Terms of Service

Last updated: October 4th, 2024

These Terms and Conditions (the “Terms”) are a binding contract (the "Service Agreement") between Collectly, Inc (“Company”), and you (“Customer”). This Agreement includes Terms and Conditions and contains, among other things, warranty disclaimers, liability limitations and use limitations. There shall be no force or effect to any different terms of any related purchase order or similar form even if signed by the parties after the date hereof.

Terms and conditions
1. SAAS services and support

1.1. Subject to the terms of this Agreement, Company will use commercially reasonable efforts to provide Customer the Services in accordance with the Service Level Terms attached hereto as Exhibit A. As part of the registration process, Customer will identify an administrative user name and password for Customer’s Company account. Company reserves the right to refuse registration of, or cancel passwords it deems inappropriate.

1.2. Subject to the terms hereof, Company will provide Customer with reasonable technical support services in accordance with the terms set forth in Exhibit B.

2. Restrictions and Responsibilities

2.1. Customer will not, directly or indirectly: reverse engineer, decompile, disassemble or otherwise attempt to discover the source code, object code or underlying structure, ideas, know-how or algorithms relevant to the Services or any software, documentation or data related to the Services (“Software”); modify, translate, or create derivative works based on the Services or any Software (except to the extent expressly permitted by Company or authorized within the Services); use the Services or any Software for timesharing or service bureau purposes or otherwise for the benefit of a third; or remove any proprietary notices or labels.

2.2. Further, Customer may not remove or export from the United States or allow the export or re-export of the Services, Software or anything related thereto, or any direct product thereof in violation of any restrictions, laws or regulations of the United States Department of Commerce, the United States Department of Treasury Office of Foreign Assets Control, or any other United States or foreign agency or authority. As defined in FAR section 2.101, the Software and documentation are “commercial items” and according to DFAR section 252.227-7014(a)(1) and (5) are deemed to be “commercial computer software” and “commercial computer software documentation.” Consistent with DFAR section 227.7202 and FAR section 12.212, any use modification, reproduction, release, performance, display, or disclosure of such commercial software or commercial software documentation by the U.S. Government will be governed solely by the terms of this Agreement and will be prohibited except to the extent expressly permitted by the terms of this Agreement.

2.3. Customer represents, covenants, and warrants that Customer will use the Services only in compliance with Company’s standard published policies then in effect in the Terms of Services (the “Terms of Service”) and all applicable laws and regulations. Customer hereby agrees to indemnify and hold harmless Company against any damages, losses, liabilities, settlements and expenses (including without limitation costs and attorneys’ fees) in connection with any claim or action that arises from an alleged violation of the foregoing or otherwise from Customer’s use of Services. Although Company has no obligation to monitor Customer’s use of the Services, Company may do so and may prohibit any use of the Services it believes may be (or alleged to be) in violation of the foregoing.

2.4. Customer shall be responsible for obtaining and maintaining any equipment and ancillary services needed to connect to, access or otherwise use the Services, including, without limitation, modems, hardware, servers, software, operating systems, networking, web servers and the like (collectively, “Equipment”). Customer shall also be responsible for maintaining the security of the Equipment, Customer account, passwords (including but not limited to administrative and user passwords) and files, and for all uses of Customer account or the Equipment with or without Customer’s knowledge or consent.

2.5. Customer shall be solely responsible for any content used to communicate with patients. Collectly, Inc. does not moderate any content and uses the content (so called "Templates") composed by a Customer "as-is". Customer is aware of the fact that any content or how this content is used for communicating with patients should not break federal or local laws and/or used for harassing patients. Although Company provides a way for HIPAA and TCPA compliant messaging, Customer still shall be solely responsible for collecting all necessary consents from patients as per FCC, FTC regulations (including, but not limited to TCPA, ECPA, FDCPA) and other laws. Customer is responsible for setting up automated actions (so called "Rules") in a compliant way as per all federal and local laws. Customer is aware it has full control not only over the content of the messages, but also how, and when messages will be sent out to patients. Hence Customer understands Company is only a technological vendor, but not an initiator/maker of calls, texts, emails or push notifications.

