The below contains confidential business information of athenahealth, Inc. This information may not be disclosed to third parties without the written consent of athenahealth, Inc.
athenahealth Service Proposal
311 Arsenal Street
Watertown, MA 02472
Note – Athena will not place Client into a queue to build an Orders interface unless and until Client receives at least 200 Orders from athenaClinicals clients each month.
Order Fee ..............................$1.00 per Order, subject to periodic adjustment as set forth below
Subscription Fee……………...$150.00 per Portal per Month
The Parties agree that Client's current annualized Order volume is less than 10,000 Orders per year, and thus, as of the Effective Date, Client’s athenaCoordinator Order Fee is $1.00 per Order, subject to periodic adjustment as set forth below.
On a quarterly basis for the first nine (9) months following Client’s Go-Live Date, Athena will review Client’s annualized Order volume (each such review date, a “Quarterly Review Date”), and Athena shall prospectively adjust Client’s athenaCoordinator Order Fee in accordance with Table A below. Such athenaCoordinator Order Fee shall be in effect until the next Quarterly Review Date. By way of example, if on the second Quarterly Review Date, Client has received 10,000 Orders since Client’s Go-Live Date, Client’s annualized Order volume will be 20,000 ((10,000 x 4) / 2), and Client’s athenaCoordinator Order Fee shall be $0.90 per Order until the next Quarterly Review Date. If, on the third Quarterly Review Date, Client has received 30,000 Orders since Client’ s Go-Live Date, Client’s annualized Order volume will be 40,000 ((30,000 x 4 / 3), and Client’s athenaCoordinator Order Fee shall be $0.75 per Order until the next Quarterly Review Date.
Beginning on the one-year anniversary of Client’s Go-Live Date, and annually thereafter (each such review date, an “Annual Review Date”), Athena will review the number of Orders actually received by Client in the prior twelve (12) months, and Athena shall prospectively adjust Client’s athenaCoordinator Order Fee in accordance with Table A below. Such athenaCoordinator Order Fee shall be in effect until the next Annual Review Date. By way of example, if on the first Annual Review Date, Client has received 30,000 Orders in the previous twelve (12) months, Client’s athenaCoordinator Order Fee shall be $0.75 per Order until the next Annual Review Date.
Number of Orders
0 – 10,000
$1.00 per Order
10,001 – 25,000
$0.90 per Order
25,001 – 75,000
$0.75 per Order
75,001 – 200,000
$0.60 per Order
200,001 – 400,000
$0.45 per Order
400,001 – 750,000
$0.35 per Order
750,001 – 1,000,000
$0.325 per Order
$0.30 per Order
Client will be invoiced monthly and will pay the Subscription Fee plus the Per Order Fee as noted above.
Travel expenses are not included in the fees listed above.
See the athenaCoordinator and athenaNet Service Descriptions for more information on standard implementation activities and the process to request additional services. To receive a copy of the athenaCoordinator and athenaNet Service Descriptions prior to Client’s Go-Live Date, please contact CoordinatorCore@athenahealth.com.
We look forward to doing business with you!
Proposal Number: ATHNCOCORE #001
ATHENAHEALTH MASTER SERVICES AGREEMENT – athenaCoordinator®
IMPORTANT – PLEASE READ CAREFULLY THE TERMS OF THIS ATHENAHEALTH MASTER SERVICES AGREEMENT. This Agreement is a binding, contractual agreement between You/Client and Athena (as defined below). This Agreement applies solely to Your/Client’s access to and use of the athenaNet Services (as defined below).
BY CLICKING THE BUTTON BELOW LABELED “I AGREE TO THE TERMS AND CONDITIONS ABOVE”, YOU ARE INDICATING YOUR ACCEPTANCE AND AGREEING TO ALL THE TERMS AND CONDITIONS OF THIS AGREEMENT. IF YOU DO NOT ACCEPT AND AGREE TO ALL OF THE FOLLOWING TERMS AND CONDITIONS, YOU MUST NOT CLICK THE BUTTON LABELED “I AGREE TO THE TERMS AND CONDITIONS ABOVE,” IN WHICH CASE YOU WILL NOT BE PERMITTED TO ACCESS OR USE THE ATHENANET SERVICES. YOUR CLICKING ON THE “I AGREE TO THE TERMS AND CONDITIONS ABOVE” BUTTON CONSTITUTES YOUR ELECTRONIC SIGNATURE ON THIS AGREEMENT AND YOUR CONSENT TO EXECUTE THIS AGREEMENT ELECTRONICALLY. BY ACCEPTING THE AGREEMENT AS DESCRIBED ABOVE, (1) YOU ACKNOWLEDGE THAT YOU HAVE READ, UNDERSTAND, AND AGREE TO BE BOUND BY THIS AGREEMENT, (2) YOU REPRESENT THAT YOU ARE EIGHTEEN (18) YEARS OF AGE OR OLDER, AND (3) YOU REPRESENT THAT YOU HAVE THE AUTHORITY TO ENTER INTO THIS AGREEMENT, PERSONALLY OR IF YOU HAVE NAMED A COMPANY, ON BEHALF OF THAT COMPANY (YOU OR ANY SUCH COMPANY, THE “CLIENT”), AND TO BIND THE CLIENT TO THE TERMS OF THIS AGREEMENT. IF YOU DO NOT AGREE TO ALL TERMS AND CONDITIONS OF THIS AGREEMENT, OR IF YOU DO NOT HAVE SUCH AUTHORITY, YOU MUST NOT ACCEPT THIS AGREEMENT OR ACCESS THE ATHENANET SERVICES.
