Cubenix Software License Agreement
This Software License governs the usage of the Licensed Products by Client ("Terms"). The user of the Cubenix software shall be referred to herein as the “Client” within this Agreement.
1. Licensed Products. The "Licensed Products" are the products and services to which Client has subscribed pursuant to the Order Agreement as detailed in related SOWs.
-
Licensed Products Rights.
-
License.
-
Cubenix grants Client a non-transferable non-sublicensable, non-exclusive limited use license to use the Licensed Products on the designated computers located at the Licensed Facilities set forth in the Order Agreement for the duration of the Order Agreement. Client may not modify, copy, translate, decompile, disassemble, reverse engineer, loan, rent, lease, sublicense, or create derivative works of the Licensed Products, in whole or in part. Client shall not use the Licensed Products to operate any revenue-generating service business without the express prior written consent of Cubenix. Client agrees to maintain software and data as confidential and to deliver reports to members only. Client agrees to not copy, distribute or reverse engineer Cubenix application. Client will only share access to application with Client members on a need to know basis. Cubenix grants Client a non-transferable, non-sublicensable, non-exclusive license, solely for Client's use in the United States to use software modules described in the SOW.
-
-
Proprietary Materials. Client agrees not to remove or destroy any proprietary, trademark or copyright markings or notices placed upon or contained within the Licensed Products.
-
2.3 Copy Restrictions. Client may not make machine-readable copies of the Licensed Products. In no event does the copying permitted hereunder include the right to reverse engineer, decompile, modify, disassemble, or electronically transfer, in whole or in part, the Licensed Products, or to translate the Licensed Products into another computer language.
2.4 Warranties. Cubenix represents and warrants to Client that:
-
The Licensed Products will perform substantially in accordance with the descriptions set forth in each SOW;
-
Cubenix will take reasonable measures consistent with the best practices of companies providing services similar to Licensed Products to prevent the Licensed Products from containing viruses, time bombs, software disabling devices, or similar programs, routines, or devices that may damage Client's software or data or interfere with use of or access to such software or data or bypass any internal or external software security measure in order to obtain access to Client’s data, systems or software without Client’s consent; and
(c) Cubenix will comply with applicable laws, rules, or regulations, and will have obtained all permits required to comply with such laws and regulations, in licensing the Licensed Products.
-
Ownership, Confidentiality and Licenses.
-
Definitions. The following terms will have the indicated meanings:
-
(a) "Aggregated Data" means a compilation of multiple client cost and pricing data which Cubenix has taken commercially reasonable precautions to ensure that no individual, particular transaction or entity can be identified.
(b) "Marks" means an entity's identity elements, including, without limitation, its name and logo and such other trademarks, trade names, trade dress, service marks and service names that such entity uses or to which it has registration or license rights.
-
Ownership by Cubenix. As between Cubenix and Client, Cubenix owns and will own all right, title and interest in and to all intellectual property ("Cubenix Intellectual Property"), including, without limitation, all copyright, patent, trademark , trade secret, moral rights, goodwill and brand, design and so called "look and feel" and graphical user interface, data flows, product and connectivity specifications, schematics, documentation, source code and object code, data maps and definitions, and other proprietary rights, whether such is now existing or may hereafter come into existence, embodied in or associated with: (i) Cubenix; (ii) the Licensed Products; and (iii) Cubenix's Marks; (iv) Aggregated Data, but excluding Client's Marks.
-
Ownership by Client. Client owns and will own all rights, title and interest in and to all “Client Intellectual Property”. Client Intellectual Property includes without limitation, Client data, know-how, manner of operation, intellectual property, trade secrets, patient, vendor and employee information and any other business and market information. Cubenix shall have no ownership rights in any Client Intellectual Property.
-
Aggregated Data. Client grants Cubenix a worldwide, perpetual, royalty-free license to use Data provided by the client for the preparation of de-identified Aggregated Data.
-
Reserved Rights. Nothing in this Agreement grants either party any right to use the other party's Marks, or data for any other purpose except as stated in this Agreement; or use of any such Marks or data in any sales promotion, or press release without such other party's prior written approval. Cubenix reserves all rights in all Cubenix Intellectual Property, and Client reserves all rights in all Client Intellectual Property.
-
Confidentiality.
