Terms of Service

Healthcare Provider User Agreement

This Healthcare Provider User Agreement only applies to users of CancerIQ’s Applications.

THIS IS A LEGALLY BINDING AGREEMENT between Cancer IQ, Inc., a Delaware corporation (“Cancer IQ,” “we” or “us”), and you. BY CLICKING “I AGREE,” OR BY OTHERWISE SIGNING UP OR FOR AN ACCOUNT, OR BY ACCESSING OR USING THE SERVICES (DEFINED BELOW), YOU ARE ENTERING INTO THIS HEALTHCARE PROVIDER USER AGREEMENT (THIS “AGREEMENT”) AND YOU AGREE TO BE BOUND BY ITS TERMS AND CONDITIONS. Please read this Agreement carefully, and do not sign up for an account or use the Services if you are unwilling or unable to be bound by this Agreement. You and we are collectively referred to as the “Parties.”

  1. Definitions

For the purposes of this Agreement, the terms set forth in this Section 1 have the meanings assigned to them below. Terms not defined below or in the body of this Agreement (whether or not capitalized) have the definitions given to them in HIPAA.

Administrative Rights” means the rights to administer and direct the use of a Provider’s account, including the authority to provide, request, issue, administer and limit the access rights to other User accounts issued to such Provider’s Authorized Workforce, as well as the rights to integrate, connect, or otherwise share Your Information with, or receive Protected Health Information from, third parties through the Services.

Authorized Workforce” means those natural persons who are members of your Workforce who you have identified (by their legal names, and the legal names of their employers) in your account as authorized to access the Services on your behalf.

CIQShare®” means the feature of the Services through which we make Your Health Information available to other users of the Services with your Consent, or make Protected Health Information of other users of the Services available to you with their Consent.

Clinical Data Exchange” means the exchange, with your Consent, of Protected Health Information (and Your Personal Information as necessary) between You and covered entities (and their business associates) for any permitted purpose, including, to the extent applicable, care coordination, performance or quality measurement programs (such as HEDIS), and risk adjustment.

Confidential Information” means any information relating to our business, financial affairs, current or future products or technology, trade secrets, workforce, customers, or any other information that is treated or designated by us as confidential or proprietary, or would reasonably be viewed as confidential or as having value to our competitors. Confidential Information does not include information that we make publicly available or that becomes known to the general public other than as a result of a breach of an obligation by you. Confidential Information does not include individuals’ health information.

Consent” means consent or authorization by a user of the Services allowing us to take actions described under this Agreement, which the user of the Services may give in an electronic communication to us or by use of the features of the Services (such as “share,” “transmit,” “refer,” “authorize,” “agree” and the like).

Credentials” means any unique identifier, password, token, credential, any combination thereof, or other means we may utilize from time to time for authorizing access to all or any portion of the Services.

De-Identified Health Information” means health information that has been de-identified in accordance with the provisions of the Privacy Rule.

De-Identified Information” means De-Identified Health Information and De-Identified Personal Information.

De-Identified Personal Information” means Personal Information from which a user’s name and other unique identifiers have been removed, and from which the user cannot reasonably be identified.

De-Identify,” with respect to Personal Information, means to make such information into De-Identified Personal Information and with respect to health information, means to make such health information into De-Identified Health Information.

HIPAA” means the administrative simplification provisions of the Health Insurance Portability and Accountability Act of 1996, and the regulations promulgated thereunder, including the Privacy Rule and the Security Rule, as amended.

HITECH Act” means the Health Information Technology for Economic and Clinical Health Act of 2009, and regulations promulgated thereunder.

Personal Information” means information that identifies you personally.

Policies and Procedures” means our rules, regulations, policies and procedures for access to and use of the Services, as changed from time to time and as posted electronically on our Internet website.

Privacy Rule” means the Standards for Privacy of Individually Identifiable Health Information at 45 CFR Part 160 and Part 164, Subparts A and E, as amended.

