$100,000 Financial Protection Terms and Conditions

Financial Protection Terms and Conditions

Entegration, Inc. (the “Company”) will pay (the “Financial Protection”) up to (1) One Hundred Thousand Dollars ($100,000) for a HIPAA Fine first reported to the Company, in writing, within sixty (60) days of such event for certain paying customers of the Company (“Customers”) that use and pay for the Company’s Services (the “Services”), in accordance with the Company’s Terms of Use, Policies, License, Privacy Policy and other documentation, including but not limited to subscription agreements, statements of work, user instructions, compliance manuals, white papers, and other documents; or (2) Twenty-Five Thousand Dollars ($25,000) for Breach Related Expenses first reported to the Company, in writing, within sixty (60) days of such event for certain paying Customers that use and pay for Services, in accordance with the Company’s Terms of Use, Policies, License, Privacy Policy and other documentation, including but not limited to subscription agreements, statements of work, user instructions, compliance manuals, white papers, and other documents. Subject to the terms and conditions herein, Customer shall pay to the Company an amount equal to Five Thousand Dollars ($5,000) for use of the Financial Protection. Without expanding the foregoing, a “HIPAA Fine” means a penalty levied by a final ruling of the U.S. Department of Health and Human Services, Office of Civil Rights (“OCR”) or comparable State governmental agency for a violation of the Privacy Rule or Security Rule of the Health Insurance Portability and Accountability Act of 1996, as amended from time to time and the regulations and rules arising thereunder (“HIPAA”), and “Breach Related Expenses” means (1) certain costs associated with a request for information, civil investigative demand, administrative action or civil proceeding bought by or on behalf of a federal or state government agency alleging an unauthorized access to or use of PHI (as defined by HIPAA) arising out of a client’s possession or access to such PHI; and (2) expenses incurred by Customer, with prior written consent of the Company, to provide notice to patients, identity monitoring, and/or restoration services to individuals whose PHI may have been disclosed or otherwise compromised due to an actual or suspected unauthorized access to or use of PHI, arising out of a client’s possession of or access to such PHI. In addition to the restrictions set forth above: Financial Protection is only available to Customers that purchase Services with 50 or fewer employees; The Customer must have completed the Security Risk Assessment (SRA) as provided by the Company and remediated all findings and risks identified in the SRA; The Customer must demonstrate that a Network Vulnerability Scan (NVS) was executed both within the service term and prior to, any Data Security Incident for which benefits are claimed, and all risks identified by the NVS were remediated; Customers must remain current at all times with respect to monies owed to the Company; Customers or its authorized agents may not intentionally attempt to breach or violate HIPAA rules or be negligent or reckless in their actions; The Company or its designee must be given the opportunity to actively participate in the OCR investigation; Customers must take reasonable steps to avoid OCR penalties, including but not limited to complying fully with OCR investigations, findings, compliance, and corrective actions; Customers must not admit liability, assume any financial obligation, pay any money or incur any expense in connection with a Data Security Event without Company or Company’s designee’s prior written consent; Customer shall take reasonable steps to prevent a Data Security Event and to mitigate the loss arising out of a Data Security Event; Actions or inactions of Customer, its agents, employees, officers, directors, or members, that give rise to a Data Security Event must have arose during the time Customer used and paid for Services; and in relation to a Data Security Event, Customer shall not take any actions or fail to take any actions that would prejudice the Customer. The Company reserves the right to disqualify any Customer if, in the Company’s sole discretion, it reasonably believes that the Customer has attempted to undermine the legitimate operation of the Financial Protection. The Company reserves the right to disqualify any Customer if the Company’s underwriter of the Financial Protection disqualifies such Customer. The Company reserves the right to disqualify any Customer who claims benefits related to a Data Security Incident caused by a Ransomware infection. The Company reserves the right to disqualify any Customer who has experienced a reportable Data Security Incident prior to purchase of Services, without regard to when the incident is actually discovered. This Financial Protection shall be governed by, subject to, and construed in accordance with the laws of the State of New Jersey, United States of America, excluding all conflict of laws rules. To the extent permitted by law, the rights to litigate, seek injunctive relief or make any other recourse to judicial or any other procedure in case of disputes or claims resulting from or in connection with this Financial Protection are hereby excluded, and all Customers expressly waive any and all such rights. By seeking the protection of the Financial Protection, Customer agrees that exclusive jurisdiction for any dispute, claim, or demand related in any way to the Financial Protection will be decided by binding arbitration. All disputes between Customer and the Company of whatsoever kind or nature arising out of the Financial Protection, shall be submitted to Judicial Arbitration and Mediation Services, Inc. (“JAMS”) for binding arbitration under its rules then in effect in the Morris County, New Jersey, USA area, before one arbitrator to be mutually agreed upon by both parties. The parties agree to share equally in the arbitration costs incurred.

 

Real Time Web Analytics