irrevocable, assignable, non-exclusive right and license to use, publish and display such content and data on the Site solely in connection with the provision of Peer Capsule's services as contemplated under this Agreement. You also permit any other authorized User of the Site to access or view the material in connection with that User’s use of the Site as contemplated under this Agreement.
You specifically warrant that information disclosed in communications to the Site comply with all applicable Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) requirements for protecting medical privacy. Any disclosure of such information without PRIOR patient approval shall be the sole responsibility of the User(s) who provided the information. It is the sole responsibility of the Users, practitioners, researchers, healthcare professionals, and others who use this Site to ensure that HIPAA Privacy standards and requirements are met with regard to the authorized disclosure of personal, identifying, and/or demographic information about particular patients, research participants, clients, etc., and such responsibilities and duties shall be non-delegable and non-assignable.
The Site may contain links to other Web sites. These sites are not operated or controlled by Peer Capsule. Peer Capsule is not responsible for the content, accuracy, or opinions expressed in such Web sites, and Peer Capsule has not investigated, monitored, or checked for accuracy or completeness of any of these sites. Inclusion of any link to any Web site on our Site does not imply approval or endorsement of the linked Web site by us. If you decide to leave our Site and access these third-party sites, you do so at your own risk.
We respect the intellectual property of others, and we ask you to do the same. If you believe that your work has been copied in a way that constitutes copyright infringement, please provide our Copyright Agent the following information:
Our Copyright Agent for notice of claims of copyright infringement on the Site can be reached as follows:
Attn: Abdullah Norain
We suggest that you consult with your legal counsel and/or 17 U.S.C. 512(c)(3)(A) to determine specific elements of a claim. Similarly, if you feel your work does not infringe the copyright of another, you may file a Counter-Notification with us pursuant to 17 U.S.C. 512(g)(3).
The Site may contain information about us. While this information was believed to be accurate as of the date prepared, we disclaim any duty or obligation to update this information or any press releases. Information about companies other than ours contained in any press release or otherwise, should not be relied upon as being provided or endorsed by us.
Peer Capsule may suspend or terminate your account and delete any and all information in your account at any time and for any reason.
You agree that this Agreement shall be treated as though it were executed and performed in New York, and shall be governed by and construed in accordance with the laws of the State of New York (without regard to conflict of law principles). You also consent and submit to the jurisdiction of any New York State or Federal District Court located in Cuyahoga County of the State of New York, and waive any defense of forum non-conveniens (i.e., not a convenient court). Any cause of action by you with respect to the Site (and/or any information, products, or services related thereto) must be instituted within one (1) year after the cause of action arose or be forever waived and barred, and all actions shall be subject to the limitations set forth in this Agreement.
Peer Capsule and this Site are based in the United States of America. Peer Capsule makes no claims that the content is appropriate or may be downloaded outside of the United States, or that Peer Capsule's practices and policies will comply with the laws of other countries or states. Access to the content may not be legal by certain persons or in certain countries. If you access this Site from outside the United States, you do so at your own risk and are responsible for compliance with the laws of your jurisdiction.
The language in this Agreement shall be interpreted as to its fair meaning and not strictly for or against either party.
Should any part of this Agreement be held invalid or unenforceable, the remaining portions of this Agreement shall remain in full force and effect.
To the extent that anything in or associated with the Site is in conflict or inconsistent with this Agreement, this Agreement shall control.
Our failure to enforce any provision of this Agreement shall not be deemed a waiver of such provision or of the right to enforce such provision.
This Agreement shall inure to the benefit of, and shall be binding upon, the parties and their respective permitted successors, assigns, heirs, and legal representatives. User may not assign this Agreement or any of its obligations hereunder without the prior written consent of Peer Capsule. Peer Capsule may assign its rights under this Agreement to any party at any time without notice to User.
Questions or comments regarding this Site should be directed by e-mail to email@example.com.
You acknowledge that the provisions, disclosures, and disclaimers set forth in this Agreement are fair and reasonable and your agreement to follow and be bound by them is not the result of fraud, duress, or undue influence exercised upon you by any person or entity. Notwithstanding any provisions of this Agreement, Peer Capsule has available all remedies at law or equity to enforce this Agreement. If you fail to comply with this Agreement, we retain the right to suspend or eliminate your account and remove any and all information you have posted on our Site. There are no representations, promises, warranties, or undertakings by Peer Capsule contrary to those set forth above.