2.6. Customer has the right to use Company's products to send URL links to medical statements electronically in a HIPAA-compliant and TCPA-compliant way, however Company does not allow to use its products for first-party or third-party debt collection services. Customer may not use the word “Collectly” or anyhow mention Collectly, Inc. or any of its products or brands in its communication language with patients.

2.7. Customer shall undertake full responsibility to ensure, prior to entering into any agreement for the procurement of the Company’s services or products, that the acquisition and use of any interface or connector designed to facilitate the data exchange between the Company’s product and third-party products utilized by the Customer do not contravene any existing licensing agreements, terms of service, or other contractual arrangements between the Customer and the respective third parties. By executing an agreement for the Company’s services and products, the Customer expressly acknowledges and accepts these terms, and thereby assumes complete liability for any damages arising from the use of the purchased interface or connector in the event that the Company was not duly notified of any potential conflicts prior to the Customer’s subscription to the Company’s services and products.

2.8. Company reserves the right to utilize the Customer's logo and/or name in its marketing and promotional materials. Furthermore, the Customer consents to the Company using their aggregated and anonymized data in its reporting and marketing materials, and also commits to participating in the Company's annual case study.

2.9. The Company reserves the right to change, update, or modify these Terms at any time in its sole discretion. Notice of any such changes will be provided through written or electronic communication. By continuing to use the application, the Customer agrees to be bound by all future amendments to these Terms.

2.10. Information Supplied "As Is": The information provided to the Customer by the patients, or their official representatives, who utilize Collectly's products and services (hereinafter referred to as "the Patients"), including but not limited to, medical forms, demographic, and insurance information, etc., is supplied on an "as is" basis. In the event that the Customer identifies any of this information as incorrect, in whole or in part, the Customer shall not hold the Company liable for such inaccuracies.

2.11. In the event that the Customer requests the creation of a data exchange interface between Collectly and any third-party software or internally developed (home-grown) software, the Customer hereby authorizes Collectly to access and modify the data within their Collectly account as necessary to establish and maintain such interface. The Customer understands that Collectly will build and maintain this interface upon request, and that this service may be subject to additional fees or terms depending on the complexity and scope of the integration. Collectly does not bear responsibility for the security, functionality, or performance of third-party or home-grown software, and the Customer assumes full responsibility for ensuring that any data exchange complies with relevant legal and compliance standards.

3. Confidentiality; Proprietary rights

3.1. Each party (the “Receiving Party”) understands that the other party (the “Disclosing Party”) has disclosed or may disclose business, technical or financial information relating to the Disclosing Party’s business (hereinafter referred to as “Proprietary Information” of the Disclosing Party). Proprietary Information of Company includes non-public information regarding features, functionality and performance of the Service. Proprietary Information of Customer includes non-public data provided by Customer to Company to enable the provision of the Services (“Customer Data”). The Receiving Party agrees: (i) to take reasonable precautions to protect such Proprietary Information, and (ii) not to use (except in performance of the Services or as otherwise permitted herein) or divulge to any third person any such Proprietary Information. The Disclosing Party agrees that the foregoing shall not apply with respect to any information after five (5) years following the disclosure thereof or any information that the Receiving Party can document (a) is or becomes generally available to the public, or (b) was in its possession or known by it prior to receipt from the Disclosing Party, or (c) was rightfully disclosed to it without restriction by a third party, or (d) was independently developed without use of any Proprietary Information of the Disclosing Party or (e) is required to be disclosed by law. Customer shall own all right, title and interest in and to the Customer Data, as well as any data that is based on or derived from the Customer Data and provided to Customer as part of the Services.

3.2. Company shall own and retain all right, title and interest in and to (a) the Services and Software, all improvements, enhancements or modifications thereto, (b) any software, applications, inventions or other technology developed in connection with Implementation Services or support, and (c) all intellectual property rights related to any of the foregoing.