Section 1. Defined Terms.
“Agreement” means this Master Services Agreement, Exhibit A, the Third Party Terms, each Proposal, and each Service Description.
“Applicable Law” means all federal, state, and local laws and regulations, including, without limitation, those relating to kickbacks, fraud and abuse, confidentiality (including HIPAA), Medicaid, Medicare, or the Telephone Consumer Protection Act, in each case to the extent directly applicable to the respective Party’s performance of its obligations under this Agreement.
“Athena” is athenahealth, Inc. and its subsidiaries, 311 Arsenal St., Watertown, MA 02472; Tel: 617.402.1000; Fax: 617.402.1099.
“Athena Property” means athenaNet, athenaNet Services, athenaNet Content, Materials, Service Descriptions, proprietary methods, templates, spreadsheets, databases and other electronic tools created or owned by Athena, including all data and information included in or entered into athenaNet that Athena compiles, sorts, integrates, normalizes, analyzes, maps, stores, processes, selectively aggregates and/or combines with multiple disparate data sources, for comparison, benchmarking or other similar and lawful purposes, as well as edits, improvements, additions, modifications, interfaces, and derivative works prepared from or relating to any of the foregoing, and any and all tangible and intangible works of authorship, copyrights, patents, trademarks, trade secrets and trade dress, and all intellectual property rights in any of the foregoing.
“athenaNet” means the internet-based athenaNet® multi-user platform used to provide athenaNet Services, together with athenaNet Functionality and associated databases.
“athenaNet Content” means any data made available by Athena as part of any athenaNet Services and all documents, formats, forms, functions, and screens for organizing or presenting that data.
“athenaNet Functionality” means the software functionality of athenaNet that enables system access and use.
“athenaNet Services” means the athenaCoordinator® services (as renamed by Athena from time to time) provided by Athena under this Agreement, including, but not limited to, access to and use of athenaNet by Client and the provision of athenaNet Content and Materials.
“Authorized Users” means those users (i) who are designated by Client on athenaNet control screens and who are (A) employees of Client, or (B) other individuals, corporations, or entities that are not, and are not affiliated with, third party payers or competitors of Athena, and have a valid HIPAA business associate agreement or other agreement with Client, and (ii) who have been granted access to athenaNet by Client in its exercise of reasonable discretion relating to the receipt of athenaNet Services hereunder by Client, and (iii) from whom Client has obtained reasonable assurances that they will comply with the access and use and confidentiality terms in this Agreement.
“Billable Provider” means a physician or licensed or specially trained non-physician who is credentialed with payers, linked to Client’s organization, and performs health services for Client’s customers.
“Client Data” means all data and information of Client provided by Client or its Authorized Users to Athena, including through athenaNet. Client Data includes Client’s Confidential Information.
“Confidential Information” means information that is disclosed by one Party to the other and that the receiving Party knows is confidential to the disclosing Party or that is of such a nature that someone familiar with the type of business of the disclosing Party would reasonably understand is confidential to it. Without limitation, Confidential Information includes financial and other business information of either Party. With respect to Athena, Confidential Information includes athenaNet Functionality, athenaNet Content, Materials, the terms of this Agreement, and each Service Description, and in each case, any visual reproduction thereof. Notwithstanding the foregoing, Confidential Information does not include PHI or information that the receiving Party can demonstrate: (i) is in the public domain or is generally publicly known through no improper action or inaction by the receiving Party; (ii) was rightfully in the receiving Party’s possession or known by it prior to receipt from the disclosing Party; (iii) is rightfully disclosed without restriction to the receiving Party by a third party without violation of obligation to the disclosing Party; or (iv) is independently developed for the receiving Party by third parties without use of the Confidential Information of the disclosing Party.
“Effective Date” means the date Client clicks the button below labeled “I agree to the Terms and Conditions above” and agrees to the terms and conditions of this Agreement.
“Force Majeure Event” means, with respect to a Party, any event or circumstance, whether or not foreseeable, that was not caused by that Party and any consequences of that event or circumstance.
