Product Specific Terms

To the extent Net Health Systems, Inc., or one of its wholly owned subsidiaries (collectively, “Net Health”) has agreed to provide CUSTOMER with use and access to one of the specified products described below in conjunction with CUSTOMER’s use of certain software, the terms and conditions for such specified product or feature shall apply to CUSTOMER’s use thereof.

Net Health Billing Module

Tissue Analytics

PointRight

EPCS

SES Direct

Clinisign

Net Health Therapy for Clinics (Casamba Clinic)

FOTO QCDR

NET HEALTH BILLING MODULE

CPT END USER AGREEMENT

This CPT End User Agreement governs CUSTOMER’s rights to utilize the Current Procedural Terminology (“CPT”) codes, hereinafter referred to as “Editorial Content” or “CPT Editorial Content” contained within Net Health System, Inc.’s (“Net Health”) Billing Module.  To the extent that CUSTOMER has access to Net Health’s Billing Module pursuant to an underlying agreement, this CPT End User Agreement applies. CPT is copyrighted by the American Medical Association (the “AMA”) and CPT is a registered trademark of the AMA.

  1. Grant of Rights, Restrictions and Obligations

1.1 CUSTOMER’s right to utilize the CPT Editorial Content is nontransferable, nonexclusive, and solely for CUSTOMER’s internal use within any of the following locations: Algeria, Argentina, Australia, Bahamas, Belgium, Bermuda, Brazil, British Virgin Islands, Canada, Cayman Islands, Chile, China, Colombia, Costa Rica, Denmark, Dominican Republic, Ecuador, El Salvador, Finland, France, Germany, Guatemala, Hong Kong, India, Ireland, Israel, Italy, Jamaica, Japan, Jordan, Republic of Korea (South Korea), Lebanon, Mexico, New Zealand, Norway, Panama, Philippines, Portugal, Saudi Arabia, Singapore, South Africa, Spain, Sweden, Switzerland, Thailand, Turkey, United Arab Emirates, United Kingdom, United States and its territories, and/or Venezuela.

1.2 Provision of updated CPT Editorial Content in the Billing Module is dependent on continuing contractual relationship between Net Health and the AMA.

1.3 CUSTOMER must ensure that anyone with authorized access to the Billing Module will comply with the provisions of this End User Agreement.

1.4 Users of CPT Editorial Content are defined as follows: “User” means an individual who:

(a) accesses, uses, or manipulates CPT Editorial Content contained in the Software; or

(b) accesses, uses, or manipulates the Software to produce or enable an output (data, reports, or the like) that could not have been created without the CPT Editorial Content embedded in the Software even though CPT Editorial Content may not be visible or directly accessible; or

(c) makes use of an output of the Software that relies on or could not have been created without the CPT Editorial Content embedded in the Software even though CPT Editorial Content may not be visible or directly accessible.

1.5 End User shall cooperate with Net Health to the extent necessary to calculate Users in order that Net Health may accurately report and pay royalties to the AMA.

Notice

U.S. Government Rights

2.1 This product includes CPT which is commercial technical data, which was developed exclusively at private expense by the American Medical Association (AMA), 330 North Wabash Avenue, Chicago, Illinois 60611. The AMA does not agree to license CPT to the Federal Government based on the license in FAR 52.227-14 (Data Rights – General) and DFARS 252.227-7015 (Technical Data – Commercial Items) or any other license provision. The AMA reserves all rights to approve any license with any Federal agency.

Miscellaneous

3.1 This CPT End User Agreement limits, to the extent possible under the applicable laws, the warranties and liability for Editorial Content as contained in the Billing Module. The CPT Editorial Content as contained in the Billing Module is provided “as is” without any liability to the AMA, including without limitation, no liability for consequential or special damages, or lost profits for sequence, accuracy, or completeness of data, or that it will meet CUSTOMER’s requirements. The AMA’s sole responsibility is to make available to Net Health replacement copies of the CPT Editorial Content if the data is not intact.  The AMA disclaims any liability for any consequences due to use, misuse, or interpretation of information contained or not contained in the CPT Editorial Content.

3.2 This CPT End User Agreement will terminate in the event of default and failure to cure within the applicable cure period.

3.3 In the event that a court or regulatory body having proper authority and jurisdiction determines that a provision of this CPT End User Agreement violates any applicable law or is otherwise unenforceable, the remainder of this CPT End User Agreement will remain in full force and effect.

3.4 The AMA is a third-party beneficiary of this CPT End User Agreement(s).

3.5 CUSTOMER grants Net Health permission to provide the AMA with CUSTOMER’S name for the sole purpose of reporting CPT Editorial Content royalties.

TISSUE ANALYTICS APPLICATION

GDPR Privacy Policy

Your privacy is important to us.  As part of our efforts to facilitate and make your experience with the Tissue Analytics Software as user-friendly and enjoyable as possible, we may collect and use certain information you provide to us.  This Privacy Policy addresses the collection, use, and disclosure of information that Tissue Analytics may gather during your use of the Software.  Unless otherwise defined in this Privacy Policy, terms used in this Privacy Policy have the same meanings as in the SOFTWARE end user license agreement.

Please review the entire policy to learn the types of End User information Tissue Analytics gathers, how Tissue Analytics uses that End User information, what End User information is disclosed and to what third parties, and how Tissue Analytics safeguards your End User information.

This Privacy Policy applies only to the Tissue Analytics Software.  This Privacy Policy does not apply to any software managed, maintained, and/or hosted by third parties not directly affiliated with Tissue Analytics that you may access, e.g., via a link provided through the Software or our website.  Tissue Analytics does not control the privacy policies applicable to other software or websites to which we may provide hyperlinks.  We encourage you to learn more about the online privacy and data security policies of third parties directly from such third parties, as their policies may differ from ours.

It is important that you read this Privacy Policy together with the Tissue Analytics Mobile Application End User License Agreement, and all other applicable Tissue Analytics rules and policies so you are fully aware of how and why we are using your data.

I. Information Tissue Analytics Collects

A. Personal Information and Non-Identifying Information  

We may ask you for personally identifiable information if, for example, you contact us requesting information or a demonstration of our services.  This refers to information about you that can be used to contact or identify you (“Personal Information”).  Personal Information includes, but is not limited to, your full name, email address, and any other information that could be used to personally identify you.

We also collect other information that you provide as part of registration and the administration and personalization of your account with us that does not identify you (“Non-Identifying Information”).  Non-Identifying Information includes, but is not limited to, individual preferences. Certain Non-Identifying Information would be considered a part of your Personal Information if it were combined with other identifiers (for example, combining your zip code with your street address) in a way that enables you to be identified.  But the same pieces of information are considered Non-Identifying Information when they are taken alone or combined only with other non-identifying information (for example, your gender only or your viewing preferences).

We use your Personal Information (in some cases, in conjunction with your Non-Identifying Information) mainly to provide the Software and attendant services, facilitate and complete transactions for you, and respond to correspondence from you. We may also use your Personal Information to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you. If you decide at any time that you no longer wish to receive such communications from us, please follow the unsubscribe instructions provided in any of the communications or update your account information.