Peer Capsule, Inc., is committed to Users’ ongoing needs. Our goal is to constantly improve the quality and depth of the services we provide to Users on the Site. In order to continuously improve the Site, we need to learn from the way Users interact with our system. For example, we are interested in what features Users access frequently, how Users find out about the Site (e.g. if you linked to the Site from another Web site, the address of that Web site), and how we can use the information you provide to us (geographic location, previous searches, interests) to make search results more relevant to each individual User. We also store information about the technology you use to access the Site, such as the type of browser (e.g. Internet Explorer, Firefox, Chrome) and operating system (e.g. Windows, OS X) you use. We strive to provide a system that meets your needs and adapts to better serve you. Therefore, we store information about the way each User accesses and uses the Site, and we use this information to improve the services we provide to you.
Finally, Peer Capsule, Inc., collects information about our Users at the aggregate level. Some examples of aggregate information may include, without limitation, the number of Users utilizing the Site, the number of Users utilizing the Site within a particular specialty or geographic region, statistics on the number of times a particular search term was used, and the number of Users who accessed “opt-in” portions of the Site. This information may be used in various ways to enhance the Site, and we may share anonymous versions of this information with third parties to improve and/or fund the services we provide to you. In cases of onward transfer to third parties of data of EU and Swiss individuals received pursuant to the EU-US and Swiss-US Privacy Shield, Peer Capsule, Inc., is potentially liable.
From time to time, you will be asked to provide certain personal information. If provided, we will store such information, and you will not be anonymous to us. For example, we will ask you to provide and we will collect certain information at registration when you enter your member profile, which may include your name, business/practice name, and email address. At the time of registration, we will clearly label which information is required and which information you may optionally provide at your discretion. We may also ask you to provide additional information after registration in order to provide you with additional services and features.
We recognize that some users may want to access additional features provided by organizations other than Peer Capsule, Inc. and that the structure and environment provided by the Site may uniquely complement or enhance those features. At the same time, we understand that many such services require Users to provide personal information. We are committed to protecting your personal information and providing you with unique opportunities through the Site. Therefore, to meet both goals, we may provide you with opportunities in which you may participate by electing to “opt-in”. Peer Capsule, Inc., will inform you when a particular feature would require you to “opt-in”, and we will not share your personal information unless you explicitly grant us permission to do so.
Several features on the Site allow you to post personal information that will be viewable to certain Users of the Site. For example, any information contained in a discussion board message, along with the message’s associated name will be viewable by certain registered Users. When posting messages on the discussion boards, you should not reveal anything that you want to keep private. If the information you are providing is going to be stored on our systems, we will notify you at the time of input.
Although cookies do not normally contain personally identifiable information, if you are a registered user, we may associate your registration information with cookies the Site places on your computer’s hard drive. Associating a cookie with your registration data allows us to offer increased personalization and functionality. For example, you can elect to have the Site “remember” your username and password and bypass the sign-in process on each visit to the Site. Without cookies, this functionality would not be possible.
When you register, you will have the choice to have your personal information displayed to other Users, based on the degrees of separation that exist between you and the other Users. By opting to display your personal information with other Users, you are expressly authorizing other Users to contact you and send you messages. You may change your disclosure preferences at any time. We may transfer information about you in the event that Peer Capsule, Inc, or substantially all of Peer Capsule, Inc.’s assets become owned or controlled by other individuals or entities.
This section addresses the ways we safeguard your information as well as the limitations on such protection.
The Site provides an internal communication system so you can easily communicate with other Users on the Site. Peer Capsule, Inc., respects the privacy and sensitivity of your communications. Because the messages exchanged on the Site reflect the beliefs and views of the Users who send them, Peer Capsule, Inc., is not responsible for the content of the messages exchanged on our system. Peer Capsule, Inc., is committed to a collegial and cooperative environment. If you receive or become aware of inappropriate (e.g. defamatory comments, harassment, threats, etc.) messages on the Site, please notify us immediately. To provide you this communication service, Peer Capsule, Inc., must act as a messenger between you and other Users. Therefore, when you click “Send” to submit a message on the Site, we interpret that act as your authorization for us to deliver that message. Please be careful when selecting recipients for your message, as we cannot “unsend” a message once you have sent it. If you choose to share your information with any other party, Peer Capsule, Inc., is not responsible in any way for loss of privacy or any other claim relating to or arising from such disclosure.