“HIPAA” means the Health Insurance Portability and Accountability Act of 1996 and associated regulations, as may be amended from time to time.
“Materials” means all instructions, manuals, specifications, and training Athena provides in connection with any athenaNet Services.
“Notice” is defined in Section 13 of this Agreement.
“Party” means Athena or Client. “Parties” means Athena and Client.
“PHI” means “protected health information” as that term is used under HIPAA. “Client PHI” means PHI that Athena receives from or on behalf of Client or creates on behalf of Client.
“Privacy Rule” means the privacy standards in 45 C.F.R. Part 160 and Part 164, subparts A and E.
“Proposal” means Athena Proposal # ATHNCOCORE #001 and each Athena Proposal entered into by the Parties after the Effective Date and incorporated herein by reference.
“Security Rule” means the Security Standards in 45 C.F.R. Part 160 and Part 164, subparts A and C.
“Service Description” means each document periodically updated by Athena and incorporated herein that contains a description of athenaNet Services.
“Third Party Items” means the third party products and services incorporated into athenaNet and made available to Client hereunder.
“Third Party Terms” means the pass-through terms and conditions set forth at http://www.athenahealth.com/tpt applicable to Client’s access to and use of the Third Party Items.
Section 2. Athena Services and Payment.
(a) Athena shall provide athenaNet Services as described in each applicable Service Description. The Parties shall perform their respective obligations as set forth in this Agreement.
(b) Client shall pay Athena the fees and expenses as set forth in this Agreement within 30 days of the invoice date by check or wire transfer. Athena may impose a late charge equal to the lesser of (i) 1½%, or (ii) the highest rate permitted by Applicable Law, each month on all amounts overdue beyond 10 days, but this charge will not waive or extend any obligation of Client to make payments when due.
Section 3. Term and Termination.
(a) This Agreement will have a term of one year from the Effective Date and will automatically extend for additional consecutive one-year terms unless terminated as set forth below.
(b) Either Party may terminate this Agreement or any athenaNet Services at any time, with or without cause, by providing the other Party with no less than 90 days’ Notice.
(c) Either Party may terminate this Agreement effective upon Notice to the other Party if (i) the other Party defaults in performance of any material provision of this Agreement and such default is not cured within a period of 30 days following Notice describing the specific default (10 days in the event of failure to pay amounts owed); (ii) the other Party violates Applicable Law; (iii) the other Party files a voluntary petition in bankruptcy or an involuntary petition is filed against it; (iv) the other Party is adjudged bankrupt; (v) a court assumes jurisdiction of the assets of the other Party under a federal reorganization act or other statute; (vi) a trustee or receiver is appointed by a court for all or a substantial portion of the assets of the other Party; (vii) the other Party becomes insolvent, suspends business or ceases to conduct its business in the ordinary course; or (viii) the other Party makes an assignment of its assets for the benefit of its creditors. Termination of this Agreement by Athena for Client’s failure to pay amounts owed will not constitute irreparable harm to Client.
(d) Athena may terminate this Agreement for cause effective upon Notice if Client (i) violates any System and Service Access and Use provision in Section 4 herein, or (ii) has breached or breaches the warranty in Section 8(b)(iv) herein.
(f) Client may terminate this Agreement upon 15 days’ Notice to Athena if any revision by Athena of a Service Description materially and adversely affects the athenaNet Service that it receives, provided that such Notice must be provided within 60 days after Client is first informed of such revision.
(g) Upon termination of this Agreement or any athenaNet Service for any reason, Client shall immediately pay to Athena all amounts due hereunder for all services rendered through the date of termination.
Section 4. System and Service Access and Use.
(a) Access to athenaNet is provided solely to facilitate access to athenaNet Services. Subject to compliance with the terms and conditions of this Agreement, Client access to athenaNet is on a limited, non-exclusive, non-transferable basis only during the term of this Agreement. Client shall access athenaNet only (i) through its Authorized Users acting within the scope of their service for Client; (ii) on Athena’s servers as authorized by Athena; (iii) for the internal use of Client; and (iv) from and within the United States. If Client is live on the athenaCollector Service, Client shall not use, directly or indirectly, any patient service-related billing system or method other than athenaNet and the athenaNet Services, including cash billing systems, unless Client (i) uses a different tax identification number for claims submitted through a different billing system, or (ii) agrees to use Athena’s mixed remittance process with respect to such claims.
