400%
200%
100%
75%
50%
25%
The URL can be used to link to this page
Your browser does not support the video tag.
Home
My WebLink
About
C22-343 Patagonia Health
Confidential. ©2022 Patagonia Health, Inc. 919.238.4780 | info@patagoniahealth.com 1. Sales Agreement Between Eagle County-CO Public Health and Patagonia Health, Inc. 15100 Weston Parkway, Suite 204 Cary, NC 27513 Contact Matt Fontaine O: (919) 345-5562 matt@patagoniahealth.com DocuSign Envelope ID: C690A468-E4CA-4602-A660-ED9EEDBB192A www.patagoniahealth.com SALES AGREEMENT Page 2 of 18 Confidential. ©2022 Patagonia Health, Inc. 15100 Weston Parkway #204, Cary, NC 27513 | 919. 238.4780 | info@patagoniahealth.com This “Agreement” comprises the below “HIPAA Business Associate Agreement,” the attached “Subscriber Services Agreement,” and the attached “Order Form,” is effective as of this the day of , 2022 (“Service Effective Date”), and is made by and between Patagonia Health, Inc., located at 15100 Weston Parkway, Suite 204, Cary, North Carolina, 27513 (“Business Associate,” “Vendor,” or “Patagonia Health”) and, Eagle County (“Client,” “County” or “Subscriber”) located at 500 Broadway Eagle, Colorado 81631. HIPAA BUSINESS ASSOCIATE AGREEMENT WITNESSETH WHEREAS, in connection with the goods and/or services provided to Client, Business Associate may be given or otherwise have access to Protected Health Information (“PHI”), as that term is defined in 45 CFR Part 160.103; and WHEREAS, Business Associate and Client intend to protect the privacy and provide for the security of any PHI disclosed to Business Associate, or to which Business Associate may have access, in compliance with the Health Insurance Portability and Accountability Act of 1996, Public Law 104-191 (“HIPAA”) and regulations promulgated there under by the U.S. Department of Health and Human Services (the “HIPAA Regulations”) and other applicable laws. WHEREAS, as part of the HIPAA Regulations, the Privacy Rule that is codified at 45 CFR Parts 160 and 164 requires Client to enter into a contract containing specific requirements with Business Associate prior to the disclosure of or providing access to PHI as set forth in the Privacy Rule, including without limitation 45 CFR Sections 164.502(e) and 164.504(e). NOW, THEREFORE, in consideration of the mutual promises and covenants set forth below, Client and Business Associate agree as follows: 1. Definitions Terms used, but not otherwise defined, in this HIPAA Business Associate Agreement shall have the same meaning as those terms as set forth in HIPAA and the HIPAA Regulations. 2. Requirements 1. Business Associate agrees to not use or further disclose PHI received from Client other than as permitted or required by this HIPAA Business Associate Agreement, or as required by law. 2. Business Associate agrees to use appropriate safeguards to prevent the use or disclosure of any PHI other than as provided for by this HIPAA Business Associate Agreement, and to maintain the integrity and confidentiality of any PHI created, received, maintained or transmitted by Business Associate on behalf of Client. 3. Business Associate agrees to report to Client immediately any and all security incidents resulting in a breach of security involving PHI. 4. Business Associate agrees to mitigate, to the extent practicable, any harmful effect that is known to Business Associate of a use or disclosure of PHI by Business Associate in violation of the requirements of this HIPAA Business Associate Agreement or applicable law. DocuSign Envelope ID: C690A468-E4CA-4602-A660-ED9EEDBB192A 1st November www.patagoniahealth.com SALES AGREEMENT Page 3 of 18 Confidential. ©2022 Patagonia Health, Inc. 15100 Weston Parkway #204, Cary, NC 27513 | 919. 238.4780 | info@patagoniahealth.com 5. Business Associate agrees to report to Client any use or disclosure, or improper or unauthorized access, of the PHI not provided for by this HIPAA Business Associate Agreement. 6. Business Associate agrees that any agent, including a subcontractor, to whom it provides PHI, received from, or created or received by Business Associate on behalf of Client, shall be subject to obligations of confidentiality with respect to such information at least as protective of the PHI as provided under this HIPAA Business Associate Agreement. 7. Business Associate agrees to provide access, at the request of Client, during normal business hours, to PHI in a Designated Record Set, to Client or, as directed by Client, to an Individual in order to meet the requirements under 45 CFR Part 164.524. 8. Upon written request, Business Associate agrees to make any internal practices, books, and records maintained in the ordinary course of business and relating to the use and disclosure of PHI received from, or created or received by Business Associate on behalf of Client available to Client, or at the request of Client, to the Secretary of Health and Human Services, or its designee, in a time and manner designated by Client or the Secretary, for purposes of the Secretary determining Client’s compliance with applicable law, including without limitation, HIPAA and HIPAA Regulations. 