CoverMyMeds Terms of Service / Privacy Notice
Last Modified: January 24, 2023
Your use of covermymeds.com (this
“Website”), and the services described herein, including any related and ancillary services provided by CoverMyMeds, and any updates, new features and enhancements to these services (collectively, “Services”), is governed by the terms and conditions below, including any addenda (“Terms of Service”). These Terms of Service constitute a legally binding agreement between you and CoverMyMeds LLC (“CoverMyMeds”, “we” or “us”).
In order to use the Services, you must be a licensed health care provider with the intent to prescribe or dispense a prescription, an employee of such a licensed health care provider, or a pharmaceutical hub provided with access to the Services by CoverMyMeds. If you are an employee of an organization, you represent that you are authorized to agree to these Terms of Service on behalf of the organization. No other person or entity, including any consulting company, other reimbursement support service provider, or pharmaceutical company, is permitted to agree to these Terms of Service or to access the Services through these Terms of Service. Notwithstanding the foregoing, pharmaceutical sales representatives may create a user account solely for Demonstration Purposes (as defined below), provided that such representatives identify themselves accordingly during account set up. For the purposes of these Terms of Service, “Demonstration Purpose” means use for the purpose of educating the individual sales representative with respect to the functionality of the CoverMyMeds Services. Any user in violation of this provision is subject to immediate account termination as set forth in the Website Administration section below.
By clicking the “SIGN UP” button on the Create Your Account screen, you agree that you have read, understand, and agree to be bound by these Terms of Service. If you do not agree with any of these Terms of Service, do not use the Services.
CoverMyMeds, located at 910 John Street Columbus, Ohio 43222, U.S.A., is a limited liability company organized under the laws of the State of Delaware. Reference to CoverMyMeds herein includes any subsidiaries or affiliates of CoverMyMeds involved with providing the Services offered by CoverMyMeds. The servers that host this Website are located in the United States, and any Protected Health Information, as defined in 45 CFR § 160.103 (“PHI”), provided to us will be processed by CoverMyMeds in the United States. For clarity, it is the express intent of the parties that CoverMyMeds’ affiliates, including but not limited to ScriptHero LLC, ScriptHero Pharmacy LLC, and CoverMyMeds Specialty Pharmacy LLC be third party beneficiaries of these Terms of Service, and shall have the rights and benefits afforded under these terms, specifically including any and all consents and permissions set forth in the provisions within the section titled “How We Communicate With You.”
WHAT ARE THE SERVICES?
CoverMyMeds offers various Services, including, but not limited to, Services relating to: (i) the patient journey, (ii) prior authorizations (“PA”), (iii) PA assistance, including follow up communications, (iv) benefit verification and investigation, (v) patient financial assistance, (vi) prescription management and follow up communications to patients regarding patient enrollments, (vii)hub services, (viii) messages and information related to a prescription medication, and (ix) identification and qualification of patients for participation in certain clinical trials and research opportunities.
CoverMyMeds may establish business relationships with certain economic sponsors, such as pharmaceutical manufacturers and payors, to facilitate the Services and may share protected health information pursuant to a valid HIPAA Authorization that complies with 45 CFR 164 to support certain program drugs prescribed to the patient.
WHAT ARE THE PRIVACY OBLIGATIONS OF COVERMYMEDS?
CoverMyMeds generally provides its Services as a business associate to health care providers. Therefore, to use the CoverMyMeds Services pursuant to these Terms of Service, health care providers, including employees agreeing to these Terms of Service on behalf of an employer that is a health care provider, must read and agree to the Business Associate Agreement, which is part of these Terms of Service. The Business Associate Agreement requires CoverMyMeds to protect your PHI and specifies the purposes for which it may be lawfully used and disclosed by CoverMyMeds. Use of the Services constitutes acceptance of the terms of the Business Associate Agreement. CoverMyMeds may use subcontractors to assist in performing some of its Services. When these subcontractors have access to PHI, they will enter into business associate agreements with CoverMyMeds to the extent required by applicable law. The Services are provided to you at no cost, dependent upon CoverMyMeds’ ability to share data created or obtained by CoverMyMeds in the course of providing its Services as specified in the Terms of Service and as permitted by law.
To provide the service at no cost to health care providers, CoverMyMeds may share de-identified data with third parties including, but not limited to, pharmaceutical manufacturers for various purposes such as, but not limited to, billing and validation of certain transactions, evaluating the effectiveness of the Services, and providing data analytics and market insights, including prescribing practices. Additionally, data is used for continuous improvement of current services, such as to improve the end user experience, and streamline the prior authorization process, as well as the development of future products, and services. You acknowledge and agree that CoverMyMeds, or its subcontractors, or both, are hereby authorized to de-identify PHI in accordance with 45 C.F.R. § 164.514(a)-(c) of HIPAA, and subsequently use and disclose such de-identified data as permitted by applicable law, including, without limitation, for CoverMyMeds’ internal business use and third party reporting.