(b) Client shall ensure that each Authorized User complies with the terms of this Agreement as well as Applicable Law. Client shall terminate any Authorized User’s access to athenaNet (i) when such person no longer meets the definition of “Authorized User;” (ii) if conduct by such Authorized User breaches any term of this Agreement; or (iii) upon such Authorized User’s indictment, arrest, or conviction of any crime related to claims or other transactions, financial relationships, or financial dealings in connection with health care, and Client shall immediately inform Athena of any such indictment, arrest, or conviction. Client is responsible for all acts and omissions of any Authorized User in connection with such Authorized User’s access and use of athenaNet. Athena may restrict, suspend, or terminate an Authorized User’s access to athenaNet if Athena determines in its reasonable discretion that such access has an adverse effect on Athena.
(c) Client shall monitor Authorized Users’ use of passwords and require Authorized Users to protect their passwords and log in credentials. Client is responsible for any use of data, information, or services obtained through athenaNet by Authorized Users. Except as expressly permitted under this Agreement, Client shall not and shall cause its Authorized Users not to: (i) access or use Athena Property in connection with the provision of any services to third parties; (ii) resell, rent, license, lease, provide service bureau or timeshare services, transfer, encumber, copy, distribute, publish, exhibit, transmit or otherwise make available to any third party any Athena Property; (iii) derive specifications from, reverse engineer, reverse compile, disassemble, translate, record, or create derivative works based on Athena Property; (iv) use Athena Property in a manner that delays, impairs, or interferes with system functionality for others or that compromises the security or integrity of any data, equipment, software, or system input or output, including but not limited to introduction of any viruses or malware into athenaNet; (v) enter data in athenaNet that is threatening, harmful, lewd, offensive, defamatory, or that injures or infringes the rights of others; (vi) apply systems to extract or modify information in athenaNet using technology or methods such as those commonly referred to as “web scraping,” “data scraping,” or “screen scraping;” (vii) use Athena Property or any part or aspect thereof for any unlawful purpose or to mislead or harass anyone; or (viii) use Athena Property except as specifically permitted under this Agreement. Use of or access to Athena Property not in accordance with the terms of this Agreement is strictly prohibited. Any violation of this Section 4 will cause Athena irreparable and immediate harm, and Athena is entitled to injunctive relief to prevent such violation.
Section 5. Confidential Information. Each Party shall exercise reasonable care to hold Confidential Information in confidence and not use it or disclose it to any other person or entity, except (i) as permitted under this Agreement or as reasonably necessary for the performance or enforcement of this Agreement; (ii) as agreed in writing by the other Party; (iii) for the Party’s proper management and administration (provided that it obtains reasonable assurances from all recipients that they will keep the information confidential and use it only for the purpose of its disclosure); or (iv) as required by law. The Parties shall also comply with the terms set forth in Exhibit A hereto.
Section 6. Usage and Ownership. Except for the right to use Athena Property subject to the terms and conditions contained herein, this Agreement does not confer on Client a license in, ownership of, or interest in Athena Property. Athena developed or acquired Athena Property exclusively at its private expense. Athena Property and all right, title, and interest in and to it is and will remain the exclusive property of Athena. Athena has the unrestricted and permanent right to use and implement all ideas, advice, recommendations, or proposals of Client and its personnel with respect to Athena Property in any manner and in any media. As between Athena and Client, Client retains all right, title and ownership rights to the Client Data. Client hereby grants to Athena a fully-paid up, worldwide, sub-licensable, perpetual, right and license to Client Data for the purpose of creating Athena Property.
Section 7. Compliance.
(a) Each Party shall comply with Applicable Law. Client is solely responsible for compliance with all legal and regulatory requirements with respect to Client’s use of athenaNet and athenaNet Services.
(b) The Parties agree that (i) any fees charged or amounts paid hereunder are not intended, nor will they be construed to be, an inducement or payment for referral of patients among Athena, Client, or any third party, and (ii) neither Party will enter into any agreements, or otherwise make any payments, for the purpose of rewarding the referral of patients among Athena, Client, or any third party.
(c) The Parties shall each separately maintain effective compliance programs consistent with the relevant compliance guidelines set forth by the Office of the Inspector General of the Department of Health and Human Services. The Parties shall cooperate with each other to provide prompt, accurate, and full responses to any material inquiry or concern of either Party related to compliance and to any reasonable request by either Party for clarification, documentation, or further information concerning Client billing or Client’s provision of, or referrals related to, health services for its patients.
(d) Client shall not bill or claim payment in any form, directly or indirectly, from any government health care program or other third-party payer for the cost of any athenaNet Services, including, without limitation, on a government cost report.
(e) Client agrees that (i) no payment to or receivable of Client or any Billable Provider is or will be assigned to Athena, and Athena is not and will not be deemed to be the beneficiary of any such payment or receivable, and all such payments and receivables (including, but not limited to, checks and electronic fund transfers) will be payable to and will remain the property of Client or the Billable Provider; (ii) Athena will not endorse or sign any check or instrument; (iii) any lockbox or other account into which Client payments or receivables are properly deposited will remain in the name of, and under the sole ownership and control of, Client or the Billable Provider; (iv) Athena will not be a signatory on or have any power to transfer or withdraw from any account into which Client or Billable Provider payments or receivables from any federally funded program are properly deposited; and (v) in the event funds are deposited in error to Client’s lockbox or other Client account, Client shall promptly repay an amount equal to such deposited amount as directed by Athena.