We may also combine your Personal Information with Non-Identifying Information and aggregate it with information collected from other users to attempt to provide you with a better experience, to improve the quality and value of the Software, and to analyze and understand how the Software is used.

B.      Usage Data

When you use the Software, our servers automatically record information referred to as “Usage Data.”  This Usage Data may include information such as the manufacturer and model of your device; your Internet Service Provider (ISP); your device’s Internet Protocol (“IP”) address (or other device identifier), browser type, and operating system; referring/exit pages; clickstream data; Software access times and dates; information you search for in the Software; and other statistics.

We use this information for technical administration of the Software and attendant services, including to monitor and analyze use of the Software, to increase the functionality and user-friendliness of the Software, and to better tailor the Software to End Users’ needs.

Usage Data may be non-identifying or it may be associated with you.  Whenever we associate Usage Data with Personal Information, we will treat it as Personal Information.

II.    Collection of Information

Tissue Analytics may use a number of different techniques and technologies to collect Personal Information, Non-Identifying Information, and Usage Data.  For example, Tissue Analytics may use cookies, log files, clear gifs, pixel tags, embedded scripts, and/or other technology used to monitor your use of the Software.

A.                  Forms

We request certain information from you through the use of forms when you send us correspondence through the Software.

B.                  Cookies

The Software uses cookies and other technologies to help us understand which parts of the Software are more popular and how much time users spend there.  A cookie is a small amount of data that is sent to and stored on your device from our server.  Cookies may, for example, allow a user to enter a password less frequently or remember a user’s preferences during an online session.

The Software uses cookies to determine whether an End User is active and for other business purposes. The Software may include first-party cookies (i.e., cookies that send data directly to Tissue Analytics and agents and contractors acting on behalf of Tissue Analytics, including cookies used to monitor, analyze, and administer the Software) and third-party cookies from Google Analytics, Wistia, and Intercom (i.e., cookies that send data to our contractors for their commercial use). The cookies used in connection with our Software may also track Internet activity across different Software.

C.                  Usage Data

Usage Data are collected automatically by our servers.  For example, because the Software automatically collects Usage Data for all End Users that use the Software, your use of the Software will be tracked. We may collect and use technical data and related information, including technical information about your device, system and application software, and peripherals, to maintain and support the Software generally.

Additionally, in some of our email messages, Tissue Analytics may use a “click-through URL” linked to content on the Software.  When an End User clicks onto one of these URLs, the End User will pass through our server before arriving at the destination Web page.  Tissue Analytics tracks this click-through data to help us determine End User interest in certain subject matter and measure the effectiveness of these End User communications.  You can avoid being tracked in this way by not clicking text or graphic links in emails from Tissue Analytics.

Finally, we may use clear gifs or pixel tags, which are tiny graphic images, in order: (i) to advise us of what parts of the Software End Users interact with, (ii) to measure the effectiveness of any searches End Users perform, and (iii) to enable us to send emails in a format that End Users can read and tell us whether such emails have been opened in order to ensure us that we are sending messages that are of interest to End Users.

D.                  Public Communications

Please note that if you use any bulletin board, chat room, comment posting feature, or other public communication service, forum, or feature offered through the Software, or post any information available for viewing by other End Users, any of the information that you share will be visible to other End Users.  The information that you make available can be read, used, and collected by other End Users to send you unsolicited messages.  Tissue Analytics is not responsible for the manner in which the Personal Information that you decide to share will be used by other End Users.

III.    HOW WE USE YOUR PERSONAL INFORMATION

PURPOSES FOR WHICH WE WILL USE YOUR PERSONAL INFORMATION

We will only use your Personal Information when the law permits such use. Most commonly, we will use your Personal Information in the following circumstances:

  • Where we need to perform the contract we are about to enter into or have entered into with you.
  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. Our legitimate interests include:
    • To provide you with information that you requested;
    • To improve our services, to customize your experience, or to serve you specific content that is most relevant to you;
    • To contact you with regard to your requests or use of any use of our services and, in our discretion, changes to any of our services and/or any of our policies;
    • For internal business purposes such as complying with our internal policies;
    • To protect our interests, including establishing, exercising and defending legal rights and claims.
    • For purposes disclosed at the time you provide your information or as otherwise set forth in this Privacy Policy.
  • Where we need to comply with a legal or regulatory obligation.

Generally we do not rely on consent as a legal basis for processing your Personal Information other than in certain instances.

We may process your Personal Information for more than one lawful ground depending on the specific purpose for which we are using your data.

THIRD-PARTY MARKETING  

We will get your express opt-in consent before we share your Personal Information with any company outside Tissue Analytics for marketing purposes.

COOKIES 

You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some items may become inaccessible or not function properly.

Tracking Technologies

We obtain your consent to our information storage or collection tracking technologies by providing you with transparent information in our Privacy Policy and providing you with the opportunity to make a choice to disable cookies when you first access our software.

CHANGE OF PURPOSE  

We will only use your Personal Information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please Contact Us at contact@tissue-analytics.com.

We will not use your previously collected Personal Information in a manner materially different than represented at the time it was collected without your consent or explaining our legal basis for doing so.

Please note that we may process your Personal Information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

IV.   DISCLOSURES OF YOUR PERSONAL INFORMATION

Tissue Analytics’ policy is not to share the End User information it collects with third parties other than as specified below, or where an End User expressly consents to our sharing of certain information with a third party.  We may have to share your Personal Information for the purposes set out below. We require third parties to respect the security of your Personal Information and to treat it in accordance with the law. We may share End User information with third parties under the following circumstances:

A.                  Business Partners and Vendors

We may employ third party companies and individuals for any of the following:  to facilitate operation of the Software and attendant services; to provide the Software and attendant services, or portions thereof, on our behalf; to perform related services, including without limitation, maintenance services, database management, fulfillment, web analytics, and improvement of the features or functionality; or to assist us in analyzing how the Software is being used.

B.                  Promotions

From time to time, we may offer promotions through the Software that require a separate registration.  By participating in such a promotion, we will provide you with the official rules for the promotion.  Information collected in connection with a promotion will be used consistently with the promotion’s official rules and this Privacy Policy.

C.                  Business Transfers

As we continue to develop our business, we may buy, sell, or share assets in connection with, for example, a merger, acquisition, reorganization, sale of assets, or bankruptcy.  In such transactions, information about End Users generally is often a transferred business asset.  In the event that Tissue Analytics itself or substantially all of Tissue Analytics’ assets are acquired, information about our End Users may be one of the transferred assets.  If such a change happens to our business, the new owners may use your Personal Information in the same way as set out in this Privacy Policy.

D.                   Legal Process

Subject to applicable law, we may disclose information about you (i) if we are required to do so by law, regulation or legal process, such as a subpoena; (ii) in response to requests by government entities, such as law enforcement authorities; (iii) when we believe disclosure is necessary or appropriate to prevent physical, financial or other harm, injury or loss; or (iv) in connection with an investigation of suspected or actual unlawful activity.

E.                  Aggregate End User Information

We may release aggregate End User information (without revealing any Personal Information about you) to advertisers and other third parties in order to promote or describe use of the Software.

The above does not affect your legal rights under the relevant data protection legislation of your country.

V.                  International Transfer

Tissue Analytics controls and operates services related to the Software from its offices in the United States of America.

