/

PLATFORM TERMS

Platform Terms

Last updated

TERMS AND CONDITIONS


Last Updated: April 18, 2025

These Terms and Conditions (“Terms”) govern any order form incorporating these Terms by reference (“Order Form”) entered into between New Lantern, Inc. (“New Lantern”) and the organization identified in the Order Form (“Customer”) as of the Effective Date. The Order Form, together with these Terms (including all exhibits), constitutes the “Agreement”. Capitalized terms not defined in these Terms have the meaning given to them in the Order Form. The Agreement governs Customer’s access to and use of the Platform and associated Services. 

By executing an Order Form: (1) Customer agrees to be bound by the terms of the Agreement; and (2) the individual signing the Order Form represents and warrants that it has the authority to enter into the Agreement on behalf of Customer. If Customer does not agree to be bound by the terms of the Agreement, then Customer may not use the Platform or receive the Services.

  1. DEFINITIONS. Capitalized terms have the meanings set forth below or as defined within the Agreement.

    1. “AI Tools” means generative artificial intelligence and machine learning services or applications that are integrated into the Platform, including third-party large language models.

    2. “Applicable Privacy Laws” means the data protection, data security, and privacy laws and regulations of any jurisdiction applicable to the Platform under the Agreement.

    3. “BAA” has the meaning given in Section 6.4 (Business Associate).

    4. “Confidential Information” means all information regarding a party’s business, including technical, marketing, financial, employee, planning, and other confidential or proprietary information, that (a) is clearly identified as confidential or proprietary at the time of disclosure, or (b) the receiving party knew or should have known, given the nature of the information and the circumstances of its disclosure, was considered confidential or proprietary. 

    5. “Customer Data” means any content or information uploaded or transmitted to the Platform by Customer or Users, including from Third-Party Services, or other Customer materials provided by Customer or accessed by New Lantern in connection with the Services. Customer Data includes Studies, Reports, Personal Data, and PHI. 

    6. “Documentation” means all specifications, user manuals, and other technical materials relating to the Platform that are provided or made available to Customer, as may be modified from time to time.

    7. “Fees” means the fees for accessing the Platform and any Services, as set forth on an Order Form.

    8. “HIPAA” means the Health Insurance Portability and Accountability Act of 1996, as amended, and its implementing rules and regulations related to privacy, security, and breach notification.

    9. “Initial Term” has the meaning given in Section 8.1.

    10. “New Lantern Technology” means the Platform, Performance Data, the Documentation, Software, any deliverables provided as part of Services, and all applicable software, data, and technical information used by New Lantern or provided to Customer in connection with the foregoing. 

    11. “Order Term” has the meaning given in Section 8.1.

    12. “Performance Data” means general performance data about the Platform (e.g. response times, uptime and functionality performance) and data regarding Customer’s use of the Platform (such as number of Studies and Reports generated, numbers of users, etc.). 

    13. “Personal Data” means Customer Data that constitutes “personal data,” “personal information,” or “personally identifiable information” defined in Applicable Privacy Laws or information of a similar character regulated by Applicable Privacy Laws, except that Personal Data does not include information related to Customer personnel who are business contacts for New Lantern, or information received by New Lantern directly or from other sources (such as its other customers) independent of New Lantern’s relationship with Customer. 

    14. “PHI” has the meaning given in the BAA.

    15. “Renewal Term” has the meaning given in Section 8.1.

    16. “Services” means any integration, onboarding, training, and other services related to the Platform performed by New Lantern for Customer, as identified on an Order Form. 

    17. “Software” means any downloadable or distributed software distributed to Customer in order for Customer to access or use the Platform, but only applies where such software is specified in the Order Form.

    18. “Users” means employees and independent contractors who are authorized by Customer to access the Platform pursuant to Customer’s rights under the Agreement.

  2. PROVIDER SERVICE; ACCESS; RESTRICTIONS.  

    1. Access to the Platform. Subject to the terms and conditions of the Agreement, New Lantern grants to Customer a revocable, non-sublicensable, non-transferable (except as provided in Section 12.2) (Assignment; Subcontractors), non-exclusive right to access and use the Platform and accompanying Documentation at the Site(s) solely for Customer’s internal business purposes. New Lantern will make available to Customer all updates, fixes, improvements, and enhancements to the Platform and, where practicable, provide Customer reasonable advance notice of such updates. If the Order Form specifies that any Software is made available to Customer in connection with it use of the Platform, New Lantern grants to Customer a non-exclusive, non-sublicensable, non-transferable (except in compliance with Section 12.2 (Assignment; Subcontractors)) license during the Order Term to use Software in object code format solely for Customer's internal use in connection with its use of the Platform.

    2. Access Credentials. Each User will be provided access to and use of the Platform through unique and confidential account credentials. These credentials cannot be shared or used by more than one individual User to access the Platform. Customer is responsible for maintaining the confidentiality of all Users’ account credentials and is solely responsible for the conduct of Users and all activities that occur under these User accounts. Customer will promptly notify New Lantern of any actual or suspected unauthorized use or access to its account.  

    3. Restrictions. Customer will not, and will not permit any User or third party to: (a) sublicense, lease, sell, resell, rent, loan, distribute, transfer, or otherwise allow the use of the New Lantern Technology for the benefit of any unauthorized third party; (b) use the Platform at any site that is not the Sites or allow any third party to access the Platform or Software except as expressly allowed in the Agreement; (c) reverse engineer, decompile, disassemble, or otherwise derive or determine or attempt to derive or determine the source code (or the underlying ideas, algorithms, structure or organization) of the New Lantern Technology, except as permitted by law; (d)  interfere in any manner with the operation of the New Lantern Technology or the hardware and network used to operate the same, or attempt to probe, scan, or test vulnerability of the Platform without the prior written consent of New Lantern; (e) modify, copy or make derivative works based on any part of the New Lantern Technology; (f) access or use the New Lantern Technology to build a similar or competitive product or service or otherwise engage in competitive analysis or benchmarking; or (g) use the New Lantern Technology in a manner inconsistent with, or in violation of, a User’s professional obligations or applicable law. New Lantern reserves the right to suspend Customer’s or any User’s access to the Platform for any failure, or suspected failure, to comply with these restrictions until such failure is cured.

    4. Suspension. Although it is not anticipated and New Lantern appreciates Customer’s desire for uninterrupted access to the Platform, New Lantern may need to suspend Customer’s or any User’s access to all or any part of the Platform, if Customer’s or any User’s use of the Platform poses a risk to the security or integrity of the Platform or supporting systems, or interferes with New Lantern’s ability to reliably provide the Platform to other customers, or subjects New Lantern to unreasonable liability risks. New Lantern will use reasonable efforts to notify Customer or the applicable User(s) prior to suspension and will restore access to Customer or the applicable User(s) as soon as such risks no longer apply.

