Meld Terms of Service
These Meld Terms of Service govern Customer’s use of the Software. Capitalized terms have the definitions set forth below.
Customer agrees to the terms of these Terms of Service by (1) clicking a box indicating acceptance, (2) executing an order form that references this Agreement, or (3) using the Software. If the individual accepting these Terms of Service is accepting on behalf of a company or other legal entity, such individual represents that they have the authority to bind such entity and its Affiliates to these Terms of Service, in which case the term “Customer” shall refer to such entity and its Affiliates. If the individual accepting these Terms of Service does not have such authority, or does not agree with the terms and conditions, such individual must not accept these Terms of Service and may not use the Software. Meld reserves the right to reject any request for access to or use of the Software, for any reason, in its reasonable discretion.
These Terms of Service were last updated on November 4, 2023. They are effective between Customer and Meld as of the date of the parties’ acceptance (the “Effective Date”).
1 Definitions
1.1 “Affiliate” means any entity Controlled by, Controlling, or under common Control with a party to this Agreement. As used in this definition, “Control” means either the direct or indirect control of more than 50% of the shares or other equity interests of the subject entity entitled to vote in the election of directors (or, in the case of an entity that is not a corporation, for the election or appointment of the corresponding managing authority).
1.2 “Agreement,” as used herein, includes these Meld Terms of Service and any exhibits, schedules, amendments, addendums, or appendices hereto and documents incorporated herein.
1.3 “Confidential Information” has the meaning set forth at Section 5.
1.4 “Customer Data” means any and all information entered or uploaded to the Software by or on behalf of Customer or an Affiliate.
1.5 “Force Majeure Events” has the meaning set forth in Section 17.
1.6 “Mobile Apps” has the meaning set forth in Section 3.1.
1.7 “Service Description Document” means the document titled “Service Description Document,” which includes functional descriptions of Meld’s software-as-a-service application. Customer may obtain a copy of the Service Description Document through the Software application.
1.8 “Site” means a clinical research location or facility where clinical research is conducted.
1.9 “Software” means Meld’s software-as-a-service application, as further described in the Service Description
Document, which provides sites with tools to interact with electronic site documents using natural language queries.
2 Term and Termination
2.1 Term of Agreement and Renewal.
This Agreement is effective from the Effective Date and may be terminated at any time by either party by providing the other party with at least ninety (90) days written notice of its intent to terminate, amend or not renew the Agreement.
2.2 Right to Terminate.
Either party may terminate the Agreement in the event that the other party has materially breached the Agreement and such breach has not been cured (or, if the breach is not capable of being cured, discontinued with appropriate changes to ensure that it is not repeated) within thirty (30) days of written notice of breach from the other party. Either party may terminate this Agreement immediately if the other party terminates or suspends its business as a result of bankruptcy, insolvency or similar event.
3 Software Usage Rights.
3.1 General Rights.
In consideration of including a broader participation of clinical research sites in clinical trials being run by Meld’s existing customer base, Meld grants to Customer a limited, non-transferable, non-exclusive right to access and use the Software and Software documentation for Customer’s internal business purposes until the expiration or termination of the Agreement. The Software shall be made available to Customer as a service that Customer may access and use for the duration of this Agreement. Meld will host and retain physical control over the Software and make the Software available through the Internet for access, use and operation by Customer through a web-browser. Certain functions of the Software may be downloaded for installation and use on a mobile device (“Mobile Apps”). Such Mobile Apps may be accessed and used during the term of this Agreement and must be uninstalled upon the termination of the Agreement. Other than as specifically set forth above and unless otherwise agreed to by Meld in writing, no provision under this Agreement shall obligate Meld to deliver or otherwise make available any copies of computer programs or code from the Software to Customer, whether in object code or source code form. For the avoidance of doubt, all of Customer’s Sites may access and use the Software as described herein.
