Sikka Software Corporation
Software License Agreement for Sikka Platform Utility and Cloud
Updated November 14, 2023
Please read this software license agreement (“License”) carefully before downloading, installing or using
the Sikka Software Corporation (“we”, “us”, “Sikka” or “our”) SPC as defined below. By clicking “I agree”, You (or “Client”) are agreeing to be bound by the terms of this License. If You do not
agree to the terms of this License, click “disagree,” “decline” or the similar words and do not
download, install or use the software.
- The Sikka and any third party software and any documentation accompanying this License whether on
disk, in read only memory, on any other media or in any other form (collectively the “SPC”) are
licensed, not sold, to You by Sikka for use only under the terms of this License, and Sikka reserves
all rights not expressly granted to You. The terms of this License will govern any software upgrades
provided by Sikka that replace and/or supplement the original SPC product, unless such upgrade is
accompanied by a separate license in which case the terms of that license will govern.
Title and intellectual property rights in and to any content displayed by or accessed through the SPC
belongs to the respective content owner. Such content may be protected by copyright or other
as the licensor) or the third party providing such content. This License does not grant You any rights
to use such content.
For API or OEM Licensees please refer to the agreement below.
Permitted License Uses and Restrictions.
Subject to the terms and conditions of this License, You (or Client or Customer or
Partner enabling the Customer) are granted a limited, nonexclusive, non refundable license
to install and use the SPC. You may not make the SPC available over a network where it could
be used by multiple computers at the same time. You may make one copy of the SPC in
machine-readable form for backup purposes only; provided that the backup copy must include
all copyright or other proprietary notices contained on the original. One license is for up
to three licensed providers who work on patients (each a “Provider”.
- You may not and You agree not to, or to enable others to, copy (except as expressly
permitted by this License), decompile, reverse engineer, disassemble, attempt to derive the
source code of, decrypt, modify, create derivative works of the SPC, or any part thereof
(except as and only to the extent any foregoing restriction is prohibited by applicable law
or to the extent as may be permitted by licensing terms governing use of open-sourced
components included with the SPC). Any attempt to do so is a violation of the rights of
Sikka and its licensors of the SPC.
- Transfer. You may not rent, lease, lend, redistribute or sublicense the SPC. You
may, however, make a one-time permanent transfer of all of your license rights to the SPC to another
party, provided that: (a) the transfer must include all of the Sikka SPC software, including all its
component parts, original media (if any), printed materials and this License; (b) You do not retain
any copies of the SPC, full or partial, including copies stored on a computer or other storage
device; and (c) the party receiving the Sikka SPC software reads and agrees to accept the terms and
conditions of this License.
Consent to Use of Data.
- Diagnostic and Usage Data. By using the SPC, You agree that Sikka and its
subsidiaries and agents may collect, maintain, process and use diagnostic, technical, usage
and related information, including but not limited to information about your computer,
system and application software, and peripherals, that is gathered periodically to
facilitate the provision of software updates, product support and other services to You (if
any) related to the SPC, and to verify compliance with the terms of this License. Sikka may
use this information to provide and improve Sikka’s products and services.
Remote Login Authorization. In connection with its provision of technical
support, training and other services, You agree that Sikka may remotely log-in to your
computers, devices and systems for purposes of providing the support, training or other
services, including, without limitation, technical trouble shooting, answering questions,
benchmarking and providing training to the provider or the provider’s personnel. Remote
login may be conducted through the use of established, secure, HIPAA (or applicable local legislation)-compliant third party
entities. You further agree that Sikka may also remotely log-in at any time as necessary or
appropriate to maintain the software and keep it functioning effectively.
Remote Update Permission. You agree that Sikka may automatically check the version of its software that You are utilizing. Installation of updates or upgrades to software remotely via the Internet is typically by You, and may be at your request to Sikka where You consent to the receipt of updates or upgrades by means of download to your computers and systems.
- In order for Sikka to gather accurate data, You agree to keep powered on
during the services runtimes that You specify, all of your computers on which the SPC is
installed. Additionally, your practice management software must always be accessible by the
SPC. The computer on which the SPC is installed must always be online. You must also add the
SPC to the “allowed” list of programs so that your firewall and anti-virus software programs
do not block the SPC Software’s run time. It is your responsibility to contact Sikka if You
are upgrading or changing your computer systems.
incorporated by reference into this License.
Sikka Portal and other Services.