When you access the Software from outside the United States, your information may be transferred to and maintained on computers and servers located outside of your state, province, country, or other governmental jurisdiction where the privacy laws may not be as protective as those in your jurisdiction.

VI.                Changing or Deleting Your Information

All End Users who have created an account through the Software may review, update, correct or delete the Personal Information in their registration profile by contacting us.  If you completely delete all such information, then your account may become deactivated.

VII.              Security

We employ administrative, physical, and electronic measures designed to protect your information from unauthorized access.  For example, we use commercially reasonable security measures such as encryption, firewalls, and secure socket layers (SSL) to protect End User information.

We limit access to your Personal Information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your Personal Information on our instructions and they are subject to a duty of confidentiality.

Please note that no security system is impenetrable.  Accordingly, we do not guarantee the security of our databases, nor that information you supply won’t be intercepted while being transmitted to us over the Internet or other network.  We have put in place procedures to deal with any suspected Personal Information breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

VIII.             DATA RETENTION

HOW LONG WILL YOU USE MY PERSONAL INFORMATION?  

We will only retain your Personal Information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for Personal Information, we consider the amount, nature, and sensitivity of the Personal Information, the potential risk of harm from unauthorized use or disclosure of your Personal Information, the purposes for which we process your Personal Information and whether we can achieve those purposes through other means, and the applicable legal requirements.

In some circumstances we may anonymize your Personal Information (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.

IX.                YOUR EUROPEAN PRIVACY RIGHTS

If you are located in the EU and you utilize our software, or if we collect, track and/or process or transfer Personal Information from you, or Personal Information which you submit to us through the website, your data will be managed in accordance with this Privacy Policy and in compliance with requirements of the GDPR.

Under certain circumstances, you have rights under data protection laws in relation to your Personal Information. You have the right to:

Opt-in

If you are located in the EU, you have the right to opt-in to the collection, tracking and use of your Personal Information. We will not collect Personal Information from you unless you affirmatively accept our data practices as described in this Privacy Policy.

Request Access

You have the right to request access to your Personal Information (commonly known as a “data subject access request”). This enables you to receive a copy of the Personal Information we hold about you and to check that we are lawfully processing it.

Request Correction

You also have the right to request correction of the Personal Information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.

Request Erasure

This enables you to ask us to delete or remove Personal Information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your Personal Information where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your Personal Information to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.

Object to processing

You may object to processing of your Personal Information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your Personal Information for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.

Request restriction of processing

This enables you to ask us to suspend the processing of your Personal Information in the following scenarios: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.

Request the transfer of Personal Information to you or a third party

We will provide to you, or a third party you have chosen, your Personal Information in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.

Opt-out

You will, at any time, have the right to opt-out or withdraw consent to the collection or use of your data. If you withdraw consent, please be advised that it may not be able to provide you with certain services and to perform certain functions. We will advise you if this is the case at the time you withdraw your consent however, you may continue to use the software(s) in accordance with the Privacy Policy. You may change your data preferences and security settings at any time, and you may withdraw your consent at any time by sending us an email, letter or by telephone using the contact information above. In addition, at any time we seek your consent we will remind you of your ability to opt-out at any time as well as setting out any other methods for doing so.

If you wish to exercise any of the rights set out above, please Contact Us at contact@tissue-analytics.com.

No fee usually required

You will not have to pay a fee to access your Personal Information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

What we may need from you

We may need to request specific information from you to help us confirm your identity and ensure your right to access your Personal Information (or to exercise any of your other rights). This is a security measure to ensure that Personal Information is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

Time Limit to respond

We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

X.                  Changes To The Privacy Notice

We may, in our sole discretion, update this Privacy Policy periodically without prior notice to you to reflect changes in our information practices or with respect to applicable laws.  We will post the updated version on our website and indicate at the top of the Privacy Policy when it was last updated.  Please revisit this page periodically to stay aware of any changes to this Privacy Policy.  In the event that the modifications materially alter your rights or obligations hereunder, we will make commercially reasonable efforts to notify you of the change.  For example, we may send a message to your email address, if we have one on file, or generate a pop-up or similar notification after such material changes are made.  Our amended Privacy Policy will automatically take effect upon the date that an update is published.  Your continued use of the software after the revised or updated Privacy Policy has become effective indicates that you have read, understood and agreed to the then-current version of the Privacy Policy.

XI.                Children’s Privacy

We are committed to protecting the privacy of children.  End Users must be at least thirteen (13) years of age to access and use the Software.  Any access to or use of the Software by anyone under the age of thirteen (13) is unauthorized, unlicensed, and in violation of the Agreement.  By using the Software, you represent and warrant that you are thirteen (13) years of age or older and that you agree to and agree to abide by all of the terms and conditions of the Agreement.  If Tissue Analytics believes that you are under the age of thirteen (13) or that you are not old enough to consent to and be legally bound by the Agreement, Tissue Analytics may, at any time, in its sole discretion, and with or without notice: (i) terminate your access to or use of the Software (or any portion, aspect, or feature of them), or (ii) delete any content or information that you have posted through the Software.

XII.              Contacting Us

We have appointed a Data Privacy Manager who is responsible for overseeing questions in relation to this privacy notice. If you have any questions about this privacy notice, including any EEA member requests to exercise your applicable legal rights, please contact us using the details set out below.

Our full details are:

Full name of legal entity: Net Health Systems, Inc.

Email address: josh@tissue-analytics.com

Postal address:

Net Health
Attention: Joshua Budman

40 24th Street

Pittsburgh, PA 15222

If you are based in the EU, you have the right to make a complaint at any time to the relevant supervisory authority for your member state. The supervisory authority in the UK for data protection issues is the Information Commissioner’s Office (ICO) (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach your supervisory authority so please contact us in the first instance.

Additional Disclaimers

THE SOFTWARE IS INTENDED TO BE USED IN THE CONTEXT OF CERTAIN HEALTHCARE SETTINGS. WHEN USED IN SUCH SETTINGS, CUSTOMER AND ITS AUTHORIZED PROVIDERS ARE ULTIMATELY RESPONSIBLE FOR FOLLOWING ALL APPLICABLE MEDICAL PROTOCOLS AND POLICIES AND FOR ANY MEDICAL CARE AND HEALTHCARE SERVICES RENDERED TO INDIVIDUALS. ANY GUIDANCE PROVIDED OR SUGGESTED BY NET HEALTH, THROUGH THE SOFTWARE OR OTHERWISE, THAT MAY BE INTERPRETED AS RELATING TO MEDICAL PROTOCOLS AND POLICIES OR THE MEDICAL CARE OR HEALTHCARE SERVICES RENDERED TO INDIVIDUALS IS PURELY ADVISORY IN NATURE AND SHOULD NOT BE SUBSTITUTED FOR A HEALTHCARE PROVIDER’S PROFESSIONAL JUDGMENT. NET HEALTH DOES NOT WARRANT THAT THE SOFTWARE CAN OR WILL DIAGNOSE ANY MEDICAL CONDITION, DETECT RISK FACTORS RELEVANT TO ANY MEDICAL CONDITION; OR PROVIDE ANY TREATMENT DECISIONS OR RECOMMENDATIONS RELATED TO A MEDICAL CONDITION. NET HEALTH DISCLAIMS, AND CUSTOMER RELEASES NET HEALTH FROM, ANY AND ALL LIABILITY RELATING TO PERSONAL INJURY, MEDICAL MALPRACTICE, OR OTHER CLAIMS RELATING TO ADHERENCE TO APPLICABLE MEDICAL PROTOCOLS AND POLICIES AND MEDICAL CARE AND HEALTHCARE SERVICES RENDERED TO INDIVIDUALS.