(a) Confidential Information. Confidential information of Cubenix is referred to as "Cubenix Confidential Information." Cubenix Confidential Information includes, without limitation, all Cubenix Intellectual Property and information. Confidential information of Client is referred to as "Client Confidential Information." Client Confidential Information includes, without limitation, all Client Intellectual Property and all transaction data. Cubenix Confidential Information and Client Confidential Information are collectively referred to as "Confidential Information." Confidential Information of the disclosing party also includes information that a reasonable person would generally understand and expect to be confidential or proprietary, as well as information that the disclosing party identifies at the time of disclosure as confidential. Confidential Information does not include information that the receiving party demonstrates:
-
was published or otherwise became available to the general public without breach of this Agreement;
-
was furnished by a third party without a breach of such third party's obligations to the disclosing party;
-
was in a party's possession prior to the disclosure by the other party; and
(iv) was developed independently by an employee or agent who was not aware of Confidential Information furnished to it pursuant to this Agreement.
(b) Obligations. Each party agrees to protect the confidentiality of the other's Confidential Information in the same manner that it protects the confidentiality of its own proprietary and confidential information of like kind, but in no event with less than due care and attention. Neither party will reproduce or use any Confidential Information of the other party. Neither party will disclose to any other person the other party's Confidential Information without the prior written consent of the other party, except as otherwise provided in this Agreement. Each party will give prompt notice to the other of any unauthorized disclosure of the other party's Confidential Information of which it becomes aware.
-
Legal Process. If either party receives a subpoena or other validly issued administrative or judicial process requesting the Confidential Information of the other party, the party receiving the subpoena or other process will provide prompt notice to the other party of such receipt and the substance of such subpoena or process if permitted by law. In addition, to the extent permitted by applicable law, the receiving party will provide reasonable cooperation with the other party in any attempt to contest or limit such required disclosure, at such other party's sole expense. The receiving party will thereafter be entitled to comply with such subpoena or process to the extent reasonably required by law, Notice will not be required prior to disclosure of Confidential Information to tax authorities to the extent reasonably required in connection with tax audits of Cubenix or Client.
-
Return of Confidential Information. Upon termination or expiration of this Agreement, each party will promptly return to the other party and/or delete or destroy all copies of the other party's Confidential Information in its possession, custody or control and certify to the other party that all such information was destroyed or returned, except that Cubenix may retain Product Data solely for archive purposes and Transaction Data for archive purposes and for purposes of its joint owner. Such archived Product Data or Transaction Data shall remain subject to the terms and conditions of Section 5.6 of this Agreement and survive the termination or expiration of this Agreement until such data is certified as destroyed or deleted or is declassified as Confidential Information.
-
Indemnification.
-
Cubenix. Cubenix will defend, indemnify and hold harmless Client, its officers, directors, agents, assigns and successors in interest (collectively the "Client lndemnitees") from and against any third party claims, demands, suits, causes of action, legal or administrative proceedings and pay all damages, costs and expenses, including, without limitation, reasonable attorneys' fees, paid, incurred or suffered by any of the Client lndemnitees arising out of or resulting from any third party claim (i) that any Proprietary Material infringes, misappropriates or violates any intellectual property rights of such third party; (ii) resulting from Cubenix's negligence or willful misconduct; or (iii) arising from Cubenix's failure to comply with applicable laws and regulations. Cubenix shall have no indemnification obligations or liability for any third party claims, demands, suits, causes of actions, legal or administrative proceedings arising out of: (i) Client’s negligence or willful behavior; (ii) Client’s failure to comply with applicable laws and regulations; or (iii) Client’s alteration or Client’s instructed alteration to Cubenix software or intellectual property.