Protected Health Information” has the meaning given it in the Privacy Rule.

Provider” has the same meaning as “health care provider” given in 45 CFR §160.103.

Provider of Record” has the meaning given in Section 3.1.1.

Security Rule” means the Security Standards for the Protection of electronic Protected Health Information at 45 CFR Part 160 and Part 164, Subparts A and C, as amended.

Services” means our cancer risk assessment services, including our screening reports, risk assessment reports, medical management plans, practice management services, peer-to-peer support services and other operations workflow solutions and other services provided by us to you.

Term” means the initial term and all renewal terms of this Agreement as provided in Section 16.1.

User” (capitalized) means a natural person who has been authorized pursuant to this Agreement to access the Services on your behalf; a “user” (un-capitalized) shall mean any user of the Services.

Workforce” means a Provider’s employees, volunteers, trainees, and other persons whose conduct, in the performance of work for Provider, is under the direct control of such Provider, whether or not they are paid by the Provider.

Your Health Information” means Protected Health Information that you or your Workforce input or upload onto the Services or that we receive on your behalf from your authorized service providers or our third party partners pursuant to Section 4.1.10.

Your Information” means information that you or your Workforce input or upload onto the Services, including Your Personal Information and Your Health Information.

Your Personal Information” means Personal Information that you or your Workforce enter or upload onto the Services.

In addition, the words “include,” “includes” and “including” shall be deemed to be followed by the phrase “without limitation.” The word “will” shall be construed to have the same meaning and effect as the word “shall.” The word “or” shall be construed to have the same meaning and effect as “and/or.” The words “herein,” “hereof” and “hereunder,” and words of similar import, shall be construed to refer to these Terms of Use. The headings used in this Agreement are used for convenience only and are not to be considered in construing or interpreting this Agreement.

