This Customer FHIR API Subscription Agreement (the "API Agreement") is entered into by and between MedAZ.Net, LLC (website branded as *.mhealthaz.com) and its affiliates ("MEDAZ") and the MEDAZ customer that has accepted this API Agreement ("Customer").
The MEDAZ FHIR APIs enable the connectivity from MEDAZ’ EMR to patient-facing, provider-facing, and backend/bulk applications (“Third-Party Applications”), which provides a means for the Third-Party Applications to access required data elements from MEDAZ’ EMR as defined in the API Certification Criteria in45 CFR 170.315(G)(10).
Third-Party Applications are owned and licensed by entities not owned, operated, or affiliated with MEDAZ (“Third-Party” or “Third-Parties”). The Customer understands that these Third Parties may have additional terms and conditions regarding use and access to their Third-Party Applications (“Third-Party Terms”). The Customer also agrees to have the proper license to use any Third-Party Applications as well as any additional documentation (including but not limited to any “Data Use” or “Business Associate” agreement, as applicable) with the Third Party prior to accessing the Third-Party Applications, if applicable. The Customer is solely responsible for activating the applicable Third-Party Applications for use by the Customer. The Customer acknowledges that MEDAZ is not a party to any agreement that may take place between the Customer and the Third-Party Applications. The Third-Party Applications are solely responsible for the Applications and any errors, issues, bugs or content (Issues”) within the Applications shall be managed by the Third-Party Applications. MEDAZ customer support team is not responsible for troubleshooting any Issues regarding the Third-Party Applications.
This API Agreement provides the Customer with a license to use the MEDAZ FHIR APIs across the Customer’s enterprise and with Third Parties (whether chosen by the Customer or the Customer’s patients) subject to the terms below and in conjunction with the Customer’s licensed use of MEDAZ Software.
In consideration of the mutual covenants set forth below, MEDAZ and the Customer agree as follows:
1. Definitions. All capitalized terms used in this API Agreement will have the meanings assigned to them in this API Agreement (including in Appendix A).
2. License to Use MEDAZ FHIR APIs. For the term of this API Agreement (as described in Section 7), MEDAZ grants the Customer a non-exclusive license to use the MEDAZ FHIR APIs across the Customer’s enterprise (including with affiliated healthcare organizations that are permitted to access the Customer’s MEDAZ Software) and with other Third Parties, subject to this API Agreement and only in conjunction with the Customer’s licensed use of MEDAZ Software. This grant is non-transferable and includes the rights reasonably necessary for the Customer to access and use the MEDAZ FHIR APIs with the Customer’s MEDAZ Software environments. This API Agreement does not give the Customer ownership of any part of the MEDAZ FHIR APIs or the API Support Materials.
3. Responsibilities and Third Party Requirements. As a licensee of the MEDAZ FHIR APIs, the Customer has the responsibilities described in Section 3.a. below. Products chosen by the Customer’s patients should be able to access data elements through APIs. The responsibilities outlined in Section 3.a. do not apply when the Customer use the MEDAZ FHIR APIs to respond to requests to access, exchange, and use data elements that originate from Products chosen by the Customer’s patients or Third Parties acting on behalf of the Customer’s patients (pursuant to a valid authorization or consent).