Peer Capsule, Inc.’s services facilitate the collection and distribution of medical advice and opinions among medical professionals. Peer Capsule, Inc., requests that you carefully consider the advice you receive on the Site and that you take all precautions to protect the identity of your patients. In accordance with the Health Insurance Portability and Accountability Act (HIPAA) of 1996, please do not transmit or allow the transmission of any individually identifiable medical information without PRIOR authorization from the respective patient.
Peer Capsule processes personal information in accordance with the legal bases set forth in the EU General Data Protection Regulation (GDPR) or EU Member State law. For example, our processing of Personal Data on individuals (as described above) is justified based on statutory provisions that (1) processing is based on the consent; (2) processing is necessary for Peer Capsule's legitimate interests as set out herein; (3) processing is necessary for the performance of a contract to which you are a party; and, (4) Peer Capsule is required to comply with a legal or statutory obligation in the EU or a Member State. If you are in the EU or afforded protection under the GDPR, you may have certain rights with respect to the Personal Data. To the extent permitted by applicable data protection laws, you may access the Personal Data we hold about you; request that inaccurate, outdated, or no longer necessary information be corrected, erased, or restricted; and, request that we provide your Personal Data in a format that allows you to transfer it to another service provider. You also may withdraw your consent at any time where we are relying on your consent for the processing of your Personal Data. You may object to our processing of your Personal Data where that processing is based on our legitimate interest. You have the right to lodge a complaint with your competent data protection authority. Wihtin3 transfers personal data outside the EU in accordance with standard contractual clauses adopted by the European Commission, or other approved safeguards . If you wish to exercise any of these rights, please contact us in accordance with the instructions provided below.
Peer Capsule, Inc., is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).
Peer Capsule supports the rights of California consumers as brought forth in the California Consumer Privacy Act or “CCPA”. Please see the “Information We Collect” and “How We Use Your Information” sections as they describe our approach to personal data. Peer Capsule does not sell the personal information we collect. Subject to certain limitations, the CCPA provides California consumers the right to request to know more details about the categories or specific pieces of personal information we collect (including how we use and disclose this information), to delete their personal information, to opt-out of any “sales” that may be occurring, and to not be discriminated against for exercising these rights. California consumers can pursue these rights by contacting us at support@Peer Capsule.com.
Information you submit to Peer Capsule, Inc., is encrypted using the Transport Layer Security (“TLS”) encryption standard. TLS is the industry standard means to protect sensitive, personal information (e.g. credit card numbers, bank account information) as it passes over the Web to a server. TLS does two things: (i) the encryption helps prevent information from being intercepted by a third party while in transit on the Web, and (ii) because a website must obtain a “digital certificate” to implement TLS, it authenticates that the server receiving your information is who it claims to be. Peer Capsule, Inc., also uses care to protect your information once it is stored on our database. Unfortunately, no transmission of information over the Internet or local area networks can be guaranteed to be completely secure, but Peer Capsule, Inc., has implemented industry-standard security measures to protect your information.
This section informs you of the procedures available for accessing your information as well as the choices you have regarding amending, deleting, or modifying your personal information.
If you believe that your personal information stored on the Site is in error, you may edit your personal profile any time directly on the Site. Requests for deletion of your record may result in your removal from the registry, but we may keep certain demographic information about you for product improvement purposes. You may contact Customer Support at support@Peer Capsule.com and ask for the changes that you would like to make.