3.3. Notwithstanding anything to the contrary, Company shall have the right collect and analyze data and other information relating to the provision, use and performance of various aspects of the Services and related systems and technologies (including, without limitation, information concerning Customer Data and data derived therefrom), and Company will be free (during and after the term hereof) to (i) use such information and data to improve and enhance the Services and for other development, diagnostic and corrective purposes in connection with the Services and other Company offerings, and (ii) disclose such data solely in aggregate or other de-identified form in connection with its business. No rights or licenses are granted except as expressly set forth herein.

4. Payment of fees

4.1. Customer will pay Company the then applicable fees described in the Order Form for the Services and Implementation Services in accordance with the terms therein (the “Fees”). If Customer’s use of the Services exceeds the Service Capacity set forth on the Order Form or otherwise requires the payment of additional fees (per the terms of this Agreement), Customer shall be billed for such usage and Customer agrees to pay the additional fees in the manner provided herein. If Customer believes that Company has billed Customer incorrectly, Customer must contact Company no later than sixty (60) days after the closing date on the first billing statement in which the error or problem appeared, in order to receive an adjustment or credit. Inquiries should be directed to Company’s customer support department. Company requires to keep a credit card or an ACH Debit payment methods on file.

4.2. ACH Debit and Stored Card on File are the default payment methods for billing used by the Company. Customer agrees the Company will automatically debit Customer's bank account through ACH Debit or Stored Card on File. Сompany may also choose to bill through stored ACH account (the "Connected Account"), in which case, the Company will automatically charge the Connected Account in Collectly for the full amount of outstanding invoice.

4.3. Company may choose to bill through an invoice, in which case, full payment for invoices issued in any given month must be received by Company seven (7) days after the e-mailing date of the invoice. Unpaid amounts are subject to a finance charge of 1.5% per month on any outstanding balance, or the maximum permitted by law, whichever is lower, plus all expenses of collection and may result in immediate termination of Service. Customer shall be responsible for all taxes associated with Services other than U.S. taxes based on Company’s net income.

4.4. In case a Customer cancels the contract unilaterally, on top of all other fees and the expected revenue itself a Customer is responsible to cover all costs Collectly spent on feature requests initiated and developed specifically for this Customers based on a rate of $250 per engineering hour.

4.5. Company has the right to increase the Collectly fees up to two (2) times a year with a thirty (30) days prior notice by the rate equal to the official inflation rate reported by the U.S. Bureau of Labor Statistics.

4.6. Rate Modifications: Notwithstanding anything to the contrary in the Order Form, Company may, in its sole discretion, during the Initial Service Term, increase or decrease the rates for any of the unit fees (so-called “Pass-Through Fees”) set forth in the Order Form upon fourteen (14) days prior written or electronic notice to Customer via email or inside Collectly products.

5. Term and termination

5.1. Subject to earlier termination as provided below, this Agreement is for the Initial Service Term as specified in the Order Form, and shall be automatically renewed for additional periods of the same duration as the Initial Service Term (collectively, the “Term”), unless either party requests termination at least one hundred and twenty (120) days prior to the end of the then-current term.

5.2. In addition to any other remedies it may have, either party may also terminate this Agreement upon one hundred and twenty (120) days’ notice (or without notice in the case of nonpayment), if the other party materially breaches any of the terms or conditions of this Agreement. Customer will pay in full for the Services up to and including the last day on which the Services are provided. All sections of this Agreement which by their nature should survive termination will survive termination, including, without limitation, accrued rights to payment, confidentiality obligations, warranty disclaimers, and limitations of liability.

5.3. If Customer decides to change their EHR/PM/Billing system (the “EHR”) within the terms of the Agreement, Company has the right to build the connection with the new EHR before the end of Agreement. In turn, Customer is responsible for providing all possible help to Company, such as but not limited to: providing APIs, direct connection to the database, credentials, and facilitating the relationship between their new EHR vendor and the Company. If Company decides not to build a connection with the new EHR the agreement may be terminated within 30 days after the Customer pays out a penalty equal to the projected revenue the Company was expected to make until the end of the term of the original Agreement and winding down the interface connection of the initial EHR.