    5. Third-Party Services. The Platform integrates with third-party services, technology, or applications which are not provided by New Lantern, including Customer’s own hardware or systems, Customer’s DICOM imaging modalities, EMR or EHR software, HL7 integrations and AI Tools (collectively, “Third-Party Services”). Customer is responsible for enabling the integration of each Third-Party Service under its control. Customer acknowledges that: (a) New Lantern may share or receive Customer Data through integration with such Third-Party Services so that it may be used in accordance with the terms of this Agreement, and (b) it is instructing New Lantern to share and receive such Customer Data with the providers such Third-Party Services for this purpose. Customer acknowledges that Third-Party Services are not under the control of New Lantern, and New Lantern is not responsible for any Third-Party Services. Customer’s use of the Third-Party Services under its control is governed by the Customer’s agreement with providers of the Third-Party Services. 

    6. Services. New Lantern will provide any Services as set forth in an Order Form. The Services and any deliverables provided as a part of the Services may only be used in conjunction with the Platform. Customer will reasonably cooperate with New Lantern in the performance of the Services and the operation of the Platform. Such cooperation may include: (a) the appointment of a single point of contact for all matters related to the Services; (b) the provision of reasonable remote network access to those Customer systems that use the Services; and (c) making suitably trained personnel with sufficient knowledge of Customer’s systems available during normal business hours. If the Services are to be provided on Customer’s premises: (i) Customer will provide safe and adequate space, power, network connections, and other resources as required by New Lantern; and (ii) New Lantern will adhere to Customer’s established written guidelines, which will be provided to New Lantern, concerning on-site visits by contractors and the use of Customer’s computer equipment. 

    7. Support. New Lantern will make the Platform available, and provide support to Customer, in accordance with the Service Level Agreement set forth in Exhibit A (“SLA”). Customer’s sole and exclusive remedy, and New Lantern’s entire liability, for New Lantern’s failure to comply with this Section 2.7 are the remedies specified in the SLA.

  3. CUSTOMER RESPONSIBILITIES. 

    1. Customer Data. Customer is responsible for the accuracy, quality, integrity, legality, reliability, and appropriateness of all Customer Data. Customer shall, and shall require that all Users, provide all applicable notices and obtain all required licenses, consents and permissions (including patient consents) under applicable law (including Applicable Privacy Laws and HIPAA) that are required of Customer and the applicable User, as well as needed for New Lantern, to use, disclose, copy, store and process the Customer Data (including the Studies) on the Platform, to develop the Reports, to contact and communicate with referring healthcare providers on Customer’s behalf via automated telephone calls and exercise the rights granted to New Lantern in the Agreement. 

    2. Medical Responsibility. Customer is solely responsible for the provision of medical advice, diagnosis or treatment to any patients related to Customer’s use of the Platform and the Services. Neither New Lantern, nor the Platform, provides any medical, healthcare, or other professional advice or makes any insurance billing or coding decisions. The Platform, including any content or suggestions displayed or generated on it, is not intended, and Customer agrees not to rely on, and agrees to instruct Users not to rely on, the Platform or any content or suggestions as a substitute for the knowledge, expertise, skill, verbal counseling, or judgment of radiologists or other healthcare professionals. Although the Platform may provide suggested inputs for a given Report based on prior Studies or Reports of a similar nature, Customer is solely responsible for: (a) assessing whether such inputs are appropriate and accurate for the given circumstances; (b) analyzing the Studies and confirming the accuracy and suitability of any Reports; and (c) ensuring that its Users’ use of the Platform and any Reports, and the provision of any related medical advice, diagnosis or treatment, complies with applicable law and any applicable professional standards. Customer shall limit access to the Platform for the purposes of analyzing Studies and generating Reports to medical professionals who are properly licensed and authorized to use the Platform for such purpose.  

  4. FEES AND PAYMENT.

    1. Fees. Customer will pay New Lantern the Fees set forth on an applicable Order Form. Fees are non-refundable (except as expressly set out in the Agreement or an Order Form) and are not eligible for set off. Unless otherwise set out in an Order Form, Customer will pay the Fees within thirty (30) days of receipt of an invoice. Customer will maintain complete, accurate, and up-to-date Customer billing and contact information.

    2. Taxes. All Fees owed by Customer in connection with the Agreement are exclusive of, and Customer will pay, all sales, use, excise, and other taxes and applicable export and import fees, customs duties, and similar charges that may be levied upon Customer in connection with the Agreement, except for employment taxes and taxes based on New Lantern’s income.  

    3. Payment Disputes. Customer may withhold invoiced amounts that are disputed by Customer in good faith (but must pay any undisputed portion of the invoice) if Customer, within such 30-day period: (a) notifies New Lantern of the amounts that are disputed by Customer; (b) specifically states in such notice the reasons for such dispute; and (c) with such notice provides New Lantern with all reasonable documentation and other substantiating materials in Customer’s possession in support of Customer’s position. The parties will work together to resolve any disputes expeditiously. Any disputed amounts that are determined to have been payable will be paid by Customer within thirty (30) days of such determination.

    4. Late Payment. Payments by Customer that are past due will be subject to interest at the rate of one and one-half percent (1½%) per month (or, if less, the maximum allowed by applicable law) of that overdue balance.

  5. PROPRIETARY RIGHTS.

    1. New Lantern Technology. New Lantern retains all right, title, and interest in and to the New Lantern Technology, including any enhancements, improvements, or derivatives to the New Lantern Technology including made as part of the Services or in response to Feedback. Other than as expressly set forth in the Agreement, no license or other rights in the New Lantern Technology are granted to Customer.  

    2. Customer Data. Customer retains all right, title, and interest in and to the Customer Data. Customer authorizes New Lantern to access and use Customer Data during and after the Order Term, to provide the Platform and its functionality and the Services, to generate the Reports, and to provide any accompanying support to Customer or fulfill other obligations as set forth in the Agreement. As part of New Lantern’s commitment to continually improve the Platform and its functionality, New Lantern may use the Customer Data to improve how the Platform (and its underlying components) generates Reports, analyzes Studies, responds to User requests or prompts, and otherwise optimize existing or develop new functionality that may be used by Customer, provided that such use shall always be consistent with applicable law (including HIPAA) and New Lantern’s responsibilities under this Agreement. 

    3. Performance Data. As part of ordinary course SaaS practices, New Lantern monitors Customer’s use of the Platform to ensure the functionality is working and is responsive to Customer’s needs. As part of that process, New Lantern collects and compiles Performance Data, which does not incorporate Customer Data or any PHI uploaded to the Platform. New Lantern uses Performance Data to operate, improve, analyze, and support the Platform and Services and in addition to other business purposes permitted under applicable law. 