ELECTRONIC PRESCRIPTION OF CONTROLLED SUBSTANCES

(“EPCS”)

  1. EPCS Accounts.Subject to the terms and conditions set forth herein, the Agreement and the additional terms and conditions of DrFirst, as set forth on the DrFirst website, Net Health agrees to provide CUSTOMER with the number of electronic prescribing controlled substances account(s) (the “EPCS Account(s)”) as specified on the applicable Purchase Schedule, for purposes of CUSTOMER’s and its Prescribing Providers’ (as defined below) use and access of the EPCS Feature of the Software.
  • Prescribing Providers.Each EPCS Account shall be assigned to a specific provider (the “Prescribing Provider(s)”, each of which is listed on the applicable Purchase Schedule).  Each Prescribing Provider must properly register through the Software and the DrFirst website.  As part of the two-factor authentication requirement for the EPCS Feature, Net Health will provide each Prescribing Provider with a complimentary Identity-Proof Hard Token (“IDP Hard Token”) and one complimentary replacement IDP Hard Token and confirmation letter in the event the IDP Hard Token is lost, damaged or inoperable. Thereafter, CUSTOMER shall pay Net Health’s then-current Fees for each additional IDP Hard Token and confirmation letter, as applicable. In the event a Prescribing Provider secures and elects to use an Identity-Proof Soft Token (“IDP Soft Token”), provided by a third-party, (e.g. Symantec mobile application, etc.), the IDP Soft Token must be downloaded/stored on a separate device from the computer or device on which the Prescribing Provider gains access to the EPCS Feature and transmits prescriptions. (The IDP Hard Token and IDP Soft Token are sometimes referred to generally as an “IDP Token”).
  • CUSTOMER Responsibilities.  CUSTOMER and each Prescribing Provider understand and agree: (a) to retain sole possession of the IDP Hard Token, and not to share the login passphrase with any other person; (b) that it shall not allow any other person to use an IDP Token or enter the login passphrase in order to sign controlled substance prescriptions; (c) that failure to secure the IDP Token, login passphrase, or any biometric information may provide a basis for revocation or suspension of the EPCS Account; (d) to notify Net Health within one business day of discovery if: (i) CUSTOMER or a Prescribing Provider is contacted by a pharmacy because one or more controlled substance prescriptions are displaying the incorrect United States Drug Enforcement Administration (the “DEA”) number; (ii) if CUSTOMER or a Prescribing Provider discover that one or more controlled substance prescriptions issued using a Prescribing Provider DEA number were not consistent with the prescriptions actually signed, or were not signed at all; (iii) if a Prescribing Provider’s IDP Token has been lost, stolen, or the authentication protocol has been compromised in any way; (e) that the Prescribing Provider is responsible for any controlled substance prescriptions written using its two-factor authentication credential; (f) that Prescribing Providers have the same responsibilities when issuing electronic prescriptions for controlled substances as when issuing paper or oral prescriptions; (g) to prescribe controlled substances only for legitimate medical purposes; (h) to review security logs on a daily basis for any security incidents; and (i) to report to the DEA any security incident and provide Net Health with a copy of such report. CUSTOMER agrees to keep all security incident reports on file for a period of two (2) years.
  • EPCS Account Fees.In consideration of CUSTOMER’s use of the EPCS Account(s), CUSTOMER shall pay to Net Health the Fees set forth in the applicable Purchase Schedule.  Payment of Fees is due in accordance with the terms set forth in the Purchase Schedule. Fees are subject to increase no more than once per year.
  • Patient Confidentiality; Compliance with Laws.All patient information exchanged through the EPCS Feature is strictly confidential and subject to the protections of the Health Insurance Portability and Accountability Act of 1996, as amended by Title XIII, Subtitle D of the American Recovery and Reinvestment Act of 2009 (collectively, “HIPAA”) and the privacy, security and breach notification regulations promulgated pursuant to HIPAA, including, but not limited to, 45 C.F.R. Parts 160 and 164, as may be amended from time to time, and all applicable state laws and regulations that govern the confidentiality, privacy and security of patient information. By using the EPCS Feature, CUSTOMER, and each Prescribing Provider, agrees to comply with all applicable Federal and state laws and regulations.  Specifically, CUSTOMER is solely responsible for knowing and complying with all applicable federal and state laws and regulations with respect to electronic prescriptions for controlled substances.  CUSTOMER and each Prescribing Provider expressly acknowledge that the DEA explicitly prohibits Prescribing Providers from using a computer, or device to transmit a prescription if the applicable Prescribing Provider’s IDP Token is on the same computer, or device.  CUSTOMER and each of its Prescribing Providers expressly agree to abide by this prohibition.  CUSTOMER is required to obtain from a patient any consents or authorizations required by applicable law before sending such patient’s information through the EPCS Feature. CUSTOMER is required to retain any information about the patient information that it discloses through the EPCS Feature that applicable laws require, including, but not limited to, the accounting of disclosures under HIPAA. CUSTOMER will immediately report to Net Health any attempted or successful unauthorized use, disclosure, modification, or destruction of patient information through the EPCS Feature.
  • Third Party Product.CUSTOMER acknowledges that the EPCS Feature is a third party component used in conjunction with the Software (“Third Party Product”).  CUSTOMER acknowledges that continued usage of such Third Party Product(s) is contingent on Net Health’s continued relationship with such Third Party Product vendor. Net Health makes no representation or warranty with respect to such Third Party Products sold or licensed to CUSTOMER. Net Health shall not be liable for any damages, costs, or expenses, direct or indirect, arising out of the performance or failure to perform of the Third Party Products.  Furthermore, when using the EPCS Feature of the Software, information will be transmitted over a medium that may be beyond the control and jurisdiction of Net Health and its Third Party Product suppliers and licensors. Net Health assumes no liability for or relating to the delay, failure, interruption, or corruption of any data or other information transmitted in connection with use of the EPCS Feature of the Software.