5.4. If the Customer ceases to use Collectly's products within the duration of Initial Service Term, or if the Customer's order volume (determined by the number of patients to be engaged) falls below 75% of their net new order volume from the most recent three months, the Company reserves the right to either proportionally raise its prices with a 14-day written notice or charge a penalty fee. This penalty fee can be up to 100% of the anticipated uncollected revenue for the remaining duration of the Initial Service Term, serving as compensation for potential lost revenue.

5.5. In case Customer terminates the agreement and continues to receive payments through Service, the Company has the right to keep charging the Customer the initial rate of the Agreement until the Customer stops receiving payments or engaging patients.

6. Warranty and disclaimer

Company shall use reasonable efforts consistent with prevailing industry standards to maintain the Services in a manner which minimizes errors and interruptions in the Services and shall perform the Implementation Services in a professional and workmanlike manner. Services may be temporarily unavailable for scheduled maintenance or for unscheduled emergency maintenance, either by Company or by third-party providers, or because of other causes beyond Company’s reasonable control, but Company shall use reasonable efforts to provide advance notice in writing or by e-mail of any scheduled service disruption. HOWEVER, COMPANY DOES NOT WARRANT THAT THE SERVICES WILL BE UNINTERRUPTED OR ERROR FREE; NOR DOES IT MAKE ANY WARRANTY AS TO THE RESULTS THAT MAY BE OBTAINED FROM USE OF THE SERVICES. EXCEPT AS EXPRESSLY SET FORTH IN THIS SECTION, THE SERVICES AND IMPLEMENTATION SERVICES ARE PROVIDED “AS IS” AND COMPANY DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT.

7. Limitation of liability

NOTWITHSTANDING ANYTHING TO THE CONTRARY, EXCEPT FOR BODILY INJURY OF A PERSON, COMPANY AND ITS SUPPLIERS (INCLUDING BUT NOT LIMITED TO ALL EQUIPMENT AND TECHNOLOGY SUPPLIERS), OFFICERS, AFFILIATES, REPRESENTATIVES, CONTRACTORS AND EMPLOYEES SHALL NOT BE RESPONSIBLE OR LIABLE WITH RESPECT TO ANY SUBJECT MATTER OF THIS AGREEMENT OR TERMS AND CONDITIONS RELATED THERETO UNDER ANY CONTRACT, NEGLIGENCE, STRICT LIABILITY OR OTHER THEORY: (A) FOR ERROR OR INTERRUPTION OF USE OR FOR LOSS OR INACCURACY OR CORRUPTION OF DATA OR COST OF PROCUREMENT OF SUBSTITUTE GOODS, SERVICES OR TECHNOLOGY OR LOSS OF BUSINESS; (B) FOR ANY INDIRECT, EXEMPLARY, INCIDENTAL, SPECIAL OR CONSEQUENTIAL DAMAGES; (C) FOR ANY MATTER BEYOND COMPANY’S REASONABLE CONTROL; OR (D) FOR ANY AMOUNTS THAT, TOGETHER WITH AMOUNTS ASSOCIATED WITH ALL OTHER CLAIMS, EXCEED THE FEES PAID BY CUSTOMER TO COMPANY FOR THE SERVICES UNDER THIS AGREEMENT IN THE 12 MONTHS PRIOR TO THE ACT THAT GAVE RISE TO THE LIABILITY, IN EACH CASE, WHETHER OR NOT COMPANY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