    4. Feedback. Customer or its Users may give feedback to New Lantern on the use, operation, and functionality of the Platform, including information about operating results, known or suspected bugs, errors, or compatibility problems, suggested modifications, and user-desired features, functionality, or workflows (collectively, “Feedback”). In order to be responsive to such requests, New Lantern may use and incorporate such Feedback to improve the Platform and related Services without restriction or payment to Customer. To protect Customer confidentiality, New Lantern will not identify Customer as the source of any such Feedback, and New Lantern acknowledges that all Feedback is provided on an “as is” basis and that Customer is not responsible for Customer’s use of any Feedback, including any results from such Feedback.

  6. DATA SECURITY; PRIVACY.

    1. Data Security. During the Order Term, New Lantern will implement and maintain commercially reasonable administrative, technical, and physical measures designed to safeguard against unauthorized access to or use or disclosure of any Customer Data (including any Personal Data) through the Platform, including the measures specified in Exhibit B (“Security Measures”). New Lantern may update the Security Measures from time to time, so long as the updated measures do not materially decrease the overall protection of Customer Data.

    2. Customer Responsibilities. Customer and its Users will be responsible for all changes to and/or deletions of Customer Data and the security of all passwords and other usernames and passwords required to access the Platform. Unless otherwise set forth in an Order Form, the Platform is not a system of record, and Customer is responsible for all data storage and back up of the source systems from which the Customer Data processed by the Platform is sourced. In the event of corruption or destruction of or damage to any Customer Data, New Lantern will use commercially reasonable efforts to assist Customer in its efforts to recover or restore Customer Data, but New Lantern will not be liable for any Customer Data deletion or corruption.  

    3. Privacy. New Lantern will process Personal Data only in accordance with Customer’s instructions to New Lantern contained in the Agreement. The Agreement is a complete expression of such instructions, and Customer’s additional instructions will be binding on New Lantern only pursuant to an amendment to the Agreement signed by both parties. By entering into the Agreement, Customer instructs New Lantern to process Personal Data to provide the Platform and to perform its other obligations and exercise its rights under the Agreement.

    4. Business Associate. The defined terms used in this will have the meanings given to them at 45 C.F.R. 160.103. In providing the Platform and Services under the Agreement, New Lantern may be a “business associate” of Customer, and, as such, in those instances where New Lantern receives “PHI,” for purposes of complying with HIPAA, the terms of the “business associate” agreement included in Exhibit C (“BAA”) will apply and is incorporated into the Agreement. Each Party will perform comply with their respective obligations in the BAA. In the event of a conflict between these terms and the BAA, the BAA will govern and control. 

  7. CONFIDENTIAL INFORMATION.  

    1. Restrictions. As a recipient of Confidential Information, each party will: (a) use the Confidential Information of the disclosing party only as set forth in the Agreement; (b) not disclose to any third party any Confidential Information of the disclosing party, except as expressly permitted under the Agreement; (c) limit access to the Confidential Information of the disclosing party to its employees and contractors who have a need to know such information to use or provide the Platform and Services, and ensure that such employees or contractors are bound by confidentiality obligations at least as protective as those contained in the Agreement;, and (d) protect the Confidential Information of the disclosing party from loss or unauthorized use, access, or disclosure in a reasonable manner. Personal Data will be treated in accordance with Section 6.3 (Privacy) and will not be deemed Confidential Information.

    2. Exclusions. The restrictions on use and disclosure of Confidential Information set forth above will not apply to any Confidential Information that: (a) is or becomes generally known and available to the public through no act or omission of the receiving party; (b) was in the receiving party’s lawful possession without confidentiality restrictions prior to disclosure by the disclosing party; (c) is received without confidentiality restrictions from a third party with the right to make such a disclosure; or (d) is independently developed by the receiving party. The receiving party may disclose Confidential Information to the extent that such disclosure is required by law or by the order of a court or similar judicial or administrative body, as long as the receiving party, if permitted by law, provides advance notice of the disclosure to the disclosing party and cooperates so that the disclosing party has the opportunity to obtain appropriate confidential treatment for such Confidential Information.

  8. TERM AND TERMINATION.  

    1. Term. Each Order Form will continue for the initial term defined on the Order Form or, if no initial term is specified, for an initial term of one (1) year (the “Initial Term”). Unless specified otherwise on the Order Form, each Order Form will automatically renew for successive one (1) year terms (each a “Renewal Term” and together with the Initial Term, the “Order Term”), unless either party provides no fewer than thirty (30) days’ written notice of its intent to terminate the Order Form prior to the end of the then-current term. New Lantern reserves the right to increase the Fees in any Renewal Term upon no fewer than sixty (60) days’ written notice to Customer.

    2. Termination. Either party may terminate the Agreement upon written notice if: (a) the other party materially breaches the Agreement and does not cure such breach (if curable) within thirty (30) days after written notice of such breach; or (b) the other party: (i) becomes insolvent, (ii) files a petition in bankruptcy that is not dismissed within sixty (60) days of commencement, or (iii) makes an assignment for the benefit of its creditors.

    3. Termination for Legal Cause. Although this is not anticipated, New Lantern reserves the right to terminate the Agreement with immediate effect: (a) following any change to or enactment of any applicable law that renders any material portion of the Platform or the Services illegal, or otherwise has a material adverse effect upon New Lantern’s or Customer’s ability to exercise its rights or perform its obligations under the Agreement; or (b) if New Lantern is required or directed to do so by any governmental authority. However, unless prohibited by applicable law or such governmental authority, prior to terminating the Agreement, New Lantern will first engage Customer in good faith negotiations for at least thirty (30) days to make mutually agreeable changes to the Platform to address such illegality, effect, or direction giving rise to such termination right and after such negotiations, the parties will take reasonable best efforts to make such changes and will terminate the Agreement only if such negotiations are unsuccessful in reaching agreement on such changes.

    4. Effect of Termination. Upon the expiration or termination of the Agreement for any reason, the rights and licenses granted to Customer under the Agreement will immediately terminate, and Customer will cease use of the Platform, the Services, and the Documentation. Termination of the Agreement will not relieve Customer of its obligation to pay all Fees that accrued prior to such termination. Each party will return to the other or destroy all property (including any Confidential Information) of the other party, except to comply with Section 8.5 (Data Export) below or except as required by applicable law. Notwithstanding the foregoing requirement, each party may retain the Confidential Information of the other in accordance with its standard backup procedures, subject to the requirements in Section 6.1 (Data Security) and Section 7 (Confidential Information). Sections 1 (Definitions), 2.3 (Restrictions), 3 (Customer Responsibilities), 4 (Fees and Payment), 5 (Proprietary Rights) (excluding any term-limited license grants), 7 (Confidential Information), 8.4 (Effect of Termination), 8.5 (Data Export), 9.4 (Disclaimer), 10 (Indemnity), 11 (Limitation of Liability) and 12 (General Provisions) will survive the termination of the Agreement.