3.2 General Restrictions.
Except where applicable law prohibits such restrictions, Customer agrees that it shall not: (i) license, sublicense, sell, resell, rent, lease, transfer, distribute, time share or otherwise commercially exploit or make the Software available to any third party other than as contemplated by this Agreement; (ii) make derivative works of, disassemble, reverse compile or reverse engineer any part of the Software or Software documentation, or access the Software or Software documentation in order to build a similar or competitive product or service (or contract with a third party to do so); (iii) use the Software to send spam or otherwise send messages in violation of applicable laws; or (iv) use the Software to send or store infringing, obscene, threatening, libelous, or otherwise unlawful or tortious material. Customer may not remove or alter any of the logos, trademark, patent or copyright notices, confidentiality or proprietary legends or other notices or markings within the Software or Software documentation.
3.3 Use By Third Parties.
Subject to the usage limitations described below: Customer may allow regulatory agencies, sponsors, Contract Research Organizations (providing outsourcing services for the Customer) and other Customer vendors (“Third Parties”) to access and use the Software solely for Customer’s internal business purposes; provided that any such Third Party may not be a competitor of Meld unless Meld has consented to such access and use in writing. The obligations and limitations as to Customer that are set forth in this Agreement are also applicable to each Third Party that are provided access to the Software. Customer is responsible for ensuring that its employees and each Third Party (and their employees) are aware of and comply with the terms of this Agreement. Any breach of this Agreement by such entities or individuals shall be deemed to be a breach by Customer, and Customer is liable for such breaches.
3.4 Usage Limitations.
Customer’s use of the Software is limited by the following storage restriction: Each customer's data will be retained in the Software provided that this Agreement has not expired nor been terminated. Notwithstanding the above, Customer may access and retrieve Customer Data within 30 days of the expiration or termination of the Agreement, per the terms of Section 2 of Exhibit A.
4 Support.
Meld provides Customers free support through email requests via hello@usemeld.com. Meld will provide a reasonable response time to support requests. Meld reserves final judgement on which support requests to respond to and the level of support to provide as reasonable for each request.
5 Confidential Information.
Each party agrees: (i) that it will use (and will ensure that its employees, affiliates, agents, contractors and other allowed Third Party’s use) reasonable efforts (which shall be no less than the efforts used to protect its own confidential information of a similar nature) to prevent the disclosure of the other party’s Confidential Information to any person or entity, unless authorized by the other party; and (ii) that it will not use Confidential Information of the other party for any purpose other than as authorized by this Agreement or by the other party. As to Meld, the term “Confidential Information” includes information specifically designated as confidential or that would be understood to be confidential or proprietary by a reasonable person, the features and functions of the Software that are not available to the general public via the public internet (including screen shots of the same), future product plans, any Software documentation or specifications provided to Customer, (but not the mere existence of this Agreement), audit, performance and security test results, and any other proprietary, financial or business information supplied to Customer by Meld. As to Customer, the term “Confidential Information” includes information specifically designated as confidential or that would be understood to be confidential or proprietary by a reasonable person, login credentials for accessing the Software, and Customer Data (including personally identifiable data). Notwithstanding the foregoing, “Confidential Information” shall not include (i) information which is or becomes publicly known through no act or omission of the receiving party, or (ii) information gained by the receiving party independent of the disclosing party. Notwithstanding the foregoing, it shall not be a breach of this Agreement to disclose Confidential Information required to be disclosed pursuant to administrative or court order, government or regulatory investigation or requirement, or arbitration or litigation arising out of this Agreement; provided, however, that to the extent permissible, each party shall, in advance of any such disclosure promptly notify the other party in order to enable the other party reasonable time to seek a protective order with respect to the requested information or otherwise challenge or oppose the disclosure requirement. Meld may list Customer as a customer and use Customer’s logo on Meld’s website and in other Meld customer listings.