  1. Grant of Right to Use the Services
    • 1We grant to you and you accept a non-exclusive, personal, non-transferable (except as expressly permitted in Section 19.2), limited right to access and use the Services, and a non-exclusive, personal, non-transferable, limited license to use any computer software furnished by us for access to or use of the Services during the Term, subject to your full compliance with the terms and conditions set forth in this Agreement and with our Policies and Procedures. You will not: (a) use the Services for time-sharing, rental or service bureau purposes; (b) make the Services, in whole or in part, available to any other person, entity or business; (c) copy, reverse engineer, decompile or disassemble the Services, in whole or in part, or otherwise attempt to discover the source code to the software used by the Services; or (d) modify, combine, integrate, render interoperable, or otherwise access for purposes of automating data conversion or transfer, the Services or associated software with any other software or services not provided or approved by us. You will obtain no rights to the Services except for the limited rights to use the Services expressly granted by this Agreement.
    • 2The Services include certain third-party software, services, and applications that may require that you enter into separate agreements with third parties. We may also make available optional services provided by third parties, such as electronic orderinging and clinical laboratory reporting services. You will comply with and, upon request, execute, any agreements that may be required for the use of such software or services, and hereby agree to comply with the terms of any license or other agreement relating to third-party products included in the Services or made accessible to you through the Services. Additionally, your use of the Services or of such third-party products or services will constitute your agreement to be bound by the terms of all licensing, subscription and similar agreements relating to such use.
  2. Access to the Services
    • Access Rights of Providers and their Authorized Workforce.
      • 1.1 Provider of Record. We offer the Services to Providers and to natural persons who are members of such Providers’ Authorized Workforce, as more fully described in this Section 3.1. All persons who sign up for an account on behalf of a Provider must furnish, among other things, that Provider’s full legal name and fictitious business name(s) (i.e., trade name, d/b/a or “doing business as”) as part of the sign-up process. We treat the Provider in whose name the account is established as the owner of all User accounts associated with such Provider, and we call this Provider the “Provider of Record.” The Provider of Record may be changed in accordance with Section 19.1.
      • The Provider of Record is a party to this Agreement for all purposes. Although a member of a Provider of Record’s Authorized Workforce may have signed up for an account or electronically entered into this Agreement, or may continue to administer Administrative Rights on the Provider of Record’s behalf, only the Provider of Record is entitled to any of the rights, remedies or benefits under this Agreement and control over the Administrative Rights. The Provider of Record is likewise subject to all of the covenants, restrictions, limitations, representations, warranties, waivers and releases included in this Agreement. The Provider of Record may delegate Administrative Rights to one or more members of the Provider of Record’s Authorized Workforce, but the Provider of Record remains responsible for all activity occurring thereunder.
        • (a) Incomplete or Inaccurate Registration Information. A Provider that has failed to complete the registration information sufficient to establish itself as the Provider of Record may not be able to access all of the Services. In addition, until such Provider completes such registration information, such Provider agrees and acknowledges that it is subject to, and we may enforce against it, all of the covenants, obligations, restrictions, limitations, acknowledgements, Consents, representations and warranties set forth in this Agreement that are applicable to the person addressed as “you” in this Agreement, and such Provider hereby grants and makes all rights, waivers and releases set forth in this Agreement that are granted and made by the person addressed as “you” in this Agreement, but such Provider is entitled to none of, and hereby waives and agrees not to assert any of, the rights, remedies or benefits under this Agreement (otherthan our assurances and obligations under Section 9 below, which such Provider shall have the right to enforce). Once a Provider’s registration has been submitted sufficient to establish its status as the Provider of Record, this provision shall cease to apply.
      • 1.2 Authorized Representatives. An authorized representative of a Provider may obtain an account on behalf of such Provider, and may have administrative privileges on the account. We call the person(s) authorized to act on behalf of a Provider the “Authorized Representative(s)” of such Provider. The Provider and Authorized Representative may be the same person. The Provider and Authorized Representative may be the same person. If you are establishing an account or taking any action with respect to a Provider’s account, you represent and warrant that (a) you have the authority to act on such Provider’s behalf either as owner/principal or as a member of such Provider’s Authorized Workforce, (b) the information you submit is complete and accurate, and (c) you have the authority to enter into this Agreement on behalf of such Provider and bind such Provider to the covenants, obligations, restrictions, limitations, acknowledgements, Consents, representations, warranties, grants, waivers and releases contained in this Agreement. If you are an Authorized Representative, you recognize that you have no personal rights with respect to such Provider’s account, and that such Provider may change the Authorized Representative at any time, for any or no reason, with or without notice.