SES DIRECT ACCOUNT

  1. SES Direct Account. Net Health will provide CUSTOMER with the requested number of SES Direct Account(s) (the “Account(s)”) specified on an applicable Purchase Schedule for purposes of sending direct messages related to patient care to other SES Direct Account users.  The Fees and terms of payment are as specified in the applicable Purchase Schedule.
  • User ID and Password. Access to the Account(s) is protected by user name and password (collectively an “ID”). CUSTOMER IDs are personal to each user and must not be shared with other users.  CUSTOMER agrees to keep IDs confidential and not to share or permit use of an ID by anyone other than the specified Account user.  CUSTOMER agrees to immediately notify Net Health if it becomes aware of any unauthorized use of an ID.
  • Use of Direct Email. CUSTOMER may only use SES Direct Account to send and receive Protected Health Information or other information related to the provision of health care to the extent permissible under all applicable laws. CUSTOMER expressly agrees not use SES Direct Account to send or receive any information that: (1) is defamatory, libelous, abusive, or obscene, including, without limitation, material which encourages conduct that would constitute a criminal offense, give rise to civil liability or otherwise violate any applicable local, state, federal, or international law or regulation; (2) knowingly infringes on the copyright or any other proprietary right of a third party; (3) would invade the privacy of any other person; (4) is intended to advertise to or solicit others without our express written authorization; (5) constitutes charity solicitations, chain letters or pyramid schemes; or (6) contains a virus, worm, unauthorized cookies, trojans, malicious software, “malware,” time bomb, or any other harmful program, routine, subroutine or component.

You further expressly agree that you will not: (a) after receiving warning, continue to send or receive material which we have advised you not to send or receive; (b) create a false identity or forged messaging or e-mail address or header, or otherwise attempt to mislead others as to the identity of the sender or the origin of the message; (c) post, generate or disseminate so-called “spam” or mass-mailings; (d) harvest or otherwise collect information about others without their written consent; (e) interfere with or disrupt networks connected to CVDM; (f) attempt to gain unauthorized access to restricted areas of CVDM, other accounts, computer systems or networks connected to CVDM through password mining or any other means; or (g) interfere with another user’s use of CVDM.

  • Patient Confidentiality; Compliance with Laws. All patient information exchanged through SES Direct Account is strictly confidential and subject to the protections of the Health Insurance Portability and Accountability Act of 1996, as amended by Title XIII, Subtitle D of the American Recovery and Reinvestment Act of 2009 (collectively, “HIPAA”) and the privacy, security and breach notification regulations promulgated pursuant to HIPAA, including, but not limited to, 45 C.F.R. Parts 160 and 164, as may be amended from time to time, and all applicable state laws and regulations that govern the confidentiality, privacy and security of patient information. By using SES Direct Account, CUSTOMER agrees to comply with all applicable Federal and state laws and regulations. CUSTOMER is required to obtain from a patient any consents or authorizations required by applicable law before sending such patient’s information through SES Direct Account. CUSTOMER is required to retain any information about the patient information that it discloses through SES Direct Account that applicable laws including, but not limited to, the accounting of disclosures under HIPAA, require that you keep. CUSTOMER will immediately report to Net Health any attempted or successful unauthorized use, disclosure, modification, or destruction of patient information through SES Direct Account. If CUSTOMER inadvertently receives patient information through SES Direct Account, CUSTOMER will immediately notify the sender of the information that it has inadvertently received such information and will immediately delete such message.
  • Secure Messages. SES Direct Account provides a means for CUSTOMER to communicate electronically with other users of SES Direct Account.  Please note that the subject lines of messages sent through SES Direct Account are not encrypted. Therefore, CUSTOMER agrees to refrain from including any Protected Health Information in the message subject line.  CUSTOMER agrees to take all additional steps necessary to ensure that the text of messages and all attachments comply with the terms and conditions set forth herein.

CUSTOMER is solely responsible for all of the content of all messages that CUSTOMER sends through SES Direct Account including, but not limited to, properly addressing the message to the intended recipient. NET HEALTH IS NOT LIABLE OR RESPONSIBLE FOR THE DELIVERY OR THE FAILURE TO DELIVER ANY IMPROPERLY OR INCORRECTLY ADDRESSED MESSAGE.

PointRight

  1. Healthcare Organizations.
  1. Access to Data. From time to time certain third-party payer or provider entities (which may include health plans, managed care organizations, hospitals, accountable care organizations, medical groups, physicians or similar entities) (each a “Healthcare Organization”) with whom CUSTOMER is working may request data from PointRight related to the Healthcare Organization’s members or patients or related to an Authorized Site’s quality and performance measures. CUSTOMER hereby grants PointRight permission to share such data with the Healthcare Organizations for the purpose of improving quality of care for such members or patients.
  • Payment of Fees. Certain Healthcare Organizations may require that its providers utilize the Software. Accordingly, a Healthcare Organization may pay all or part of the CUSTOMER’s Fees for a defined period of time in order to facilitate the Healthcare Organization’s ongoing efforts to improve the quality of care for its members or patients, as stated in the Healthcare Organization Network Participation Program (“Program”). If at any time during the Initial or any Renewal Term the Client ceases to be a Program participant, then Client will promptly notify PointRight.
  • Additional Disclaimers.

CUSTOMER ACKNOWLEDGES AND AGREES THAT THE SOFTWARE IS INTENDED TO SUPPORT CUSTOMER’S QUALITY ASSURANCE AND PERFORMANCE IMPROVEMENT EFFORTS. ACCORDINGLY, CUSTOMER WILL USE THE SOFTWARE WITH THE DIRECTION AND OVERSIGHT OF CUSTOMER’S QUALITY ASSURANCE COMMITTEE ESTABLISHED PURSUANT TO C.F.R.§ 483.75(O) AND QUALITY ASSURANCE AND PERFORMANCE IMPROVEMENT PRACTICES (“QAPI”) REQUIRED BY § 6201(C) OF THE PATIENT PROTECTION AND AFFORDABLE CARE ACT (“ACA”). POINTRIGHT IS ONLY PROVIDING DATA ANALYTICS CONSULTING SERVICES, AND NOT ASSUMING A FORMAL CLINICAL OR REGULATORY ROLE FOR CUSTOMER.

THE SOFTWARE, INCLUDING WITHOUT LIMITATION, FEEDBACK ON DATA INTEGRITY OR QUALITY (CLINICAL OR OTHERWISE), ARE NOT INTENDED TO GIVE, AND SHALL NOT BE CONSTRUED AS, SPECIFIC RECOMMENDATIONS FOR THE DIAGNOSIS OR TREATMENT OF ANY MEDICAL CONDITION OR PLACEMENT OF A PATIENT IN ANY PARTICULAR CARE ENVIRONMENT. THE SOFTWARE IS INTENDED TO PROMOTE A MORE ACCURATE ASSESSMENT, INDICATING WHERE THERE MAY BE ERRORS OR OMISSIONS REQUIRING CORRECTION, AND PROMPTING MORE COMPLETE AND ACCURATE DOCUMENTATION OF ASSESSMENTS PERFORMED BY CUSTOMER AND ITS PERSONNEL. THE SOFTWARE DOES NOT INCLUDE ANY DIRECT ASSESSMENT OF ANY RESIDENT OR PATIENT, NOR THE RENDERING OF ANY OPINION REGARDING THE CLINICAL DIAGNOSIS OR TREATMENT OF ANY PATIENT. ALL PATIENT CARE AND ACTIVITIES RESULTING FROM DECISIONS OF CUSTOMER AND ITS PERSONNEL, ARE THE SOLE RESPONSIBILITY OF CUSTOMER. ALL MEDICAL PRACTICE MANAGEMENT, PATIENT CARE AND PLACEMENT DECISIONS MADE IN WHICH THE SOFTWARE MAY BE UTILIZED, AND THE CONSEQUENCES THEREOF, WILL BE THE EXCLUSIVE RESPONSIBILITY OF CUSTOMER AND ITS PERSONNEL.