    5. Data Export. During an Order Term and for thirty (30) days following termination of an Order Term, New Lantern will make all Customer Data stored on the Platform available for export by Customer. Following this window for the export of Customer Data, subject to New Lantern’s obligations under applicable law (including HIPAA), New Lantern may erase any Customer Data stored on the Platform.

  9. WARRANTIES.  

    1. Mutual Warranties. Each party represents and warrants to the other that neither it nor any of its directors, officers, or employees (or Users, in the case of Customer): (a) are currently excluded, debarred, or otherwise ineligible to participate in any federal health care program as defined in 42 U.S.C. Section 1320a-7b(f) (the “Federal Healthcare Programs”); (b) have been convicted of a criminal offense related to the provision of health care items or services and not yet been excluded, debarred, or otherwise declared ineligible to participate in the Federal Healthcare Programs nor been charged or convicted of an offense related to identity theft, credit card fraud, or violation of federal or state privacy or security laws; and (c) are under investigation or otherwise aware of any circumstances which may result in such party being excluded from participation in the Federal Healthcare Programs. This will be an ongoing representation and warranty during the Term, and each party shall immediately notify the other of any change in the status of the representations and warranty in this Section. Any breach of this section will give either party the right to terminate the Agreement immediately for cause.

    2. Customer Warranties. Customer represents and warrants that: (a) it has all rights necessary to upload and use the Customer Data with the Platform and to grant New Lantern all licenses to Customer Data in the Agreement without violating any third-party intellectual property, privacy, or other rights, including Applicable Privacy Laws; and (b) Customer will not upload or share any data or other information to the Platform that: (i) knowingly infringes or misappropriates any third party’s intellectual property rights; (ii) knowingly contains any viruses, worms or other malicious computer programming codes that may damage the New Lantern Technology; or (iii) otherwise violates the rights of a third party.

    3. New Lantern Warranties. During the Term, New Lantern warrants that: (a) the New Lantern Technology when used in accordance with the Documentation and the terms of the Agreement, will operate as described in the Documentation in all material respects; (b) the Services will be performed in a professional and workmanlike manner consistent with industry standards. In the event of a breach of the foregoing warranty in (a), New Lantern will correct the non-conforming product or service at no additional charge to Customer in accordance with the SLA, and remedies for a failure to do so are specified in the SLA. In the event of a breach of the foregoing warranty in (b), New Lantern will re-perform the Services in a conforming manner at no additional charge to Customer. 

    4. DISCLAIMER. Except as expressly provided in the Agreement, and to the maximum extent permitted by applicable law: (a) the New Lantern Technology is provided “as is” and “as available”; and (b) New Lantern and its suppliers make no other warranties, express or implied, by operation of law or otherwise, and expressly disclaim any and all other warranties including, without limitation, any implied warranties of merchantability, fitness for a particular purpose or title. New Lantern does not warrant or represent that the New Lantern Technology will be free from bugs or uninterrupted or error-free, or make any other representations regarding the use, or the results of the use, of the New Lantern Technology in terms of correctness, accuracy, reliability, or otherwise. New Lantern is not responsible or liable for any activity for which Customer is responsible under Section 3 (Customer Responsibilities). Customer acknowledges that the New Lantern Technology leverages certain artificial intelligence features and functions and that artificial intelligence systems are a rapidly evolving field. While New Lantern is always working to improve the New Lantern Technology, the probabilistic nature of artificial intelligence means the New Lantern Technology may provide inaccurate output (such as “hallucinations”) or otherwise not always produce accurate or intended results. As such, Customer acknowledges that no warranties are made by New Lantern with respect to the specific results or any output of any AI Tools or features or functions of the New Lantern Technology, and Customer must thoroughly review and approve any such output and confirm appropriateness and accuracy for the applicable patient before any use of such output. 

  10. INDEMNITY.  

    1. By New Lantern. If any action is instituted by a third party against Customer based upon a claim that the Platform, as delivered and when used in accordance with the Agreement, infringes any third party’s intellectual property rights, New Lantern will defend such action at its own expense on behalf of Customer and will pay all damages attributable to such claim that are finally awarded against Customer or paid in settlement. If the Platform is enjoined or, in New Lantern’s determination is likely to be enjoined, New Lantern will, at its option and expense: (a) procure for Customer the right to continue using the Platform; (b) replace or modify the Platform so that it is no longer infringing but continues to provide comparable functionality; or (c) terminate the Agreement and Customer’s access to the Platform and refund any amounts previously paid for the Platform attributable to the remainder of the then-current Order Term. New Lantern will have no obligation under this Section 10.1 or otherwise with respect to any infringement claim based upon: (i) any use of the Platform not in accordance with the Agreement or as specified in the Documentation; (ii) any use of the Platform in combination with other products, equipment, software, or data not supplied by New Lantern, including Third-Party Services; or (iii) any modification of the New Lantern Technology by any person other than New Lantern or its authorized agents. This Section 10.1 states the entire obligation of New Lantern and the exclusive remedy of Customer against New Lantern for any claim that the Platform infringes a third party’s intellectual property rights.

    2. By Customer. If any action is instituted by a third party against New Lantern relating to Customer’s responsibility or breach (or alleged breach) of Section 3 (Customer Responsibilities) or Section 9.2 (Customer Warranties), Customer will defend such action at its own expense on behalf of New Lantern and will pay all damages attributable to such claim that are finally awarded against New Lantern or paid in settlement of such claim.  

    3. Procedure. Any party that is seeking to be indemnified under this Section 10 (the “Indemnified Party”) must: (a) promptly notify the other party (the “Indemnifying Party”) of any third-party claim, suit, or action for which it is seeking an indemnity under the Agreement (a “Claim”); (b) give the Indemnifying Party the sole control over the defense of such Claim; and (c) reasonably cooperate with the Indemnifying Party at the Indemnifying Party’s expense. The Indemnifying Party will not agree to any settlement that requires the Indemnified Party to admit fault or to take or refrain from taking any action without the Indemnified Party’s prior written consent. 

