Email, SMS, Facebook, Chat, CRM, and more, all-in-one platform to help you grow your business through
Last updated: August 16, 2022
Please read this Privacy Agreement ("Agreement")carefully before clicking the "I Agree" button, downloading or using SurgerEase ("Application").
By clicking the "I Agree" button, downloading or using the Application, you are agreeing to be bound by the terms and conditions of this Agreement.
This Agreement is a legal agreement between You (the“Business Associate”), the Medical Practice / Medical Professional (“Covered Entity")and CareTeam.io, Inc. (the "Application") and it governs your use andPrivacy of the Application and Information shared between the Covered Entity, theBusiness Associate and the Application.
In this Agreement the Covered Entity and Business Associate wish to use the Application to share information electronically for the benefit of both parties.
For the purposes of this agreement the Application is also considered a Business Associate when it comes to the sharing of this information.
This Agreement shall remain in effect until terminated by the Covered Entity, Business Associate or Application.
In the eventBusiness Associate through the Application creates, receives, maintains, orotherwise is exposed to personally identifiable or aggregate patient or other medical information defined as Protected Health Information ("PHI")in the Health Insurance Portability and Accountability Act of 1996 or its relevant regulations ("HIPAA") and otherwise meets the definition ofBusiness Associate as defined in the HIPAA Privacy Standards (45 CFR Parts 160and 164), Business Associate shall:
(a) Recognize thatHITECH (the Health Information Technology for Economic and Clinical Health Actof 2009) and the regulations thereunder (including 45 C.F.R. Sections 164.308,164.310, 164.312, and 164.316), apply to a business associate of a coveredentity in the same manner that such sections apply to the covered entity;
(b) Not use or further disclose the PHI, except as permitted by law;
(c) Not use or further disclose the PHI in a manner outside of the scope of the Application;
(d) Use appropriate safeguards (including implementing administrative, physical, and technical safeguards for electronic PHI) to protect the confidentiality, integrity, and availability of and to prevent the use or disclosure of the PHI other than as provided for by this Agreement;
(e) Comply with each applicable requirement of 45 C.F.R. Part 162 if the Business Associate conducts Standard Transactions for or on behalf of the Covered Entity;
(f) Report promptly to the Registering Medical Professional any security incident or other use or disclosure of PHI not provided for by this Agreement of which BusinessAssociate becomes aware;
(g) Ensure that any subcontractors or agents who receive or are exposed to PHI (whether in electronic or other format) are explained the Business Associate obligations under this paragraph and agree to the same restrictions and conditions;
(h) Make availablePHI in accordance with the individual’s rights as required under the HIPAA regulations;
(i) Make its internal practices, books, and records that relate to the use and disclosure of PHI available to the U.S.Secretary of Health and Human Services for purposes of determining Customer’s compliance with HIPAA; and
(j) Incorporate any amendments or corrections to PHI when notified by Customer or enter into a Business Associate Agreement or other necessary Agreements to comply withHIPAA.
Notwithstanding any other provision of this Agreement, Covered Entity may immediately terminate this Agreement if it determines that Business Associate breaches any term in this Agreement. Alternatively, Covered Entity may give written notice toBusiness Associate in the event of a breach and give Business Associate five(5) business days to cure such breach. Covered Entity shall also have the option to immediately stop all further disclosures of PHI to Business Associate if Covered Entity reasonably determines that Business Associate has breached its obligations under this Agreement. In the event that termination of thisAgreement and the Agreement is not feasible, Business Associate hereby acknowledges that the Covered Entity shall be required to report the breach to the Secretary of the U.S. Department of Health and Human Services, notwithstanding any other provision of this Agreement or Agreement to the contrary. Upon termination of this Agreement, Covered Entity shall cease all use of the Application and delete all copies of the Application from your mobile device or from your computer.
Upon the termination of this Agreement, unless otherwise directed by Covered Entity, BusinessAssociate shall destroy or delete all PHI received from the Covered Entity or created or received by Business Associate on behalf of the Covered Entity in which Business Associate maintains in any form. Business Associate shall not retain any copies of such PHI. Notwithstanding the foregoing, in the event thatBusiness Associate determines that returning or destroying the Protected HealthInformation is infeasible upon termination of this Agreement, BusinessAssociate shall provide to Covered Entity notification of the condition that makes return or destruction infeasible. To the extent that it is not feasible for Business Associate to return or destroy such PHI, the terms and provisions of this Agreement shall survive such termination or expiration and such PHI shall be used or disclosed solely as permitted by law for so long as Business Associate maintains such Protected Health Information.
The parties agree that the terms of this Agreement shall apply only to themselves and are not for the benefit of any third party beneficiaries.
Notwithstanding the provisions of this Agreement, Business Associate and its subcontractors may disclose non-personally identifiable information provided that the disclosed information does not include a key or other mechanism that would enable the information to be identified.
Business Associate and Covered Entity agree to amend this Agreement to the extent necessary to allow either party to comply with the Privacy Standards, the Standards for Electronic Transactions, the Security Standards, or other relevant state or federal laws or regulations created or amended to protect the privacy of patient information. All such amendments shall be made in a writing signed by both parties.
Any ambiguity in this Agreement shall be resolved in favor of a meaning that permits Covered Entity to comply with the then most current version of HIPAA and the HIPAA privacy regulations.
Capitalized terms used in this Agreement shall have the meanings assigned to them as outlined inHIPAA and its related regulations.
The obligations imposed by this Agreement shall survive any expiration or termination of this Agreement.
Please contact the Application if there is a question or if there has been a violation: support@surgerease.com