6 Ownership.
Customer shall retain all right, title and interest to all Customer Data. Meld shall retain all right, title and interest in and to (i) the Software, the Software documentation, all modifications and/or enhancements to the Software (regardless of the source of inspiration for any such enhancement or modification and regardless of whether Customer has provided input regarding such modifications and/or enhancements), and all inventions or discoveries embodied within the Software, (ii) proprietary education or training content, and (iii) pre-existing materials related to Meld’s professional services processes and methodologies. Notwithstanding any other term of this Agreement, Meld may access, collect and use, and shall retain all right, title and interest in (i) transactional and performance data related to use of the Software, provided that such data shall not include any substantive content related to the subject matter of any clinical trial, (ii) the identity of any Site using the Software, and (iii) the identity of individual users that access the Software, provided that any such user has agreed to the terms of use for the Software. Meld reserves to itself all rights that are not expressly granted pursuant to this Agreement.
7 DISCLAIMER OF WARRANTY.
THE SOFTWARE IS PROVIDED AS-IS WITHOUT WARRANTY OF ANY KIND AND TO THE EXTENT NOT PROHIBITED BY APPLICABLE LAW, MELD DISCLAIMS AND EXCLUDES ALL WARRANTIES, CONDITIONS AND OTHER TERMS IMPLIED BY STATUTE, COLLATERALLY OR OTHERWISE, INCLUDING WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. MELD DOES NOT GUARANTEE OR WARRANT THAT THE SOFTWARE WILL PERFORM ERROR-FREE OR UNINTERRUPTED.
8 Indemnification.
8.1 Infringement Indemnity.
Meld shall, at its expense, defend or at its option, settle any claim, action or allegation brought against Customer alleging that the Software infringes any valid copyright, patent, trade secret, or any other proprietary right of any third party and shall pay any final judgments awarded or settlements entered into; provided that Customer gives prompt written notice to Meld of any such claim, action or allegation of infringement and gives Meld the authority to proceed as contemplated herein. In the event any infringement claim, action or allegation is brought or threatened, Meld may, at its sole option and expense: (a) procure for Customer the right to continue use of the Software or infringing part thereof; (b) modify, amend or replace the Software or infringing part thereof with other software having substantially the same or better capabilities; or, if neither of the foregoing is in Meld’s opinion commercially practicable, (c) terminate this Agreement. The foregoing obligations will not apply to the extent the infringement arises as a result of (i) any use of the Software in a manner expressly prohibited by this Agreement; or (ii) any use by Customer of the Software in combination with other products, equipment, devices, software, systems or data not supplied by Meld to the extent such claim is directed against such combination; provided that this exclusion shall not be applicable to combinations with hardware, software or other technology required to access and use the Software (e.g., a web browser, an internet connection, a personal computer, the software platform provided by google, inc. upon which certain Meld applications are built). This Section states the entire liability of Meld with respect to infringement of any patent, copyright, trade secret or other intellectual property right.
8.2 Indemnity Process.
Meld will have the exclusive right to defend any indemnified claim (including the right to select and control the work of counsel) and make settlements thereof at its own discretion. Customer may not settle or compromise any indemnified claim, action or allegation, except with prior written consent of Meld. Meld may not, without Customer’s prior written approval, enter into any settlement of an indemnified claim that imposes a direct financial liability on Customer or includes an admission of fault by Customer. Customer shall give such non-monetary assistance and information as Meld may reasonably require to settle or defend indemnified claims.
9 Limitation of Liability.
IN NO EVENT WILL EITHER PARTY BE LIABLE FOR ANY INDIRECT, INCIDENTAL, CONSEQUENTIAL, SPECIAL, PUNITIVE, OR EXEMPLARY DAMAGES OR ANY LOSS OF REVENUE, PROFITS, DATA OR DATA USE ARISING OUT OF THIS AGREEMENT. MELD'S MAXIMUM LIABILITY IN CONNECTION WITH THIS AGREEMENT, ON THE BASIS OF ANY THEORY OF LIABILITY OR CAUSE OF ACTION, SHALL BE LIMITED TO ONE THOUSAND DOLLARS ($1,000). THE EXCLUSIONS AND LIMITATIONS OF THIS SECTION DO NOT APPLY (A) TO THE EXTENT PROHIBITED BY APPLICABLE LAW AND (B) TO THE INDEMNITY OBLIGATIONS SET FORTH IN SECTIONS 8.1 AND 20.