3a. Responsibilities. The Customer is solely responsible for all liabilities and consequences, including performance issues, fines assessed against the Customer by the government and loss of reimbursement, that arise from the Customer, Third Parties’, or the Customer’s patients' use of or inability to use any Product. Among other things, this means the Customer is responsible for the following, all to the extent permitted by applicable law:
i. vetting each Third Party and Product to assure the accuracy, completeness, and appropriateness of any Products before the Customer enables such Product to interact with the MEDAZ FHIR APIs and MEDAZ Software;
ii. confirming the accuracy and relevance of information made available to or from Products through the MEDAZ FHIR APIs;
iii. ensuring Third Parties and Products meet the Customer’s organization’s security and privacy requirements, and appropriate audit trails are maintained in each Product;
iv. establishing unavailability procedures that will permit the Customer to preserve their operations if a MEDAZ FHIR API or Product becomes unavailable;
v. ensuring all use of the MEDAZ FHIR APIs is in accordance with the purposes for such MEDAZ FHIR APIs described in the API Support Materials;
vi. maintaining appropriately current versions of MEDAZ Software, including promptly applying updates to MEDAZ Software to address identified issues with MEDAZ FHIR APIs;
vii. assessing, planning for, and mitigating potential impacts of planned or unplanned downtimes of MEDAZ Software on Third Parties and Products; and
3b. As between the Customer and MEDAZ, the Customer is responsible for the compliance of any Product (including the Customer’s use of it) with applicable laws and regulations and for determining under what circumstances data elements may be exchanged with Products. The Customer will be responsible for all of its own costs to use the MEDAZ FHIR APIs, including any costs from the Customer’s hosting or infrastructure provider. The Customer is responsible for maintaining the appropriate software, hardware, and other technology needed for the Customer and Third Parties to use the MEDAZ FHIR APIs. MEDAZ may monitor the Customer’s use of the MEDAZ FHIR APIs to verify the Customer’s compliance with this API Agreement, to inform its calculation of any applicable fees payable under this Agreement, to develop or improve software and services, and to attempt to assess any potential quality, performance, and security impacts of Products on MEDAZ Software.
4. Subscription and Other Fees. The fees associated with the use of the MEDAZ FHIR APIs are available on https://medaz.com/certificationinfo.html. The MEDAZ FHIR APIs available represent a subset of the interoperability technology and services that MEDAZ offers to support the access, exchange, and use of electronic health information and other data. Other value-added APIs and services may be available by entering into a separate agreement. MEDAZ may periodically review the fees charged under this Agreement. MEDAZ will provide you with thirty (30) days’ notice in advance of any change to the fees set forth herein. If you do not wish to continue using the MEDAZ FHIR APIs after receiving notice of the change in fees, you may terminate this Agreement upon ten (10) days’ notice.
5. Support for the MEDAZ FHIR APIs. As long as the Customer remains an MEDAZ Customer, MEDAZ will maintain and support the Customer’s use of the MEDAZ FHIR APIs as reasonably necessary to enable the effective development, deployment, and use of the MEDAZ FHIR APIs with MEDAZ Software. MEDAZ’ support of the MEDAZ FHIR APIs will include: (1) consultation and assistance, including reasonable cooperation with the Customer and Third Parties, to help the Customer enable use of the MEDAZ FHIR APIs with MEDAZ Software, (2) Updates, and (3) reasonable workarounds when necessary to help address API Errors. MEDAZ may have access to and may receive Protected Health Information (as defined in HIPAA) from the Customer in connection with its provision of support services for the MEDAZ FHIR APIs. Any access to Protected Health Information pursuant to MEDAZ’ performance of services under this API Agreement will be governed by the HIPAA business associate terms in place between the Customer and MEDAZ pursuant to a separate agreement, but the liability between the parties related to such access will be governed solely by this API Agreement. MEDAZ’ support under this Section 6 does not include troubleshooting or correcting issues with Products, or issues that may be caused by Products connecting to the Customer’s MEDAZ Software through the MEDAZ FHIR APIs, including: data corruption or other data-related errors; security vulnerabilities; privacy breaches; user or system performance degradation; or failure of Products and MEDAZ Software to function with one another as intended, including when the Customer makes configuration changes or updates to MEDAZ Software.
6. Changes to these Terms and the MEDAZ FHIR APIs. MEDAZ may change this API Agreement from time to time in accordance with this Section 6, and unless MEDAZ specifies otherwise, changes will be effective upon the date indicated in the updated terms posted on https://fhir.mhealthaz.com. MEDAZ will inform the Customer of any material changes to the Customer’s obligations under this API Agreement at least thirty (30) days in advance of the effective date of such changes. However, modifications to this API Agreement to reflect changes to the law or regulatory guidance will become effective immediately. The Customer’s continued use of the MEDAZ FHIR APIs after changes to this API Agreement (including to the subscription rates) become effective means that the Customer has accepted the changes. MEDAZ also may modify, suspend, or terminate its provision and support of certain APIs in the MEDAZ FHIR APIs from time to time, with or without notice and in its sole discretion, subject to the remainder of this section. Except as exigent circumstances require, MEDAZ will provide the Customer advance notice of any material changes to the FHIR APIs or related terms of this API Agreement to give the Customer a reasonable opportunity to work with Third Parties to preserve compatibility with the FHIR APIs and comply with such updated terms. MEDAZ will make reasonable efforts to avoid disrupting the Customer’s use of the FHIR APIs.