If you have any questions about this policy or our site in general, please contact us at:
Peer Capsule, Inc
By e-mail to: firstname.lastname@example.org
This BUSINESS ASSOCIATE AGREEMENT (the "BA Agreement") is incorporated by reference into and made a part of the PeerCapsule Terms of Service, and is entered into by and between PeerCapsule, Inc. ("PeerCapsule" or "we") and anyone that has agreed to the Terms of Service ("Provider"); provided, however, that the terms of this BA Agreement apply only if and solely to the extent that PeerCapsule receives, creates, maintains, or transmits Protected Health Information relating to patients of Provider in connection with the Covered Services (defined below) that PeerCapsule, as a Business Associate, performs for or on behalf of Provider, as a Covered Entity. PeerCapsule, in its capacity as a Business Associate is referred to herein as "Business Associate", and Provider, in his/her/its capacity as a Covered Entity, is referred to herein as "Covered Entity."
I. Covered Entity is either a “covered entity” or “business associate” of a covered entity as each are defined under the Health Insurance Portability and Accountability Act of 1996, Public Law 104-191, as amended by the HITECH Act (as defined below) and the related regulations promulgated by HHS (as defined below) (collectively, “HIPAA”) and, as such, is required to comply with HIPAA’s provisions regarding the confidentiality and privacy of Protected Health Information (as defined below);
II. The Parties have entered into or will enter into one or more agreements under which Business Associate provides or will provide certain specified services to Covered Entity (collectively, the “Agreement”);
III. In providing services pursuant to the Agreement, Business Associate will have access to Protected Health Information;
IV. By providing the services pursuant to the Agreement, Business Associate will become a “business associate” of the Covered Entity as such term is defined under HIPAA;
V. Both Parties are committed to complying with all federal and state laws governing the confidentiality and privacy of health information, including, but not limited to, the Standards for Privacy of Individually Identifiable Health Information found at 45 CFR Part 160 and Part 164, Subparts A and E (collectively, the “Privacy Rule”); and
VI. Both Parties intend to protect the privacy and provide for the security of Protected Health Information disclosed to Business Associate pursuant to the terms of this Agreement, HIPAA and other applicable laws.
NOW, THEREFORE, in consideration of the mutual covenants and conditions contained herein and the continued provision of PHI by Covered Entity to Business Associate under the Agreement in reliance on this BAA, the Parties agree as follows:
1. Definitions. For purposes of this BAA, the Parties give the following meaning to each of the terms in this Section 1 below. Any capitalized term used in this BAA, but not otherwise defined, has the meaning given to that term in the Privacy Rule or pertinent law.
A. “Affiliate” means a subsidiary or affiliate of Covered Entity that is, or has been, considered a covered entity, as defined by HIPAA.
B. “Breach” means the acquisition, access, use, or disclosure of PHI in a manner not permitted under the Privacy Rule which compromises the security or privacy of the PHI, as defined in 45 CFR §164.402.
C. “Breach Notification Rule” means the portion of HIPAA set forth in Subpart D of 45 CFR Part 164.
D. “Data Aggregation” means, with respect to PHI created or received by Business Associate in its capacity as the “business associate” under HIPAA of Covered Entity, the combining of such PHI by Business Associate with the PHI received by Business Associate in its capacity as a business associate of one or more other “covered entity” under HIPAA, to permit data analyses that relate to the Health Care Operations (defined below) of the respective covered entities. The meaning of “data aggregation” in this BAA shall be consistent with the meaning given to that term in the Privacy Rule.
E. “Designated Record Set” has the meaning given to such term under the Privacy Rule, including 45 CFR §164.501.B.
F. “De-Identify” means to alter the PHI such that the resulting information meets the requirements described in 45 CFR §§164.514(a) and (b).
G. “Electronic PHI” means any PHI maintained in or transmitted by electronic media as defined in 45 CFR §160.103.
H. “Health Care Operations” has the meaning given to that term in 45 CFR §164.501.
I. “HHS” means the U.S. Department of Health and Human Services.
J. “HITECH Act” means the Health Information Technology for Economic and Clinical Health Act, enacted as part of the American Recovery and Reinvestment Act of 2009, Public Law 111-005.
K. “Individual” has the same meaning given to that term i in 45 CFR §§164.501 and 160.130 and includes a person who qualifies as a personal representative in accordance with 45 CFR §164.502(g).
L. “Privacy Rule” means that portion of HIPAA set forth in 45 CFR Part 160 and Part 164, Subparts A and E.
M. “Protected Health Information” or “PHI” has the meaning given to the term “protected health information” in 45 CFR §§164.501 and 160.103, limited to the information created or received by Business Associate from or on behalf of Covered Entity.