(f) Client shall verify and is solely responsible for the accuracy, completeness, and appropriateness of all information entered into or selected in athenaNet or the Third Party Items. The professional duty to treat the patient lies solely with Client, and use of information contained in or entered into athenaNet or provided through athenaNet Services in no way replaces or substitutes for the professional judgment or skill of Client. Client is responsible and liable for the treatment of patients as to whom Client and its personnel access or use athenaNet Services, including responsibility for personal injury or loss of life. Client represents and warrants to Athena that (i) all data it provides to Athena or that it selects in athenaNet, including, but not limited to, codes and practitioner identifiers, are accurate and in conformity with all legal requirements; (ii) its medical records appropriately support all codes that it enters, selects, or approves; (iii) it and its personnel are duly authorized to enter and access such data; and (iv) Athena is duly authorized to receive, use, and disclose such data subject to the terms of this Agreement. Athena is not a health plan or healthcare provider and it cannot and does not independently review or verify the medical accuracy or completeness of the medical information entered into, or made available to it in, athenaNet. Use of and access to athenaNet Services, including, but not limited to, clinical information in athenaNet, is at the sole risk and responsibility of Client, Authorized Users, and any practitioner or health care provider or facility using data provided by Athena as part of athenaNet Services. Athena will not be liable for any action or inaction of Client which may give rise to liability under the federal False Claims Act or any state version thereof.
Section 8. Warranties and Limitations.
(a) Athena warrants to Client that, to Athena’s knowledge, athenaNet Functionality, when used properly and as expressly authorized by Athena, does not infringe any valid patent, registered copyright, or other registered intellectual property right under the laws of the United States, provided that Athena makes no warranty to the extent that such infringement results from (i) use or access of athenaNet by Client in combination with any data, software, or equipment provided by Client or any third party that could have been avoided by use or access of athenaNet without such data, software, or equipment, or (ii) any breach of any agreement by, or any negligent or other wrongful act or omission of, Client or any party acting on behalf of Client.
(b) Each Party represents and warrants to the other Party on a continuing basis through the term of this Agreement that (i) it has the requisite corporate power and authority to execute and perform its obligations under this Agreement; (ii) the person executing this Agreement on its behalf has the authority to bind it hereunder and that such Party’s execution of this Agreement is not in violation of such Party’s bylaws, certificate of incorporation or other comparable document; (iii) the execution of this Agreement does not constitute a material breach by such Party of any covenants or agreements by which such Party or any of its assets are bound; and (iv) neither it nor any of its personnel to its knowledge (A) has been convicted of any crime arising from claims or other transactions, financial relationships, or financial dealings in connection with health care, or (B) has been excluded from any federal or state health care program.
(c) Client represents, warrants, and covenants to Athena that (i) it and its Billable Providers are, and will be, duly licensed and authorized to provide and bill for the health services they render; and (ii) all athenaNet local rule requests, technical requests, or other requests, waivers, or directives by or on behalf of Client are and shall remain compliant with Applicable Law and with all applicable payer requirements.
(d) Except as expressly provided herein, Athena disclaims all representations and warranties of any kind or nature, express or implied (either in fact or by operation of law), with respect to any service or item provided hereunder. Except as expressly provided herein, Athena Property is provided “as is.” Athena does not warrant that Athena property will be error-free or will be provided (or available) without interruption or meet Client’s business or operational needs. Client has not relied on any representations, warranties, or statements of fact not specifically included in this Agreement, and shall not assert, and shall cause its affiliates and personnel not to assert, any claim against Athena with respect to its or their reliance on any representations, warranties or statements of fact not specifically included in this Agreement.
(e) No claim against Athena of any kind under any circumstances may be asserted or filed more than one year after Client knows, or in the exercise of reasonable care could know, of any circumstances, whether by act or omission, that may give rise to such claim.
(f) The remedy of a credit with respect to any “Minimum Service Commitment” described in the applicable Service Description will be the sole and exclusive remedy for the acts or omissions of Athena relating to the performance of that Minimum Service Commitment. Notwithstanding any provision in this Agreement to the contrary, the combined aggregate credit remedy with respect to all Minimum Service Commitments on account of any month is limited to a maximum of 20% of Client’s monthly service fee for that month.