9. Business Associate agrees to document such disclosures of PHI and information related to such disclosures as would be required for Client to respond to a request by an Individual for an accounting of disclosures of PHI in accordance with 45 CFR Part 164.528. 10. Business Associate agrees to provide to Client or an Individual, in the time and manner designated by Client, information collected in accordance with this HIPAA Business Associate Agreement, to permit Client to respond to a request by an Individual for an accounting of disclosures of PHI in accordance with 45 CFR Part 164.528. 11. Business Associate agrees to report to Client any security incidents of which Business Associate becomes aware regarding Electronic PHI. 12. Patagonia Health, an Electronic Health Record (EHR) software company serving Public and Behavioral Health, is now supporting MS Edge Browser along with Firefox and Chrome. 3. Permitted Uses and Disclosures by Business Associate Business Associate may use or disclose PHI on behalf of, or to provide services to Client, as permitted under this HIPAA Business Associate Agreement. In addition: 1. Except as otherwise limited in this HIPAA Business Associate Agreement, Business Associate may use PHI for the proper management and administration or to carry out any present or future legal responsibilities of Business Associate. 2. Except as otherwise limited in this HIPAA Business Associate Agreement, Business Associate may disclose PHI for the proper management and administration and to fulfill any present or future legal responsibilities of Business Associate, provided that disclosures are required by law, or provided that Business Associate obtains reasonable assurances from the person to whom the information is disclosed that it will remain confidential and used or further disclosed only as required by law or only for the purpose for which it was disclosed to the person, and the person notifies Business Associate of any instances of which it is aware in DocuSign Envelope ID: C690A468-E4CA-4602-A660-ED9EEDBB192A www.patagoniahealth.com SALES AGREEMENT Page 4 of 18 Confidential. ©2022 Patagonia Health, Inc. 15100 Weston Parkway #204, Cary, NC 27513 | 919. 238.4780 | info@patagoniahealth.com which the confidentiality of the information has been breached. 3. Except as otherwise limited in this HIPAA Business Associate Agreement, Business Associate may use PHI to provide Data Aggregation services as permitted by 42 CFR Part 164.504 (e) (2)(i)(B). 4. The provisions of this HIPAA Business Associate Agreement shall not apply to PHI that Business Associate may receive from any source outside the scope of this HIPAA Business Associate Agreement or independent of its relationship with Client. 4. Term and Termination 1. Term. The Term of the obligations this HIPAA Business Associate Agreement shall become effective on the date of execution by Client, and shall terminate when all of the PHI provided by Client to Business Associate, or created or received by Business Associate on behalf of Client, or otherwise in Business Associate’s possession, is destroyed or returned to Client. 2. Termination for Cause. Upon Client’s knowledge of a material breach by Business Associate, Client shall provide a reasonable time for Business Associate to cure the breach. If Business Associate does not cure the breach or end the violation within such reasonable time, Client may terminate this HIPAA Business Associate Agreement. 5. Effect of Termination 1. Upon termination of this HIPAA Business Associate Agreement, for any reason, Business Associate shall return or destroy all PHI received from Client, or created or received by Business Associate on behalf of Client, or otherwise in Business Associate’s possession. Business Associate shall retain no copies of the PHI in any form. 2. In the event that Business Associate determines that returning or destroying the PHI is infeasible, Business Associate shall provide to Client notification of the conditions that make return or destruction infeasible. Business Associate shall extend the protections of this Agreement to such PHI and limit any further uses and disclosures of such PHI to only those purposes that make the return or destruction infeasible. 6. Miscellaneous 1. Regulatory References. A reference in this HIPAA Business Associate Agreement to a section in HIPAA or the HIPAA Regulations means the section as in effect or as amended, and for which compliance is required. 2. Amendment. The parties agree to take such action as is necessary to amend this HIPAA Business Associate Agreement from time to time as is necessary for the parties to comply with the requirements of HIPAA and the HIPAA Regulations. 3. Interpretation. Any ambiguity in this HIPAA Business Associate Agreement shall be resolved in favor of a meaning that permits Client to comply with HIPAA and the HIPAA Regulations. 