  11. LIMITATION OF LIABILITY. 

    1. Mutual Waiver. TO THE EXTENT PERMITTED BY LAW, IN NO EVENT WILL NEW LANTERN OR CUSTOMER BE LIABLE FOR SPECIAL, INCIDENTAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES OR LOST PROFITS, OR SIMILAR IN ANY WAY RELATING TO THIS AGREEMENT, EVEN IF SUCH PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. CUSTOMER ACKNOWLEDGES AND AGREES THAT NEW LANTERN IS NOT LIABLE, AND CUSTOMER AGREES IT WILL NOT SEEK TO HOLD NEW LANTERN LIABLE, FOR THE CONDUCT OF THIRD PARTIES, INCLUDING THE PROVIDERS OF ANY THIRD-PARTY SERVICE.

    2. Mutual Liability Cap. IN NO EVENT WILL A PARTY’S AGGREGATE, CUMULATIVE LIABILITY IN ANY WAY RELATING TO THIS AGREEMENT EXCEED THE AMOUNT OF FEES ACTUALLY RECEIVED BY NEW LANTERN FROM CUSTOMER PURSUANT TO THE APPLICABLE ORDER FORM DURING THE TWELVE (12) MONTHS PRECEDING THE EVENT GIVING RISE TO THE CLAIM. 

    3. Exclusions. THE FOREGOING LIMITATIONS WILL NOT APPLY TO OBLIGATIONS TO PAY THE FEES, A PARTY’S INDEMNITY OBLIGATIONS (TO THE EXTENT PAID TO THE THIRD-PARTY PLAINTIFF), BREACHES OF SECTION 2.3 (RESTRICTIONS) OR TO LIABILITIES THAT CANNOT BE LIMITED BY LAW. THE PARTIES AGREE THAT THE LIMITATIONS AND EXCLUSIONS OF LIABILITY AND DISCLAIMERS SPECIFIED IN THIS AGREEMENT SHALL SURVIVE AND APPLY TO THE MAXIMUM EXTENT PERMITTED BY LAW EVEN IF FOUND TO HAVE FAILED OF THEIR ESSENTIAL PURPOSE. THE PARTIES WOULD NOT HAVE ENTERED INTO THIS AGREEMENT BUT FOR SUCH LIMITATIONS.

  12. GENERAL PROVISIONS.  

    1. Governing Law; Forum. The Agreement will be governed by, and all disputes arising under or in connection with the Agreement will be resolved in accordance with, the laws of the State of California, exclusive of conflict or choice of law rules. Any action, suit, or other proceeding based upon or arising from the Agreement will be brought and maintained exclusively in a federal or state court of competent jurisdiction located in San Francisco, California. Each party consents to the mandatory jurisdiction and venue of such courts and waives any right to object to jurisdiction and venue. Notwithstanding the foregoing, nothing will prevent a party from seeking relief in any court of competent jurisdiction for any misuse or misappropriation of that party’s intellectual property rights or Confidential Information. 

    2. Assignment; Subcontractors. Neither party may assign the Agreement, including any rights or obligations arising hereunder, without the prior written consent of the other party, except that either party may assign the Agreement without the consent of the other party in connection with a merger, acquisition, corporate reorganization, or sale of all or substantially all of its assets. Any attempted assignment or transfer in violation of the foregoing will be null and void. The Agreement will be binding upon each party’s respective permitted successors and assigns. New Lantern may subcontract certain aspects of the New Lantern Technology and Services to qualified third parties, provided that New Lantern shall be responsible for such subcontractors and such subcontracting arrangement will not relieve New Lantern of any of its obligations under the Agreement.

    3. Order of Precedence. In the event of a conflict between these Terms, an Order Form, or an exhibit to these Terms, the following order of precedence will apply: these Terms, the Order Form, and then the other exhibits, if any. Notwithstanding the foregoing, an Order Form will take precedence over these Terms if the Order Form expressly states which sections of these Terms are intended to be superseded by the Order Form. No terms, provisions or conditions of any purchase order, acknowledgment or other business form that Customer may use in connection with the Agreement will have any effect on the rights, duties or obligations of the parties under, or otherwise modify, the Agreement.

    4. Notices. Any notice under the Agreement must be given in writing to the other party at the email or physical address set forth on an Order Form. Notices will be deemed to have been given upon: (a) receipt (or when delivery is refused) if delivered in person or sent by recognized courier service; or (b) delivery (unless an error message or failure-to-deliver notification is received) if delivered by email that references this Section 12.4.

    5. Force Majeure. Any delay in the performance of any duties or obligations of either party (except for the obligation to pay Fees owed) will not be considered a breach of the Agreement if such delay is caused by a labor dispute, shortage of materials, war, fire, earthquake, typhoon, flood, natural disasters, governmental action, pandemic/epidemic, cloud-service provider outage, or any other event beyond the control of such party (collectively, a “Force Majeure Event”), provided that such party uses reasonable efforts, under the circumstances, to notify the other party of the circumstances causing the delay and to resume performance as soon as possible. If the Platform is unavailable or materially degraded for a continuous period of thirty (30) days due to a Force Majeure Event, either party will have the right to terminate the Agreement, and New Lantern will refund any amounts previously paid for the Platform attributable to the remainder of the then-current Order Term.

    6. Publicity. New Lantern may use Customer’s name and logo to identify Customer as a customer, including on New Lantern’s website, social media, the Platform and in sales and marketing materials, in the same manner in which it uses the names of its other customers. New Lantern will use Customer’s logo in accordance with Customer’s applicable branding guidelines that are provided in writing to New Lantern and New Lantern may not use Customer’s name or logo in any other way without Customer’s prior written consent. Customer may revoke such rights at any time upon notice to New Lantern (email to suffice).

    7. Export Laws. Customer shall not use, export, re-export, or transfer, directly or indirectly, any U.S. technical data acquired from New Lantern, or any products using such data, in violation of the U.S. export laws or regulations. Further, each party shall comply with all relevant export laws and regulations of the United States and the country or territory in which the Platform provided (“Export Laws”) to assure that neither any deliverable, if any, nor any direct product of a deliverable is (1) exported, directly or indirectly, in violation of Export Laws or (2) intended to be used for any purposes prohibited by Export Laws, including nuclear, chemical, or biological weapons proliferation. Customer further represents that (i) Customer is not located in a country that is subject to a U.S. Government embargo, or that has been designated by the U.S. Government as a “terrorist supporting” country and (ii) Customer is not listed on any U.S. Government list of prohibited or restricted parties. 

    8. U.S. Government Restricted Rights. If Customer is a government end user, then this provision also applies to Customer. The software contained within the Platform and provided in connection with the Agreement has been developed entirely at private expense, as defined in FAR section 2.101, DFARS section 252.227-7014(a)(1) and DFARS section 252.227- 7015 (or any equivalent or subsequent agency regulation), and is provided as “commercial items,” “commercial computer software” and/or “commercial computer software documentation.” Consistent with DFARS section 227.7202 and FAR section 12.212, and to the extent required under U.S. federal law, including the minimum restricted rights as set forth in FAR section 52.227-19 (or any equivalent or subsequent agency regulation), any use, modification, reproduction, release, performance, display, disclosure or distribution of such software by or for the U.S. Government will be governed solely by the Agreement and will be prohibited except to the extent expressly permitted by the Agreement.