8. Miscellaneous

If any provision of this Agreement is found to be unenforceable or invalid, that provision will be limited or eliminated to the minimum extent necessary so that this Agreement will otherwise remain in full force and effect and enforceable. This Agreement is not assignable, transferable or sublicensable by Customer except with Company’s prior written consent. Company may transfer and assign any of its rights and obligations under this Agreement without consent. This Agreement is the complete and exclusive statement of the mutual understanding of the parties and supersedes and cancels all previous written and oral agreements, communications and other understandings relating to the subject matter of this Agreement, and that all waivers and modifications must be in a writing signed by both parties, except as otherwise provided herein. No agency, partnership, joint venture, or employment is created as a result of this Agreement and Customer does not have any authority of any kind to bind Company in any respect whatsoever. In any action or proceeding to enforce rights under this Agreement, the prevailing party will be entitled to recover costs and attorneys’ fees. All notices under this Agreement will be in writing and will be deemed to have been duly given when received, if personally delivered; when receipt is electronically confirmed, if transmitted by facsimile or e-mail; the day after it is sent, if sent for next day delivery by recognized overnight delivery service; and upon receipt, if sent by certified or registered mail, return receipt requested. This Agreement shall be governed by the laws of the State of California without regard to its conflict of laws provisions. Any action to enforce or for breach of this Agreement shall be brought exclusively in the state or federal courts located in Los Angeles County, California. The parties shall work together in good faith to issue at least one mutually agreed upon press release within 90 days of the Effective Date, and Customer otherwise agrees to reasonably cooperate with Company to serve as a reference account upon request.

Exhibit A
Service Level Terms

The Services shall be available 99.9%, measured monthly, excluding holidays and weekends and scheduled maintenance. If Customer requests maintenance during these hours, any uptime or downtime calculation will exclude periods affected by such maintenance. Further, any downtime resulting from outages of third party connections or utilities or other reasons beyond Company’s control will also be excluded from any such calculation. Customer's sole and exclusive remedy, and Company's entire liability, in connection with Service availability shall be that for each period of downtime lasting longer than 1 week, Company will lower the Service fee by 5% for each period of 5 or more consecutive 3 days of downtime; provided that no more than one such lowering will accrue per day. Downtime shall begin to accrue as soon as Customer (with notice to Company) recognizes that downtime is taking place, and continues until the availability of the Services is restored. In order to receive downtime lowering of Service fee, Customer must notify Company in writing within 24 hours from the time of downtime, and failure to provide such notice will forfeit the right to receive downtime lowering of Service fee. Such lowering may not be redeemed for cash and shall not be cumulative beyond a total of credit for one (1) week of Service Fees in any one (1) calendar month in any event. Company will only lower the Service fee to the month in which the incident occurred. Company’s blocking of data communications or other Service in accordance with its policies shall not be deemed to be a failure of Company to provide adequate service levels under this Agreement.

Exhibit B
Support Terms

Company will provide Technical Support to Customer via electronic mail on weekdays during the hours of 8:00 am through 5:00 pm Pacific time, with the exclusion of Federal Holidays (“Support Hours”). Customer may initiate a help desk ticket during Support Hours by emailing support@collectly.co. Company will use commercially reasonable efforts to respond to all Helpdesk tickets within one (3) business day.

Exhibit C
Data Security

Company will utilize administrative, physical, and technical safeguards to protect Customer from unauthorized access, disclosure, acquisition, destruction, use, or modification of its data. The Company has established a cybersecurity program that is designed to protect the confidentiality, integrity and availability of Customer data. Audit Reports are available to Customer upon request.

Business Associate Addendum

Last updated: April 10th, 2024

THIS BUSINESS ASSOCIATE ADDENDUM (this “Addendum”) is by and between Collectly, Inc. and you (“Company”) and made part of the Terms. Any defined term which is not otherwise defined in this Addendum shall have the meaning ascribed to such term in the Terms and any capitalized term used in this Addendum, but not defined in either this Addendum or the Terms shall have the meaning set forth in HIPAA (as defined below).YOU REPRESENT AND WARRANT THAT: (I) YOU HAVE FULL LEGAL AUTHORITY TO ENTER INTO THIS ADDENDUM, (II) YOU HAVE READ AND UNDERSTAND THIS ADDENDUM, AND (III) YOU AGREE TO THE TERMS OF THIS ADDENDUM. IFYOU DO NOT HAVE LEGAL AUTHORITY TO ENTER INTO OR DO NOT AGREE TO THESE TERMS,DO NOT ACCEPT THE TERMS OF THIS ADDENDUM.

