Terms of Use
By entering and using the “Hope Tracker” Website you are deemed to have read and accepted these Terms of Use. If you do not accept these Terms of Use or any part of them, you should not use the Website. HMOC may modify these Terms of Use from time to time. Your continued use of this website (or any of HMOC’s other websites) following such change demonstrates your agreement to be bound by the modified Terms of Use. We will highlight any changes we make to the Terms of Use but we advise you to check the Terms of Use often. If you do not agree to any change to the Terms of Use, then you must immediately stop using the HMOC website.

Accuracy of Content
HMOC makes every effort to ensure that the content of the Website is accurate and up-to-date, but HMOC does not offer any warranties (whether expressed or implied,) as to the reliability, accuracy or completeness of the information appearing on the Website. HMOC may add or remove material from this Website at its own discretion and without giving any notice. Any information offered in relation to patient health, or in relation to other medical issues, while based on physician reporting is intended to only be used to aid in the patient referral process. All members are also required to comply with HIPAA and United States Privacy Laws, and access this information at your own risk and (subject to applicable laws,) HMOC cannot be held responsible for the outcome. Please contact our office if you have concerns or questions on HIPAA regulations of visit the site http://www.hhs.gov/ocr/hipaa/

Intellectual Property
You acknowledge and agree that all copyright, trademarks and other intellectual property rights in the Website content, software and all HTML and other code contained in this Website, shall remain at all times the property of HMOC and/or its licensors and is protected by copyright and other laws and international treaty provisions. Any other trademark remains the property of its respective owner(s). Users may not modify, copy, distribute, transmit, display, redistribute, reproduce, publish, license, commercially exploit, create derivative works from, transfer, or sell any material which may be displayed on the Website from time to time without first obtaining permission in writing to do so from HMOC. The Website and its contents are copyright material and the copyright is owned by HMOC unless stated otherwise. Without limiting the foregoing, copying the above listed materials to any other server or location for publication, reproduction or distribution is expressly prohibited. Generally speaking, trademarks appearing on the Website are either owned by HMOC or HMOC has obtained limited use permission from the trademark owner to use the trademark on the Website. Any other third party trademarks remain the property of their respective owners. If you wish to obtain permission to make use of any of the trademarks or other material that may be displayed on the Website from time to time please contact HMOC. HMOC shall not be responsible for seeking any additional authorization required for third party use of any trademark not owned by or licensed to HMOC for such use.

Prohibition on Commercial Use of Website Content
You are permitted to use the material that is displayed on the Website from time to time only as expressly authorized by HMOC or its licensors. This Website is intended to provide information relating to HMOC concerns and the Website is designed for authorized use only. Users may not use this Website, or any of the material appearing on the Website to further any commercial purpose, including (but not limited to) advertising or to promote or generate activity on any other website.

Linking
HMOC may from time to time include links on this Website to other websites or resources operated by parties other than HMOC. These links are provided for the convenience of users and HMOC is not responsible for the availability of such external websites or resources, does not endorse or accept responsibility for the content of such external websites or resources and has no responsibility for or control over the privacy policy (if any) of the operators of the external websites. You are advised to check the terms and conditions of use and the privacy policies of these external websites before entering or making use of them.

Limitation of Liability
The Internet is by its nature an unreliable medium. Consequently, you accept that this Website is offered on an “as is” and “as available” basis. HMOC takes all reasonable steps to ensure that the Website is properly functioning at all times but HMOC does not warrant that this Website will be uninterrupted, timely, secure or error-free, that defects will be corrected, or that this Website or the server that makes it available are free of software viruses or bugs or other defects. By accepting these Terms of Use, you accept that HMOC cannot be liable to you for any loss or damage you suffer as a result of visiting this Website or making use of the information available on the Website. You must take your own precautions (including but not limited to installing adequate protective measures to guard against software viruses and ensuring that you retain up-to-date copies of all data) to protect yourself against loss or damage. HMOC is an association of member organizations. However, HMOC is not liable for the actions of any individual member organization, nor is any individual member organization liable for the actions of HMOC.

Business Associate Agreement
This Agreement is made effective upon accessing the Hopemed.us website, by and between Hope Medical Outreach Coalition, hereinafter referred to as “Covered Entity”, and the user accessing this website, hereinafter referred to as “Business Associate”, (individually, a “Party” and collectively, the “Parties”).