-
4.2 Indemnification Procedures. Promptly after receipt by an indemnified party of a notice of any third party claim or the commencement of any action, such indemnified party must (a) notify the indemnifying party in writing of any such claim; (b) provide the indemnifying party with reasonable assistance to settle or defend such claim at the indemnifying party's own expense; and (c) grant to the indemnifying party the right to control the defense and/or settlement of such claim, at the indemnifying party's own expense; provided, however, that (i) the failure to so notify, provide assistance or grant authority and control will only relieve the indemnifying party of its obligation to the indemnified party to the extent that the indemnifying party is prejudiced thereby; (ii) the indemnifying party will not, without the indemnified party's consent (such consent not to be unreasonably withheld or delayed), agree to any settlement which: (x) makes any admission on behalf of the indemnified party; or (y) consents to an injunction against the indemnified party (except an injunction relating solely to the indemnified party's continued use of any infringing intellectual property); and (iii) the indemnified party will have the right at its expense, to participate in any legal proceeding to contest and defend a claim and to be represented by legal counsel of its choosing, but will have no right to settle a claim without the indemnifying party's written consent, such consent not to be unreasonably withheld or delayed, and (iv) in the event the indemnifying party elects not to assume the control granted pursuant to clause (c) above, the indemnified party will have the right, notwithstanding anything in the preceding clause (iii) to the contrary, to control the defense and/or settlement of such claim, at the indemnifying party's expense.
5. Disclaimers; Limitations of Liability.
5.1 Warranty Disclaimers. Except only for any express warranties set forth herein or in the Order Agreement, Cubenix does not represent or warrant that any of its services will operate error-free or without interruption, and except only as such entity has been advised of the possibility of such damages. In addition, neither party's liability for damages of any kind will, in any event, exceed the four (4) times the total amount of fees paid by client (and on client's behalf) to Cubenix related to client's use of licensed products. The foregoing limitations of liability shall not apply to any damages arising as a result of (i) a party’s indemnity obligations; (ii) a party’s breach of confidentiality obligations; (iii) third party claims relating to bodily injury or wrongful death; (iv) a party’s gross negligence or recklessness; or (v) a party’s violation of applicable law.
5.2 Limitations. In no event will either of the parties or any third party licensor or supplier be liable for any loss of profits, loss of use, business interruption, cost of cover or indirect, special, incidental, or consequential damages of any kind in connection with or arising out of the furnishing, performance or use of the Cubenix services, whether alleged as a breach of contract or tortious conduct, including negligence. Cubenix hereby disclaims and excludes all warranties of any kind, express or implied (whether arising under law or equity or custom or usage), including without limitation, the implied warranties of merchantability and fitness for a particular purpose.
6. Insurance. Cubenix and Client shall each, at its sole cost and expense, maintain appropriate insurance with Commercial General Liability Broad Form Coverage, including Contractual Liability, Contractor's Protective Liability, Automobile Liability and Personal Injury/Property Damage Coverage in a combined single limit of not less than $1,000,000, and Workers Compensation subject to the statutory requirements of the party's State and Employers Liability of not less than $1,000,000. Each party will provide the other party a Certificate of Insurance indicating such coverage upon request.
7. Expiration and Termination.
7.1 Termination. The Licensed Products Rights granted under Section 2.1 will terminate upon the Expiration Date set forth in the Order Agreement, and otherwise will be deemed terminated if there is a material breach of the Terms and the breach is not cured within thirty (30) days of notice of breach. For clarification, Client's sole remedy for Cubenix's failure to sustain service levels pursuant to Section 2.4(a) is termination in accordance with the Service Level Requirements and reimbursement of any related fees. In the event Cubenix agrees to allow Client to use the Licensed Products after the Expiration Date, other than pursuant to Section 10.2, the provisions of these Terms shall apply but may be terminated at any time by Cubenix, in its sole discretion, upon Cubenix written notice to Client. Cubenix and the Client agree to regroup at least 30 days prior to the anniversary of each agreement year to confirm engagement. If engagement is deemed unsuccessful by the Client, Client may terminate the agreement upon written notice. If Cubenix breaches its obligations under this Agreement, and such breach remains uncured for thirty (30) days. For the benefit of doubt, Cubenix will be in breach of its obligations if:
8. Books and Records.
8.1 Pursuant to the requirements of 42 CFR 420.300 et seq., Cubenix agrees to make available to the Secretary of Health and Human Services ("HHS"), the Comptroller General of the Government Accounting Office ("GAO") or their authorized representatives, all contracts, books, documents and records relating to the nature and extent of costs hereunder for a period of four (4) years after the furnishing of services hereunder for any and all services furnished under this Agreement. This clause will apply if, and solely to the extent that Section 1861 (v)(1)(i) of the Social Security Act applies to this Agreement.