This SPC enables access to Sikka’s Portal, if available, which offers downloads of
an app store and other Sikka and third party services and web sites (collectively and
individually, “Services”). Use of the Services requires Internet access and use of certain
Services may require a Sikka ID which may require You to accept additional terms of service and
may be subject to additional fees.
- All “Sikka Paid Apps” are subject to a 30 day written cancellation notice. Cancellations
must be submitted in writing with a 30 day notice and will be honored once the original
agreement has been satisfied. Prorated charges will be calculated based on the date we
receive the written cancellation request. Please contact your Customer Success
Representative or email your written cancellation request to: email@example.com
Initially You may be charged a setup fee and the first monthly charge at the agreed upon monthly recurring rate for your App/Service subscription. Your term will start on the date You sign the contract and Sikka will bill you immediately. Please note that it is your responsibility to quickly install, implement, and activate your subscription to ensure maximum benefit. Charges will automatically recur monthly unless You terminate your subscription in writing, specifying which locations or practices are being terminated. Pricing is based on the current market conditions. Licensor may update pricing anytime upon demonstrable changes in market conditions, such as pricing dictated or agreements changed by third-party practice management systems. E.g. if a practice management system provider increases their fees to Sikka, Sikka will pass those fees to Licensee in addition to its existing fee. Please refer to the following example: Billing terms.
- By using this software in connection with a Sikka ID or account, You agree to the applicable
terms and conditions for that account. If You do not agree to the applicable terms and conditions
for such an account, do not use the SPC.
- Certain Services may display, include or make available content, data, information, applications
or materials from third parties (“Third Party Materials”) or provide links to certain third-party
web sites. By using the Services, You acknowledge and agree that Sikka is not responsible for
examining or evaluating the content, accuracy, completeness, timeliness, validity, copyright
compliance, legality, decency, quality or any other aspect of such Third Party Materials or web
sites. Sikka, its officers, and its affiliates do not warrant or endorse and do not assume and will
not have any liability or responsibility to You or any other person for any third-party Services,
Third Party Materials or web sites, or for any other materials, products, or services of third
parties. Third Party Materials and links to other web sites are provided solely as a convenience to
You. You agree that You will not use any Third Party Materials in a manner that would infringe or
violate the rights of any other party, and that Sikka is not in any way responsible for any such use
- You agree that the Services, including, but not limited to, software, information, graphics,
audio clips, and content, contain proprietary content, information, and material that is owned by
Sikka and/or its licensors, and is protected by applicable intellectual property and other laws,
including but not limited to copyright. You agree that You will not use such proprietary content,
information or materials other than for permitted use of the Services or in any manner that is
inconsistent with the terms of this License or that infringes any intellectual property rights of a
third party or Sikka. No portion of the Services may be reproduced in any form or by any means. You
agree not to modify, rent, lease, loan, sell, distribute, or create derivative works based on the
Services, in any manner, and You shall not exploit the Services in any unauthorized way whatsoever,
including but not limited to, using the Services to transmit any computer viruses, worms, trojan
horses or other malware, or by trespass or burdening network capacity. You further agree not to use
the Services in any manner to harass, abuse, stalk, threaten, defame or otherwise infringe or
violate the rights of any other party, and that Sikka is not in any way responsible for any such use
by You, nor for any harassing, threatening, defamatory, offensive, infringing or illegal messages or
transmissions that You may receive as a result of using any of the Services.
- Sikka makes no representation that the Services and Materials are appropriate or available for
use. To the extent You choose to use or access the Services and Third Party Materials, You do so at
your own initiative and are responsible for compliance with any applicable laws, including but not
limited to applicable local laws. Sikka and its licensors reserve the right to change, suspend,
remove, or disable access to any Services at any time without notice. In no event will Sikka be
liable for the removal of or disabling of access to any such Services. Sikka may also impose limits
on the use of or access to certain Services, in any case and without notice or liability.
- Termination. This License is effective until terminated. Your rights under this
License will terminate automatically without notice from Sikka if You fail to comply with any
term(s) of this License. Upon the termination of this License, You must cease all use of the SPC and
destroy all copies, full or partial, of the SPC. Sections 4, 5, 6, 7, 8,11 and 12 of this License
shall survive any such termination.
- Disclaimer of Warranties.