  • Infeasability of Return or Destruction of PHI. Because of the integration of CUSTOMER’s Protected Health Information (“PHI”) into Net Health’s data models, as part of its ongoing development, auditing and improving data quality and developing, auditing, validating, evaluating, improving, maintaining, and using Net Health’s data integrity tests, performance benchmarks, algorithms, metrics, scoring systems, predictive models, and decision support tools it is infeasible for Net Health to return CUSTOMER’s PHI to CUSTOMER upon termination of the service agreement and/or Business Associate Agreement between the parties. Notwithstanding anything to the contrary set forth in the services agreement and/or Business Associate Agreement, Net Health hereby notifies CUSTOMER that it will not return to CUSTOMER or destroy all PHI upon termination of the services agreement and or Business Associate Agreement. At all times thereafter, Net Health will extend all protections, limitations, and restrictions contained in the Business Associate Agreement to Net Health’s use or disclosure of any retained PHI, and to limit further uses and/or disclosures to the purposes that make the return or destruction of the PHI infeasible.

CLINISIGN

 The following applies only if CliniSign is included on a Purchase Schedule:

1. By using CliniSign, CUSTOMER is giving Optima permission to send documents to physicians and other healthcare providers (collectively, “Healthcare Providers”) for electronic signature. The permission and access to records is initiated through the CliniSign enrollment process where a link is established with the individual Healthcare Provider. To revoke permission and access to records, CUSTOMER must remove the link for the Healthcare Provider. CUSTOMER agrees that the Healthcare Provider is entitled to transmit, receive, or exchange Protected Health Information as directed by CUSTOMER and in compliance with HIPAA.

2. Prior to establishing a link for a specific Healthcare Provider, CUSTOMER agrees to inform the Healthcare Provider that they may receive automated communications by email, text, or both from CliniSign. By providing a Healthcare Provider’s cell phone number or email address, CUSTOMER agrees that the Healthcare Provider has given permission to CUSTOMER for CliniSign to send emails and automated text messages to the Healthcare Provider and has informed the Healthcare.

NET HEALTH THERAPY FOR CLINICS (Casamba Clinic)

AMA License and Restrictions on Use

  1. The term “Editorial Content” means content from the print publication Current Procedural Terminology, Fourth Edition (“CPT Book”) and the data file of Current Procedural Terminology (“CPT Data File”) published by the AMA in the English language as used in the United States (collectively, “CPT”), a coding work of nomenclature and codes for reporting of healthcare services together with content from the data file published by the AMA of the International Classification of Diseases 9th Revision Clinical Modification Volume 1 (“AMA’s Version of ICD-9-CM”). Editorial Content may be updated by the AMA from time to time and all such updates shall constitute Editorial Content for purposes of this license. Updates include AMA’s version of ICD-10-CM.
  2. The provision to Customer of updated Editorial Content is dependent upon Casamba’s continuing contractual relations with the AMA;
  3. The license to Editorial Content is nontransferable, nonexclusive, and solely for Customer’s internal use;
  4. The Editorial Content is copyrighted by the AMA and CPT is a registered trademark of the AMA;
  5. Customer is prohibited from creating derivative works based on the Editorial Content or selling, leasing or licensing it or otherwise making the Editorial Content, or any portion thereof, available to any unauthorized party;
  6. Any use not authorized herein is prohibited, including by way of illustration and not by way of limitation, making copies of Editorial Content for resale and/or license, transferring copies of Editorial Content to any party not bound by this agreement, creating any modified or derivative work of Editorial Content, or making any commercial use of Editorial Content. The license to use Editorial Content for any use not authorized herein must first be obtained through the AMA;
  7. Customer should ensure that anyone who has authorized access to the Editorial Content complies with the provisions of this license;
  8. THE EDITORIAL CONTENT IS LICENSED “AS IS” WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE AMA ASSUMES NO LIABILITY FOR CONSEQUENTIAL OR SPECIAL DAMAGES OR LOST PROFITS FOR SEQUENCE, ACCURACY OR COMPLETENESS OF DATA, OR THAT IT WILL MEET CUSTOMER’S REQUIREMENTS. THE AMA’S SOLE RESPONSIBILITY IS TO MAKE AVAILABLE TO CASAMBA REPLACEMENT COPIES OF EDITORIAL CONTENT, IF THE DATA IS NOT INTACT. THE AMA DISCLAIMS ANY LIABILITY FOR ANY CONSEQUENCES DUE TO USE, MISUSE, OR INTERPRETATION OF INFORMATION CONTAINED IN OR NOT CONTAINED IN THE EDITORIAL CONTENT.
  9. The Editorial Content includes commercial technical data and/or computer data bases and/or commercial computer software and/or commercial computer software documentation, as applicable which were developed exclusively at private expense by the American Medical Association, 515 North State Street, Chicago, Illinois, 60610. U.S. Government rights to use, modify, reproduce, release, perform, display, or disclose these technical data and/or computer data bases and/or computer software and/or computer software documentation are subject to the limited rights restrictions of DFARS 252.227- 7015(b)(2)(June 1995) and/or subject to the restrictions of DFARS 227.7202-1(a)(June 1995) and DFARS 227.7202-3(a)June 1995), as applicable for U.S. Department of Defense procurements and the limited rights restrictions of FAR 52.227-14 (June 1987) and/or subject to the restricted rights provisions of FAR 52.227-14 (June 1987) and FAR 52.227-19 (June 1987), as applicable, and any applicable agency FAR Supplements, for non-Department Federal procurements.

FOTO QCDR Terms and Conditions | API and Data File Uses

These Terms and Conditions apply to circumstances where CUSTOMER is utilizing the FOTO QCDR API on an integrated basis with CUSTOMER’s EHR or where CUSTOMER is providing Net Health with an API and/or data file from its EHR for use within the FOTO QCDR.