Recitals

WHEREAS, Company and Collectly, Inc. are parties to the Services Agreement pursuant to which Collectly, Inc. provides software and/or services(collectively, the “Services”) to Company.

WHEREAS, this Addendum defines the rights and responsibilities of each party with respect to Protected Health Information as defined in the Health Insurance Portability and Accountability Act of 1996, as amended by Subtitle D of the Health Information Technology for Economic and Clinical Health Act provisions of the American Recovery and Reinvestment Act of 2009, and the regulations promulgated thereunder, as each may be amended from time to time(collectively, "HIPAA") with respect to the provision of the Services.

WHEREAS, to the extent Collectly, Inc. acts as a “business associate”(as such term is defined at 45 C.F.R. § 160.103) to Company through the provision of the Services, this Addendum is intended to satisfy applicable obligations of the parties under HIPAA.

The parties hereby agree to the following:

1. Definitions

a. “Breach” shall mean the acquisition, access, use or disclosure of PHI in a manner not permitted by the Privacy Rule that compromises the security or privacy of PHI as defined, and subject to the exclusions set forth, in 45 C.F.R. § 164.402.

b. “Business Associate” shall mean Collectly, Inc..

c. “Effective Date” shall mean the date Company agrees to the Terms.

d. “Electronic Protected Health Information” or “Electronic PHI” shall have the same meaning as the term “electronic protected health information” in45 C.F.R. § 160.103, limited to the information that Business Associate creates, receives, maintains, or transmits for or on behalf of Company under the Services Agreement.

e. “Privacy Rule” shall mean the federal privacy regulations, as amended from time to time, issued pursuant to HIPAA and codified at 45 C.F.R. Parts 160 and 164 (Subparts A & E).

f. “Protected Health Information” or “PHI” shall mean “protected health information,” as that term is defined in 45 C.F.R. § 160.103, limited to the information that Business Associate creates, receives, maintains, or transmits for or on behalf of Company under the Services Agreement.

g. “Security Rule” shall mean the federal security regulations, as amended from time to time, issued pursuant to HIPAA and codified at 45 C.F.R. Parts 160 and 164 (Subparts A & C).

h. “Services Agreement” shall mean any present or future agreements, either written or oral, between Company and Business Associate under which Business Associate provides services to Company which involve the access, use or disclosure of PHI.

i. “Unsecured Protected Health Information” or “Unsecured PHI” shall have the same meaning as the term “unsecured protected health information” in 45 C.F.R. §164.402.

2. Obligations and Activities of Business Associate

a. Use and Disclosure. Business Associate agrees not to use or disclose Protected Health Information other than as permitted by the Services Agreement or this Addendum, or as Required by Law.

b. Appropriate Safeguards. Business Associate agrees to use reasonable and appropriate administrative, physical, and technical safeguards to prevent the use or disclosure of the Protected Health Information other than as provided for by the Services Agreement or this Addendum, consistent with the requirements of the Security Rule (with respect to Electronic PHI). To the extent Business Associate is to carry out one or more of Company's obligation(s) under the Privacy Rule, Business Associate may not use or disclose Protected Health Information in a manner that would violate the Privacy Rule if done by Company.

c. Reporting of Breaches and Impermissible Uses and Disclosures. Business Associate agrees to report to Company any: (i) Breach of Unsecured PHI in accordance with 45 C.F.R. § 164.410; and (ii) use or disclosure of PHI not provided for by this Addendum of which it becomes aware in accordance with 45C.F.R. § 164.504.

d. Reporting of Security Incidents. Business Associate agrees to report to Company any Security Incident of which it becomes aware of in accordance with 45 C.F.R. § 164.314; provided, however, continuing notice is hereby deemed provided, and no further notice will be provided, for Unsuccessful Security Incidents. For purposes of this Addendum, “Unsuccessful Security Incidents” shall include, but not be limited to, pings and other broadcast attacks on a firewall, unsuccessful login attempts, denial of service attacks, port scans, and any combination of the above, provided that no such incident results in an unauthorized access, use, or disclosure of Electronic PHI. Business Associate’s obligation to report under this Section 2(d) is not and will not be construed as an acknowledgement by Business Associate of any fault or liability with respect to any use, disclosure, or Breach.