N. “Security Incident” means the attempted or successful unauthorized access, use, disclosure, modification, or destruction of information or interference with system operations in an information system.
O. “Security Rule” means the Security Standards for the Protection of Electronic Health Information provided in 45 CFR Part 160 & Part 164, Subparts A and C.
P. “Unsecured Protected Health Information” or “Unsecured PHI” means any “protected health information” as defined in 45 CFR §§164.501 and 160.103 that is not rendered unusable, unreadable or indecipherable to unauthorized individuals through the use of a technology or methodology specified by the HHS Secretary in the guidance issued pursuant to the HITECH Act and codified at 42 USC §17932(h).
2. Use and Disclosure of PHI.
A. Except as otherwise provided in this BAA, Business Associate may use or disclose PHI as reasonably necessary to provide the services described in the Agreement to Covered Entity, and to undertake other activities of Business Associate permitted or required of Business Associate by this BAA or as required by law.
B. Except as otherwise limited by this BAA or federal or state law, Covered Entity authorizes Business Associate to use the PHI in its possession for the proper management and administration of Business Associate’s business and to carry out its legal responsibilities. Business Associate may disclose PHI for its proper management and administration, provided that (i) the disclosures are required by law; or (ii) Business Associate obtains, in writing, prior to making any disclosure to a third party (a) reasonable assurances from this third party that the PHI will be held confidential as provided under this BAA and used or further disclosed only as required by law or for the purpose for which it was disclosed to this third party and (b) an agreement from this third party to notify Business Associate immediately of any breaches of the confidentiality of the PHI, to the extent it has knowledge of the breach.
C. Business Associate will not use or disclose PHI in a manner other than as provided in this BAA, as permitted under the Privacy Rule, or as required by law. Business Associate will use or disclose PHI, to the extent practicable, as a limited data set or limited to the minimum necessary amount of PHI to carry out the intended purpose of the use or disclosure, in accordance with Section 13405(b) of the HITECH Act (codified at 42 USC §17935(b)) and any of the act’s implementing regulations adopted by HHS, for each use or disclosure of PHI.
D. Upon request, Business Associate will make available to Covered Entity any of Covered Entity’s PHI that Business Associate or any of its agents or subcontractors have in their possession.
E. Business Associate may use PHI to report violations of law to appropriate Federal and State authorities, consistent with 45 CFR §164.502(j)(1).
3. Safeguards Against Misuse of PHI. Business Associate will use appropriate safeguards to prevent the use or disclosure of PHI other than as provided by the Agreement or this BAA and Business Associate agrees to implement administrative, physical, and technical safeguards that reasonably and appropriately protect the confidentiality, integrity and availability of the Electronic PHI that it creates, receives, maintains or transmits on behalf of Covered Entity. Business Associate agrees to take reasonable steps, including providing adequate training to its employees to ensure compliance with this BAA and to ensure that the actions or omissions of its employees or agents do not cause Business Associate to breach the terms of this BAA.
4. Reporting Disclosures of PHI and Security Incidents. Business Associate will report to Covered Entity in writing any use or disclosure of PHI not provided for by this BAA of which it becomes aware and Business Associate agrees to report to Covered Entity any Security Incident affecting Electronic PHI of Covered Entity of which it becomes aware. Business Associate agrees to report any such event within five business days of becoming aware of the event.
5. Reporting Breaches of Unsecured PHI. Business Associate will notify Covered Entity in writing promptly upon the discovery of any Breach of Unsecured PHI in accordance with the requirements set forth in 45 CFR §164.410, but in no case later than 30 calendar days after discovery of a Breach. Business Associate will reimburse Covered Entity for any costs incurred by it in complying with the requirements of Subpart D of 45 CFR §164 that are imposed on Covered Entity as a result of a Breach committed by Business Associate.
6. Mitigation of Disclosures of PHI. Business Associate will take reasonable measures to mitigate, to the extent practicable, any harmful effect that is known to Business Associate of any use or disclosure of PHI by Business Associate or its agents or subcontractors in violation of the requirements of this BAA.
