|
inaccurate, or unlawful material in the Services; (vi) resell, sublicense, lease, time-
<br />share or otherwise make the Digital Services available to any unauthorized third
<br />party; (vii) permit access to the Digital Services by a competitor of Vera; (viii) use
<br />the Digital Services, or permit it to be used, for purposes of product evaluation or
<br />other comparative analysis intended for publication without Vera's prior written
<br />consent; or (ix) access the Digital Services for the purpose of building a competitive
<br />product or service or copying its features or user interface.
<br />8.2 Access and Use of Data. Vera shall have the right to reproduce, modify and prepare
<br />derivative works of, aggregate, analyze, cleanse, scrub, reverse engineer, distribute,
<br />display, present and otherwise use Data as reasonably necessary for the purposes of
<br />performing, improving and providing services for all users. To the extent Vera
<br />creates and uses any modified version of Data or new data based on Data, Vera agrees
<br />with respect to modified Data or new data created with reference thereto, the
<br />applicable Participants shall have been de-identified in accordance with 45 CFR
<br />section 164.514, as applicable. Employer shall use its best efforts to require its
<br />Administrators to ensure that (i) all information that is provided to Vera, including,
<br />but not limited to eligibility files, is authentic, accurate, reliable, complete and
<br />confidential and (ii) Vera may use such information in accordance with the terms of
<br />the Agreement without violating or infringing any third-party rights. Employer’s
<br />security measures shall include, and Employer shall use its best efforts to require
<br />that its Administrators’ security measures include, but are not limited to: (a)
<br />maintaining, and requiring agents and subcontractors to maintain, administrative,
<br />technical and physical safeguards to protect the security, integrity and confidentiality
<br />of data provided to Vera, including up-to-date anti-virus software; (b) not accessing
<br />or using the electronic systems of Vera for any purpose that is illegal or unauthorized;
<br />(c) reporting to Vera any material system, equipment or software malfunction, error,
<br />breakage or security breach that involves or may reasonably affect Vera, whether
<br />detected or believed to be imminent; and (d) maintaining and enforcing security
<br />management policies and procedures and utilizing mechanisms and processes to
<br />prevent, detect, record, analyze, contain and resolve unauthorized access attempts
<br />and for periodically reviewing its processing infrastructure for potential security
<br />vulnerabilities.
<br />8.3 Protected Health Information. Each party will comply with all federal and state
<br />laws and requirements regarding the confidentiality and security of Protected Health
<br />Information or “PHI” to the extent applicable to the Parties’ respective obligations
<br />under this SOF-1. A Party’s obligations as a Business Associate of the other Party,
<br />if applicable, are set forth in the Business Associate Agreement executed between
<br />the Parties. Nothing in this Agreement will be construed to limit any obligations of
<br />the Parties under the Business Associate Agreement, and nothing in the Business
<br />Associate Agreement will be construed to limit any obligations of the Parties under
<br />this SOF-1. In the event of a conflict between (i) any provision of SOF-1, and (ii)
<br />any provision of the Business Associate Agreement, the provision in the Business
<br />Associate Agreement, if applicable, will control to the fullest extent permitted by
<br />applicable laws.
|