10 Governing Law and Dispute Resolution.
10.1 This Agreement shall be interpreted and construed in accordance with the laws of the State of Delaware, United States of America without regard to its conflict of laws provisions. If Customer’s applicable local law prevents Customer from agreeing to that choice of law, then all disputes will be governed by the applicable local laws of Customer’s country, state, or other place of residence.
10.2 Notwithstanding the foregoing, either party may seek emergency equitable relief at any time.
10.3 This Agreement is written and executed in, and all other communications under or in connection with this Agreement will be in, English. Any translation into any other language is not to be an official version of this Agreement.
11 Export Control Laws.
Each party shall comply with the export control laws of the United States which are applicable to the Software, and which may prohibit use of the Software in certain sanctioned or embargoed countries.
12 No Legal Advice.
Meld shall not provide Customer with any legal advice regarding compliance with laws, rules or regulations in the jurisdictions in which Customer uses the Software, including those related to data privacy, or medical, pharmaceutical or health related data. Customer acknowledges that the Software may be used in ways that do and do not comply with such laws, rules or regulations and it is Customer’s sole responsibility to monitor its compliance with all such relevant laws, rules or regulations. Customer acknowledges and agrees that not all features, functions and capabilities of the Software may be used in all jurisdictions, and Customer recognizes that certain features, functions and capabilities may need to be configured differently or not used in certain jurisdictions in order to comply with applicable local law. Customer is responsible for such Customer-specific use decisions and Meld disclaims all liability for such decisions.
13 Independent Contractors.
Meld and Customer are independent contractors. Neither party has the authority to bind or make any commitment on behalf of the other party. None of either party’s employees are entitled to any employment rights or benefits of the other party. Meld will be solely responsible for: (i) paying all wages and other compensation to Meld employees; (ii) withholding and payment of federal and state individual income tax, FICA, FUTA and other taxes and applicable amounts with respect to payments made to Meld's employees; (iii) providing all insurance and other employment related benefits to Meld's employees; and (iv) making any overtime payments to Meld's employees if required by law or regulations.
14 Waiver, Entire Agreement and Amendments, Representations, Severability and Purchase Orders.
The failure of either party to enforce at any time any of the provisions of this Agreement, or the failure to require at any time performance by the other party of any of the provisions of this Agreement, will not be construed to be a waiver of such provisions, or in any way affect the right of either party to enforce such provision thereafter. The Agreement encompasses the entire agreement between Customer and Meld with respect to the subject matter hereof and supersedes all prior representations, agreements and understandings, written or oral. This Agreement may not be altered, amended or modified except by written instrument signed by the duly authorized representatives of both parties. Customer acknowledges and agrees that in entering into this Agreement it does not rely on any statement, representation (whether innocent or negligent) assurance or warranty (whether or not in writing) of Meld, or any other person (whether or not party to this Agreement) other than as expressly set out in the Agreement. Customer specifically agrees that it has not relied upon the future availability of any software, products, services, programs, modifications, enhancements or updates in entering into in this Agreement. If any provision, or portion thereof, of this Agreement is or becomes invalid under any applicable statute or rule of law, it is to be deemed stricken and the rest of the Agreement shall remain in full force and effect. The terms and conditions appearing on any purchase order issued by Customer for this Agreement, if any, shall not change, add to, or modify the terms or conditions of this Agreement and shall have no effect.
15 Assignment.
Customer may not transfer or assign this Agreement, including by merger or operation of law, without the Meld’s prior written consent.