e. Agents. Business Associate agrees to ensure that any agent, including a subcontractor to whom it provides Protected Health Information, shall agree, in writing, to restrictions and conditions at least as stringent as those that apply to Business Associate under this Addendum, including complying with the applicable Security Rule requirements with respect to Electronic PHI.

f. Company Access and Amendment. All Protected Health Information maintained by Business Associate in a Designated Record Set for Company will be available to Company, upon Company’s request, in a time and manner that reasonably allows Company to comply with the requirements under 45 C.F.R. §§164.524 and 164.526. Business Associate shall not be obligated to provide any such information directly to any Individual or person other than to Company. To the extent an Individual makes an access and/or amendment request directly to Business Associate, Business Associate shall promptly forward the request to Company.

g. Access to Books and Records. Business Associate agrees to make internal practices, books, and records available to the Secretary, in a time and manner designated by the Secretary, for purposes of the Secretary's determining Company’s or Business Associate’s compliance with the Privacy Rule; provided, however, that time incurred by Business Associate in complying with any such request to assess Company’s compliance that exceeds its normal customer service parameters shall be charged to Company at Business Associate's then-current standard hourly rate.

h. Accounting. In the event that Business Associate makes disclosures of Protected Health Information to Individuals or any person other than to Company, it shall document the disclosure as would be required for Company to respond to a request by an Individual for an accounting of disclosures in accordance with 45 C.F.R. §164.528, and shall provide such documentation to Company promptly upon request.

3. Permitted Uses and Disclosures by Business Associate

a. Use for Administration of Business Associate. Except as otherwise limited in this Addendum, Business Associate may use Protected Health Information obtained to provide the Services for the proper management and administration of Business Associate and to carryout the legal responsibilities of Business Associate.

b. Disclosure for Administration of Business Associate. Except as otherwise limited in this Addendum, Business Associate may disclose Protected Health Information for the proper management and administration of Business Associate, provided that (i) disclosures are Required by Law, or (ii) Business Associate obtains reasonable assurances from the person to whom the information is disclosed that it will remain confidential and used or further disclosed only as Required by Law or for the purpose for which it was disclosed to the person, and the person notifies Business Associate of any instances of which it is aware in which the confidentiality of the information has been breached.

c. Use for Data Aggregation Services to Company. Business Associate may provide data aggregation services relating to the health care operations of Company.

d. De-identified Data. Business Associate may de-identify Protected Health Information in accordance with 45 C.F.R. §164.514 and use and disclose such de-identified data for its business purposes, including to provide reporting and other services to Company.

4. Company Obligations

a. Data Security. Company will use appropriate safeguards to maintain the confidentiality, privacy and security of PHI when transmitting it to Business Associate pursuant to this Addendum. Company agrees to comply with any data security safeguards assigned to Company in any Services Agreement.

b. Privacy Notice. Company shall notify Business Associate of any limitations in Company’s notice of privacy practices in accordance with45 C.F.R. § 164.520 to the extent that such limitations may affect Business Associate's use or disclosure of Protected Health Information.

c. Changes of Permission of Individual. Company shall notify Business Associate of any changes in, or revocation of, permission by Individual to use or disclose Protected Health Information, to the extent that such changes may affect Business Associate's use or disclosure of Protected Health Information.

d. Restrictions on Use or Disclosure. Company shall notify Business Associate of any restriction to the use or disclosure of Protected Health Information that Company has agreed to in accordance with 45 C.F.R. § 164.522, to the extent that such restriction may affect Business Associate's use or disclosure of Protected Health Information.

e. Requested Uses and Disclosures. Company agrees that it will not request Business Associate to use or disclose Protected Health Information in any manner that would not be permissible under the Privacy Rule if done by Company.

f. Permissions. Company warrants that it has obtained all necessary authorizations, consents, and other permissions that may be required under applicable law prior to placing data, including without limitation PHI, on Business Associate’s systems.