      • 1.3 Authorized Workforce. If you are a member of a Provider’s Authorized Workforce, and such Provider has authorized you to access the Services on its behalf by authorizing a Credential for you, thenyou are authorized under this Agreement to access the Services solely on behalf and at the direction of such Provider. As such, you may sign in and use the functionality of the Services solely on behalf and at the direction of such Provider. You consent to and authorize the disclosure to such Provider any content related to, or otherwise generated by your use of the Services, including secure messages. You hereby agree and acknowledge that you are subject to, and we may enforce against you, all of the covenants, obligations, restrictions, limitations, acknowledgements, Consents, representations and warranties set forth in this Agreement that are applicable to the person addressed as “you” in this Agreement, and you hereby grant and make all rights, waivers and releases set forth in this Agreement that are granted and made by the person addressed as “you” in this Agreement, but you are entitled to none of, and hereby waive and agree not to exercise or assert any of, the rights, remedies or benefits under this Agreement other than the limited, non-exclusive, non-transferable, personal right under this Section 3.1.3 to sign in and use the functionality of the Services solely on behalf and direction of such Provider. Notwithstanding the applicable provisions at Section 16, you acknowledge that your access to the Services may be terminated by the Provider or us at any time, for any reason or no reason at all, with or without notice. By (i) accessing any of the Services under a Provider’s account(s), or (ii) contacting us by any means and requesting or directing us to take any action with respect to any Provider’s account(s) or data held by such account(s), or (iii) asserting any right or authority with respect to such account(s) or data, you represent and warrant that you have the authority to act on such Provider’s behalf and that you are not using the Services, or otherwise engaging in the activities described in clauses (i) through (iii) above, for the benefit or at the direction, of any person or entity other than such Provider.
    • Trial Use. We also offer the Services on a limited basis to trial users under this Section 3.2. If you have signed-up for an account for the purpose of evaluating the Services or to use the Services for academic coursework (collectively, “Trial Use”), you may use the Services only in connection with such Trial Use. As such, you hereby agree and acknowledge that you are subject to, and we may enforce against you, all of the covenants, obligations, restrictions, limitations, acknowledgements, Consents, representations and warranties set forth in this Agreement that are applicable to the person addressed as “you” in this Agreement, and you hereby grant and make all rights, waivers and release set forth in this Agreement that are granted and made by the person addressed as “you” in this Agreement, but you are entitled to none of, and hereby waive and agree not to exercise or assert any of, the rights, remedies or benefits under this Agreement other than the limited, non-exclusive, non-transferable, personal right under this Section 3.2 to sign-in and make Trial Use of the functionality of the Services. Notwithstanding the applicable provisions at Section 16, you acknowledge that your access to the Services may be terminated by us at any time, for any reason or no reason at all, with or without notice. You also hereby acknowledge and agree that in the event that you at any time use the Services in the course of providing healthcare services to any individual or you enter any health information of any Individual, (a) your Trial Use license will immediately convert, without further action by either Party, to the relevant license described in Section 3.1 if the circumstances described in Section 3.1.1, Section 3.1.2 or Section 3.1.3 apply, or (b) if none of those sections applies, you are not authorized to access or use the Services, and must immediately cease such access or use.
    • Verification. You agree that your use of the Services is subject to verification by us of your identity and credentials as a health care provider, and to your ongoing qualification as such. You agree that we may use and disclose Your Personal Information for such purposes, including making inquiry of third parties concerning your identity and professional and practice credentials. You authorize such third parties to disclose to us such information as we may request for such purposes, and you agree to hold them and us harmless from any claim or liability arising from the request for or disclosure of such information. Notwithstanding the applicable provisions at Section 16, you agree that we may terminate your access to or use of the Services at any time if we are unable at any time to determine or verify your qualifications or credentials.
    • Permitted Uses.
      • 4.1Subject to the terms of this Agreement, you may use Your Health Information for any purpose expressly permitted by applicable law, including treatment, payment and health care operations.
      • 4.2If you are granted access rights to another user of the Services’ Protected Health Information through ChartShare or another Service, you may use such information for treatment and for obtaining payment for treatment; providedthat, except as expressly authorized in our Policies and Procedures, (i) you may access only information pertaining to individuals with whom you have a treatment relationship or for whom a provider who has a treatment relationship with the individual has requested a professional consultation from you, or from whom you have received authorization to use their health information; and (ii) you may use only the minimum necessary information for payment purposes.
      • 4.3You will not use the Services for any purposes other than those described in Section 3.4.1 or Section 3.4.2. In particular, you will not:
        • (a)reproduce, publish, or distribute content in connection with the Services that infringes any third party’s trademark, copyright, patent, trade secret, publicity, privacy, or other personal or proprietary right; nor
        • (b)use the Services to transmit illegal, obscene, threatening, libelous, harassing, or offensive messages, or otherwise unlawful material.