16 Survival.
The provisions of this Agreement that are intended to survive termination or expiration of this Agreement in order to achieve the fundamental purposes of this Agreement shall so survive, including, without limitation, the provisions regarding confidentiality, disclaimer of warranties, and limitation of liability.
17 Force Majeure.
Meld shall not be held responsible for any delay or failure in performance hereunder caused in whole or in part by fire, flood, wind, storm, lightening, or similar act of God, or by embargo, acts of sabotage, terrorism, riot or civil unrest, internet outages, or mandatory compliance with any governmental act, regulation or request (“Force Majeure Events”). If a Force Majeure Event occurs and disrupts the services to be provided under this Agreement, the Agreement shall be deemed extended by the length of the Force Majeure Event.
18 Notices.
All notices or other communications required or permitted to be given pursuant to this Agreement shall be in writing and shall be considered properly given or made if delivered electronically to: hello@usemeld.com.
19 No Third-Party Beneficiaries.
There are no third-party beneficiaries to this Agreement.
20 Customer’s Use of Third Party Licensed Data.
To the extent Customer stores data in the Software that has been purchased or licensed from third parties, Customer is responsible for ensuring its use, processing, reporting against, combination, comingling and manipulation of such data is in compliance with its agreements with the data provider. To the extent permitted by law, Customer will, indemnify and hold Meld harmless against any claims by such third-party data providers arising from Customer’s use of such third-party data in the Software.
21 Datacenter Sub-Processors.
Customer acknowledges that Meld may engage providers of hosting co-location and computing infrastructure related services for portions of its Software services. Customer acknowledges and agrees that Meld may engage new or additional providers of hosting co-location and computing infrastructure related services for portions of its Software services without further notification or approval from Customer.
22 Business Associate Addendum.
To the extent HIPAA, as defined in the Business Associate Addendum set forth as Exhibit B (“BA Addendum”) is applicable, the BA Addendum shall apply to Protected Health Information (as defined therein) that Customer uploads to the Meld software-as-a-service application in accordance with the requirements of the BA Addendum. As to data provided to Meld by Customer that is not Protected Health Information or in the event HIPAA does not apply, Meld shall have no obligations under the BA Addendum
Exhibit A - Support
1. Meld User Support.
Email support for Customer’s users is available from Meld at no additional charge according to these terms. There is no limit to the number of times a user can contact Meld Free Support for assistance.
a. Support Time: Meld Free User Support is available during standard business hours: Standard United States Business Hours 8:30AM – 7:00PM EST
Standard business hours do not include weekends or public holidays.
b. Meld Free User Support consists of:
i. First line support includes, but is not be limited to (i) a direct response to users with respect to inquiries concerning the performance, functionality, or operation of the product(s), (ii) a direct response to users with respect to problems or issues with the product(s), (iii) a diagnosis of problems or issues of the product(s), and (iv) a resolution of problems or issues with the product(s).
ii. Product updates, fixes, security alerts, and critical patch updates
iii. General releases, limited releases (where applicable), maintenance releases, and documentation updates
iv. Access to Meld Support for assistance through email.
c. The following items are considered out of scope for standard Meld Free User Support:
i. Training/how to sessions.
ii. Modification of customer data.
iii. Setting up reports.
These requests may be completed at the sole discretion of Meld Support Staff.
2. Return of Customer Data.
Upon termination or expiration of the Agreement, Meld shall (i) ensure that Customer has access to the Customer Data from the Software for a period no more than thirty (30) days. In no event may Meld preclude Customer from retrieving the Customer Data after the expiration or termination of the Agreement during this thirty (30) day period.
3. Testing.
Customers may not, (i) conduct security, integrity, penetration, vulnerability or similar testing on the Software, (ii) use any software tool designed to automatically emulate the actions of a human user (such tools are commonly referred to as robots) in conjunction with the Software, or (iii) attempt to access the data of another Meld customer (whether or not for test purposes).