YOU EXPRESSLY ACKNOWLEDGE AND AGREE THAT, TO THE EXTENT PERMITTED BY APPLICABLE LAW, USE OF THE SPC AND
SERVICES IS AT YOUR SOLE RISK AND THAT THE ENTIRE RISK AS TO SATISFACTORY QUALITY, PERFORMANCE, ACCURACY
AND EFFORT IS WITH YOU.
THE SPC AND SERVICES ARE PROVIDED “AS IS” AND “AS AVAILABLE”, WITH ALL FAULTS AND WITHOUT WARRANTY OF ANY KIND, AND SIKKA AND SIKKA’S LICENSORS (COLLECTIVELY REFERRED TO AS “SIKKA” FOR THE PURPOSES OF SECTIONS 7 AND 8) HEREBY DISCLAIM TO THE FULLEST EXTENT ALLOWABLE UNDER THE LAW, ALL REPRESENTATIONS, WARRANTIES, GUARANTEES AND CONDITIONS WITH RESPECT TO THE SPC AND SERVICES, EITHER EXPRESS, IMPLIED OR STATUTORY, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED REPRESENTATIONS, WARRANTIES, GUARANTEES AND/OR CONDITIONS OF MERCHANTABILITY, SATISFACTORY QUALITY, FITNESS FOR A PARTICULAR PURPOSE, ACCURACY, QUIET ENJOYMENT, AND NON-INFRINGEMENT OF THIRD PARTY RIGHTS.
SIKKA DOES NOT WARRANT AGAINST INTERFERENCE WITH YOUR ENJOYMENT OF THE SPC AND SERVICES, THAT THE
FUNCTIONS CONTAINED IN OR SERVICES PERFORMED BY THE SPC WILL MEET YOUR REQUIREMENTS, THAT THE OPERATION
OF THE SPC AND SERVICES WILL BE UNINTERRUPTED OR ERROR-FREE, THAT ANY SERVICE WILL CONTINUE TO BE MADE
AVAILABLE, THAT DEFECTS IN THE SPC OR SERVICES WILL BE CORRECTED, OR THAT THE SPC WILL BE COMPATIBLE OR
WORK WITH ANY THIRD PARTY SOFTWARE, APPLICATIONS OR THIRD PARTY SERVICES. INSTALLATION OF THIS SOFTWARE
MAY AFFECT THE USABILITY OF THIRD PARTY SOFTWARE, APPLICATIONS OR THIRD PARTY SERVICES.
YOU FURTHER ACKNOWLEDGE THAT THE SPC AND SERVICES ARE NOT INTENDED OR SUITABLE FOR USE IN SITUATIONS OR
ENVIRONMENTS WHERE THE FAILURE OR TIME DELAYS OF, OR ERRORS OR INACCURACIES IN, THE CONTENT, DATA OR
INFORMATION PROVIDED BY THE SPC OR SERVICES COULD LEAD TO DEATH, PERSONAL INJURY, OR SEVERE PHYSICAL OR
NO ORAL OR WRITTEN INFORMATION OR ADVICE GIVEN BY SIKKA OR A SIKKA AUTHORIZED REPRESENTATIVE SHALL CREATE
SHOULD THE SIKKA SOFTWARE OR SERVICES PROVE DEFECTIVE, YOU ASSUME THE ENTIRE COST OF ALL NECESSARY
SERVICING, REPAIR OR CORRECTION.
- Limitation of Liability. IN NO EVENT SHALL SIKKA BE LIABLE FOR PERSONAL INJURY, OR ANY INCIDENTAL, SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES WHATSOEVER, INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF TIME, LOSS OF PROFITS, CORRUPTION OR LOSS OF DATA, LOSS OR REVENUE, LOSS OF PATIENTS, DECREASE IN PROFITABILITY, LOSS OF THE USE OF SOFTWARE OR SERVICES, FAILURE TO TRANSMIT OR RECEIVE ANY DATA, BUSINESS INTERRUPTION OR ANY OTHER COMMERCIAL DAMAGES OR LOSSES, ARISING OUT OF OR RELATED TO YOUR USE OF OR INABILITY TO USE THE SPC OR SERVICES OR ANY THIRD PARTY SOFTWARE OR APPLICATIONS IN CONJUNCTION WITH THE SIKKA SOFTWARE, HOWEVER CAUSED, REGARDLESS OF THE THEORY OF LIABILITY (CONTRACT, TORT (INCLUDING NEGLIGENCE), CONTRACTUAL OR EXTRA CONTRACTUAL CIVIL LIABILITY OR OTHERWISE) AND EVEN IF SIKKA HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
SIKKA’S MAXIMUM LIABILITY FOR DAMAGES UNDER THIS LICENSE IS LIMITED TO THE AMOUNTS PAID TO SIKKA IN THE
SIX MONTHS IMMEDIATELY PRIOR TO THE EVENT FIRST GIVING RISE TO THE LIABILITY.