In addition, to further safeguard the confidentiality, integrity and availability of the information and other elements housed in the Services, as well as the stability of the Services, you agree you will not, nor attempt to, or authorize anyone to, or attempt to:

  • (c)(i) Abuse or misuse the Services, including gaining or attempting to gain unauthorized access to the Services, or altering or destroying information housed in the Services, except in accordance with accepted practices; (ii) use the Services in a manner that interferes with other users’ use of the Services; (iii) use the Services in any manner that violates our Policies and Procedures; or (iv) use any ad blocking mechanism, device, or tool to prevent the placement of advertisements in the Services;
  • (d)Circumvent any technical measures we have put in place to safeguard the Services or the confidentiality, integrity or accessibility of any information housed thereon, or any technical measures we have put in place to restrict access to the Services solely to the class of persons expressly so authorized pursuant to Sections 3.1.1 through 3.1.3; and
  • (e)Access any portion of the Services other than with a commercial browser (such as Internet Explorer, Mozilla Firefox or Chrome) or mobile applications developed and operated by us.
  • Clinical Support Information. We may provide information to assist you in clinical decision-making. This may include information and reminders concerning drug interactions, allergies, dosages, as well as general health-care related information and resources. We may also provide forums for our users to exchange information. You agree that the information and materials available through the Services are for informational and educational purposes only and are not intended to constitute professional advice, diagnosis or treatment, or to substitute for your professional judgment. Information may be placed in the Services by us and by third parties beyond our control. We are not responsible for the accuracy or completeness of information available from or through the Services. You assume full risk and responsibility for the use of information you obtain from or through the Services, and neither we nor any of our licensors or data providers are responsible or liable for any claim, loss, or liability arising from use of the information. We do not recommend or endorse any provider of health care or health-related products, items or services, and the appearance of materials in the Services relating to any such products, items or services is not an endorsement or recommendation of them. You will review the definitions, functionality, and limitations of the Services, and to make an independent determination of their suitability for your use. We and our suppliers and licensors disclaim all warranties, whether expressed or implied, including any warranty as to the quality, accuracy, and suitability of the information provided by the Services for any purpose.
  • Safeguards.
    • 6.1You will implement and maintain appropriate administrative, physical and technical safeguards to protect information within the Services. Such safeguards shall comply with federal, state, and local requirements, including the Privacy Rule and the Security Rule, whether or not you are otherwise subject to HIPAA. You will maintain appropriate security with regard to all personnel, systems, and administrative processes used by you or members of your Workforce to transmit, store and process electronic health information through the use of the Services.
    • 6.2You will immediately notify us of any breach or suspected breach of the security of the Services of which you become aware, or any unauthorized use or disclosure of information within or obtained from the Services, and you will take such action to mitigate the breach, suspected breach, or unauthorized use or disclosure of information within or obtained from the Services as we may direct, and will cooperate with us in investigating and mitigating the same.
  • User Identification. We authorize you and your Authorized Workforce to use the Credentials uniquely assigned to, or selected by, each such individual User. You acquire no ownership rights in any such Credentials, and such Credentials may be revoked or changed at any time in the discretion of us or the Provider of Record. You will adopt and maintain reasonable and appropriate security precautions for your Credentials to prevent their disclosure to or use by unauthorized persons. Each member of your Authorized Workforce shall have and use a unique identifier. You will ensure that no member of your Workforce uses Credentials assigned to another Workforce member.
  • No Third-Party Access. Except as required by law, you will not permit any third party (other than persons who satisfy the definition of Authorized Workforce and meet the requirements of Section 3.1.3) to use or access the Services without our prior written agreement. Nor will you authorize or assist any person or entity in accessing, or attempting to access, any portion of the Services via any means other than a commercial browser (such as Internet Explorer, Mozilla Firefox or Chrome) or a mobile app that we have authored and provided to you. You will promptly notify us of any order or demand for compulsory disclosure of health information if the disclosure requires access to or use of the Services. You will cooperate fully with us in connection with any such demand. You will also notify us in the event that any person or entity, whether or not a member of your Authorized Workforce, (a) attempts to access the Services by any means other than a commercial browser, (b) claims to offer a service or system that “integrates with” our Services or (c) requests to use your Credentials or requests that you obtain Credentials in order to access to the Services in a manner that would violate this Agreement if you engaged in such activity.