  1. RESPONSIBILITIES OF NET HEALTH.  In regard to the FOTO QCDR services, Net Health shall:
  1. Comply with applicable laws and regulations.
  • Provide reporting to CMS for, at a minimum, the Reportable Measures listed in Exhibit A, found below, (provided that the requisite data has been made available to Net Health by CUSTOMER).
  • Store Reportable Measures data obtained from CUSTOMER in a redundant and secure filing environment.
  • Submit the Reportable Measures data provided by CUSTOMER, on CUSTOMER’s behalf, to CMS.
  • RESPONSIBILITIES OF CUSTOMER.  As part of its responsibilities hereunder, CUSTOMER shall:
  1. Accurately complete and return to Net Health in a timely manner all required forms providing Net Health with elements needed for the FOTO QCDR to fulfill CMS requirements for verifications and validations, including but not limited to:
    1. The applicable Authorization Form provided by Net Health.
    1. a W-9 or CMS claims form for TIN verification purposes
  • Use reasonable efforts to attempt to include 100% of appropriate patient episodes in the FOTO Outcomes Management System (Patient Inquiry) and the Electronic Health Records system (“EHR”), either via completing the patient self-report measures with the addition of the appropriate Reportable Measures or by classifying patient as not eligible in the Non-Participation or No-Status process.
  • Comply with all requests pertaining to data validation procedures.
  • Comply with all Net Health requests pertaining to the CMS-mandated data validation and targeted audit process, including providing Net Health access to the full patient and medical billing records to the extent required by Net Health.
  • Make timely payment to Net Health for the FOTO QCDR services.
  • Be responsible for providing full and complete data necessary to provide the services hereunder in the format required by Net Health.
  • Comply with all applicable laws and regulations.
  • DATA COLLECTED.  For the purposes of MIPS data reporting by the FOTO QCDR to CMS, CUSTOMER shall collect the following:
  1. in the FOTO Outcomes Management System (Patient Inquiry):
    1. Reportable Quality outcome Measures selected from the available measures for the reporting period.
    1. Patient classifications for measure exclusion and exception reasons by selecting the relevant Non- participation and No-Status reasons in the FOTO Outcomes Management System.
  • in CUSTOMER’s EHR:
    • CUSTOMER demographic fields at episodic level
    • CUSTOMER FOTO ID
    • CUSTOMER Tax Identification Number
    • Patient ID
    • Patient Name
    • Patient Alias
    • Patient Birthdate
    • Body Part/Impairment of the episode
    • Patient External ID
    • Episode External ID
    • NPI of Clinician evaluation claim was billed under to Medicare
    • Visit level details
    • Visit External ID
    • Date/Time of Visit
    • TIN of Site claim billed under
    • Is Medicare indicator
    • ICD Codes for Visit
    • CPT/HCPCS Codes including billing codes with applicable modifiers and attestation/G-codes relevant to each Quality process measure

Please note that the requisite data points are subject to change to the extent required by CMS.

  • INDEMNIFICATION BY CUSTOMER.  CUSTOMER agrees to indemnify and to hold Net Health harmless from any loss, cost, liability or damage including attorneys’ fees arising as a result of CUSTOMER’s participation in the CMS MIPS program. Net Health reserves the right to assume the exclusive defense and control of any matter otherwise subject to indemnification by CUSTOMER, in which event CUSTOMER agrees to assist and cooperate with Net Health in asserting any available defenses.
  • EVENTS OF DEFAULT. The following events shall constitute default on the part of the CUSTOMER hereunder: (i) any breach or failure of the CUSTOMER to observe or perform any of its other obligations hereunder. Upon the occurrence of any such default, Net Health, at its option and without notice to or demand on the CUSTOMER, shall be within its rights to discontinue any services pertaining to the FOTO QCDR.
  • DISCLAIMER OF WARRANTIES/NO GUARANTEE. THE FOTO QCDR IS PROVIDED “AS IS” and “AS AVAILABLE” AND IS WITHOUT WARRANTY OF ANY KIND. NET HEALTH MAKES AND CUSTOMER RECEIVES NO WARRANTIES, EXPRESS, IMPLIED, OR OTHERWISE REGARDING THE FOTO QCDR OR ANY OTHER RELATED SERVICES, AND FOTO SPECIFICALLY DISCLAIMS ANY WARRANTY OF MERCHANTABILITY, NON-INFRINGEMENT OR FITNESS FOR A PARTICULAR PURPOSE. When using the FOTO QCDR, information will be transmitted over a medium that may be beyond Net Health’s control. Accordingly, Net Health does not assume any liability for or relating to the delay, failure, interruption, or corruption of any data or other information transmitted in connection with the FOTO QCDR. The submission of data through the FOTO QCDR does not guarantee that CUSTOMER is eligible for payment, reimbursement, or financial incentives from CMS, or any other performance payment program, nor does the submission of data through the Portal guarantee that CUSTOMER will receive payment, reimbursement or other financial incentives from CMS, or any other performance payment program, or that CUSTOMER will avoid penalties, if applicable. All determinations as to reimbursement, payment and other financial incentives and the avoidance of penalties are determined solely by CMS in accordance with the data provided by CUSTOMER and the applicable program criteria. Net Health makes, and CUSTOMER receives, no guaranty of payment or avoidance of penalties. Net Health shall not be responsible for any failure of payment or penalty assessed for any reason whatsoever, or for any incorrect payment due to incomplete or inaccurate data provided by CUSTOMER.
  • ENFORCEMENT COSTS. In any action pertaining to the enforcement of these Terms and Conditions, the party breaching the Terms and Conditions and against whom enforcement is sought shall pay all expenses and costs incurred by the prevailing party attempting to enforce these Terms and Conditions including but not limited to reasonable attorneys’ fees and expenses.


FOTO QCDR Terms and Conditions | Limited Measures Use

These Terms and Conditions apply to circumstances where CUSTOMER desires to only submit the MIPS Reportable Measures available within the FOTO outcome management application (“FOTO OM”). It is explicitly acknowledged by CUSTOMER that it will not be able to submit any measures via the FOTO QCDR other than those set forth on the applicable Purchase Schedule, and Net Health will not be collecting data from CUSTOMER’s electronic medical record system or billing systems for purposes of MIPS reporting. CUSTOMER understands that the FOTO QCDR may be required to perform audits, and that CUSTOMER’s failure to register every patient within FOTO OM may result in an unfavorable audit. CUSTOMER acknowledges and understands that it may be required to submit to Net Health the full medical and billing record for all patient episodes identified in the audit process.

  1. RESPONSIBILITIES OF NET HEALTH.  In regard to the FOTO QCDR services, Net Health shall:
  1. Comply with applicable laws and regulations.
  • Provide reporting to CMS for, at a minimum, the Reportable Measures listed in Exhibit A, found below, (provided that the requisite data has been made available to Net Health by CUSTOMER).
  • Store Reportable Measures data obtained from CUSTOMER in a redundant and secure filing environment.
  • Submit the Reportable Measures data provided by CUSTOMER, on CUSTOMER’s behalf, to CMS.
  • RESPONSIBILITIES OF CUSTOMER.  As part of its responsibilities hereunder, CUSTOMER shall:
  1. Accurately complete and return to Net Health in a timely manner all required forms providing Net Health with elements needed for the FOTO QCDR to fulfill CMS requirements for verifications and validations, including but not limited to:
    1. The applicable Authorization Form provided by Net Health.
    1. a W-9 or CMS claims form for TIN verification purposes
  • Insure that 100% of patient episodes are registered in FOTO OM (Patient Inquiry) relative to the following scenarios:
    • Completed Episode: Patient completes the Intake and at least one Status survey, with the episode being closed via a FOTO Discharge.
    • Incomplete Discharge: Patient completes at least the Intake but no Status surveys. When closing the episode (FOTO Discharge), the staff completes the Incomplete Discharge process which includes selecting the reason why the patient did not complete at least one Status.
    • Episode Set Up Only: The patient does not complete an Intake, but the FOTO Episode Set Up is completed.
  • Comply with all requests pertaining to data validation procedures.
  • Comply with all of Net Health’s requests pertaining to the CMS-mandated data validation and detailed audit process, including providing Net Health with access to the full patient and medical billing records to the extent required by Net Health.
  • Make timely payment to Net Health for the FOTO QCDR services.
  • Comply with all applicable laws and regulations.
  • DATA COLLECTED.  For the purposes of MIPS data reporting by the FOTO QCDR to CMS, CUSTOMER shall collect the following:
  1. in the FOTO Outcomes Management System (Patient Inquiry):
    1. Reportable Quality outcome Measures selected from the available measures for the reporting period.
    1. Patient classifications for measure exclusion and exception reasons by selecting the relevant Non-participation and No-Status reasons in the FOTO OM.
    1. Patient classification as Episode Set Up Only as described in Section 2(b), above.