7. Term and Termination. This API Agreement is effective as of the date the Customer accepts these terms. This API Agreement (including all licenses granted under its terms) will continue in effect until it is terminated in accordance with this Section 7, subject to any suspension of rights under Section 5.d. The Customer may end their use of all of the MEDAZ FHIR APIs in accordance with Section 5.d. above. A party (the "Notifying Party") may terminate this API Agreement if the other party (the "Breaching Party") materially breaches its obligations and does not cure the breach within sixty (60) days of receipt of notice from the Notifying Party. The notice will be provided in accordance with Section 14.g., will state it is a notice of material breach of this API Agreement, and will describe the breach in sufficient detail to permit the Breaching Party to cure the breach. This API Agreement will automatically terminate if the Customer is no longer an MEDAZ Customer. In the event of any termination of this API Agreement, the Customer will: (a) end all use of the MEDAZ FHIR APIs, affirm to MEDAZ that the Customer has ended use of such APIs, and permit MEDAZ to disable the Customer’s access to the MEDAZ FHIR APIs, and (b) promptly pay MEDAZ any outstanding subscription fees, if applicable, that the Customer incurred pursuant to this API Agreement prior to the effective date of such termination.
8. Confidentiality. MEDAZ Confidential Information means, except as provided below, all information concerning: the functionality, operation, use, code, data structures, development, implementation, or maintenance of MEDAZ Software. MEDAZ Confidential Information excludes API Support Materials, as well as information: (a) generally available to the public without fault by the Customer; (b) rightfully known by the Customer non-confidentially before MEDAZ first provides the Customer access to such information; (c) independently developed by the Customer without the use of any MEDAZ Confidential Information; or (d) rightfully obtained by the Customer from a third party with the right to disclose it non-confidentially. This API Agreement does not provide the Customer a right to disclose MEDAZ Confidential Information to Third Parties. The Customer will ensure that any communications involving MEDAZ Confidential Information are within the scope of the protected subject areas in Section 4002 of the 21st Century Cures Act and 45 CFR 170.403.
9. Disclaimers. The MEDAZ FHIR APIs and API Support Materials may include inaccuracies and errors. MEDAZ provides the Customer the MEDAZ FHIR APIs and API Support Materials for the Customer’s convenience and provides them to the Customer AS-IS WITHOUT ANY REPRESENTATION OR WARRANTY OF ANY KIND. ALL REPRESENTATIONS AND WARRANTIES, WHETHER EXPRESS OR IMPLIED, ARE DISCLAIMED, INCLUDING WARRANTIES OF MERCHANTABILITY, ACCURACY, FITNESS FOR A PARTICULAR PURPOSE AND TITLE, AND ANY IMPLIED WARRANTY AGAINST INTERFERENCE WITH THE CUSTOMER’S USE OF THE MEDAZ FHIR APIS, API SUPPORT MATERIALS, https://fhir.mhealthaz.com OR AGAINST INFRINGEMENT OF THIRD-PARTY INTELLECTUAL PROPERTY RIGHTS, OR ANY IMPLIED WARRANTIES THAT THE MEDAZ FHIR APIS, API SUPPORT MATERIALS, OR DATA TRANSMITTED THROUGH THE MEDAZ FHIR APIS ARE ERROR-FREE. MEDAZ makes no representations or warranties as to, and disclaims any responsibility for, the accuracy, completeness, or compliance of any Product. For clarity, this Section 9 is not intended to disclaim or obviate MEDAZ’ support commitments as set out in Section 5 of this API Agreement.