WITNESSETH:

WHEREAS, Sections 261 through 264 of the federal Health Insurance Portability and Accountability Act of 1996, Public Law 104-191, known as “the Administrative Simplification provisions,” direct the Department of Health and Human Services to develop standards to protect the security, confidentiality and integrity of health information; and

WHEREAS, pursuant to the Administrative Simplification provisions, the Secretary of Health and Human Services has issued regulations modifying 45 CFR Parts 160 and 164 (the “HIPAA Privacy Rule”); and

WHEREAS, the Parties wish to enter into or have entered into an arrangement whereby Business Associate will provide certain services to Covered Entity, and, pursuant to such arrangement, Business Associate may be considered a “business associate” of Covered Entity as defined in the HIPAA Privacy Rule and is hereby referred to as the “Arrangement Agreement”); and

WHEREAS, Business Associate may have access to Protected Health Information (as defined below) in fulfilling its responsibilities under such arrangement;

THEREFORE, in consideration of the Parties’ continuing obligations under the Arrangement Agreement, and compliance with the HIPAA Privacy Rule, the Parties agree to the provisions of this Agreement in order to address the requirements of the HIPAA Privacy Rule and to protect the interests of both Parties.

The term “Protected Health Information” means individually identifiable health information including, without limitation, all information, data, documentation, and materials, including without limitation, demographic, medical and financial information, that relates to the past, present, or future physical or mental health or condition of an individual; the provision of health care to an individual; or the past, present, or future payment for the provision of health care to an individual; and that identifies the individual or with respect to which there is a reasonable basis to believe the information can be used to identify the individual.

Business Associate acknowledges and agrees that all Protected Health Information that is created or received by Covered Entity and disclosed or made available in any form, including paper record, oral communication, audio recording, and electronic display by Covered Entity or its operating units to Business Associate or is created or received by Business Associate on Covered Entity’s behalf shall be subject to this Agreement.

CONFIDENTIALTY REQUIREMENTS
(a) Business Associate agrees:

(i) to use or disclose any Protected Health Information solely: (1) for meeting its obligations as set forth in any agreements between the Parties evidencing their business relationship or (2) as required by applicable law, rule or regulation, or by accrediting or credentialing organization to whom Covered Entity is required to disclose such information or as otherwise permitted under this Agreement, the Arrangement Agreement (if consistent with this Agreement and the HIPAA Privacy Rule), or the HIPAA Privacy Rule, and (3) as would be permitted by the HIPAA Privacy Rule if such use or disclosure were made by Covered Entity;

(ii) at termination of this Agreement, the Arrangement Agreement (or any similar documentation of the business relationship of the Parties), or upon request of Covered Entity, whichever occurs first, if feasible, Business Associate will return or destroy all Protected Health Information received from or created or received by Business Associate on behalf of Covered Entity that Business Associate still maintains in any form and retain no copies of such information, or if such return or destruction is not feasible, Business Associate will extend the protections of this Agreement to the information and limit further uses and disclosures to those purposes that make the return or destruction of the information not feasible; and

(iii) to ensure that its agents, including a subcontractor, to whom it provides Protected Health Information received from or created by Business Associate on behalf of Covered Entity, agrees to the same restrictions and conditions that apply to Business Associate with respect to such information. In addition, Business Associate agrees to take reasonable steps to ensure that its employees’ actions or omissions do not cause Business Associate to breach the terms of this Agreement.

(b) Notwithstanding the prohibitions set forth in this Agreement, Business Associate may use and disclose Protected Health Information as follows:

(i) if necessary, for the proper management and administration of Business Associate or to carry out the legal responsibilities of Business Associate, provided that as to any such disclosure, the following requirements are met: (A) the disclosure is required by law; or (B) Business Associate obtains reasonable assurances from the person to whom the information is disclosed that it will be held confidentially and used or further disclosed only as required by law or for the purpose for which it was disclosed to the person, and the person notifies Business Associate of any instances of which it is aware in which the confidentiality of the information has been breached;

(ii) for data aggregation services, if to be provided by Business Associate for the health care operations of Covered Entity pursuant to any agreements between the Parties evidencing their business relationship. For purposes of this Agreement, data aggregation services means the combining of Protected Health Information by Business Associate with the protected health information received by Business Associate in its capacity as a business associate of another covered entity, to permit data analyses that relate to the health care operations of the respective covered entities.