    9. No Payment for Referrals. No part of the Agreement will be construed to induce, encourage, solicit, or reimburse the referral of any patients or business, including any patient or business funded in whole or in part by federal or state government programs.

    10. Miscellaneous. The Agreement (as modified by the parties from time to time) is the entire understanding and agreement of the parties, and supersedes any and all previous and contemporaneous understandings. Only a written amendment signed by both parties can modify an Order Form; however, given that these Terms apply across New Lantern’s customers, these Terms may be amended by New Lantern upon written notice to Customer, provided that any such amendment will not be effective until the commencement of the next Renewal Term. The Agreement may be executed in counterparts, which taken together will form one legal instrument. If any provision of the Agreement is held to be invalid or unenforceable, the valid or enforceable portion of such provision and the remaining provisions of the Agreement will remain in full force and effect. Any waiver or failure to enforce any provision of the Agreement on one occasion will not be deemed a waiver of any other provision or of such provision on any other occasion. All waivers must be in writing. The headings of sections of the Agreement are for convenience and are not to be used in interpreting the Agreement. As used in the Agreement, the word “including” means “including but not limited to.” The parties to the Agreement are independent contractors, and no agency, partnership, franchise, joint venture, or employee-employer relationship is intended or created by the Agreement. There are no third-party beneficiaries of the Agreement.  

[End of Terms and Conditions]

EXHIBIT A
SERVICE LEVEL AGREEMENT

This Service Level Agreement forms part of, and is incorporated into, the Agreement between New Lantern and the Customer identified in the applicable Order Form.

 

 

  1. Definitions


Term

Definition

“Availability”

The percentage of total minutes in a calendar month during which the Platform is not Unavailable. Availability is calculated as:

([Total minutes in month] – [Minutes Unavailable]) ÷ [Total minutes in month] × 100.

“Unavailable/Unavailability”

The Platform cannot be accessed or used by Customer through an Internet connection, excluding (a) Scheduled Maintenance (Section 3), (b) any Force Majeure Event (as defined in the Agreement), and (c) Customer‑caused issues, including misuse, mis‑configuration, or failure to meet Customer’s obligations under the Agreement.

  

  1. Uptime Commitment

New Lantern will provide 99.9% Availability each calendar month. Availability is measured at the end of each month.

  

  1. Scheduled Maintenance

New Lantern may perform planned maintenance Monday – Thursday (primarily Wednesday nights) between 10:00 p.m. and 2:00 a.m. Central Time.


New Lantern will give Customer at least 72 hours’ prior written notice (email suffices) of all Scheduled Maintenance unless Customer agrees otherwise.

  1.  Service Credits

If Monthly Availability falls below the target in Section 2, Customer will be entitled to the following Service Credit (applied to the next invoice) as Customer’s sole and exclusive remedy for the affected month, provided Customer (i) is current on all payment obligations and (ii) submits a written credit request within fifteen (15) days after the end of the month in which the Unavailability occurred.


Monthly Availability

Credit (% of monthly Platform Fees)

≥ 99.0 % but < 99.9 %

2.5 %

≥ 98.5 % but < 99.0 %

5 %

≥ 98.0 % but < 98.5 %

10 %

< 98.0 %

15 %

  

  1. Support & Incident Management

Customer may open a support ticket at support@newlantern.ai. Incidents are classified and handled as follows:


Level

Description

Target Initial Response

Target Subsequent Updates

P0 (Critical)

Complete outage of the Platform attributable solely to New Lantern.

30 minutes

Every 2 hours

P1 (Serious)

Significant functional component unavailable or severely impaired solely due to New Lantern.

4 hours

Every 4 hours

P2 (General)

Non‑significant functional component unavailable or impaired solely due to New Lantern.

8 business hours

0 – 2 days (business hours)

 

6. Exclusions & Limitations

Service Credits will not be issued, and outages will not count toward Unavailability, for any failure or delay caused by:

  1. factors outside New Lantern’s reasonable control (including Internet backbone issues or Force Majeure Events);

  2. Customer’s equipment, software, or network;

  3. Misuse, negligence, or breach of the Agreement by Customer or its Users; or

  4. Scheduled Maintenance performed in accordance with Section 3.

 

[End of Exhibit A – Service Level Agreement]

EXHIBIT B
DATA SECURITY MEASURES

  1. Organizational management and dedicated staff responsible for the development, implementation, and maintenance of New Lantern’s information security program. 

  2. Audit and risk assessment procedures for the purposes of periodic review and assessment of risks to New Lantern’s organization, monitoring and maintaining compliance with the New Lantern’s policies and procedures, and reporting the condition of its information security and compliance to internal senior management.

  3. Data security controls, which include, at a minimum, logical segregation of data, restricted (e.g., role-based) access and monitoring, and use of commercially available industry standard encryption technologies for Personal Data that is transmitted over public networks (i.e., the Internet) or when transmitted wirelessly or at rest or stored on portable or removable media (i.e., laptop computers, CD/DVD, USB drives, back-up tapes). 

  4. Logical access controls designed to manage electronic access to data and system functionality based on authority levels and job functions, (e.g., granting access on a need-to-know and least privilege basis, use of unique IDs and passwords for all users, periodic review and revoking/changing access promptly when employment terminates or changes in job functions occur).

  5. System audit or event logging and related monitoring procedures to proactively record user access and system activity. 

  6. Operational procedures and controls to provide for configuration, monitoring, and maintenance of technology and information systems, including secure disposal of systems and media to render all information or data contained in such technology and information systems, as undecipherable or unrecoverable prior to final disposal or release from the New Lantern’s possession.

  7. Change management procedures and tracking mechanisms designed to test, approve, and monitor all material changes to New Lantern’s technology and information assets.

  8. Incident management procedures design to allow New Lantern to investigate, respond to, mitigate, and notify of events related to New Lantern’s technology and information assets. 

  9. Network security controls that provide for the use of enterprise firewalls and layered DMZ architectures, and intrusion detection systems and other traffic and event correlation procedures designed to protect systems from intrusion and limit the scope of any successful attack.

  10. Vulnerability assessment, patch management and threat protection technologies, and scheduled monitoring procedures designed to identify, assess, mitigate and protect against identified security threats, viruses and other malicious code.

  11. Business resiliency/continuity and disaster recovery procedures designed to maintain service and/or recovery from foreseeable emergencies or disasters.  