You authorize CoverMyMeds to use and disclose your information provided in connection with the Services, including without limitation, your National Provider Identifier number (“NPI number”), unless prohibited by applicable law.
You acknowledge and authorize that CoverMyMeds may perform data analytics in connection with your prescribing practices, outcomes of PAs submitted, and use and disclose such analytics for CoverMyMeds’ internal business use and third-party reporting.
You acknowledge and agree that CoverMyMeds or its affiliate may also engage directly with patients, and CoverMyMeds or its affiliate may use and disclose PHI pursuant to an authorization that complies with 45 CFR 164. Additionally, you acknowledge that patients may provide information to CoverMyMeds or its affiliate, not as part of the Services, that is the same or substantially similar to information obtained by CoverMyMeds in the course of performing its Services, and that CoverMyMeds’ or affiliate’s use and disclosure of such information is subject exclusively to the agreement or agreements between the patient and CoverMyMeds or its affiliate.
WHAT ARE YOUR OBLIGATIONS WHEN USING COVERMYMEDS?
Use of the Services constitutes a representation and warranty that all consents and authorizations required to provide PHI, including genetic information such as genetic test results, to CoverMyMeds, and for CoverMyMeds to use and disclose the PHI, including genetic information such as genetic test results, to provide its Services and as otherwise provided herein or in the Business Associate Agreement, have been obtained. In addition, you represent and warrant that you have provided all notices necessary to comply with applicable federal and state laws and regulations relating in any way to medical privacy, or health privacy, or both including, but not limited to a notice of privacy practices.
You must provide current, complete, and accurate information when you create an account to use our Services. You understand that we may collect information such as your name, physical address, email, telephone number, fax number, organization name, job title, and NPI number when you sign up as a user. Although CoverMyMeds disclaims any legal duty to verify the accuracy of any data that you provide to us when creating an account, if CoverMyMeds believes that any information you provide is not current, complete, and accurate, we have the right to refuse access to the Website or any of our Services, and to terminate or suspend your account. You are entirely responsible for maintaining the confidentiality of your password and account as well as for any and all activities that occur by use of your account. You agree to immediately notify CoverMyMeds of any unauthorized use of your account or any other breach of security related to your account. CoverMyMeds will not be liable for any loss that you may incur as a result of someone else using your password or account with or without your knowledge. However, you could be held liable for losses incurred by CoverMyMeds or another party as a result of someone else using your account or password. You may not use anyone else’s account or allow anyone else to use your account at any time.
If you are creating an account as an employee of a health care provider, you understand and agree that your account is specific to that health care provider and therefore, if your employment with that health care provider ends or is terminated for any reason, you are no longer permitted to access our Services through that account, and must immediately notify CoverMyMeds at firstname.lastname@example.org so we may disable that account. You may update your user profile information or disable your user account at any time by visiting the “Your Preferences” tab after login in, or by sending a request via email to email@example.com with the words “UPDATE MY INFORMATION” in the subject line. If you withdraw consent, or disable your account, the business relationship created when you registered and agreed to the Terms of Service is terminated.
Any user can disable his or her user account at any time. Disabling your user account will render your account inaccessible; however, our system is required to maintain a record of user accounts and the contents of each for audit purposes, and we may maintain backup copies of all information for legal and compliance purposes. Other healthcare providers may rely on Protected Health Information previously submitted while you were an active user after you disable your account.
PA forms, other forms, and services made available to users are configured to collect only the minimum necessary amount of information that the payer organization or regulatory entity which created the form requested. A user must submit PHI in order to utilize the Services available on this website. Other healthcare providers will receive and use PHI a user submits in order to facilitate the provision of Services to the user.
DOES COVERMYMEDS OFFER MEDICAL ADVICE?
CoverMyMeds does not offer medical advice, does not determine medical necessity, insurance coverage or copays and does not otherwise engage in the practice of medicine. The content accessed through the Website is for informational purposes only, and is not intended to address every possible use, direction, precaution, drug interaction, or adverse effect. CoverMyMeds is not a substitute for a health care providers’ professional medical judgment, or for individual patient assessments and examinations. The content of this Website should not be used during a medical emergency or for the diagnosis or treatment of any medical condition. Reliance on any of the information provided by CoverMyMeds or provided on or by the Website is solely at the user’s and the health care provider’s own risk. CoverMyMeds does not recommend or endorse any specific products, services, physicians, tests, procedures, opinions, or other information that may be available on this Website.
INFORMATION AVAILABLE THROUGH THE WEBSITE
While we attempt to ensure that the information available through our Website is as complete and accurate as possible, we make no warranties that it is correct, complete, or current. Further, some information available through the Website is entered by other health care providers or their staff. CoverMyMeds does not review this content for completeness or accuracy or screen it in any way. You acknowledge and agree that CoverMyMeds is not responsible for the content of any materials or information posted to or otherwise available on the Website, whether provided by CoverMyMeds, you, or another user. Any reliance on such materials is at your own risk.