8.2 If Cubenix carries out any of the duties of this Agreement through a subcontract with a value or cost of $10,000 or more over a twelve (12) month period, with a related organization, such subcontract shall contain a clause to the effect that until the expiration of four (4) years after the furnishing of such services pursuant to such subcontract, the related organization shall make available, upon written request to the HHS Secretary or the Comptroller General, or any of their duly authorized representatives, the subcontract, and books, documents and records of such organization that are necessary to verify the nature and extent of such costs.
8.3 If Cubenix is requested to disclose books, documents or records pursuant to this section, Cubenix shall notify Client of the nature and scope of such request and Cubenix shall make available, upon written request of Client, all such books, documents or records, during regular business hours of Cubenix.
8.4 This section pertains solely to the maintenance and disclosure of specified records and shall have no effect on the right of the parties to this Agreement to make assignments or delegations.
-
Compliance.
9.1 Unless this Agreement is exempted by the rules and regulations of the Secretary of Labor issued pursuant to Section 204 of Executive Order 11246, there is incorporated herein by reference paragraphs 1 through 7 of the contract clause set forth in Section 202 of Executive Order 11246.
9.2 Cubenix shall, to the extent applicable, comply with the provisions of the Immigration Reform and Control Act of 1986.
9.3 Unless this Agreement is exempted by the rules and regulations of the Secretary of Labor issued pursuant to Title 41 Chapter 60 Parts 60-250 of the Code of Federal Regulations, the Affirmative Action Clause relating to an affirmative action for veterans contained in 60-250.4(a) - (m) is incorporated by reference.
9.4 Cubenix represents and warrants to Client that Cubenix's directors, officers, and employees (i) are not currently excluded, debarred, or otherwise ineligible to participate in the Federal health care programs as defined in 42 U.S.C. § 1320a-7b(f) (the "Federal Healthcare Programs"); (ii) have not been convicted of a criminal offense related to the provision of healthcare items or services but have not yet been excluded, debarred, or otherwise declared ineligible to participate in the Federal Healthcare Programs, and (iii) are not aware of being under investigation or otherwise aware of any circumstances which may result in Cubenix being excluded from participation in the Federal Healthcare Programs. This shall be an ongoing representation and warranty during the term of the Order Agreement and Cubenix shall immediately notify Client of any change in the status of the representations and warranty set forth in this Section 9.4. Any breach of this Section 9.4 shall give Client the right to terminate the Order Agreement immediately for cause.
9.5 Client and Cubenix each represents, warrants and covenants to the other that during the term of this Agreement, it shall perform its obligations hereunder in conformance with all applicable federal, state and local laws and regulations.
9.6 Each party acknowledges that it is the intent of the parties to establish a business relationship that complies with the Medicare and Medicaid anti-kickback statute set forth at 42 U.S.C. Section 1320a-7b(b), and each party represents and warrants that it satisfies, and during the term of this Agreement, will continue to satisfy, all of the requirements of 42 U.S.C. Section 1320a-7b(b).
9.7 The parties intend that the pricing, service and rebate provisions of this Agreement and the reporting obligations of Client as they relate to Cubenix's services provided under this Agreement comply at all times with the Discount Safe harbor provisions set forth at 42 C.F.R. § 1001.952(h). Accordingly, Cubenix shall comply with the obligations set forth at 42 C.F.R. § 1001.952(h)(2) to report and disclose and pay discounts, rebates and other reductions to Client for the Cubenix services provided under this Agreement and Client and Cubenix shall ensure that each complies with the obligations set forth at 42 C.F.R. § 1001.952(h)(1) with respect to the discounts, rebates and other reductions to Client for the Cubenix services provided under this Agreement.
-
HIPAA Privacy Rule Compliance.
10.1 General. In connection with the services provided by Cubenix hereunder, Cubenix may use and/or disclose individually identifiable health information in connection with providing the services to Client. The U.S. Department of Health and Human Services has issued regulations on "Standards for Privacy of Individually Identifiable Health Information," which comprise 45 C.F.R. Parts 160 and 164, promulgated pursuant to the Health Insurance Portability and Accountability Act of 1996 (the "Privacy Standards"). For purposes of this Agreement, Client is a "covered entity" and Cubenix is a "business associate" within the meaning of the Privacy Standards. Client, as a covered entity, is required by the Privacy Standards to obtain satisfactory assurances that business associate will safeguard Protected Health Information and Cubenix, as a business associate, is required to comply with the Administrative Simplification provisions of Title II, Subtitle F of Division B of the American Recovery and Reinvestment Act also known as the Health Information Technology for Economic and Clinical Health Act and their Implementing regulations (collectively, “HIPPA”). Cubenix, as a business associate will appropriately safeguard and agrees not to use or disclose Protected Health Information ("PHI") disclosed by, or created or received by Cubenix on behalf of Client other than as permitted or required under this Agreement.