EXHIBIT C

BUSINESS ASSOCIATE AGREEMENT

This Business Associate Agreement (“BAA”) by and between Customer (“Covered Entity”) and New Lantern, Inc. (“Business Associate”), is entered into on the Effective Date, for the purposes of complying with HIPAA and the security provisions of the American Recovery and Reinvestment Act of 2009, also known as the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”).

Background

  1. Covered Entity is a covered entity as such term is defined under HIPAA and is required to comply with the requirements of HIPAA regarding the confidentiality and privacy of PHI.

  2. Business Associate has entered into the Agreement, under which Business Associate may receive PHI for or on behalf of Covered Entity.

  3. By providing services pursuant to the Agreement and receiving PHI for or on behalf of Covered Entity, Business Associate will become a Business Associate of Covered Entity, as such term is defined under HIPAA, and will therefore have obligations regarding the confidentiality and privacy of PHI that Business Associate receives from or on behalf of, Covered Entity.

  1. Definitions. For the purposes of this BAA, capitalized terms will have the meanings ascribed to them below. All capitalized terms used but not otherwise defined in this BAA will have the meanings ascribed to them by HIPAA.

    1. “PHI” means any information, whether oral or recorded in any form or medium that is created, received, maintained, or transmitted by Business Associate for or on behalf of Covered Entity, that identifies an individual or might reasonably be used to identify an individual and relates to: (i) the individual’s past, present or future physical or mental health; (ii) the provision of health care to the individual; or (iii) the past, present or future payment for health care.

    2. “Secretary” means the Secretary of the U.S. Department of Health and Human Services.

    3. “Unsecured PHI” means PHI that is not rendered unusable, unreadable, or indecipherable to unauthorized individuals through the use of a technology or methodology specified by the Secretary (e.g., encryption). This definition applies to both hard copy PHI and electronic PHI.

  2. Obligations of Business Associate.

    1. General Compliance with Law. Business Associate warrants that it, its agents and its subcontractors: (a) shall use or disclose PHI only in connection with fulfilling its duties and obligations under this BAA and the Agreement; (b) shall not use or disclose PHI other than as permitted or required by the Agreement, this BAA or required by law; (c) shall not use or disclose PHI in any manner that violates applicable federal and state laws or would violate such laws if used or disclosed in such manner by Covered Entity; and (d) shall only use and disclose the minimum necessary PHI for its specific purposes.

    2. Use and Disclosure of PHI. Subject to the restrictions set forth throughout this Agreement, Business Associate may use the information received from Covered Entity if necessary: (a) as allowed by the Agreement; (b) for the proper management and administration of Business Associate; or (c) to carry out the legal responsibilities of Business Associate.

Subject to the restrictions set forth throughout this Agreement, Business Associate may disclose PHI for the proper management and administration of Business Associate, provided that: (i) disclosures are required by law, or (ii) Business Associate obtains reasonable assurances from the person or entity to whom the information is disclosed that it will remain confidential and used or further disclosed only as Required by Law or for the purpose for which it was disclosed to the person or entity, and the person or entity notifies the Business Associate of any instances of which it is aware in which the confidentiality of the information has been breached.

Business Associate is permitted, for Data Aggregation purposes to the extent permitted under HIPAA, to use, disclose, and combine PHI created or received on behalf of Covered Entity by Business Associate pursuant to this BAA with PHI, as defined by 45 C.F.R. 160.103, received by Business Associate in its capacity as a business associate of other covered entities, to permit data analyses that relate to the Health Care Operations of the respective covered entities and/or Covered Entity. 

Business Associate may use PHI as allowed by 45 CFR 164.502(d).  So long as the requirements of 45 CFR 164.514(b) are met, such information may be used as allowed under the Agreement. 

Business Associate acknowledges that, as between Business Associate and Covered Entity, all PHI will be and remain the sole property of Covered Entity, including any and all forms of such PHI developed by Business Associate in the course of its fulfillment of its obligations pursuant to this BAA   and the Agreement. 

  1. Covered Entity Obligations. To the extent that Business Associate is to carry out any of Covered Entity’s obligations that are regulated by HIPAA, Business Associate shall comply with the HIPAA requirements that apply to the Covered Entity in the performance of such obligations.

  2. Safeguards. Business Associate shall employ appropriate administrative, technical, and physical safeguards, consistent with the size and complexity of Business Associate’s operations, to protect the confidentiality of PHI and to prevent the use or disclosure of PHI in any manner inconsistent with the terms of this BAA. Business Associate shall comply, where applicable, with Subpart C of 45 C.F.R. Part 164 with respect to electronic PHI to prevent use or disclosure of such electronic PHI other than as provided for by this Agreement.

  3. Availability of Books and Records. Business Associate shall permit the Secretary and other regulatory and accreditation authorities to audit Business Associate’s internal practices, books, and records at reasonable times as they pertain to the use and disclosure of PHI in order to ensure that Covered Entity and/or Business Associate is in compliance with the requirements of HIPAA.

  4. Individuals’ Rights to Their PHI

    1. Access to Information. To the extent Business Associate maintains PHI in a Designated Record Set, in order to allow Covered Entity to respond to a request by an Individual for access to PHI pursuant to 45 CFR Section 164.524, Business Associate, within ten (10) business days upon receipt of written request by Covered Entity, shall make available to Covered Entity such PHI. In the event that any Individual requests access to PHI directly from Business Associate, Business Associate shall forward such request to Covered Entity within five (5) business days. 

Covered Entity will be responsible for making all determinations regarding the grant or denial of an Individual’s request for PHI, and Business Associate will make no such determinations. Except as Required by Law, only Covered Entity will be responsible for releasing PHI to an Individual pursuant to such a request. Any denial of access to PHI determined by Covered Entity pursuant to 45 CFR Section 164.524, and conveyed to Business Associate by Covered Entity, will be the responsibility of Covered Entity, including resolution or reporting of all appeals and/or complaints arising from denials.

  1. Amendment of Information. To the extent Business Associate maintains PHI in a Designated Record Set, in order to allow Covered Entity to respond to a request by an Individual for an amendment to PHI, Business Associate shall, within ten (10) business days upon receipt of a written request by Covered Entity, make available to Covered Entity such PHI. In the event that any Individual requests amendment of PHI directly from Business Associate, Business Associate shall forward such request to Covered Entity within five (5) business days. 

Covered Entity will be responsible for making all determinations regarding the grant or denial of an Individual’s request for an amendment to PHI, and Business Associate will make no such determinations. Any denial of amendment to PHI determined by Covered Entity pursuant to 45 CFR Section 164.526, and conveyed to Business Associate by Covered Entity, will be the responsibility of Covered Entity, including resolution or reporting of all appeals and/or complaints arising from denials.