4. Software Updates and Configuration.
Meld will provide Customer notice (normally via email) before performing a major software upgrade. Advance notification may not be given for minor upgrades or patches and such upgrades and patches do not cause system unavailability. All upgrades and patches are mandatory. In addition, Meld controls the configuration and management of Meld software-as-a-service and will manage all configuration changes it deems necessary and appropriate.
5. Software Validation.
Refer to Service Description Document for Software Validation information. Customer accepts the validation documentation as-is and may perform additional validation based on a system risk assessment. Upon reasonable request and notice, and at Customer’s own expense, Customer may request access to, and Meld will make available, validation materials to conduct an audit of Meld’s validation processes and procedures.
6. Backup.
All Customer Data is copied at least daily to a secure and physically remote secondary data center.
7. Disaster Recovery.
In the event of a disaster that renders the primary data center inoperable, disaster recovery procedures will be followed. The recovery procedures involve restoring the last backup of Customer Data to the secondary data center. The Software shall have disaster recovery procedures with a Recovery Point Objective (RPO) of not more than 24 hours and a Recovery Time Objective (RTO) of not more than 48 hours.
8. General.
Meld reserves the right to change existing infrastructure, hardware and underlying software used to provide the Software as expansion and new technology deem necessary. Meld assumes no responsibility for delays or problems that result from Customer’s computing or networking environment, Customer’s third-party vendors and/or Customer’s local or long-distance telephone carriers or ISPs. Use of the Software requires certain third-party applications, including a web browser, operating system and other third-party applications. The third-party applications supported by Meld and Meld policies with respect to such applications are as set forth in Meld's documentation for the Software.
EXHIBIT B
Business Associate Addendum
This Business Associate Addendum (“BA Addendum”) is incorporated into the Terms of Service (“Agreement”) made by and between Meld Software, Inc. (“Meld”) or its Affiliate and the Customer named in the signature block below (“Customer”) or its Affiliate. The term “Agreement” includes the Terms of Service and all exhibits, schedules, amendments, addenda, or appendices thereto and documents incorporated therein, and any order forms or statements of work referencing the Terms of Service. In the event of a conflict between the Agreement and this BA Addendum, the terms of the BA Addendum will control. All capitalized terms not defined in this BA Addendum are as defined in the Agreement. This BA Addendum is effective as of the Effective Date of the Agreement.
1. Scope
To the extent HIPAA (as defined below) is applicable, this BA Addendum applies to Protected Health Information (as defined below) that Customer uploads to the Meld software application(s) listed on Schedule 1 (each a “Meld Covered Application”) in accordance with the requirements of this BA Addendum. As to data provided to Meld by Customer that is not Protected Health Information or in the event HIPAA does not apply, Meld shall have no obligations under this BA Addendum.
2. Definitions
The following terms used in this BA Addendum shall have the same meaning as those terms in HIPAA: Breach, Business Associate, Covered Entity, Data Aggregation, Designated Record Set, Disclosure, Health Care Operations, Individual, Minimum Necessary, Required by Law, Secretary, Security Incident, Subcontractor, Unsecured Protected Health Information, and Use. In addition, the following definitions shall apply:
2.1 HIPAA means the U.S. Health Insurance Portability and Accountability Act of 1996, as amended, the Health Information Technology for Economic and Clinical Health Act of 2009 (“HITECH”), as amended, and all regulations promulgated thereunder, including but not limited to the HIPAA Privacy Rule, Security Rule, and Breach Notification Rule.
2.2 Customer has the meaning provided by the Agreement. With respect to this BA Addendum, Customer may be a Covered Entity or Business Associate, as applicable.
2.3 Protected Health Information or PHI has the meaning provided at 45 CFR 160.103 and in reference to this BA Addendum, means any PHI that Meld receives, transmits, creates or maintains from or on behalf of Customer pursuant to the Agreement and this BA Addendum.