10. Indemnification. Access to the MEDAZ FHIR APIs through the Customer’s MEDAZ Software will be under the Customer’s control, and MEDAZ will have limited knowledge of the Products using the MEDAZ FHIR APIs to interact with the MEDAZ Software. The Customer is solely responsible for making their own determination as to the suitability of the API Support Materials and the MEDAZ FHIR APIs for the Customer’s purposes prior to use. MEDAZ cannot and does not endorse, certify, or verify the functionality, integrity, safety, security, performance, or practices of the developers who use the MEDAZ FHIR APIs for their software. Therefore, the Customer agrees that to the extent permitted by the law applicable to the Customer, the Customer will indemnify, defend, and hold harmless Indemnitees from and against any Claim brought by a third party arising out of or in any way related to (i) the Customer’s use of or inability to use the MEDAZ FHIR APIs, or (ii) a third party's use of or inability to use the MEDAZ FHIR APIs on the Customer’s behalf or for the Customer’s benefit, or on behalf of the Customer’s patients. The Customer will obtain MEDAZ’ written consent before entering into any judgement or settlement that involves an Indemnitee. The indemnification under this Section 11 will not apply to a Claim if, in MEDAZ’ good faith determination, all of the following are true (the “Indemnification Exception”): (a) MEDAZ’ sole negligence with respect to an API Error is the proximate and direct cause of the event giving rise to the Claim; (b) no failure of the Customer or Third Parties to use the MEDAZ FHIR APIs appropriately and in accordance with the API Support Materials is a cause of the Claim; and (c) no failure of the Customer to satisfy the responsibilities outlined in Section 3 is a cause of the Claim. If MEDAZ has determined that the Indemnification Exception does not apply to a Claim, and a court makes a final determination that MEDAZ is liable for such Claim, then within a reasonable period of time following such decision by the court, the Customer may require MEDAZ to participate in a review by a mutually agreed qualified arbitrator of whether the Indemnification Exception should apply to such Claim. To be qualified, the arbitrator must have sufficient practical expertise in healthcare technology, as determined by MEDAZ.
11. Limitation on Liability. MEDAZ WILL NOT BE LIABLE FOR INCIDENTAL, SPECIAL, PUNITIVE, EXEMPLARY, ENHANCED, CONSEQUENTIAL, OR INDIRECT DAMAGES, OR LOSS OF BUSINESS, PROFIT OR REVENUE, ANTICIPATED SAVINGS, GOODWILL, OR REPUTATION, EVEN IF MEDAZ WAS ADVISED OF THE POSSIBILITY OF SUCH DAMAGES OR LOSSES OR THEY WERE OTHERWISE FORESEEABLE. THE TOTAL MAXIMUM LIABILITY OF EITHER PARTY FOR ALL CLAIMS ARISING UNDER OR RELATING TO THIS API AGREEMENT AND USE OF THE MEDAZ FHIR APIS BY THE CUSTOMER AND THE CUSTOMER’S THIRD PARTIES WILL NOT EXCEED THE HIGHEST OF THE TOTAL AMOUNT OF API SUBSCRIPTION FEES PAID BY THE CUSTOMER TO MEDAZ PURSUANT TO THIS API AGREEMENT IN THE TWELVE (12) MONTHS PRECEDING THE DATE THE LAST SUCH CLAIM WAS FILED, ONE HUNDRED DOLLARS ($100.00), OR THE MINIMUM LIMITATION OF LIABILITY PERMITTED AT LAW. FURTHERMORE, NOTWITHSTANDING ANYTHING TO THE CONTRARY, ANY FEES PAID FOR THE MEDAZ FHIR APIS PURSUANT TO THIS API AGREEMENT WILL NOT INCREASE EITHER PARTYS TOTAL MAXIMUM LIABILITY TO THE OTHER PARTY UNDER ANY OTHER AGREEMENT THE CUSTOMER HAS ENTERED INTO WITH MEDAZ.