The foregoing limitations will apply even if the above-stated remedy fails of its essential purpose.
- Export Control. You may not use or otherwise export or re-export the SPC except as authorized by United States law and the laws of the jurisdiction in which the SPC was obtained. In particular, but without limitation, the SPC may not be exported or re-exported (a) into any U.S. embargoed countries or (b) to anyone on the U.S. Treasury Department’s list of Specially Designated Nationals or the U.S. Department of Commerce Denied Person’s List or Entity List. By using the SPC, You represent and warrant that You are not located in any such country or on any such list. You also agree that You will not use the SPC for any purposes prohibited by United States or applicable law, including, without limitation, the development, design, manufacture or production of missiles, or nuclear, chemical or biological weapons. Notwithstanding the above, if you are a user located in Canada, you will never be required to take or refrain from taking any action which would be in violation of the applicable laws of Canada relating to export controls.
- Government End Users. The SPC and related documentation are “Commercial Items”, as
that term is defined at 48 C.F.R. §2.101, consisting of “Commercial Computer Software” and
“Commercial Computer Software Documentation”, as such terms are used in 48 C.F.R. §12.212 or 48
C.F.R. §227.7202, as applicable. Consistent with 48 C.F.R. §12.212 or 48 C.F.R. §227.7202-1 through
227.7202-4, as applicable, the Commercial Computer Software and Commercial Computer Software
Documentation are being licensed to U.S. Government end users (a) only as Commercial Items and (b)
with only those rights as are granted to all other end users pursuant to the terms and conditions
herein. Unpublished- rights reserved under the copyright laws of the United States.
- Controlling Law and Severability. This License will be governed by and construed in
accordance with the laws of the State of California, excluding its conflict of law principles. This
License shall not be governed by the United Nations Convention on Contracts for the International
Sale of Goods, the application of which is expressly excluded. If for any reason a court of
competent jurisdiction finds any provision, or portion thereof, to be unenforceable, the remainder
of this License shall continue in full force and effect.
- Complete Agreement. This License constitutes the entire agreement between the parties with respect to the use of the SPC licensed hereunder and the Services and supersedes all prior or contemporaneous understandings regarding such subject matter, with the exception of any additional terms and conditions You are required to accept if You choose to use Sikka’s online portal which will govern your use of the portal and any Services You purchase through the portal. No amendment to or modification of this License will be binding unless in writing and signed by Sikka.
- Open Source. Any open source software that may be provided as part of or in
connection with the SPC is licensed under the terms of the applicable third party open source
license, which can be found in any applicable “README” file, documentation or other materials
accompanying the SPC (the “Open Source Terms”). Copyrights to the Open Source Software are held by
copyright holders indicated in the Open Source Terms. Any terms of this License that conflict with
the terms of any license agreements for Open Source Software will not apply to such Open Source
Sikka Technical Support Service Level Descriptions
Sikka will use all reasonable efforts to respond to all, non-basic (Level 1), issues reported by a partner that uses the Sikka platform to access practice data with the practice’s permission (“Partner”)) or customers in accordance with the chart set forth below. The target initial response time is based on the severity of the issue reported.
For Partner Installs and API Technical Support Issues. The Partner will
be the first line of support and provide initial troubleshooting and problem resolution with the end
user or API product.
Sikka will serve only as Tier 2 for escalations after the Partner has
completed all initial troubleshooting and problem resolution.
Such response times are guidelines and in no way constitute a guarantee
of resolution time. The customer may specify the priority; Sikka will make the ultimate
determination based on the information supplied by the customer to Sikka Technical Support/Customer
Standard Support Hours: Monday through Friday, 8:00 am to 5:00 pm
(Pacific Time), excluding U.S. Federal holidays.
|Description of issue, Response and Escalation
|Target initial Response Time
Priority 1 is reserved for complete SPU or “Platform”
failures and for emergency issues affecting production site launch schedules and must be
reported via : https://support.sikkasoft.com
If the problem is not resolved within four (4) business
hours, the Sikka customer support manager and the customer’s organization is
notified and will work with the support engineer to ensure the assignment of
relevant resources to implement an action plan.