7. Data protection 1. Protection of County Data shall be an integral part of the business activities of the Vendor to ensure there is no inappropriate or unauthorized use of County Data at any time. To this end, the Vendor shall safeguard the confidentiality, integrity and availability of County information and comply with the following conditions: • The Vendor shall implement and maintain commercially reasonable and appropriate administrative, technical and organizational security measures to safeguard against unauthorized access, disclosure or theft of County Data. Such security measures shall be in accordance with recognized industry practice. DocuSign Envelope ID: C690A468-E4CA-4602-A660-ED9EEDBB192A www.patagoniahealth.com SALES AGREEMENT Page 5 of 18 Confidential. ©2022 Patagonia Health, Inc. 15100 Weston Parkway #204, Cary, NC 27513 | 919. 238.4780 | info@patagoniahealth.com • The Vendor shall enforce separation of job duties, require commercially reasonable non- disclosure agreements, and limit staff knowledge of County Data to that which is absolutely necessary to perform job duties. • All data obtained by the Vendor in the performance of this contract shall become and remain the property of the County. • All County Data shall be encrypted in transit with controlled access, with the level of protection and encryption identified for County upon request. Unless otherwise stipulated, the Vendor is responsible for encryption of the County Data. • At no time shall any identifiable data or processes — that either belong to or are intended for the use of a County or its officers, agents or employees — be copied, disclosed or retained by the Vendor or any party related to the Vendor for subsequent use in any transaction that does not include the County. • The Vendor shall not use any PHI collected in connection with the service issued from this proposal for any purpose other than fulfilling this agreement. 8. Security Incident or Data Breach Notification 1. The Vendor shall inform the County of any security incident or data breach. 2. Incident Response: The Vendor may need to communicate with outside parties regarding a security incident, which may include contacting law enforcement, fielding media inquiries and seeking external expertise as mutually agreed upon, defined by law or contained in the contract. Discussing security incidents with the County should be handled on an urgent as-needed basis, as part of Vendor communication and mitigation processes as mutually agreed upon, defined by law or contained in the contract. 3. Security Incident Reporting Requirements: The Vendor shall report a security incident to the appropriate County identified contact within 5 days. 4. Breach Reporting Requirements: If the Vendor has actual knowledge of a confirmed data breach that affects the security of any County content that is subject to applicable data breach notification law, the Vendor shall (1) promptly notify the appropriate County identified contact within 24 hours or sooner, unless shorter time is required by applicable law, and (2) take commercially reasonable measures to address the data breach in a timely manner. In the case of a data breach originating from the County’s responsibilities, the Vendor will work with the County to identify and resolve the Breach, but the County will be responsible for any remediation steps as required by law. 9. Data Breach Responsibilities 1. In the case of a Data Breach originating from the County, the Vendor will provide assistance to the County for identification and resolution, but the County will have sole responsibility for any remediation actions necessary as a result of the Breach. 2. Vender shall (1) cooperate with the County as reasonably requested by the County to investigate and resolve the data breach, (2) promptly implement commercially reasonable remedial measures, if necessary, and (3) document responsive actions taken related to the data breach, including any post-incident review of events and actions taken to make changes in business practices in providing the services, if necessary. 3. Unless otherwise stipulated, if a data breach is a direct result of the Vendor’s breach of its contract obligation to encrypt personal data or otherwise prevent its release, the Vendor shall bear the costs associated with (1) the investigation and resolution of the data breach; (2) notifications to individuals, regulators or others required by state law; (3) a credit monitoring service if required by state (or federal) law; (4) a website or a toll-free number and call center for affected individuals required by state law — all not to exceed the average per record per person cost calculated for data breaches in the United States; and (5) complete all corrective actions as reasonably determined by Vendor based on root cause; all [(1) through (5)] subject to this contract’s limitation of liability. [REST OF PAGE INTENTIONALLY LEFT BLANK] DocuSign Envelope ID: C690A468-E4CA-4602-A660-ED9EEDBB192A www.patagoniahealth.com SALES AGREEMENT Page 6 of 18 Confidential. ©2022 Patagonia Health, Inc. 15100 Weston Parkway #204, Cary, NC 27513 | 919. 238.4780 | info@patagoniahealth.com IN WITNESS WHEREOF, the parties hereto have caused this Agreement to be executed by their duly authorized representative. SIGNATURES: Vendor (Patagonia Health, Inc.) Signature: Name: Ashok Mathur Title: CEO Email: ashok@patagoniahealth.com Phone: (919) 622-6740 Client COUNTY OF EAGLE, STATE OF COLORADO, By and Through Its COUNTY MANAGER By: Jeff Shroll, County Manager: Email for Invoices: phinvoices@eaglecounty.us DocuSign Envelope ID: C690A468-E4CA-4602-A660-ED9EEDBB192A www.patagoniahealth.com SALES AGREEMENT Page 7 of 18 Confidential. ©2022 Patagonia Health, Inc. 15100 Weston Parkway #204, Cary, NC 27513 | 919. 