Within ten (10) business days of receipt of a request from Covered Entity to amend an individual’s PHI in the Designated Record Set, Business Associate shall incorporate any approved amendments, statements of disagreement, and/or rebuttals into its Designated Record Set as required by 45 CFR Section 164.526.

  1. Accounting of Disclosures. In order to allow Covered Entity to respond to a request by an Individual for an accounting pursuant to 45 CFR Section 164.528, Business Associate shall, within ten (10) business days of a written request by Covered Entity for an accounting of disclosures of PHI about an Individual, make available to Covered Entity such PHI. At a minimum, Business Associate shall provide Covered Entity with the following information: (a) the date of the disclosure; (b) the name of the entity or person who received the PHI, and if known, the address of such entity or person; (c) a brief description of the PHI disclosed; and (d) a brief statement of the purpose of such disclosure. In the event that any Individual requests an accounting of disclosures of PHI directly from Business Associate, Business Associate shall forward such request to Covered Entity within five (5) business days. Covered Entity will be responsible for preparing and delivering an accounting to Individual. Business Associate shall implement an appropriate record keeping process to enable it to comply with the requirements of this Agreement.

  1. Disclosure to Subcontractors and Agents. Notwithstanding anything to the contrary in the Agreement or this BAA, Business Associate, subject to the restrictions set forth in this provision, may use subcontractors to fulfill its obligations under this BAA. Business Associate shall obtain and maintain a written agreement with each subcontractor or agent that has or will have access to PHI, which is received from, or created or received by, Business Associate for or on behalf of Covered Entity, pursuant to which such subcontractor and agent agrees to be bound by the same restrictions, terms, and conditions that apply to Business Associate under this BAA with respect to such PHI.

  2. Reporting Obligations. In the event of a Breach of any Unsecured PHI that Business Associate accesses, maintains, retains, modifies, records, or otherwise holds or uses on behalf of Covered Entity, Business Associate shall report such Breach to Covered Entity as soon as practicable, but in no event later than ten (10) business days after the date the Breach is discovered. Notice of a Breach shall include, to the extent such information is available: (a) the identification of each individual whose PHI has been, or is reasonably believed to have been, accessed, acquired, or disclosed during the Breach; (b) the date of the Breach, if known, and the date of discovery of the Breach; (c) the scope of the Breach; and (d) the Business Associate’s response to the Breach.

In the event of a use or disclosure of PHI that is improper under this BAA but does not constitute a Breach, Business Associate shall report such use or disclosure to Covered Entity within ten (10) business days after the date on which Business Associate becomes aware of such use or disclosure.

In the event of any successful Security Incident, Business Associate shall report such Security Incident in writing to Covered Entity within ten (10) business days of the date on which Business Associate becomes aware of such Security Incident. The parties acknowledge that unsuccessful Security Incidents that occur within the normal course of business will not be reported pursuant to this BAA. Such unsuccessful Security Incidents include, but are not limited to, port scans or “pings,” and unsuccessful log-on attempts, broadcast attacks on Business Associate’s firewall, denials of service, or any combination of the foregoing incidents if such incidents are detected and neutralized by Business Associate’s anti-virus and other defensive software and not allowed past Business Associate’s firewall.

Business Associate will identify and respond internally to any suspected or known Breach of any Unsecured PHI, Security Incident, or other improper use or disclosure of PHI, and will mitigate, to the extent practicable, their harmful effects, document their outcomes, and provide documentation of any successful Security Incident and Breach of any Unsecured PHI to Covered Entity upon request.

  1. Obligations Of Covered Entity.

    1. Permissible Requests. Covered Entity shall not request Business Associate to use or disclose PHI in any manner that would violate applicable federal and state laws if such use or disclosure were made by Covered Entity. Covered Entity may request Business Associate to disclose PHI directly to another party only for the purposes allowed by HIPAA and the HITECH Act.

    2. Notifications. Covered Entity shall notify Business Associate of any limitation in any applicable notice of privacy practices in accordance with 45 CFR Section 164.520, to the extent that such limitation may affect Business Associate’s use or disclosure of PHI.

Covered Entity shall notify Business Associate of any changes in, or revocation of, permission by individual to use or disclose PHI, to the extent that such changes may affect Business Associate’s use or disclosure of PHI.

Covered Entity shall notify Business Associate of any restriction to the use or disclosure of PHI that Covered Entity has agreed to in accordance with 45 CFR Section 164.522, to the extent that such restriction may affect Business Associate’s use or disclosure of PHI.

  1. Term and Termination.

    1. General Term and Termination.  This Agreement will become effective on the Effective Date and will terminate upon the termination or expiration of the Agreement and when all PHI provided by either party to the other, or created or received by Business Associate on behalf of Covered Entity is, in accordance with this Section, destroyed, returned to Covered Entity, or protections are extended.

    2. Material Breach.  Where either party has knowledge of a material breach by the other party, the non-breaching party shall provide the breaching party with an opportunity to cure. Where said breach is not cured to the reasonable satisfaction of the non-breaching party within thirty (30) days of the breaching party’s receipt of notice from the non-breaching party of said breach, the non-breaching party shall, if feasible, terminate this BAA and the portion(s) of the Agreement affected by the breach. Where either party has knowledge of a material breach by the other party and cure is not possible, the non-breaching party shall, if feasible, terminate this BAA and the portion(s) of the Agreement affected by the breach.

    3. Return or Destruction of PHI. Upon termination of this BAA for any reason, Business Associate shall: (a) if feasible as determined by Business Associate, return or destroy all PHI received from, or created or received by Business Associate for or on behalf of Covered Entity that Business Associate or any of its subcontractors and agents still maintain in any form, and Business Associate shall retain no copies of such information; or (b) if Business Associate determines that such return or destruction is not feasible, extend the protections of this BAA to such information and limit further uses and disclosures to those purposes that make the return or destruction of the PHI infeasible, in which case Business Associate’s obligations under this Section shall survive the termination of this BAA.

  2. Miscellaneous.

    1. Amendment.  If any of the regulations promulgated under HIPAA or the HITECH Act are amended or interpreted in a manner that renders this BAA inconsistent with such amendments or interpretations, the parties shall amend this BAA to the extent necessary to comply with such amendments or interpretations.

    2. Interpretation. Any ambiguity in this BAA will be resolved to permit the parties to comply with HIPAA and the HITECH Act.

    3. Conflicting Terms. In the event that any terms of this BAA conflict with any terms of the Agreement, the terms of this BAA will govern and control. 

    4. Notices. Any notices pertaining to this BAA will be given in accordance with Section 12.4 of the Agreement.