3. Obligations and Activities of Meld
3.1 Meld will not Use or Disclose PHI other than as permitted or required by this BA Addendum or as Required by Law.
3.2 Meld will use appropriate safeguards and comply with the HIPAA Security Rule to prevent Use or Disclosure of PHI by Meld other than as provided for by this BA Addendum.
3.3 Meld will provide notice to Customer of any Breach, Security Incident, or other impermissible Use or Disclosure of PHI, as follows.
3.3.1 In the case of a Breach, Meld shall provide such notice as required by 45 CFR 164.410 within 72 hours of Discovery of such Breach. Meld will include in such notices the information required by 45 CFR 164.404(c), but only to the extent such information is reasonably available to Meld. The parties acknowledge that where Meld does not know the content or nature of PHI that Customer may enter or upload into the Meld Covered Application, it will not be possible for Meld to provide information about the identities of the Individuals or the types of information that may have been affected.
3.3.2 In the case of a Security Incident, Meld will notify Customer of a successful, or a material but unsuccessful, Security Incident promptly and as required by HIPAA. The parties acknowledge that notice is hereby deemed provided, and no further notice will be given, of unsuccessful attacks at unauthorized access, use, disclosure, modification or destruction such as pings and other broadcast attacks on a firewall, denial of service attacks, port scans, unsuccessful login attempts, or interception of encrypted information where the key is not compromised, or any combination of the above. In the case of any other Use or Disclosure of PHI not permitted by this BA Addendum, Meld will notify Customer promptly and as required by HIPAA.
3.3.3 In all cases where Meld notifies Customer of a Breach, Security Incident or other impermissible Use or Disclosure of PHI, Meld will cooperate with and assist Customer in the investigation of and response to such event, including providing supplemental information as appropriate.
3.4 Meld will ensure that any Subcontractors that create, receive, maintain, or transmit PHI on behalf of Meld agree to restrictions and conditions that are at least as stringent as those found in this BA Addendum.
3.5 To the extent that Meld maintains a Designated Record Set on behalf of Customer, Meld will make PHI available to Customer as necessary to satisfy Customer’s access and amendment obligations under 45 CFR 164.524 and 164.526.
3.6 Meld will maintain and make available to Customer the information required to provide an accounting of disclosures as necessary to satisfy Customer’s obligations under 45 CFR 164.528.
3.7 To the extent that Meld agrees in writing to carry out any of Customer’s obligations under the Privacy Rule, Meld will comply with any applicable legal requirements in the performance of such obligations.
3.8 Meld will comply with any applicable requirements of the HIPAA minimum necessary standard.
3.9 Meld will make its internal practices, books, and records available to the Secretary for purposes of determining compliance with HIPAA.
4. Permitted Uses and Disclosures by Meld
4.1 Meld may Use or Disclose PHI only as specified in this BA Addendum and in accordance with the Agreement, as updated, including the fulfillment or execution of instructions given by Customer pursuant to the Agreement.
4.2 Meld may Use or Disclose PHI as Required by Law.
4.3 Meld may not Use or Disclose PHI in a manner that would violate Subpart E of 45 CFR Part 164 if done by Customer, except for the specific Uses and Disclosures set forth below:
4.3.1 Meld may Use PHI for its proper management and administration or to carry out its legal responsibilities.
4.3.2 Meld may Disclose PHI for its proper management and administration or to carry out its legal responsibilities, provided the Disclosures are Required by Law, or Meld obtains reasonable assurances from the person to whom the information is Disclosed that the information will remain confidential and be Used or further Disclosed only as Required by Law or for the purposes for which it was Disclosed to the person, and the person notifies Meld of any instances of which it is aware in which the confidentiality of the information has been breached.
5. Encryption Controls
5.1 All data is encrypted at rest when stored in a Meld Covered Application.
5.2 In addition, Meld may configure certain fields as likely to contain Protected Health Information in the Meld Covered Application. Such configuration renders the content of such fields encrypted at the field level.