238.4780 | info@patagoniahealth.com SUBSCRIBER SERVICES AGREEMENT Introduction: Vendor has developed a subscription service as described herein (the “Service”) which provides services that enable medical professionals and their staffs to maintain their patient Electronic Medical Record / Practice Management Systems (the “Records”) within the Vendor Electronic Medical Record / Practice Management System Software (the “Software”) through Vendor’s secure network (the “Network”) using the Vendor database repository (the “Repository”). Subscriber is an Organization which provides diagnostic and other medical services to patients. Subscriber and Vendor (the “Parties”) desire for Vendor to provide Services to Subscriber under the terms set forth herein. For good and valuable consideration, the receipt and sufficiency of which is hereby acknowledged, the Parties agree as follows: 1. Service Provisions 1.1 Software 1. Vendor grants to Client non-exclusive and non-transferable rights to access and use the Service, subject to the terms and conditions below. 2. In consideration of the payments made in accordance with this Agreement, Vendor grants to the Subscriber non-exclusive, royalty-free, personal, non-transferable rights to access and use during the term of this Agreement to allow its Users (as defined in Section 1.3(2)) to use the Software only in connection with the Service. Subscriber shall ensure that its Users do not, copy, reverse engineer, decompile or disassemble the Software or use it for any purposes other than those expressly authorized herein. 1.2 Internet Connection Subscriber shall have sole responsibility to contract for, install, and maintain during the term of this Agreement an Internet connection which will enable the Records updated by Subscriber of its patients to be transmitted via the Internet to the Vendor Network (as defined in Sec. 1.3(3,4). The internet connection shall be established by installation date and shall be comparable with that specified and updated from time to time by Vendor. 1.3 Service During the term of this Agreement, in consideration of Subscriber’s payment of the appropriate fees as set forth on the Order Form and Subscriber’s compliance with the provisions herein, Vendor shall provide the Service as follows: 1. Vendor shall provide services as for Subscriber’s personnel who are authorized by Subscriber in writing to Vendor (“Named Users”) in the use of the Software as it relates to the Services as set forth in the Order Form. 2. Vendor shall provide initial training for Subscriber’s personnel who are authorized by Subscriber in writing to Vendor (“Named Users”) in the use of the Software as it relates to the Services as set forth in the Order Form. Additional training requested by Subscriber shall be at the then-current hourly rate charged by Vendor. Subscriber shall allow only Named Users who have received proper training to utilize the Software and Vendor Network, and shall allow access only through passwords which comply with password requirements provided by Vendor. Subscriber shall protect, and ensure that its Named Users protect, the confidentiality of User passwords. 3. Users shall use the Software to transmit and update Records in the Vendor Repository via the internet connection through the Network. DocuSign Envelope ID: C690A468-E4CA-4602-A660-ED9EEDBB192A www.patagoniahealth.com SALES AGREEMENT Page 8 of 18 Confidential. ©2022 Patagonia Health, Inc. 15100 Weston Parkway #204, Cary, NC 27513 | 919. 238.4780 | info@patagoniahealth.com 4. Users shall use the Software to review Records in the Vendor Repository via the internet connection through the Network. 1.4 Support Vendor agrees to provide support subject to Subscriber’s payment of the applicable support fees as follows: 1. Help desk support shall be provided during Vendor’s standard help desk hours, with Vendor’s recognized holidays excluded. “Help desk support” is defined as reasonable telephone support, which ranges from addressing simple application questions to providing in-depth technical assistance. 2. Vendor shall, in its sole discretion, provide periodic releases of the Software which include enhancements and corrections, as applicable. 3. Vendor shall be responsible for maintaining only the current and next most current release of the Software. 4. Vendor shall not be liable for breaches of warranty for issues caused by any third-party hardware or software installed by Subscriber. Vendor will provide reasonable technical support for any integration with a third- party software provider or to reinstall Service if required. Vendor shall not be held responsible for issues primarily and directly resulting from Subscriber’s internet connection failure or failure to maintain anti-virus software. 