7. Agreements with Agents or Subcontractors. Business Associate will ensure that any of its agents or subcontractors that have access to, or to which Business Associate provides, PHI agree in writing to the restrictions and conditions concerning uses and disclosures of PHI contained in this BAA and agree to implement reasonable and appropriate safeguards to protect any Electronic PHI that it creates, receives, maintains or transmits on behalf of Business Associate or, through the Business Associate, Covered Entity. Business Associate shall notify Covered Entity, or upstream Business Associate, of all subcontracts and agreements relating to the Agreement, where the subcontractor or agent receives PHI as described in section 1.M. of this BAA. Such notification shall occur within 30 (thirty) calendar days of the execution of the subcontract by placement of such notice on the Business Associate’s primary website. Business Associate shall ensure that all subcontracts and agreements provide the same level of privacy and security as this BAA.
8. Audit Report. Upon request, Business Associate will provide Covered Entity, or upstream Business Associate, with a copy of its most recent independent HIPAA compliance report (AT-C 315), HITRUST certification or other mutually agreed upon independent standards based third party audit report. Covered entity agrees not to re-disclose Business Associate’s audit report.
9. Access to PHI by Individuals.
A. Upon request, Business Associate agrees to furnish Covered Entity with copies of the PHI maintained by Business Associate in a Designated Record Set in the time and manner designated by Covered Entity to enable Covered Entity to respond to an Individual’s request for access to PHI under 45 CFR §164.524.
B. In the event any Individual or personal representative requests access to the Individual’s PHI directly from Business Associate, Business Associate within ten business days, will forward that request to Covered Entity. Any disclosure of, or decision not to disclose, the PHI requested by an Individual or a personal representative and compliance with the requirements applicable to an Individual’s right to obtain access to PHI shall be the sole responsibility of Covered Entity.
10. Amendment of PHI.
A. Upon request and instruction from Covered Entity, Business Associate will amend PHI or a record about an Individual in a Designated Record Set that is maintained by, or otherwise within the possession of, Business Associate as directed by Covered Entity in accordance with procedures established by 45 CFR §164.526. Any request by Covered Entity to amend such information will be completed by Business Associate within 15 business days of Covered Entity’s request.
B. In the event that any Individual requests that Business Associate amend such Individual’s PHI or record in a Designated Record Set, Business Associate within ten business days will forward this request to Covered Entity. Any amendment of, or decision not to amend, the PHI or record as requested by an Individual and compliance with the requirements applicable to an Individual’s right to request an amendment of PHI will be the sole responsibility of Covered Entity.
11. Accounting of Disclosures.
A. Business Associate will document any disclosures of PHI made by it to account for such disclosures as required by 45 CFR §164.528(a). Business Associate also will make available information related to such disclosures as would be required for Covered Entity to respond to a request for an accounting of disclosures in accordance with 45 CFR §164.528. At a minimum, Business Associate will furnish Covered Entity the following with respect to any covered disclosures by Business Associate: (i) the date of disclosure of PHI; (ii) the name of the entity or person who received PHI, and, if known, the address of such entity or person; (iii) a brief description of the PHI disclosed; and (iv) a brief statement of the purpose of the disclosure which includes the basis for such disclosure.
B. Business Associate will furnish to Covered Entity information collected in accordance with this Section 10, within ten business days after written request by Covered Entity, to permit Covered Entity to make an accounting of disclosures as required by 45 CFR §164.528, or in the event that Covered Entity elects to provide an Individual with a list of its business associates, Business Associate will provide an accounting of its disclosures of PHI upon request of the Individual, if and to the extent that such accounting is required under the HITECH Act or under HHS regulations adopted in connection with the HITECH Act.
C. In the event an Individual delivers the initial request for an accounting directly to Business Associate, Business Associate will within ten business days forward such request to Covered Entity.
12. Availability of Books and Records. Business Associate will make available its internal practices, books, agreements, records, and policies and procedures relating to the use and disclosure of PHI, upon request, to the Secretary of HHS for purposes of determining Covered Entity’s and Business Associate’s compliance with HIPAA, and this BAA.
13. Responsibilities of Covered Entity. With regard to the use and/or disclosure of Protected Health Information by Business Associate, Covered Entity agrees to:
A. Notify Business Associate of any limitation(s) in its notice of privacy practices in accordance with 45 CFR §164.520, to the extent that such limitation may affect Business Associate’s use or disclosure of PHI.