6. Obligations of Customer
6.1 Customer will not request or cause Meld to make a Use or Disclosure of PHI that does not comply with HIPAA or this BA Addendum.
6.2 Customer warrants that it has obtained any necessary consents or authorizations that may be required under HIPAA or other applicable law prior to uploading or storing Customer Data in the Meld Covered Application.
7. Term and Termination
7.1 Term. This BA Addendum shall be effective as of the date executed, and its term shall continue unless or until the BA Addendum is terminated in writing in accordance with this BA Addendum or the Agreement is terminated in accordance with its provisions, whichever is earlier.
7.2 Termination for Cause. In the case of a material breach of this BA Addendum, either party may terminate this BA Addendum after affording a cure period, in the manner set forth in the “Right to Terminate” provisions in the Agreement.
7.3 Coordination of Termination of this BA Addendum and the Agreement. If Customer is using or will use the Meld Covered Application to store or upload Customer Data that is PHI, or will otherwise Disclose PHI to Meld, Customer may not terminate the BA Addendum without simultaneously terminating the Agreement, in accordance with its terms. For the avoidance of doubt, Customer is not permitted to store or upload Customer Data that is PHI in the Meld Covered Application, or otherwise Disclose PHI to Meld, unless a BA Addendum is in force.
7.4 Obligations upon Termination.
7.4.1 Prior to termination of this BA Addendum, Customer will have an opportunity to download and/or delete Customer Data, including any PHI, that Customer has uploaded to or stored in the Meld Covered Application. Upon termination of this BA Addendum, Meld shall, if feasible, return or destroy PHI that Meld still retains and retain no copies of such information, except that if destruction is not feasible, Meld shall extend the protections of this BA Addendum to this information and limit any future Uses or Discloses to those purposes that make return or destruction infeasible.
7.4.2 To the extent that any PHI is retained by Meld pursuant to this BA Addendum, Meld’s obligations under this BA Addendum and applicable law, including HIPAA, shall survive the termination of this BA Addendum.
8. Indemnification
8.1 Subject to the terms of the Agreement regarding limitation of liability, Meld shall defend, indemnify, and hold harmless Customer, and its directors, officers and employees from and against any fines or penalties imposed by a third party or any third-party claims arising solely from Meld’s breach of this BA Addendum.
8.2 Meld will have the exclusive right to defend any indemnified claim (including the right to select and control the work of counsel) and make settlements thereof at its own discretion. Customer may not settle or compromise any indemnified claim, action or allegation, except with prior written consent of Meld. Meld may not, without Customer’s prior written approval, enter into any settlement of an indemnified claim that imposes a direct financial liability on Customer or includes an admission of fault by Customer. Customer shall give such non-monetary assistance and information as Meld may reasonably require to settle or defend indemnified claims.
9. Miscellaneous
9.1 A reference in this BA Addendum to a section in HIPAA means the section as in effect or as amended.
9.2 The parties agree to take such action as is necessary to amend this BA Addendum in writing from time to time as necessary for compliance with HIPAA and other applicable law.
9.3 Any ambiguity in this BA Addendum shall be interpreted to permit compliance with HIPAA and other applicable law.
9.4 Nothing in this BA Addendum or the Agreement is intended or shall be construed to make either party an agent of the other.
9.5 Nothing express or implied in this BA Addendum or the Agreement is intended or shall be deemed to confer any rights, obligations, remedies or liabilities upon any person other than the parties and their respective successors and assigns.
9.6 All other terms of the Agreement that are not set forth in this BA Addendum, including but not limited to privacy and security obligations not set forth in this BA Addendum, choice of law, venue, and Customer audit rights, shall be controlled by the Agreement.
9.7 This BA Addendum supersedes any and all previous BA Agreements or Addenda between the parties.
Schedule 1: Meld Covered Applications
-
Meld ProtocolGPT
This Schedule 1 may be superseded and replaced upon the execution of a new Schedule 1 at any time by the parties.