(c) Business Associate will implement appropriate safeguards to prevent use or disclosure of Protected Health Information other than as permitted in this Agreement. The Secretary of Health and Human Services shall have the right to audit Business Associate’s records and practices related to use and disclosure of Protected Health Information to ensure Covered Entity’s compliance with the terms of the HIPAA Privacy Rule. Business Associate shall report to Covered Entity any use or disclosure of Protected Health Information which is not in compliance with the terms of this Agreement of which it becomes aware. In addition, Business Associate agrees to mitigate, to the extent practicable, any harmful effect that is known to Business Associate of a use or disclosure of Protected Health Information by Business Associate in violation of the requirements of this Agreement.

AVAILABILTY OF PROTECTED HEALTH INFORMATION (PHI)
Business Associate agrees to make PHI available to the extent and in the manner required by Section 164.524 of the HIPAA Privacy Rule. Business Associate agrees to make PHI available for amendment and incorporate any amendments to PHI in accordance with the requirements of Section 164.526 of the HIPAA Privacy Rule. In addition, Business Associate agrees to make PHI available for purposes of accounting of disclosures, as required by Section 164.528 of the HIPAA Privacy Rule.

TERMINATION
Notwithstanding anything in this Agreement to the contrary, Covered Entity shall have the right to terminate this Agreement and the Arrangement Agreement immediately if Covered Entity determines that Business Associate has violated any material term of this Agreement. If Covered Entity reasonably believes that Business Associate will violate a material term of this Agreement and, where practicable, Covered Entity gives written notice to Business Associate of such belief within a reasonable time after forming such belief, and Business Associate fails to provide adequate written assurances to Covered Entity that it will not breach the cited term of this Agreement within a reasonable period of time given the specific circumstances, but in any event, before the threatened breach is to occur, then Covered Entity shall have the right to terminate this Agreement and the Arrangement Agreement immediately.

MISCELLANEOUS
Except as expressly stated herein or the HIPAA Privacy Rule, the parties to this Agreement do not intend to create any rights in any third parties. The obligations of Business Associate under this Section shall survive the expiration, termination, or cancellation of this Agreement, the Arrangement Agreement and/or the business relationship of the parties, and shall continue to bind Business Associate, its agents, employees, contractors, successors, and assigns as set forth herein.

This Agreement may be amended or modified only in a writing signed by the Parties. No Party may assign its respective rights and obligations under this Agreement without the prior written consent of the other Party. None of the provisions of this Agreement are intended to create, nor will they be deemed to create any relationship between the Parties other than that of independent parties contracting with each other solely for the purposes of effecting the provisions of this Agreement and any other agreements between the Parties evidencing their business relationship. This Agreement will be governed by the laws of the State of Nebraska. No change, waiver or discharge of any liability or obligation hereunder on any one or more occasions shall be deemed a waiver of performance of any continuing or other obligation, or shall prohibit enforcement of any obligation, on any other occasion.

The parties agree that, in the event that any documentation of the arrangement pursuant to which Business Associate provides services to Covered Entity contains provisions relating to the use or disclosure of Protected Health Information which are more restrictive than the provisions of this Agreement, the provisions of the more restrictive documentation will control. The provisions of this Agreement are intended to establish the minimum requirements regarding Business Associate’s use and disclosure of Protected Health Information.

In the event that any provision of this Agreement is held by a court of competent jurisdiction to be invalid or unenforceable, the remainder of the provisions of this Agreement will remain in full force and effect. In addition, in the event a party believes in good faith that any provision of this Agreement fails to comply with the then-current requirements of the HIPAA Privacy Rule, such party shall notify the other party in writing. For a period of up to thirty days, the parties shall address in good faith such concern and amend the terms of this Agreement, if necessary to bring it into compliance. If, after such thirty-day period, the Agreement fails to comply with the HIPAA Privacy Rule, then either party has the right to terminate upon written notice to the other party.