(g) Athena’s cumulative, aggregate liability in connection with or arising in any way or in any degree from this Agreement, from athenaNet Services, or otherwise from the acts or omissions of Athena will not exceed the lesser of (i) $500,000, or (ii) the total amount paid by Client to Athena in the 12 months before such claim arose. If damages are measured by the cost of medical services provided or the dollar value of claims submitted, Athena’s liability for such damages will not exceed the service fees attributable to such services or claims. Athena will not be liable for any failure to provide services, content, or functionality with respect to any claim, statement, or transaction that Athena believes in good faith arises from, in connection with, or contains inaccurate, misleading, or otherwise improper information. Notwithstanding anything to the contrary, Athena will not be liable for indirect, exemplary, punitive, special, incidental, or consequential damages or losses; lost profits or business opportunities; loss of data; or the cost of procurement of substitute items or services. Client hereby acknowledges that the remedies set forth above are reasonable and will not fail of their essential purpose.
Section 9. Third Party Items. As applicable in connection with athenaNet Services, Athena hereby grants to Client and its Authorized Users a limited, non-exclusive, non-transferable, non-licensable right to access and use the Third Party Items through athenaNet during the term of this Agreement, subject to the Third Party Terms. Athena may modify the Third Party Terms in the event Athena adds or replaces Third Party Items or as required in connection with changes to the third party license agreements for the Third Party Items. Athena agrees to use commercially reasonable efforts to post the current Third Party Terms on athenaNet and notify Client through an alert on athenaNet when Athena has posted revised Third Party Terms. The Third Party Items will not be deemed part of Athena Property. All rights granted in this Section 9 are solely for Client and its Authorized Users’ use in connection with athenaNet Services and will terminate on the earlier of expiration or termination of (i) this Agreement, or (ii) the applicable agreement between Athena and the licensor of the Third Party Items.
Section 10. Force Majeure.
(a) If a Force Majeure Event prevents a party from complying with any one or more obligations under this Agreement, that inability to comply will not constitute breach if (i) that Party uses reasonable efforts to perform those obligations; (ii) that Party’s inability to perform those obligations is not due to its failure to (x) take reasonable measures to protect itself against events or circumstances of the same type as that Force Majeure Event, or (y) develop and maintain a reasonable contingency plan to respond to events or circumstances of the same type as that Force Majeure Event, and (z) that Party complies with its obligations under Section 10(b).
(b) During a Force Majeure Event, the noncomplying party shall use reasonable efforts to limit damages to the other Party and to resume its performance under this Agreement.
Section 11. Mediation. The Parties shall submit any and all disputes, claims, or controversies arising out of or relating to this Agreement to JAMS, or its successor, for mediation in Boston, Massachusetts. Either Party may commence mediation by providing to JAMS and the other Party a written request for mediation, which must set forth the subject of the dispute, the relief requested, and the factual and legal bases for such relief. The Parties shall cooperate with JAMS and with one another in selecting a mediator from the JAMS panel of neutrals and in scheduling the mediation proceedings. The Parties shall participate in the mediation in good faith and equally share the costs of the mediation. If the dispute is not resolved by mediation, the Party seeking relief may pursue all remedies available at law, subject to the terms of this Agreement. Notwithstanding this Section 11, either Party may (i) terminate this Agreement according to its terms, or (ii) seek injunctive relief.
Section 12. Choice of Law; Forum. Any dispute arising out of or relating to this Agreement, including any conduct related to this Agreement following termination hereof (each, a “Dispute”) will be governed exclusively by the laws of the Commonwealth of Massachusetts, without regard to its conflicts of laws principles. The Federal District Court for the District of Massachusetts or the business litigation section of the state superior court of Massachusetts will be the exclusive venue for any resolution of any Dispute. The Parties hereby submit to and consent irrevocably to the jurisdiction of such courts for these purposes. The Parties hereby irrevocably waive any and all right to trial by jury in any legal proceeding arising out of or related to this Agreement.
Section 13. Notice. Notice under this Agreement means written notification addressed to the individual signing this Agreement at the address listed in Section 1, with a copy to the notified Party’s legal department that is (i) delivered by hand; (ii) sent by traceable nationwide parcel delivery service, overnight or next business day service; or (iii) sent by certified United States mail. Properly mailed Notice will be deemed given 3 days after the date of mailing, and other Notice will be deemed made when received. A Party may change its address for notice purposes by providing Notice of such change to the other Party.