  • Your Workforce. You may permit your Authorized Workforce to use the Services on your behalf, subject to the terms of this Agreement. You will:
    • 9.1require each member of your Authorized Workforce to have unique Credentials, and will provide the legal name(s) of each such member for which you are seeking Credentials;
    • 9.2train all members of your Authorized Workforce in the requirements of this Agreement and the Policies and Procedures relating to their access to and use of the Services, and ensure that they comply with such requirements;
    • 9.3take appropriate disciplinary action against any member of your Workforce who violates the terms of this Agreement or the Policies and Procedures;
    • 9.4ensure that only the person to whom a specific set of Credentials have been assigned accesses the Services with such Credentials; and
    • 9.5immediately notify us of the termination of employment of any member of your Authorized Workforce, or of your withdrawal of authorization for any such person to access the Services.
  • 10 Personal Health Record. You may make available to your patients portions of their medical records through a web-based personal health record portal that we operate on your behalf (a “Patient Portal”). You are responsible for granting Patient Portal access privileges to your patients, either on an individual basis or for your entire patient population, and you solely retain the ability to revoke those access privileges. You are solely responsible for the information that you make available through a Patient Portal. Health information included in Patient Portals will be held as part of the health record that we maintain for you, and will be subject to the terms of this Agreement and our business associate obligations stated in Section 9.
  • 11 Forums. We may offer forums for the exchange of information among our users. You will comply with all applicable forum rules. In particular, you understand that we do not assure the accuracy, reliability, confidentiality or security of information made available through the use of such forums. You acknowledge that any information you post in a forum or discussion group is available to the public, and may result in your receiving communications from others outside of our site. You are responsible for safeguarding the privacy of your and your patients’ personal information when you participate in forums, discussion groups and the like. You agree not to disclose individually identifiable health information through such forums.
  • 12 Compliance with Law. You are solely responsible for ensuring that your use of the Services complies with applicable law, including laws relating to the maintenance of the privacy, security, and confidentiality of patient and other health information. You will not grant any user, including members of your Authorized Workforce, any rights to access or use of our Services that they would not be allowed to have under applicable laws. We offer no assurance that your use of the Services under the terms of this Agreement will not violate any law or regulation applicable to you. Except as otherwise provided in this Agreement, we will keep Your Information private and will not share it with third parties, unless we believe in good faith that disclosure of Your Information is necessary to (i) comply with a court order, warrant or other legal process, (ii) protect the rights, property or safety of Cancer IQ or others, (iii) investigate or enforce suspected breaches of this Agreement, or (iv) allow our third-party partners to comply with their obligations under federal or state law.
  • 13 Professional Responsibility. You will be solely responsible for the professional and technical services you provide. We make no representations concerning the completeness, accuracy or utility of any information in the Services, or concerning the qualifications or competence of persons who placed it there. We have no liability for the consequences to you or your patients of your use of the Services.
  • 14 Cooperation. You will cooperate with us in the administration of the Services, including providing reasonable assistance in evaluating the Services and collecting and reporting data requested by us for purposes of administering the Services.
  • 15 Indemnification. You hereby agree to indemnify, defend, and hold harmless us and other users, and our and their respective affiliates, officers, directors, employees and agents, from and against any claim, cost or liability, including reasonable attorneys’ fees, arising out of or relating to: (a) the use of the Services by you or your Workforce; (b) any breach by you or your Workforce of any representations, warranties or agreements contained in this Agreement; (c) the actions of any person gaining access to the Services under Credentials assigned to you or a member of your Workforce; (d) the actions of anyone using Credentials assigned to you or any member of your Workforce that adversely affects the Services or any information accessed through the Services; and (e) your negligent or willful misconduct, or that of any member of your Workforce. Your indemnifications obligations in this Agreement (including this Section 3.15) are cumulative, and are not intended to, nor do they, limit your indemnification obligations elsewhere in this Agreement or at law, even if such obligations arise or are occasioned or triggered by a single assertion, claim, circumstance, action, event or transaction.