B. Notify Business Associate of any changes in, or revocation of, permission by an Individual to use or disclose Protected Health Information, to the extent that such changes may affect Business Associate’s use or disclosure of PHI.
C. Notify Business Associate of any restriction to the use or disclosure of PHI that Covered Entity has agreed to in accordance with 45 CFR §164.522, to the extent that such restriction may affect Business Associate’s use or disclosure of PHI.
D. Except for data aggregation or management and administrative activities of Business Associate, Covered Entity shall not request Business Associate to use or disclose PHI in any manner that would not be permissible under HIPAA if done by Covered Entity.
14. Data Ownership. Business Associate’s data stewardship does not confer data ownership rights on Business Associate with respect to any data shared with it under the Agreement, including any and all forms thereof.
15. Term and Termination.
A. This BAA will become effective on the date first written above, and will continue in effect until all obligations of the Parties have been met under the Agreement and under this BAA.
B. Covered Entity may terminate immediately this BAA, the Agreement, and any other related agreements if Covered Entity makes a determination that Business Associate has breached a material term of this BAA and Business Associate has failed to cure that material breach, to Covered Entity’s reasonable satisfaction, within 30 days after written notice from Covered Entity. Covered Entity may report the problem to the Secretary of HHS if termination is not feasible.
C. If Business Associate determines that Covered Entity has breached a material term of this BAA, then Business Associate will provide Covered Entity with written notice of the existence of the breach and shall provide Covered Entity with 30 days to cure the breach. Covered Entity’s failure to cure the breach within the 30-day period will be grounds for immediate termination of the Agreement and this BAA by Business Associate. Business Associate may report the breach to HHS.
D. Upon termination of the Agreement or this BAA for any reason, all PHI maintained by Business Associate will be returned to Covered Entity or destroyed by Business Associate. Business Associate will not retain any copies of such information. This provision will apply to PHI in the possession of Business Associate’s agents and subcontractors. If return or destruction of the PHI is not feasible, in Business Associate’s reasonable judgment, Business Associate will furnish Covered Entity with notification, in writing, of the conditions that make return or destruction infeasible. Upon mutual agreement of the Parties that return or destruction of the PHI is infeasible, Business Associate will extend the protections of this BAA to such information for as long as Business Associate retains such information and will limit further uses and disclosures to those purposes that make the return or destruction of the information not feasible. The Parties understand that this Section 14.D. will survive any termination of this BAA.
16. Effect of BAA.
A. This BAA is a part of and subject to the terms of the Agreement, except that to the extent any terms of this BAA conflict with any term of the Agreement, the terms of this BAA will govern.
B. Except as expressly stated in this BAA or as provided by law, this BAA will not create any rights in favor of any third party.
17. Regulatory References. A reference in this BAA to a section in HIPAA means the section as in effect or as amended at the time.
18. Notices. All notices, requests and demands or other communications to be given under this BAA to a Party will be made via electronic mail to the Party’s address given below:
A. If to Covered Entity, then the electronic mail associated with the Covered Entity’s account.
B. If to Business Associate,
Electronic mail: HIPAA@peercapsule.com
19. Amendments and Waiver. This BAA may not be modified, nor will any provision be waived or amended, except in writing duly signed by authorized representatives of the Parties. A waiver with respect to one event shall not be construed as continuing, or as a bar to or waiver of any right or remedy as to subsequent events.
20. HITECH Act Compliance. The Parties acknowledge that the HITECH Act includes significant changes to the Privacy Rule and the Security Rule. The privacy subtitle of the HITECH Act sets forth provisions that significantly change the requirements for business associates and the agreements between business associates and covered entities under HIPAA and these changes may be further clarified in forthcoming regulations and guidance. Each Party agrees to comply with the applicable provisions of the HITECH Act and any HHS regulations issued with respect to the HITECH Act. The Parties also agree to negotiate in good faith to modify this BAA as reasonably necessary to comply with the HITECH Act and its regulations as they become effective but, in the event that the Parties are unable to reach agreement on such a modification, either Party will have the right to terminate this BAA upon 30- days’ prior written notice to the other Party.