5. Term and Termination

a. Term. The Term of this Addendum shall commence on the Effective Date. This Agreement shall terminate without any further action upon the termination or expiration of the Services Agreement, unless earlier terminated in accordance with Section 5(b). Notwithstanding anything to the contrary, in the event that Company requires Business Associate to retain the Protected Health Information after termination of the Services Agreement, this Addendum shall survive for as long as storage by Business Associate is required and Company shall bear the reasonable cost of storage of such Protected Health Information for as long as storage by Business Associate is required.

b. Termination. If either party learns of a pattern of activity or practice of the other party that constitutes a material breach or violation of this Addendum then non-breaching party shall provide written notice of the breach or violation to the other party that specifies the nature of the breach or violation. The other party must cure the breach or end the violation on or before thirty (30) days after receipt of the written notice. In the absence of a cure reasonably satisfactory to the non-breaching party within the specified timeframe, or in the event the breach is reasonably incapable of cure, then non-breaching party may terminate this Addendum and the Services Agreement.

c. Effect of Termination. Upon termination of the Services Agreement for any reason, Business Associate shall return or destroy all Protected Health Information not necessary for Business Associate to continue its proper management and administration or to carry out its legal responsibilities. In the event that Business Associate determines that returning or destroying the Protected Health Information is infeasible, Business Associate shall provide Company notification of the conditions that make return or destruction infeasible. Business Associate shall extend the protections of this Addendum to such Protected Health Information and limit further uses and disclosures of such Protected Health Information to those purposes that make the return or destruction infeasible, for so long as Business Associate maintains such Protected Health Information.

6. Miscellaneous

a. Amendment. Each party agrees to take such action as is reasonably necessary to amend this Addendum from time to time as is necessary for Company to comply with the requirements of HIPAA as they may be amended from time to time; provided, however, that if such an amendment would materially increase the cost of Business Associate providing service under this Addendum, Business Associate shall have the option to terminate this Addendum on thirty (30) days advance notice.

b. Survival. Sections 5(c), 6(b), and 6(c) shall survive the termination or expiration of this Addendum.

c. Interpretation. Any ambiguity in this Addendum shall be resolved to permit either Business Associate or Company to comply with HIPAA.

d. Independent Contractor. Business Associate and Company are and shall remain independent contractors throughout the term. Nothing in this Addendum shall be construed to constitute Business Associate and Company as partners, joint venturers, agents or anything other than independent contractors.

e. General.

i. The terms of this Addendum are hereby incorporated into the Services Agreement. In the event of a conflict between the terms of this Addendum and the terms of the Services Agreement, the terms of this Addendum shall prevail.

ii. This Agreement shall be governed by, and construed in accordance with, the laws of the State of California, exclusive of conflict of law rules. Any action to enforce or for breach of this Agreement shall be brought exclusively in the state or federal courts located in Los Angeles County, California.

iii. The Service Agreement together with this Addendum constitutes the entire agreement between the parties with respect to the subject matter contained herein, and this Addendum supersedes and replaces any former business associate agreement or addendum entered into by the parties.

iv. Nothing in this Addendum shall confer upon any person other than the parties and their respective successors or assigns, any rights, remedies, obligations or liabilities whatsoever.

v. No amendment or modification to this Addendum or waiver of any provision hereof shall be effective except in a writing duly signed by both parties.

vi. A waiver with respect to one event will not be construed as continuing, or as a bar to or waiver of any right or remedy as to subsequent events.

Want to learn more about Collectly?

Request a demo and our Revenue Cycle Expert will help you choose the right product
Talk to Sales
Fill out the form and
a product expert will be
in touch shortly
Learn more
about Collectly
Get answers to your questions
We’ll help you
get started
Press about collectly

Talk to sales

Schedule a 30-minute product demo
First Name
Last Name
Work Email
Phone Number
Company Name
Number of Providers
You EHR/PM
or call us: (844) 965-0880
Thanks for
contacting us!
We will be in touch with you shortly
Oops! Something went wrong while submitting the form.