If the problem is still not resolved within eight (8)
business hours the issue will be escalated to the Sikka TAC and will be reviewed to
ensure that the appropriate resources are allocated to resolve the issue.
2 Hours (business
Priority 2 is for all other cases or problems that the
customer may experience with the SPU or “Platform”.
If the customer is not satisfied that the issue is being
resolved in an acceptable time period, Customer can request an escalation of the
issue using https://support.sikkasoft.com
The Customer Success Team Lead will contact the customer
to discuss the request and agree on an action plan with the customer.
8 Hours (business
Business Associate Terms Addendum
1. BUSINESS ASSOCIATE AGREEMENT UNDER HIPAA AND APPLICABLE FOREIGN LAWS.This Section 1 applies to the extent that (a) Client is a “Covered Entity” as defined in 45 CFR §160.103 (for the purposes of this Addendum, “Covered Entity” includes “health information custodians”, “trustees”, and any other similar term under local applicable legislation); (b) Sikka is, with respect to Client, a “Business Associate” as defined in 45 CFR §160.103 (for the purposes of this Policy, “Business Associate” includes “agents”, “affiliates”, “information managers”, and any other similar term under local applicable legislation); and (c) Sikka receives PHI (as defined below) from Client. The parties acknowledge that in carrying out obligations under the Software License Agreement, Sikka, and its subcontractors, employees, affiliates, agents, or representatives may have reason to collect, access, use, create, maintain, disclose or transmit PHI for or on behalf of Client. Certain PHI may be transmitted by or maintained in electronic media as Electronic PHI (as defined below). The parties agree to comply with any applicable federal, state, provincial and territorial law governing the privacy and security of the PHI and Electronic PHI including, without limitation, HIPAA and the HITECH Act (as defined below), as well as any other similar applicable legislation, in accordance with the Software License Agreement and this Addendum (the “Addendum”).
DEFINITIONS. Capitalized terms used, but not otherwise defined, in this Addendum shall have the same
meaning as those terms in the Services Agreement or applicable regulation.
“Breach”, as it relates to information, has the same meaning as the term “breach” in Section 13400 of the HITECH Act, namely the unauthorized acquisition, access, use, or disclosure of protected health information which compromises the security or privacy of such information, and any other similar term under local applicable legislation.
“Designated Record Set” has the same meaning as the term “designated record set” in 45 CFR §164.501, namely a group of records maintained by or for a Covered Entity that is either i) medical records and billing records about individuals maintained by or for a health care provider, ii) the enrollment, payment, claims adjudication, and case or medical management record systems maintained by or for a health plan or iii) used, in whole or in part, by or for the Covered Entity to make decisions about individuals, and any other similar term under local applicable legislation.
“Electronic PHI” has the same meaning as the term “electronic protected health information” in 45 CFR §160.103, and any other similar term under local applicable legislation, limited to the information created or received by Sikka from or on behalf of Client.
“HIPAA” means the Health Insurance Portability and Accountability Act of 1996, the Health Information
Technology for Economic and Clinical Health Act of 2009 (“HITECH Act”), and the regulations promulgated
thereunder, as each may be amended from time to time.
“individual” has the same meaning as the term “individual” in 45 CFR §160.103, namely a person who is the subject of protected health information, and shall include a person who qualifies as a personal representative in accordance with 45 CFR §164.502(g) and any similar term under local applicable legislation.
“Privacy Rule” means the Standards for Privacy of Individually Identifiable Health Information at 45 CFR Part 160 and Part 164, Subparts A and E, and any other similar term, standards and rules under local applicable legislation.
“PHI” has the same meaning as the term “protected health information” in 45 CFR §160.103, and any other similar term under local applicable legislation, limited to the information created or received by Sikka from or on behalf of Client.
“Secretary” means the Secretary of the Department of Health and Human Services or his designee, and any other similar term, individual or regulator under local applicable legislation.
“Security Rule” means the Security Standards at 45 CFR Part 160 and Part 164, and any other similar term, standards and rules under local applicable legislation.
“Unsecured PHI” has the same meaning as the term “unsecured protected health information” in Section 13402(h) of the HITECH Act, namely PHI that is not secured through the use of a technology or methodology specified by the Secretary.
