TERMS AND CONDITIONS FOR DATA SHARING AND PROCESSING
These terms and conditions govern the sharing and processing of data by and between you (“Provider”) and Configo Health, Inc. (“Configo”), in order to allow for the development of the forecasting and scenario plan described below. Provider and Configo may be referred to herein collectively as the “Parties” and individually as a “Party.”
Provider agrees to provide and Configo agrees to process certain operational data in order to allow them to create and implement a forecast and scenario plan for the scheduling of elective procedures in the wake of the challenges posted by the current COVID-19 national emergency (the “Plan”). In order to allow the Parties to conduct this analysis, each Party may give to the other Party certain data (“Data”) which will not include any “Protected Health Information” under the Health Insurance Portability and Accountability Act of 1996 and the regulations promulgated thereunder (collectively, “HIPAA”).
Further, Provider and Configo:
- understand and acknowledge that the terms herein will govern the use and disclosure of Data disclosed to, provided by, received by, or created by them regarding or related to the Plan.
- will use and disclose Data only to the extent necessary to develop and implement the Plan, and Configo may anonymize Data and use such anonymized Data for internal benchmarking and quality control, but otherwise will not to use or further disclose Data other than as permitted or required in regard to the Plan or required by law.
- will use appropriate physical, technical, and administrative safeguards to prevent the use or disclosure of Data other than as provided for herein.
- will immediately report to the other any use or disclosure of Data of which it becomes aware that is not permitted.
- will (i) ensure that any agents, including subcontractors, to whom Configo provides Data agree to the same restrictions and conditions that apply to itself with respect to such information; and (ii) Configo will only provide the Data to agents and subcontractors to the extent necessary to perform its obligations herein.
- shall be solely responsible for their respective uses of the Data, and will indemnify, defend and hold harmless the other Party from and against any and all losses, expense, damage or injury that the other may sustain as a result of, or arising out of the use of the Data, or of a breach herein by it or its agents or subcontractors, including but not limited to any breach of security or unauthorized use or disclosure of Data.
The respective rights and obligations of each Party set forth herein will remain in force until all non-anonymized Data provided by or created for Provider is destroyed or returned to Provider, or one (1) year after the conclusion of the Plan, whichever is later.