Our Website may contain links to websites controlled or offered by third parties. CoverMyMeds does not endorse or recommend any products or services offered by or information contained in any of these third-party sites. CoverMyMeds hereby disclaims all liability for all information, materials, products or services posted, offered or that may be accessed at any of the third-party sites linked to from our Website. CoverMyMeds makes no representation regarding the quality of any product or service contained at any such third-party site.
YOUR INFORMATION AND UPDATES
It is your obligation to provide and maintain current, complete and accurate information on your CoverMyMeds account in order to use the Services (see “What are Your Obligations when Using CoverMyMeds?” above). You agree to indemnify us, as described in “What About Indemnification” below, for any third-party claims arising from our reliance on such information and your failure to provide and maintain current, complete and accurate information on your CoverMyMeds account.
You agree we may substitute a fax number provided by you and submitted with a PA request for submission by us to health plans, PBMs or other payors on your behalf with a CoverMyMeds fax number so that the PA determination will be faxed to us and delivered as part of the Services. This substitution helps CoverMyMeds enhance the Services provided to you, your patient and other authorized providers.
CoverMyMeds may accept other communications that are unrelated to the PAs that you have submitted using the Services via the substituted CoverMyMeds fax number that a health plan, PBM or other payor may send to you. CoverMyMeds will make commercially reasonable efforts to forward such unrelated communications to you if we are able to determine, with reasonable certainty, that they are intended for you. However, CoverMyMeds disclaims any responsibility for failure to deliver to you any communications which a health plan, PBM or other payor transmits to us that are unrelated to the PA requests you submit while using the Services and which CoverMyMeds has delivered on your behalf.
You agree that we may contact (i) health care providers, (ii) health plans, PBMs and other payors, and (iii) pharmacies on your behalf in connection with PA requests, or other Services, or both.
We may also contact your patients in connection with our Services either on your behalf as directed by you or pursuant to an authorization from such patients. You agree that, for this purpose, we may use the contact information for your patients that you have provided to us.
HOW TO OPT OUT OF CERTAIN COMMUNICATIONS
You can contact us at our toll-free number 1-866-452-5017, or send a toll-free fax to 1-844-865-3740, at any time if you wish to disable CoverMyMeds’ substitution of its fax number for yours on PA requests that you create for submission to a health plan, PBM or other payor. You must identify to us the fax number for which you are revoking consent.
WITH WHOM IS MY INFORMATION AND MY PATIENTS’ INFORMATION SHARED?
Patient information you provide to us through our portal services is used and disclosed as necessary to provide our Services and as otherwise permitted by these Terms of Service, including the Business Associate Agreement attached to and incorporated in these Terms of Service.
WHO OWNS THE WEBSITE AND ITS USER CONTENT, AND ARE THERE LIMITS OF USE?
CoverMyMeds uses certain documents from other companies, including but not limited to forms provided by health plans, PBMs, other payors, or their business partners. Copyright of these documents is retained by their respective owners, and CoverMyMeds claims no ownership of such material. CoverMyMeds uses such material under fair-use provisions of copyright law or by written consent of the owner.
Provided you are not in default of any of your obligations hereunder, CoverMyMeds gives you a limited, revocable, non-assignable, and non-exclusive license to use the Website and the Services within the United States in accordance with these Terms of Service. You agree not to infringe upon any intellectual property rights or remove or modify related proprietary notices contained in this Website.
When you create, transmit, or display information while using the Website, you may only provide information that you own or have the right and legal authority to use and disclose. Except for PHI, which is governed by the Business Associate Agreement, any content or information that you submit to this Website or to CoverMyMeds (“User Content”), such as sample forms not otherwise available on the Website, user tips and tricks, or requests for new features, will be deemed to be non-confidential and may be disclosed through this Website for browsing, downloading, printing, and other uses by other persons or entities, such as your browser licensor or internet service provider. You agree not to submit User Content to this Website or CoverMyMeds that you do not have full authority to submit, and to only submit User Content that does not infringe upon any third party’s intellectual property rights in connection with such submission. It is your obligation to determine the extent to which User Content you submit is protected by applicable intellectual property laws. You agree that CoverMyMeds will have, and hereby grant to CoverMyMeds, a worldwide, royalty-free, perpetual, irrevocable, sub-licensable, non-exclusive right and license to use, translate, reproduce, sell, publish, distribute, modify, adapt, display, perform, promote, and link to, in any form or media, any User Content. CoverMyMeds does not endorse any User Content that may appear on this Website. Nothing in these Terms of Service will obligate CoverMyMeds to use any User Content or permit the posting of such User Content on this Website.
USE OF YOUR NAME AND MARKS
You grant to CoverMyMeds a limited, royalty free, non-sublicensable, non-transferable, nonexclusive license to use your name and the name, trademarks (registered and unregistered), and logos of your company, practice, or organization for CoverMyMeds’ business use, including, without limitation, the right to use your name and the name, trademarks (registered and unregistered), and logos of your company, practice, or organization on CoverMyMeds’ website, and on CoverMyMeds’ customer lists.