Section 14. Miscellaneous. This Agreement constitutes the entire agreement between the Parties relating to athenaNet Services and supersedes all prior agreements, understandings, and representations relating to athenaNet Services. Except as otherwise provided herein, no change in this Agreement will be effective or binding unless signed by Client and a duly authorized representative of Athena. Neither Party will assign this Agreement without the written consent of the other, provided that either Party may assign this Agreement with no less than 90 days prior Notice as part of a corporate reorganization, consolidation, merger, change of control with respect to its outstanding stock, or sale of substantially all of its assets, and provided further that the assigning Party and the assignee will remain liable for any unperformed obligations under this Agreement arising prior to the effective date of any such transaction, and any attempt to assign this Agreement not in accordance with this Section 14 shall be null and void. This Agreement is binding on the Parties and their successors and permitted assigns. The Parties intend that nothing contained in this Agreement be construed to create a joint venture, partnership, or like relationship between the Parties, and their relationship is and will remain that of independent Parties to a contractual service relationship. Neither Party will be liable for the debts or obligations of the other Party. Client shall not advertise, market, promote, or publicize in any manner its use of and access to athenaNet Services without the express written consent of Athena in each instance. Except as explicitly set forth herein, none of the provisions of this Agreement will be for the benefit of or enforceable by any third party. Section titles are for convenience only and will not affect the meaning of this Agreement. No failure by a Party to insist upon the strict performance of any term or condition of this Agreement or to exercise any right or remedy hereunder will constitute a waiver. Despite the possibility that one Party or its representatives may have prepared the initial draft of this Agreement or any provision hereof or played a greater role in the preparation of subsequent drafts, neither Party shall be deemed the drafter of this Agreement and no provision hereof shall be construed in favor of one Party on the ground that such provision was drafted by the other. Client shall not join or consolidate claims by other clients, or pursue any claim as a representative or class action or in a private attorney general capacity. In connection with athenaNet Services, a copy of a signed document sent by PDF or telephone fax will be deemed an original in the hands of the recipient. If any term or provision of this Agreement is invalid, illegal or unenforceable, such invalidity, illegality or unenforceability will not affect any other term or provision of this Agreement or invalidate or render unenforceable such other term or provision. This Agreement may be executed in one or more counterparts and exchanged by electronic means, each of which shall be deemed an original, and all of which together constitute only one agreement between the Parties. The following Sections of this Agreement will survive termination and continue in force: Sections 1, 2(b), 3(g), 5, 6, 7(e)(v), 8(c)-(g), 9, and 11 through 14.
EXHIBIT A - TO ATHENAHEALTH MASTER SERVICES AGREEMENT
Business Associate Agreement
Article 1. Definitions. Capitalized terms used but not defined herein have the meaning attributed to them in (i) the Agreement; or (ii) under HIPAA. In the event of a conflict, the definition under HIPAA controls. “HITECH Act” means the Health Information Technology for Economic and Clinical Health Act of 2009, as may be amended from time to time. “Unsuccessful Security Incident” means activities such as pings and other broadcast attacks on firewalls, port scans, unsuccessful log-on attempts, denials of service, and any combination of the foregoing, so long as no such incident results in unauthorized access, use, disclosure, modification, or destruction of Client PHI.
Article 2. Athena’s Duties. Athena shall:
(a) not Use or Disclose Client PHI except (i) as required or permitted by law; (ii) as permitted under the terms of the Agreement or any permission of Client under the Agreement; or (iii) as incidental under HIPAA to another permitted Use or Disclosure;
(b) use reasonable and appropriate safeguards designed to prevent Use or Disclosure of Client PHI other than as provided in the Agreement, and implement administrative, physical, and technical standards in accordance with the Security Rule designed to protect the confidentiality, integrity, and availability of Client PHI;
(c) mitigate, to the extent practicable, any harmful effect of a Use or Disclosure of Client PHI by Athena that is known to Athena to violate the requirements of the Agreement;
(d) limit its request for Client PHI to the minimum amount necessary to accomplish the intended purpose of requests for, and Uses and Disclosures of, Client PHI in accordance with 45 C.F.R. 502(b)(1);
(e) report to Client as soon as practicable and as required by HIPAA and the HITECH Act any known Use or Disclosure of Client PHI by Athena not as provided by the Agreement resulting in a Breach of Unsecured PHI. Such notification shall be made without unreasonable delay following the date of discovery to enable Client to comply with the Breach disclosure requirements under the HITECH Act. Athena shall include within such notice identification, to the extent possible, of each Individual whose Unsecured PHI has been, or is reasonably believed by Athena to have been, accessed, used, or disclosed through the Breach and any other valuable information known to Athena that Client is required to include in its notice to affected Individuals. The reporting requirement set forth hereunder includes, without limitation, disclosures that Athena is aware of that would need to be included in Client’s Accounting of Disclosures under HIPAA and/or HITECH Act, provided that Athena is required by HIPAA and the HITECH Act as a Business Associate of Client to include such disclosures;
(f) report to Client any Security Incident with respect to Client PHI as required by HIPAA and the HITECH Act. This Article 2(f) constitutes notice by Athena to Client of the ongoing existence, occurrence, or attempts of Unsuccessful Security Incidents, for which no additional notice to Client is required;
(g) require any agent, including a subcontractor, under the Agreement that creates, receives, maintains, or transmits Client PHI on behalf of Athena to agree in writing to substantially the same restrictions and conditions with respect to Client PHI that apply through this Exhibit A to Athena with respect to such PHI;
(h) at the request of Client, provide access to Client PHI in a Designated Record Set to Client or, as properly directed by Client, to an Individual, in order to meet the requirements under 45 C.F.R. §164.524;
(i) at the request of Client, make any amendment to Client PHI in a Designated Record Set that Client properly directs or agrees to pursuant to 45 C.F.R. §164.526;
(j) maintain and make available the information required to provide an Accounting of Disclosures to Client (or an Individual, as applicable) as necessary to satisfy Client’s obligations under 45 C.F.R. §164.528;
(k) make its internal practices, books, and records relating to the Use and Disclosure of Client PHI available to the Secretary of Health and Human Services for purposes of the Secretary’s determination of Client’s compliance with HIPAA requirements; and
(l) to the extent that Athena is to carry out any Client obligation(s) under the Privacy Rule, comply with the requirements of the Privacy Rule that apply to Client in the performance of such obligation(s).