10.2 Effect. The terms and provisions of this Section 10 shall supersede any other conflicting or inconsistent terms and provisions in this Agreement and any other agreements between the parties, including all exhibits or other attachments hereto and thereto and all documents incorporated therein by reference.
10.3 Amendment. Cubenix and Client agree to amend this Agreement to the extent necessary to allow either Cubenix or Client to comply with the Privacy Standards and the Security Standards (45 C.F.R. Part 142) (collectively, the "Standards") promulgated or to be promulgated by the Secretary.
10.4 Definitions. Capitalized terms used in this Section 10.4 without definition shall have the respective meanings assigned to such terms in 45 C.F.R. Parts 160 and 164. However, the term PHI shall be limited to information created or received by Cubenix from or on behalf of Client.
10.5 Obligations of Cubenix
-
Use and Disclosure of Protected Health Information. Cubenix may use and disclose PHI only as required to satisfy its obligations under this Agreement or as required by law, but shall not otherwise use or disclose any PHI. The parties contemplate that Cubenix may disclose PHI to subcontractors as part of the services provided under this Agreement and such contractors shall be obligated to execute a business associate agreement with Cubenix. Cubenix shall not, and shall ensure that its directors, officers, employees, contractors and agents do not, use or disclose PHI received from Client in any manner that would constitute a violation of the Privacy Standards, except that (1) Cubenix may use PHI (i) for Cubenix's proper management and administration services, (ii) to carry out the legal responsibilities of Cubenix or (iii) to provide or perform services for, or on behalf of Client, including data aggregation services relating to the health care operations of Client in accordance with this Agreement to the extent all identifiers are omitted and (2) Cubenix may disclose PHI for Cubenix's proper management and administration, provided that (i) the disclosures are required by law.
(b) Safeguards against Misuse of Information. Should Cubenix utilize PHI, Cubenix shall use appropriate safeguards to prevent the use or disclosure of PHI other than pursuant to the terms and conditions of these provisions.
(c) Reporting of Disclosures of Protected Health Information. Cubenix shall report to Client any use or disclosure of PHI in violation of these provisions or HIPAA without unreasonable delay and no more than five (5) days after which it becomes aware. Cubenix will treat a breach as discovered on the first day on which Cubenix, its employee, officer, agent or representative knew of the breach or should have known of the breach if it had exercised due diligence. Cubenix shall coordinate with Client to (i) investigate the breach; (ii) inform all affected individuals; and (iii) mitigate the harmful effects of the breach. Cubenix will, at a minimum provide Client with the following information in each notification in accordance with 45 C.F.R 164.404: (i) point of contact information; (ii) brief description of what occurred with respect to the breach, including the extent known, the date of the breach and the date on which the breach was discovered; (iii) description of the types of unsecured PHI that were disclosed during the breach; and (iv) a description of what the business associate is doing to investigate the incident and protect against further incidents. Cubenix shall report to Client within five (5) days of discovery any use of or disclosure of PHI not provided for under the provisions of this Agreement.
(d) Agreements by Third Parties. Cubenix shall obtain and maintain an agreement meeting the requirements of 45 CFR 164.504(e) and 164.314(a)(2) with each agent or subcontractor that has or will have access to PHI, which is received from, or created or received by Cubenix on behalf of, Client, pursuant to which agreement such agent or subcontractor agrees to be bound by the same restrictions and conditions that apply to Cubenix under HIPAA and pursuant to these provisions with respect to such PHI.
(e) Access to Information. Cubenix shall not maintain PHI in a Designated Record Set and, thus, 45 C.F.R. § 164.504(e)(2)(ii)(E) regarding providing individuals access to PHI shall not be applicable.
(f) Availability of Protected Health Information for Amendment. Cubenix shall not maintain PHI in a Designated Record Set and, thus, 45 C.F.R. § 164.504(e)(2)(ii)(F) regarding making PHI available for amendment and incorporating any amendments made by an Individual shall not be applicable.