COMPLIANCE WITH THE DIGITAL MILLENIUM COPYRIGHT ACT
CoverMyMeds respects the rights of all copyright holders and in this regard, we have adopted and implemented a policy that provides for the termination, in appropriate circumstances, of access to this Website by users who infringe upon the rights of copyright holders. If you believe that your work has been copied in a way that constitutes copyright infringement, please provide our Copyright Agent with the following information required by the Digital Millennium Copyright Act, 17 U.S.C. Section 512:
a) A physical or electronic signature of a person authorized to act on behalf of the owner of an exclusive right that is allegedly infringed;
b) Identification of the copyrighted work claimed to have been infringed, or, if multiple copyrighted works are covered by a single notification, a representative list of such works;
c) Identification of the copyrighted content that is claimed to be infringing or to be the subject of infringing activity and that is to be removed or access to which is to be disabled, and the information reasonably sufficient to permit CoverMyMeds to locate the copyrighted content;
d) Information reasonably sufficient to permit CoverMyMeds to contact the complaining party;
e) A statement that the complaining party has a good faith belief that the use of the copyrighted content in the manner complained of is not authorized by the copyright owner, its agent, or the law;
f) A statement that the information in the notification is accurate, and under penalty of perjury, that the complaining party is authorized to act on behalf of the owner of an exclusive right that is allegedly infringed.
For copyright inquiries under the Digital Millennium Copyright Act, please contact CoverMyMeds’ at:
910 John Street
Columbus, Ohio 43222
AUTHORIZED AND PROHIBITED USES
Your use of the CoverMyMeds Services will comply with all applicable laws, regulations and ordinances, including, but not limited to, those pertaining to privacy, intellectual property, the export of data or software, coding, billing, payment, and any signature requirements for submitting PAs.
You may not access the CoverMyMeds Services outside of the interfaces we provide, nor may you interfere with or disrupt the proper operation of our Services. You will only submit User Content and material that is functionally and technically compatible with this Website. You will not engage in any conduct or submit to this Website any content or other material that is illegal, inaccurate, misleading, misappropriated, dilutive, defamatory, obscene, offensive, or otherwise objectionable, or submit any promotional (for advertising or marketing purposes) content or material (collectively “Wrongful Use”). You will not attempt to and will not damage, corrupt, tamper with or infect this Website or any information or telecommunication system of CoverMyMeds with a virus or other malicious computer program. You expressly agree that you will not reverse engineer, disassemble, or decompile any software code or proprietary elements of the Website or CoverMyMeds’ Services.
Use of this Website is provided for the permitted purposes stated in these Terms of Service, and Wrongful Use is precluded with respect to this Website. Without limiting the generality of the foregoing, you agree that you will not undertake any activity which may adversely affect the use of this Website by any person. You are prohibited from using any of our Services to compromise security or tamper with system resources, or accounts, or both. The use or distribution of tools designed for compromising security (e.g., password guessing programs, cracking tools, or network probing tools) is strictly prohibited. Integrating with, automating, “spidering,” or “scraping” are all prohibited, in violation of CoverMyMeds’ Terms of Service, and may be illegal. Only human users using the Website manually are permitted. If you become involved in any violation of system security, CoverMyMeds reserves the right to release your details to system administrators at other sites and law enforcement authorities in order to assist them in resolving security incidents.
Referencing the covermymeds.com Website in an “iframe” or otherwise making it appear that the Website is part of a third-party site is prohibited. We do, however, encourage linking to the Website. All such links must be direct links to the top page of the Website (www.covermymeds.com) without framing. If CoverMyMeds detects, and determines at its sole discretion, inappropriate linking practices, we may require removal or modification of the link, as well as compliance with any and all requirements of CoverMyMeds relating thereto.
Third parties that provide financial support to CoverMyMeds programs may be permitted to use and access certain aspects of our Services. This includes health care provider information contained in the Website, for performance evaluation of our programs and the third party’s business impact, provided that such use of the Services is consistent with these Terms of Service and all applicable laws and regulations. For more information, please contact firstname.lastname@example.org.
You represent and warrant that you will not distribute or resell any CoverMyMeds Services.
GOOD SAMARITAN POLICY
It is our policy not to tolerate any acts of intellectual property infringement or violations of federal or state law. If we become aware of any Wrongful Use, we will, in good faith, use our reasonable efforts to remove, disable, or restrict access to the availability of User Content on the Website that, in our sole discretion, constitutes Wrongful Use, whether or not such material is constitutionally protected. This provision does not impose upon CoverMyMeds any contractual obligation to undertake, or refrain from undertaking, any particular course of conduct, or to monitor the Website.
If you believe that someone has violated this policy, we ask you to promptly notify us by email at email@example.com and provide as detailed a description of the alleged violation as possible. Use of this email address will ensure that the complaint is received by the appropriate party who is responsible for investigating alleged violations of this policy.