Article 3. Client’s Duties. Client shall:
(a) not request, direct, or cause Athena to Use or Disclose PHI unless such Use or Disclosure is in compliance with Applicable Law relating to the privacy and security of patient data and is the minimum amount necessary for the legitimate purpose of such Use or Disclosure;
(b) notify Athena of any limitation in its notice of privacy practices in accordance with 45 C.F.R. §164.520, to the extent that such limitation may affect Athena’s Use or Disclosure of Client PHI;
(c) notify Athena of any changes in, or revocation of permission by, an Individual to Use or Disclose Client PHI, to the extent that such changes may affect Athena’s Use or Disclosure of Client PHI; and
(d) notify Athena of any restriction on the Use or Disclosure of Client PHI that Client has agreed to in accordance with 45 C.F.R. §164.522, to the extent that such restriction may affect Athena’s Use or Disclosure of Client PHI.
Article 4. Business Associate Permitted Purposes.
(a) Athena’s Use and Disclosure of Client PHI is permitted for the following purposes: (i) to provide athenaNet Services (including, but not limited to, receipt from and disclosure to payers, patients, vendors, and others in order to provide athenaNet Services); (ii) for Payment, Health Care Operations, and Treatment (including, without limitation, testing and set up of electronic linkages for Payment transactions); (iii) as requested by Client or an authorized governmental agent for the public health activities and purposes set forth at 45 C.F.R. § 164.512(b); (iv) to provide data aggregation services as permitted by 45 C.F.R. §164.504(e)(2)(i)(B); and (v) to de-identify Client PHI in accordance with 45 C.F.R. §164.514(b), and use or disclose such de-identified information as permitted by Applicable Law. All de-identified information created by Athena in compliance with the Agreement will belong exclusively to Athena, provided that Client will not hereby be prevented from itself creating and using its own de-identified information.
(b) Athena may Use Client PHI to carry out its legal responsibilities or for its proper management and administration, including, without limitation, making and maintaining reasonable business records of transactions in which Athena has participated or athenaNet has been used (including back-up documentation).
(c) Athena may Disclose Client PHI to carry out its legal responsibilities or for its proper management and administration; provided that (i) such disclosures are required by Applicable Law; or (ii) Athena obtains prior written reasonable assurances from the person to whom the information is disclosed that the information will remain confidential and used or further disclosed only as required by Applicable Law or for the purpose(s) for which it was disclosed to the person, and the person notifies Athena of any instances of which it is aware in which the confidentiality of the information has been breached in accordance with the breach notification requirements of this Exhibit A.
Article 5. Business Associate Termination. Upon termination of the Agreement, to the extent feasible, Athena shall return, destroy, or continue to extend protections to and limit the use and disclosure of Client PHI to the extent required by and in accordance with 45 C.F.R. §164.504(e)(2)(ii)(J), provided that the Parties agree that it is not feasible in light of reasonable business requirements, regulatory compliance requirements, and the rights and obligations under the Agreement for Athena to return or destroy its business records and transaction databases, including, but not limited to, databases that reflect the use of athenaNet and information that Client or Athena has entered in athenaNet in the course of the Agreement to enable or perform athenaNet Services.
Article 6. Business Associate Default. Any material default by Athena of its obligations under Articles 2 through 4 will be deemed a default of a material provision of the Agreement, and if cure of such default and termination of the Agreement are not feasible, Client may report the default to the U.S. Secretary of Health and Human Services and shall provide the same information to Athena concurrently, where permitted by Applicable Law.
Article 7. Athena Business Records. Subject to the other requirements and limitations of this Exhibit A, the business records of Athena and all other records, electronic or otherwise, created or maintained by Athena in performance of the Agreement will be and remain the property of Athena, even though they may reflect or contain Client PHI.