1.1. Obligations and Activities of Business Associate. As a Business Associate, Sikka shall have
the following obligations:
(a) Sikka agrees to not use or disclose PHI other than as permitted or required by the Services
Agreement or as Required by Law. Except as otherwise limited in the Services Agreement, Sikka
may use or disclose PHI to perform functions, activities, or services for, or on behalf of
Client as specified in Software License Agreement, provided that such use or disclosure would
not violate the Privacy Rule if done by Client or the minimum necessary policies and procedures
of Client of which Sikka has been informed.
(b) Sikka agrees to use appropriate safeguards to prevent use or disclosure of the PHI other
than as provided for by Services Agreement, including the implementation of administrative,
physical and technical safeguards that reasonably and appropriately protect the confidentiality,
integrity and availability of Electronic PHI as required by the Security Rule.
(c) Sikka agrees to mitigate, to the extent practicable, any harmful effect that is known to Sikka of a use or disclosure of PHI by Sikka in violation of the requirements of HIPAA or any other similar local applicable legislation.
(d) Sikka agrees to report to Client any use or disclosure of the PHI that it becomes aware of that is not permitted by this Business Associate Agreement or any Breach or other type of security incident. Further, Sikka agrees to notify Client of any Breach of Unsecured PHI of which it becomes aware and otherwise comply with the notification requirements set forth in Section 45 CFR § 164.410 (or in any other similar local applicable legislation). Notwithstanding anything herein to the contrary, notice is hereby deemed provided, and no further notice will be given, with respect to ongoing unsuccessful attempts at unauthorized access to PHI that are trivial such as pings and other broadcast attacks on firewalls, denial of service attacks, failed login attempts, and port scans, unless such notice is required under local applicable legislation.
(e) Sikka agrees to ensure that any subcontractor to whom Sikka assigns or delegates its rights
or obligations under this Addendum or the Services Agreement has agreed in writing to the same
restrictions and conditions as Sikka with respect to PHI.
(f) Sikka agrees to make its internal practices, books, and records, including policies and
procedures and PHI, relating to the use and disclosure of PHI received from, or created or
received by Sikka on behalf of Client available to the Secretary, at a reasonable time
designated by the Secretary, for purposes of the Secretary determining Client’s compliance with
the Privacy Rule.
(g) Sikka agrees to document such disclosures of PHI and information related to such disclosures
as would be required for Client to respond to a request by an Individual for an accounting of
disclosures of PHI in accordance with 45 CFR §164.528 and any local applicable legislation.
(h) Sikka agrees to provide to Client or an Individual, within the time periods and in the manner provided for under local applicable law (or, in the absence of such requirements in time and manner agreed by the parties), information collected in accordance with Section 1(g) of this Addendum, to permit Client to respond to a request by an Individual for an accounting of disclosures of PHI in accordance with 45 CFR §164.528 and any other similar local applicable legislation.
(i) Sikka agrees not to exchange any PHI of an Individual for remuneration except where Sikka
has obtained a valid authorization from the individual or as otherwise permitted under Section
13405(d) of the HITECH Act or applicable local law.
(j) To the extent Sikka agrees in the Services Agreement to maintain any PHI in a Designated Record Set that is not duplicative of a Designated Record Set maintained by Client, Sikka agrees to make such information available to Client pursuant to 45 CFR § 164.524 and any other similar local applicable legislation, in time and manner agreed by the parties.
Subject to applicable law, if, in the performance of its obligations set forth in Sections 1(f) through 1(j) above, Sikka expends
time and materials, Sikka will provide Client with an estimate of the fee for such time and materials.
Following agreement by the parties as to such fees, Sikka will invoice Client, and Client shall pay
Sikka such fees.
Except as otherwise limited in the Software License Agreement, and to the extent permitted by applicable law, Sikka may use or disclose PHI for the proper management and administration of the Services or to carry out Sikka’s legal obligations, provided the disclosures are required by law, or Sikka obtains reasonable assurances from the person to whom the information is disclosed that the information will remain confidential and used or further disclosed only as required by law or for the purposes for which it was disclosed to the person, and the person notifies Sikka of any instances of which it is aware in which the confidentiality of the information has been breached.
To the extent permitted under applicable law, Sikka may use PHI to de-identify such PHI so that such information is not individually identifiable
information as provided in 45 C.F.R. § 164.514, as amended. The parties agree that such de-identified
information is not PHI and not subject to this Addendum, unless locally applicable law specifies otherwise.