We reserve the right to deny access to any user at any time for any reason. CoverMyMeds may limit, modify, suspend, or terminate your use of this Website at any time without liability or prior notice, and may suspend or terminate your use of our Services if you fail to comply with these Terms of Service. THIS SUSPENSION OR TERMINATION MAY DELETE YOUR ACCOUNT, INFORMATION, FILES, AND OTHER PREVIOUSLY AVAILABLE CONTENT, AND COVERMYMEDS SHALL HAVE NO RESPONSIBILITY TO BACKUP OR PRESERVE ANY SUCH MATERIALS OR DATA.
MODIFICATIONS TO THE TERMS OF SERVICE
These Terms of Service are subject to change from time to time and will be effective upon posting. Notices of updates or changes may be provided to you through your use of this Website and the Services. The most current Terms of Service will always be available at www.covermymeds.com/main/about/tos. If you do not agree to the modified Terms of Service, you should delete your account with us. For information on how to do so, contact us at firstname.lastname@example.org.
WHAT ABOUT INDEMNIFICATION?
You agree to indemnify, defend, and hold harmless CoverMyMeds and its affiliates, officers, directors, employees, contractors, and licensors from any demands, claims, damages, liabilities, expenses, or harms (including attorneys’ fees) arising out of or related to your use of our Services or breach of these Terms of Service. You will not settle any indemnified claim without our written consent.
DOES COVERMYMEDS WARRANT ITS SERVICE?
YOU UNDERSTAND AND AGREE THAT OUR SERVICE IS AVAILABLE SOLELY ON AN “AS IS” AND “AS AVAILABLE” BASIS. NEITHER COVERMYMEDS NOR ANY OF COVERMYMEDS’ LICENSORS MAKE ANY EXPRESS WARRANTIES, AND EACH OF THEM DISCLAIMS ALL IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, IMPLIED WARRANTIES OF ACCURACY, MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, NON-INFRINGEMENT, RESULTS, COMPLETENESS, ACCESSIBILITY, COMPATIBILITY, SECURITY, AND FREEDOM FROM COMPUTER VIRUS. WITHOUT LIMITING THE GENERALITY OF THE FOREGOING, NEITHER COVERMYMEDS NOR ANY OF COVERMYMEDS’ LICENSORS MAKE ANY WARRANTY THAT THE CONTENT OF THE WEBSITE SATISFIES GOVERNMENT REGULATIONS REQUIRING DISCLOSURE OF INFORMATION ON PRESCRIPTION DRUG PRODUCTS. IN NO EVENT SHALL COVERMYMEDS BE LIABLE FOR ANY LOSS OR DAMAGE, DELAY IN PERFORMANCE, OR NONPERFORMANCE CAUSED BY EQUIPMENT MALFUNCTION OR BREAKDOWN, NETWORK OR PIPELINE DISRUPTION, SEVERE WEATHER CONDITIONS, INFORMATION UNAVAILABILITY, STRIKES OR OTHER LABOR DISPUTES, RIOTS, FIRE, INSURRECTION, WAR, FAILURE OF CARRIERS, ACCIDENTS, ACTS OF GOD, OR ANY OTHER CAUSES BEYOND COVERMYMEDS’ REASONABLE CONTROL. IF ANY APPLICABLE LAW DOES NOT ALLOW THE EXCLUSION OF SOME OR ALL OF THE ABOVE IMPLIED WARRANTIES TO APPLY TO YOU, THE ABOVE EXCLUSIONS WILL APPLY TO YOU TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW.
It is intended that only United States residents use our Services on a computer located in the United States. Accordingly, any use of our Services by anyone other than United States residents, or use of our Services on a computer located outside of the United States, is strictly prohibited and constitutes a breach of the Terms of Service. NEITHER COVERMYMEDS NOR ANY OF COVERMYMEDS’ LICENSORS MAKE ANY REPRESENTATION CONCERNING THIS WEBSITE, THE SERVICES, OR ANY CONTENT WHEN USED IN ANY OTHER COUNTRY. No software may be downloaded or otherwise exported into any countries that are subject to United States export/import control restrictions or other national security restrictions.
WHAT ARE THE LIMITS ON LIABILITY?