12. Intellectual Property Claims. In the event that a third-party Claim of infringement of a patent, copyright, or trademark (in each case enforceable in the United States) is brought against the Customer based on the Customer’s use of the MEDAZ FHIR APIs as made available to the Customer pursuant to this API Agreement, the Customer will promptly notify MEDAZ in writing of the Claim. If such a Claim is brought, MEDAZ may, among other things: (i) modify, replace, or remove the MEDAZ API (in which case, MEDAZ may modify or suspend charges to the Customer for such API); (ii) procure the right for the Customer to continue to use the MEDAZ API that is the subject of the Claim; or (iii) require the Customer to procure the right to continue to use the MEDAZ API that is the subject of the Claim (to the extent the Customer would like to continue use of such API).
13. No Substitute for Professional Judgement. The Customer acknowledges that the Third-Party Applications may assist in exercising professional medical judgement. The Customer agrees that the Customer is solely responsible for medical decision-making and use of the Third-Party Applications and that the Third-Party Applications are not a substitute for professional medical judgement. Any use of Third-Party Applications by the Customer, or authorized users, will constitute the Customer’s acceptance of clinical responsibility for the use of any Third-Party Applications. To the extent the Third-Party Applications cause an error leading to patient safety issues, MEDAZ shall have no indemnification or liability obligation to the Customer or any other party related to any such error. In the event that the Third-Party Applications or any report or information generated by the Third-Party Applications is used in connection with any diagnosis or treatment by the Customer or any agents, representatives, and the like, of the Customer, the Customer agrees that such liability shall be between the Customer and the Third-Party Applications.
14. Miscellaneous.
- a. Third-Party Applications and the MEDAZ FHIR APIs shall only be accessible in the United States.
- b. This API Agreement will be governed by and construed in accordance with the laws of Massachusetts, without reference to its conflicts of laws principles, and any action arising out of or relating to this Agreement will be brought exclusively in Massachusetts. The Customer consents to the personal jurisdiction and venue of the state and federal courts located in Massachusetts.
- c. A party's failure to enforce any provision of this API Agreement will not be construed as a waiver of such provision or prevent the party from subsequently enforcing such provision.
- d. Neither party will be liable for failure or delay in performing its obligations if such failure or delay is due to circumstances beyond such party's reasonable control, including acts of God, fire, acts of a common enemy, war, actual or threatened terrorism, third-party criminal acts, civil disturbance, embargo, law or governmental regulations, or labor dispute.
- e. MEDAZ and the Customer are independent contractors and not each other's agents. Except to the extent expressly specified, this API Agreement does not create third-party beneficiaries. MEDAZ and the Customer are not joint employers of the other's employees and do not have the right to make employment decisions about the other's employees.
- f. This API Agreement is the entire agreement between the Customer and MEDAZ regarding the MEDAZ FHIR APIs; it supersedes all prior or contemporaneous representations, understandings, or agreements regarding the MEDAZ FHIR APIs. The MEDAZ FHIR APIs are governed exclusively by this API Agreement and not by any other agreement in place between the Customer and MEDAZ.
- g. Nothing in this API Agreement is intended to preclude the Customer from using a Product that replaces or supplements MEDAZ Software.
- h. Notice required under this API Agreement will be delivered, if to the Customer, via email to the Customer’s designated API Agreement point of contact and, if to MEDAZ, to medazsupport@medaz.net. At the Customer’s request, MEDAZ will provide instructions to the Customer on how to designate and/or modify their API Agreement point of contact.
- i. Sections 3, 5, 6-12, and 14 will survive any termination of this API Agreement.
- j. IN THE EVENT THAT THERE IS ANY CONFLICT BETWEEN THE TERMS AND CONDITIONS OF THE API AGREEMENT AND ANY OTHER AGREEMENT BETWEEN THE PARTIES, THE API AGREEMENT SHALL RULE.
The license provided to the Customer under this API Agreement is expressly conditioned upon the Customer’s acceptance of and compliance with all the terms and conditions set forth herein. If the Customer does not accept this API Agreement, do *not* click ‘I accept’. By clicking ‘I accept’, the Customer warrants that the individual accepting this API Agreement on the Customer’s behalf has the power and authority to legally bind the Customer and the Customer accepts the entirety of this API Agreement.