  1. Use of Information
    • Purpose of Services. The purpose of the Services is to store Your Health Information and (i) to make it available to you and your Authorized Workforce for any legal purpose, including treatment, payment and health care operations; (ii) to facilitate the sharing of individuals’ health information among users and other authorized parties, and (iii) to make health information available to your patients through the Patient Portal. You may make Your Health Information accessible to other users of the Services and to your patients through the Services for these purposes. You authorize us, as your business associate, to use and disclose Your Information as follows, subject to the recipient’s agreement to comply with applicable laws and regulations relating to the use and disclosure of health information, and subject also to the provisions of Section 9:
      • 1.1We will permit unrestricted access to Your Health Information to you and your Authorized Workforce. You are responsible for ensuring that your use of Your Health Information is consistent with the relevant legal restrictions.
      • 1.2We will permit access to Your Health Information to your patients to whom you have agreed to grant access through our Patient Portal.
      • 1.3We will permit access to Your Information by health care providers, covered entities and their business associates to whom you have Consented to provide access to the Services and who have otherwise agreed to integrate with our systems pursuant to appropriate assurances. We will obtain your Consent before we make Your Health Information available to other providers, covered entities and their respective business associates. You acknowledge that once we have granted access rights to another provider or covered entity (or their respective business associates), we have no control over the uses and disclosures that the provider makes of Your Health Information, and the recipient may be subject to its own legal or regulatory obligations (including HIPAA) to retain such information and make such information available to patients, governmental authorities and others as required by applicable law or regulation.
      • 1.4We may disclose or permit access to Your Information to entities such as, but not limited to, health plans, health care clearinghouses, medical groups, independent practice associations, your authorized service providers and other parties responsible for payment and their business associates for the purpose of obtaining payment for services you provide, unless you advise us in writing that the patient has paid out of pocket in full for the service to which the health information relates, and has requested that it not be disclosed to his or her health plan.
      • 1.5We may De-Identify Your Health Information and Your Information, and use and disclose De-Identified Information as provided by Section 5 and Section 7.2.
      • 1.6We may create limited data sets from Your Health Information, and disclose them for any purpose for which you may disclose a limited data set; and you hereby authorize us to enter into data use agreements on your behalf for the use of limited data sets, in accordance with applicable law and regulation.
      • 1.7We may use Your Health Information in order to prepare analyses and reports, such as activity or quality-metrics reports, or any other reports the Services makes available, in order to render these reports to You. Preparation of such analyses and reports may include the use of data aggregation services relating to your treatment and health care operations, which we may perform using Your Health Information. Such reporting will be done in a manner that does not make any disclosure of Your Health Information that you would not be permitted to make.
      • 1.8We may use Your Health Information for the proper management and administration of the Services and our business, and to carry out our legal responsibilities. We may also disclose Your Information for such purposes if the disclosure is required by law, or we obtain reasonable assurances from the recipient that it will be held confidentially and used or further disclosed only (a) as required by law (as such term is defined in 45 CFR §164.103), or (b) for the purpose for which it was disclosed to the recipient, and the recipient notifies us of any instances of which it is aware in which the confidentiality of the information has been breached. Without limiting the foregoing, we may permit access to the system by our contracted system developers under appropriate confidentiality agreements.
      • 1.9We may use Your Health Information and Directory Information (defined below) to contact your patients on your behalf for any purpose for which you would be permitted to contact them, including:
        • (a)For treatment and health care operations messages, including sending appointment and prescription refill reminders, messages about currently prescribed care plans, or post-visit satisfaction surveys;
        • (b)To request authorization on your behalf from your patients to use or disclose their health information for any purpose for which use or disclosure may