(g) Accounting of Disclosures. Within ten (10) days of notice by Client of a request for an accounting of disclosures of PHI, Cubenix and its agents or subcontractors shall make available to such Covered Entity the information required to provide an accounting of disclosures to enable Client to fulfill its obligations under 45 C.F.R. § 164.528. In accordance with the Privacy Standards, Cubenix shall not include in such an accounting those disclosures made: (i) to carry out treatment, payment or health care operations, as provided in 45 C.F.R. § 164.502; (ii) to individuals of PHI about them as provided in 45 C.F.R. § 164.502; (iii) pursuant to an authorization as provided in 45 C.F.R. § 164.508; (iv) to persons involved in the individual's care or other notification purposes as provided in 45 C.F.R. § 164.510; (v) for national security or intelligence purposes as provided in 45 C.F.R. § 164.512(k)(2); or (vi) to correctional institutions or law enforcement officials as provided in 45 C.F.R. § 164.512(k)(5).
(h) Availability of Books and Records. Cubenix hereby agrees to make its internal practices, books and records relating to the use and disclosure of PHI received from, or created or received by Cubenix on behalf of, Client available to the Secretary for purposes of determining Client's compliance with the Privacy Standards. (i) Minimum Necessary Requirement. Cubenix shall limit any request, use or disclosure of PHI to the minimum amount of PHI reasonably necessary to accomplish the intended purposes of the request, use or disclosure. To the extent practicable, Cubenix shall omit direct identifiers from all uses, disclosures or requests for PHI.
(j) Mitigation. Cubenix shall mitigate, to the extent practicable, any harmful effect, that is known to Cubenix, of a use or disclosure of PHI by Cubenix in violation of this Agreement or HIPAA.
(k) Indemnification. Cubenix shall defend, indemnify and hold Client and its employees, officers, directors agents and contractors, and its affiliates harmless from and against any and all claims, losses, liabilities, costs, attorneys’ fees and other expenses incurred as a result of or arising directly or indirectly out of or in connection with Cubenix, its employees, officers, directors, subcontractors, agents and representatives (“Cubenix”) breach of the provisions under Section 10 of this Agreement , violation of HIPAA, HITECH or other applicable law or otherwise related to the acts or omissions of Cubenix.
(l) Insurance. In addition to the Insurance policies required under Section 6 of this Agreement, Cubenix shall maintain insurance coverage sufficient to meet its obligations under this Section 10.
10.6 Term and Termination of Provisions.
(a) Term. The provisions of this Section 10 shall become effective on the effective date of the Agreement and, unless otherwise terminated as provided herein, shall have a term that shall run concurrently with that of the last expiration date or termination of this Agreement.
(b) Termination upon Breach of Provisions Applicable to Protected Health Information. Any other provision of this Agreement notwithstanding, this Agreement may be terminated by Client upon thirty (30) days written notice to Cubenix in the event that Cubenix breaches any material provision contained in this Section 10 and such breach is not cured within such thirty (30) day period.
(c) Effect of Termination. Upon termination of this Agreement, Cubenix shall either return or destroy all PHI received from Client or created or received by Cubenix on behalf of Client and which Cubenix still maintains in any form. Cubenix shall not retain any copies of such PHI. Cubenix shall certify to Client in writing that PHI has been returned or destroyed. Notwithstanding the foregoing, the parties acknowledge that if it is not feasible to return or destroy PHI maintained in Cubenix's databases and applications, Cubenix shall provide a written notice detailing the reasons and the terms and provisions of this Section 10 shall survive termination and such PHI shall be used or disclosed solely for such purpose or purposes which prevented the return or destruction of such PHI.
11. Miscellaneous.
11.1 Notices. All notices, requests, demands, or other communications made pursuant to this Agreement shall be in writing and shall be given by mail by first class, certified airmail, postage prepaid, or by nationally recognized carrier or hand delivery (in all instances with confirmation by mail to be provided by the party giving notice) to the recipient party, to the addresses set forth on the execution page of the Order Agreement. Each party may change its address for purposes of this section by notice to the other parties in the manner specified above.
11.2 Interpretation. Any ambiguity in the provisions under this Section 10 shall be resolved to permit Client to comply with the HITECH Act, the Privacy Rule and the Security Rule.