IF YOU ARE DISSATISFIED WITH OUR SERVICES OR ANY OF COVERMYMEDS’ TERMS, CONDITIONS, RULES, POLICIES, GUIDELINES, OR PRACTICES, OR OTHERWISE HAVE A DISPUTE WITH COVERMYMEDS, YOUR SOLE AND EXCLUSIVE REMEDY IS TO TERMINATE THIS AGREEMENT AND DISCONTINUE USE OF OUR SERVICES. WITHOUT LIMITING THE GENERALITY OF THE FOREGOING, NEITHER COVERMYMEDS NOR ANY OF ITS LICENSORS MAY BE HELD LIABLE UNDER THIS AGREEMENT FOR ANY INDIRECT, SPECIAL, INCIDENTAL, CONSEQUENTIAL, OR EXEMPLARY DAMAGES ARISING FROM YOUR USE OF OUR SERVICES OR THIS WEBSITE, OR FOR ANY OTHER CLAIM RELATED IN ANY WAY TO YOUR USE OF OUR SERVICES OR REGISTRATION ON OUR WEBSITE, EVEN IF WE KNOW OR SHOULD KNOW THAT OTHER DAMAGES ARE POSSIBLE OR THAT DIRECT DAMAGES ARE NOT A SATISFACTORY REMEDY. THE LIMITATIONS IN THIS SECTION APPLY ONLY TO THE EXTENT THEY ARE LAWFUL IN YOUR JURISDICTION. NEITHER YOU NOR COVERMYMEDS OR ANY OF ITS LICENSORS MAY BE HELD LIABLE UNDER THIS AGREEMENT FOR MORE THAN $1,000; PROVIDED, HOWEVER, THAT THE LIMITATIONS OF LIABILITY DESCRIBED ABOVE DO NOT APPLY TO BREACHES OF INTELLECTUAL PROPERTY PROVISIONS OR INDEMNIFICATION OBLIGATIONS DESCRIBED IN THESE TERMS OF SERVICE.
WHAT ARE THE GENERAL LEGAL TERMS?
These Terms of Service, including the Business Associate Agreement, constitute the entire agreement between you and CoverMyMeds relating to the Website and CoverMyMeds’ Services. If there is any conflict between these Terms of Service and a signed written agreement between your company, practice, or organization and CoverMyMeds, the signed written agreement will control. Failure to enforce any provision will not constitute a waiver of that provision. If any provision is found unenforceable, it and any related provisions will be interpreted to best accomplish the unenforceable provision’s essential purpose. The headings contained in these Terms of Service are for convenience of reference only and will not affect or alter the meaning or effect of any provision hereof.
CoverMyMeds has no obligation to become involved in any dispute between a user of our Services and any other person. Our Services and these Terms of Service will be governed by and construed in accordance with the laws of the State of Ohio, excluding Ohio’s conflict of law rules. The exclusive venue for any dispute arising under or relating to this Agreement or our Services is Franklin County, Ohio, and the Parties consent to the exclusive personal jurisdiction of state and federal courts located in this county. Nothing in these Terms of Service limits either party’s ability to seek equitable relief.
We are happy to address questions about our Terms of Service or this Website. Please send your questions to email@example.com. Alternatively, you may write to us at:
910 John Street
Columbus, Ohio 43222
CoverMyMeds Business Associate Agreement
Last Modified: January 19, 2023.
THIS BUSINESS ASSOCIATE AGREEMENT (the “Agreement”) is entered into between you (“Covered Entity”) and CoverMyMeds LLC, a Delaware limited liability company (“Business Associate”) and is effective as of the date that you click the “SIGN UP” button on the Create Your Account screen (the “Effective Date”).
WHEREAS, the U.S. Department of Health and Human Services issued regulations on “Standards for Privacy of Individually Identifiable Health Information” comprising 45 C.F.R. Parts 160 and 164, Subparts A and E (the “Privacy Standards”), “Security Standards for the Protection of Electronic Protected Health Information” comprising 45 C.F.R. Parts 160 and 164, Subpart C (the “Security Standards”), and “Standards for Notification in the Case of Breach of Unsecured Protected Health Information” comprising 45 C.F.R. Parts 160 and 164, Subpart D (the “Breach Notification Standards”), promulgated pursuant to the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and as modified by the Health Information Technology for Economic and Clinical Health Act, Title XIII of Division A and Title IV of Division B of the American Recovery and Reinvestment Act of 2009 (“HITECH Act”) (the Privacy Standards, the Security Standards and the Breach Notification Standards are collectively referred to herein as the “HIPAA Standards”).
WHEREAS, in conformity with the HIPAA Standards, Business Associate has and/or will have access to, create and/or receive certain Protected Health Information (“PHI”) to perform its Services as provided under the Terms of Service entered into by and between Covered Entity and Business Associate (the “Terms of Service”).
WHEREAS, Covered Entity is required by the HIPAA Standards to obtain satisfactory assurances that Business Associate will appropriately safeguard all PHI disclosed by or created or received by Business Associate on behalf of Covered Entity.
WHEREAS, the parties hereto desire to enter into this Agreement to memorialize their obligations with respect to PHI pursuant to the requirements of the HIPAA Standards.
NOW, THEREFORE, Covered Entity and Business Associate agree as follows:
Section 1. Definitions. Except as otherwise specified herein, capitalized terms used but not defined in this Agreement shall have the same meaning as those terms as defined in the Terms of Service or, if not defined therein, in the HIPAA Standards.
(a) Protected Health Information ("PHI") has the same meaning as the term “Protected Health Information” as defined in 45 C.F.R. § 160.103 and includes electronic PHI (“ePHl”) limited, however, to such information created or received by Business Associate in a business associate capacity on behalf of Covered Entity.