5. Contractor will ensure Chrome browser compatibility with their software on all of the Chrome browsers versions that are one year or less old. Contractor shall not require any plug-ins in order to access any Services functionality 2. Payment Subscriber shall pay Vendor for Service as indicated on the Order Form. Subscriber will pay annually for Service via automatic check after invoice. Vendor reserves the right to suspend Services upon five (5) days written notice to Subscriber until payment of overdue amounts is made in full. Vendor may adjust billing for actual user count on the first day of each (annual) anniversary from the Service Effective Date. 3. Limited Warranties 3.1 Vendor Warranties Vendor warrants to Subscriber: 1. That the Service will function during the term of this Agreement substantially in accordance with the Service specifications provided to Subscriber by Vendor from time to time. Subscriber shall promptly notify Vendor in writing (as defined in Section 9.4) of the details of any material non-conformance to such Service specifications, and Vendor shall use commercially reasonable efforts to promptly correct or re-perform any Services to remedy such non-conformance of which it is so notified at no charge to Subscriber. 2. That it has, and will have during the term of this Agreement, all necessary rights to enter into and perform its obligations under this Agreement and to provide the Services as set forth in this Agreement, and that the Services shall be performed in accordance with all applicable laws and regulations. 3. That it will comply with privacy requirements as listed in the HIPAA Business Associate Agreement 4. That it will meet System Availability of 99.5%. For each instance of Patagonia Health’s failure to meet in a complete calendar month, Patagonia Health will be required to refund to the customer the prorated amount of Unplanned Downtime experienced. Violation in terms of SLA listed in this document with the exceptions as listed in section 2.4 will also result in penalties for Patagonia Health. For the first 30-day violation, DocuSign Envelope ID: C690A468-E4CA-4602-A660-ED9EEDBB192A www.patagoniahealth.com SALES AGREEMENT Page 9 of 18 Confidential. ©2022 Patagonia Health, Inc. 15100 Weston Parkway #204, Cary, NC 27513 | 919. 238.4780 | info@patagoniahealth.com Patagonia Health will be penalized 10% of the monthly maintenance fee. Subsequent, consecutive 30-day violations will result in penalties of 10% monthly maintenance fee until such time that Patagonia Health fixes the problems. 4. Disclaimers Subscriber acknowledges that factors beyond the reasonable control of Vendor, including without limitation, non- conformance with the Service functions by Subscriber or its personnel, or software, hardware, services or connections supplied by third parties, may have a material impact on the accuracy, reliability and/or timeliness of the compliance of the Services with the Service specifications. Notwithstanding any contrary provisions of this Agreement, in no event shall Vendor be responsible for any non-conformities, defects, errors, or delays caused by factors beyond the reasonable control of Vendor. The warranties expressly set forth in this section are the only warranties given by either party in connection with this Agreement, and no other warranty, express or implied, including implied warranties of merchantability, title, and fitness for a particular purpose, will apply. 5. Intellectual Property Subscriber acknowledges and agrees that between the Parties, Vendor exclusively owns all rights to the Software, the Vendor Network, the Service, all materials, content and documentation provided by Vendor, and all derivatives to and intellectual property rights in any of the foregoing, including without limitation, patents, trademarks, copyrights, and trade secrets. Subscriber shall promptly advise Vendor of any possible infringement of which Subscriber becomes aware concerning the foregoing. Vendor acknowledges and agrees that, between the parties, Subscriber owns all data submitted by Subscriber or its personnel to Vendor or the Vendor Network. 6. Confidentiality Each party agrees: (a) that it will not disclose to any third party or use any confidential or proprietary information disclosed to it by the other party (collectively, “Confidential Information”) except as necessary for performance or use of the Services or as expressly permitted in this Agreement or as required by law; and (b) that it will take all reasonable measures to maintain the confidentiality of all Confidential Information of the other party in its possession or control, which will in no event be less than the measures it uses to maintain the confidentiality of its own information of similar importance. “Confidential Information” shall include all non-public information of either party disclosed hereunder, including without limitation, the Software, technical information, know-how, methodology, information relating to either party’s business, including financial, promotional, sales, pricing, customer, supplier, personnel, and patient information. “Confidential Information” will not include information that: (i) is in or enters the public domain without breach of this Agreement; (ii) the receiving party lawfully receives from a third party without restriction on disclosure and without breach of a nondisclosure obligation; (iii) the receiving party knew prior to receiving such information from the disclosing party; or (iv) develops independently without use of or resort to the other party’s Confidential Information. Subscriber consents in advance to the use of Subscriber’s name and logo as a customer reference in Vendor marketing materials and other promotional efforts in connection with Service. 