Sikka may use PHI to provide data aggregation services to Client if such services are required under the
To the extent permitted by applicable law, Sikka may seek a valid authorization from an Individual for the disclosure of their PHI disclosed or
access by Sikka pursuant to this Addendum and the Software License Agreement for Sikka's business
1.2. Obligations of Covered Entity. Client shall have the following obligations:
(a) Client shall use the encryption features in the Services to encrypt any and all PHI that is
provided to Sikka. In addition to the indemnification obligations set forth in the Software
License Agreement, Client shall defend and indemnify Sikka from and against any damages and
costs arising from or relating to the failure of Client to encrypt the PHI.
(b) To the extent permitted under applicable law, Client shall notify Sikka of any limitation(s) in its notice of privacy practices of Client in accordance with 45 CFR §164.520 and local applicable law, to the extent that such limitation may affect Sikka’s use or disclosure of PHI.
(c) Client shall notify Sikka of any changes in, or revocation of, permission by an Individual
to use or disclose PHI, to the extent that such changes may affect Sikka’s use or disclosure of
PHI in providing the Services.
(d) To the extent permitted under applicable law, Client shall notify Sikka of any restriction to the use or disclosure of PHI that Client has agreed to in accordance with 45 CFR §164.522 or local applicable law, to the extent that such restriction may affect Sikka’s use or disclosure of PHI in providing the Services.
(e) Client shall not request Sikka to use or disclose PHI in any manner that would not be permissible under HIPAA or local applicable law if done by Client. Client shall permit Sikka to seek a valid authorization for the disclosure of PHI for Sikka's business purposes from Individuals whose PHI is accessed by or disclosed to Sikka pursuant to this Addendum and the Services Agreement
1.3. Term and Termination
(a) Term. The term of this Addendum shall be effective as of the Effective Date and shall
terminate when all of the PHI provided by Client to Sikka, or created or received by Sikka on
behalf of Client, is destroyed or returned to Client, or, if it is infeasible to return or
destroy PHI, protections are extended to such information, in accordance with the termination
provisions in this Section and in any local applicable legislation.
(b) Termination for Cause. In addition to any termination rights set forth in the Software
License Agreement and the Terms and Conditions, if Sikka materially breaches the Business
Associate Terms, Client may terminate the Services if Sikka fails to cure such breach within
thirty (30) days after receiving written notice of such breach or immediately terminate the
Services if cure is not possible.
(c) Effect of Termination.
(i) Except as provided in Section 1.3(c)(ii) below, upon termination of this Addendum,
for any reason, Sikka shall return or destroy all PHI received from Client, or created
or received by Sikka on behalf of Client in accordance with the terms of the Software
License Agreement. This provision shall also apply to PHI that is in the possession of
subcontractors or agents of Sikka. Sikka shall retain no copies of the PHI.
(ii) In the event that Sikka determines that returning or destroying the PHI is
infeasible, Sikka shall provide to Client notification of the conditions that make
return or destruction infeasible. If the return or destruction of PHI is infeasible,
Sikka shall extend the protections of this Addendum to such PHI and limit further uses
and disclosures of such PHI to those purposes that make the return or destruction
infeasible, for so long as Sikka maintains such PHI.
(d) Termination Upon Change in Law. If the Secretary provides guidance, clarification or interpretation of HIPAA or the HITECH Act or any local applicable legislation or there is a change in HIPAA or the HITECH Act or any local applicable legislation such that the service relationship between Sikka and Client is not considered a Business Associate relationship as defined in HIPAA or any similar local applicable legislation, this Addendum shall terminate and be null and void.
(a) Regulatory References. A reference in this Agreement to a section in a regulation means the
section as in effect or as amended.
(b) The parties agree to take such action as is necessary to amend this Agreement from time to
time as is necessary for Client to comply with the requirements of HIPAA or of any other local applicable legislation.
(c) In the event of a conflict between the terms of this Business Associate Agreement Terms Addendum (the “BAA” or the “Addendum”) or any other agreement or understanding between the parties and this Addendum, this BAA shall control.
(d) The respective rights and obligations of Sikka under this Addendum shall survive the
termination of this Agreement.
(e) Any ambiguity in this Addendum shall be resolved to permit Client to comply with HIPAA or other local applicable legislation.