Please note that the requisite data points are subject to change to the extent required by CMS.

  • INDEMNIFICATION BY CUSTOMER.  CUSTOMER agrees to indemnify and to hold Net Health harmless from any loss, cost, liability or damage including attorneys’ fees arising as a result of CUSTOMER’s participation in the CMS MIPS program. Net Health reserves the right to assume the exclusive defense and control of any matter otherwise subject to indemnification by CUSTOMER, in which event CUSTOMER agrees to assist and cooperate with Net Health in asserting any available defenses.
  • EVENTS OF DEFAULT.  The following events shall constitute default on the part of the CUSTOMER hereunder: (i) any breach or failure of the CUSTOMER to observe or perform any of its other obligations hereunder. Upon the occurrence of any such default, Net Health, at its option and without notice to or demand on the CUSTOMER, shall be within its rights to discontinue any services pertaining to the FOTO QCDR.
  • DISCLAIMER OF WARRANTIES/NO GUARANTEE.  THE FOTO QCDR IS PROVIDED “AS IS” and “AS AVAILABLE” AND IS WITHOUT WARRANTY OF ANY KIND. NET HEALTH MAKES AND CUSTOMER RECEIVES NO WARRANTIES, EXPRESS, IMPLIED, OR OTHERWISE REGARDING THE FOTO QCDR OR ANY OTHER RELATED SERVICES, AND FOTO SPECIFICALLY DISCLAIMS ANY WARRANTY OF MERCHANTABILITY, NON-INFRINGEMENT OR FITNESS FOR A PARTICULAR PURPOSE. When using the FOTO QCDR, information will be transmitted over a medium that may be beyond Net Health’s control. Accordingly, Net Health does not assume any liability for or relating to the delay, failure, interruption, or corruption of any data or other information transmitted in connection with the FOTO QCDR. The submission of data through the FOTO QCDR does not guarantee that CUSTOMER is eligible for payment, reimbursement, or financial incentives from CMS, or any other performance payment program, nor does the submission of data through the Portal guarantee that CUSTOMER will receive payment, reimbursement or other financial incentives from CMS, or any other performance payment program, or that CUSTOMER will avoid penalties, if applicable. All determinations as to reimbursement, payment and other financial incentives and the avoidance of penalties are determined solely by CMS in accordance with the data provided by CUSTOMER and the applicable program criteria. Net Health makes, and CUSTOMER receives, no guaranty of payment or avoidance of penalties. Net Health shall not be responsible for any failure of payment or penalty assessed for any reason whatsoever, or for any incorrect payment due to incomplete or inaccurate data provided by CUSTOMER.
  • ENFORCEMENT COSTS. In any action pertaining to the enforcement of these Terms and Conditions, the party breaching the Terms and Conditions and against whom enforcement is sought shall pay all expenses and costs incurred by the prevailing party attempting to enforce these Terms and Conditions including but not limited to reasonable attorneys’ fees and expenses.

Exhibit A

FOTO QCDR Reportable Measures

Reportable Measures for FOTO QCDR Quality Measures

  • Quality Measure 217 FS: Knee Impairments
  • Quality Measure 218 FS: Hip Impairments
  • Quality Measure 219 FS: Lower leg/Foot/Ankle Impairments
  • Quality Measure 220 FS: Lumbar Impairments
  • Quality Measure 221 FS: Shoulder Impairments
  • Quality Measure 222 FS: Elbow/Wrist/Hand Impairments
  • Quality Measure 478 FS: Neck Impairments
  • QCDR Measure FOTO4 Functional Status Change for Patients with Upper or Lower Quadrant Edema
  • QCDR Measure FOTO5 Functional Status Change in Balance Confidence
  • QCDR Measure FOTO6 Functional Status Change in Dizziness
  • QCDR Measure FOTO7 Functional Status Change for Patients Post Stroke

Improvement Activities

  • Improvement Activity BE_6  Regularly assess patient experience of care and follow up on findings
  • Improvement Activity BE_15 Engagement of patients, family, and caregivers in developing a plan of care
  • Improvement Activity BE_22 Improved practices that engage patients pre-visit
  • Improvement Activity AHE_3 Promote use of Patient-Reported Outcome Tools
  • Improvement Activity AHE_6 Provide education opportunities for new clinicians
  • Improvement Activity AHE_8 Create and implement an anti-racism plan
  • Improvement Activity AHE_9 Implement food insecurity and nutrition risk identified and treatment protocols
  • Improvement Activity AHE_12 Practice improvements that engage community resources to address drivers of health
  • Improvement Activity BMH_12 Promoting clinician well being
  • Improvement Activity CC_1 Implementation of use of specialist reports back to referring clinician or group to close referral loop
  • Improvement Activity CC_8 Implementation of documentation improvements for practice/process improvements
  • Improvement Activity CC_12 Care coordination agreements that promote improvements in patient tracking across settings
  • Improvement Activity EPA_2 Use of telehealth services that expand practice access
  • Improvement Activity EPA_3 Collection and use of patient experience and satisfaction data on access
  • Improvement Activity PSPA_16 Use decision support and standardized treatment protocols to manage workflow on the care team to meet patient needs
  • Improvement Activity PSPA_21 Implementation of fall screening and assessment programs
  • Improvement Activity MVP Practice-wide quality improvement in MIPS Value Pathways

Promoting Interoperability

  • Promoting Interoperability PHCDRR_1 Immunization Registry Reporting
  • Promoting Interoperability PHCDRR_2 Syndromic Surveillance Reporting
  • Promoting Interoperability PHCDRR_3 Electronic Case Reporting
  • Promoting Interoperability PHCDRR_4 Public Health Registry Reporting
  • Promoting Interoperability PHCDRR_5 Clinical Data Registry Reporting
  • Promoting Interoperability HIE_1 Support Electronic Referral Loops by Sending Health Information
  • Promoting Interoperability HIE_4 Support Electronic Referral Loops by Receiving and Reconciling Health Information
  • Promoting Interoperability HIE_5 Health Information Exchange Bi-Directional Exchange
  • Promoting Interoperability HIE_6 Enabling Exchange Under the Trusted Exchange Framework and Common Agreement (TEFCA)
  • Promoting Interoperability EP_1 e-Prescribing
  • Promoting Interoperability EP_2 Query of Prescription Drug Monitoring Program (PDMP)
  • Promoting Interoperability PEA_1 Provide Patients Electronic Access to Their Health Information
  • Promoting Interoperability PPHI_1 Security Risk Analysis
  • Promoting Interoperability PPHI_2 High Priority Practices Guide of the Safety Assurance Factors for EHR Resilience (SAFER) Guides

MIPS Value Pathways (MVP)

  • Rehabilitative Support for Musculoskeletal Care (only to include Quality Measures from list in Exhibit A)