(b) Secretary means the Secretary of the Department of Health and Human Services or his/her designee.
Section 2. Obligations and Activities of Business
(a) Business Associate agrees to not use or further disclose PHI other than as permitted or required by this Agreement, the Terms of Service, or as permitted or Required by Law.
(b) Business Associate agrees to use appropriate safeguards to prevent use or disclosure of the PHI other than as provided for by this Agreement.
(c) In accordance with the HIPAA Standards, Business Associate shall implement Administrative, Physical and Technical Safeguards that reasonably and appropriately protect the confidentiality, integrity and availability of ePHl that it creates, receives, maintains or transmits on behalf of the Covered Entity. Specifically, Business Associate shall comply with the Security Standards.
(d) Business Associate agrees to report to Covered Entity, any use or disclosure of PHI not provided for by this Agreement upon Covered Entity’s request, except that in the case of a Breach of Unsecured Protected Health Information, such report by Business Associate shall be made without unreasonable delay, but no later than twenty (20) business days after the date Business Associate learns of the Breach. Business Associate shall provide such information to Covered Entity as required by 45 CFR 164.410(c). The parties acknowledge and agree that this Section 2(d) constitutes notice by Business Associate to Covered Entity of the ongoing existence and occurrence or attempts of Unsuccessful Security Incidents for which no additional notice to Covered Entity shall be required. “Unsuccessful Security Incidents” means, without limitation, pings and other broadcast attacks on Business Associate’s firewall, port scans, unsuccessful log-on attempts, denial of service attacks, and any other incident that does not result in unauthorized access, use or disclosure of PHI.
(e) Business Associate will enter into a written agreement with any Subcontractor that creates, receives, maintains or transmits PHI on behalf of Business Associate for Services provided to Covered Entity, which requires the Subcontractor to agree to restrictions and conditions on the use and disclosure of PHI that are no less restrictive than those that apply through this Agreement to Business Associate with respect to such PHI.
(f) Business Associate will cooperate with Covered Entity’s efforts to mitigate, to the extent practicable, any harmful effect that is known to Business Associate of a use or disclosure of PHI by Business Associate in violation of the requirements of this Agreement.
(g) To the extent Business Associate maintains any PHI in a Designated Record Set, within twenty (20) business days of receipt of a written request by Covered Entity, Business Associate agrees to provide Covered Entity with access to PHI in a Designated Record Set for Covered Entity to comply with the requirements under 45 C.F.R. § 164.524. Business Associate further agrees, within twenty (20) business days of receipt of Covered Entity’s written request, to make available PHI for amendment and incorporate any amendments to PHI in a Designated Record Set in accordance with 45 C.F.R. § 164.526. If Business Associate provides copies or summaries of PHI to an Individual it may impose a reasonable, cost-based fee in accordance with 45 C.F.R. § 164.524(c)(4).
(h) Business Associate agrees to make internal practices, books, and records, including policies and procedures and PHI relating to the use and disclosure of PHI created or received by Business Associate on behalf of Covered Entity available, at the request of the Covered Entity, to the Secretary, for purposes of determining Covered Entity’s compliance with the HIPAA Standards, subject to any applicable privileges.
(i) Business Associate agrees to document those disclosures of PHI, and information related to such disclosures, as required to respond to a request by an Individual for an accounting of disclosures of PHI in accordance with 45 C.F.R. § 164.528. Business Associate further agrees to provide Covered Entity such information within twenty (20) business days of receipt of its written request to permit Covered Entity to respond to a request by an Individual for an accounting of disclosures of PHI, in accordance with 45 C.F.R. § 164.528.
(j) Business Associate acknowledges that in using, disclosing and requesting PHI, it shall comply with the minimum necessary requirements of the Privacy Standards.
Section 3. Permitted Uses and Disclosures of PHI by Business
(a) Business Associate may use or disclose PHI to perform functions, activities, or Services for, or on behalf of, Covered Entity pursuant to the Terms of Service, provided that such use or disclosure does not violate the HIPAA Standards.
(b) Business Associate may use PHI for the proper management and administration of Business Associate or to carry out the legal responsibilities of Business Associate. Business Associate may disclose PHI for the proper management and administration of Business Associate or to carry out its legal responsibilities, provided that such disclosures are (i) Required by Law, or (ii) Business Associate obtains reasonable assurances from the person to whom the information is disclosed that it will remain confidential and used or further disclosed only as Required by Law or for the purpose for which it was disclosed to the person, and the person agrees to notify Business Associate of any instances of which it is aware in which the confidentiality of the information has been breached.
(c) Business Associate may use and disclose Protected Health Information to provide Data Aggregation services related to the health care operations of Covered Entity.
(d) Business Associate may use or disclose Protected Health Information to de-identify information or create a Limited Data Set, in accordance with 45 C.F.R. § 164.514(b), and use and disclose such de-identified data as permitted by law and, in the case of a Limited Data Set, as permitted by and in accordance with the Privacy Standards.
(e) Business Associate may use or disclose Protected Health Information for purposes of obtaining, and in accordance with, authorizations that meet the requirements of 45 CFR § 164.508.
(f) Business Associate may use or disclose Protected Health Information as permitted by 45 CFR § 164.506(c).
(g) Business Associate may use or disclose Protected Health Information to for public health and other purposes permitted by 45 CFR 164.512 and to report violations of law to appropriate federal and state authorities consistent with 45 CFR § 164.502(j)(1).
Section 4. Term and Termination.
(a) Term. The provisions of this Agreement shall commence on the Effective Date and shall terminate upon termination of the Services except as provided in Section 4(c).
(b) Termination for Cause. Without limiting the termination rights of the parties pursuant to this Agreement and upon Covered Entity’s knowledge of a material breach of this Agreement by Business Associate, Covered Entity shall provide a reasonable opportunity of not less than thirty (30) business days for Business Associate to cure the breach or end the violation and, if Business Associate does not cure the breach or end the violation within the time specified by Covered Entity, terminate this Agreement.
(c) Effect of Termination.
(1) Except as provided in paragraph (2) of this section, upon termination of the Services for any reason, Business Associate shall return or destroy all PHI received or created by Business Associate on behalf of Covered Entity. This provision shall apply to PHI that is in the possession of Subcontractors of Business Associate.
(2) If Business Associate determines that returning or destroying the PHI is not feasible, Business Associate shall extend the protections of this Agreement to such PHI and limit further uses and disclosures of such PHI to those purposes that make the return or destruction not feasible, for so long as Business Associate maintains such PHI.
Section 5. Covered Entity Obligations. Covered Entity represents and warrants that:(a) it has obtained all permissions, consents and authorizations required for Business Associate to use and disclose PHI to provide its Services and as otherwise permitted or required herein; (b) it will request from or disclose to Business Associate only the minimum necessary PHI in accordance with the Privacy Standards; (c) it will not provide any PHI to Business Associate that is subject to a restriction pursuant to 45 CFR 164.522(a); and (d) will transmit any PHI to Business Associate in a secure manner and, in the case of ePHI, encrypted in accordance with guidance issued by the Secretary for rendering PHI unusable, unreadable or indecipherable.
Section 6. Notices. Any notices or communications to be given pursuant to this Agreement shall be made, in the case of notices to Covered Entity, to the individual noted in Covered Entity contact appearing in your account set up information and, if made to Business Associate, to the address given below:
910 John Street
Columbus, Ohio 43222
Section 7. Miscellaneous
(a) Regulatory References. A reference in this Agreement to a section in the HIPAA Standards means the section then in effect and as of its applicable compliance date.
(b) Amendment. This Agreement may be updated, revised or otherwise amended by Business Associate from time to time as Business Associate reasonably may deem appropriate, including, but not limited, to take into account statutory or regulatory changes or case law developments.
(c) Waiver: Severability. No failure or delay on the part of either Party in exercising any right under this Agreement will operate as a waiver of, or impair, any such right. No waiver of any such right will have effect unless given in a written document signed by the Party waiving such right. If any part of this Agreement is held to be void or unenforceable, such part will be treated as severable, leaving valid the remainder of this Agreement.
(d) Integration; Interpretation. This Agreement supersedes and replaces any and all previous business associate agreements between the parties. Any ambiguity in this Agreement shall be resolved to permit the parties to comply with the HIPAA Standards. In the event of any inconsistency or conflict between this Agreement and the Terms of Service, the terms and conditions of this Agreement shall govern and control.
(e) No Third-Party Beneficiary. Nothing express or implied in this Agreement or in the Terms of Service is intended to confer, nor shall anything herein confer, upon any person other than the parties and the respective successors or assigns of the parties, any rights, remedies, obligations, or liabilities whatsoever.
(f) Survival. The respective rights and obligations of Business Associate under Section 4(c) of this Agreement shall survive the termination of this Agreement for so long as Business Associate retains any PHI.
(g) Governing Law. This Agreement shall be governed by and construed in accordance with the same internal laws as that of the Terms of Service.
(h) Modifications. Business Associate shall not be bound by any edits or modifications to this Agreement made by Covered Entity unless Business Associate expressly agrees in writing to any such edits or modifications.
(i) Disputes. The Parties will make efforts to resolve informally any disputes under this Agreement. No Party will be liable to another party for any indirect, incidental, consequential, special or punitive damages with respect to the matters addressed in this Agreement, regardless of the cause or legal theory and whether or not foreseeable.
(j) Each person signing this Agreement represents and warrants that such person is signing with full and complete authority to bind the party on whose behalf of whom such person is signing, to each and every term of this Agreement.
IN WITNESS WHEREOF, the parties have caused this Agreement to be executed in their names by their duly authorized representative as of the date signed below.