7. Term and Termination This Agreement shall be in effect for an initial three-year term from the Service Effective Date. The term of this Agreement shall automatically renew for subsequent one-year periods unless either party notifies the other in writing at least three months prior to the end of the then-current term of its intent not to renew. Upon termination or expiration of this Agreement, Subscriber’s right to use the Service or access the Vendor Network shall cease and each party shall return to the other party or destroy, with the consent of the disclosing party, all Confidential Information of the disclosing party. Upon termination for any reason, Subscriber shall pay Vendor all amounts incurred for Services performed prior to the effective date of termination and all amounts due for the remaining term of the Agreement. All payments made are non-refundable. Upon termination, Vendor shall provide the subscriber their data in a federally defined Continuity of Care Document CCDA format, at no additional cost. If requested by Subscriber, Vendor can provide additional data extraction services at additional cost. DocuSign Envelope ID: C690A468-E4CA-4602-A660-ED9EEDBB192A www.patagoniahealth.com SALES AGREEMENT Page 10 of 18 Confidential. ©2022 Patagonia Health, Inc. 15100 Weston Parkway #204, Cary, NC 27513 | 919. 238.4780 | info@patagoniahealth.com Termination for Cause. Upon Client’s knowledge of a material breach by Vendor, Client shall provide a reasonable time for Vendor to cure the breach. If Vendor does not cure the breach or end the violation within such reasonable time, Client may terminate this Agreement pursuant to the terms in Section 7 of the Subscriber Services Agreement. 1. During any period of service suspension, the Vendor shall not take any action to intentionally erase any County Data. 2. In the event of termination of any services or agreement in entirety, the Vendor shall not take any action to intentionally erase any County Data for a period of 60 days after the effective date of termination. After such period, the Vendor shall have no obligation to maintain or provide any County Data and shall thereafter, unless legally prohibited. 3. The County shall be entitled to any post-termination technical assistance generally made available with respect to the services, at fee of $180 per hour. 4. As permitted by law, the Vendor shall securely dispose of all requested data in all of its forms, such as but not limited to; disk, CD/ DVD, backup tape, electronic backups and paper, when requested by the County. Data shall be permanently deleted and shall not be recoverable, according to National Institute of Standards and Technology (NIST)-approved methods. Certificates of destruction shall be provided to the County. 8. Limitation of Liability In no event will either party be liable for any damages for loss of use, lost profits, business loss or any incidental, special, or consequential damages whether or not such party has been advised of the possibility of such damages. except for each party’s indemnification obligations herein, each parties’ rights with regard to intellectual property, confidentiality obligations pursuant to section 6, and excluding subscriber’s payment obligations pursuant to this agreement, in no event shall either party’s liability in connection with or arising out of this agreement or the services the amount of insurance as required by Sec. 8.1 of this agreement. To the extent allowable by law, Subscriber shall indemnify Vendor and hold Vendor harmless against any and all claims, demands, actions, or causes of action arising from, related to, or alleging negligence or other wrongful conduct in the diagnosis or treatment of any patient. 8.1 Insurance: During the entire term of this Agreement, Vendor shall maintain, at its own expense, insurance in the following minimum amounts and classification: LIMITS OF LIABILITY Workmen’s Compensation and Employer’s Liability Workers’ Compensation AS REQUIRED BY STATUTE Employer’s Liability $100,000 bodily injury for each accident $100,000 each employee for disease $500,000 disease aggregate Commercial General Liability Bodily Injury $1,000,000 each occurrence $2,000,000 aggregate Comprehensive Automobile Liability Combined Limit $1,000,000 Technology Errors & Omissions and Cyber Liability including Identity Theft, Information Security and Privacy Injury DocuSign Envelope ID: C690A468-E4CA-4602-A660-ED9EEDBB192A www.patagoniahealth.com SALES AGREEMENT Page 11 of 18 Confidential. ©2022 Patagonia Health, Inc. 15100 Weston Parkway #204, Cary, NC 27513 | 919. 238.4780 | info@patagoniahealth.com $5,000,000 each wrongful act and aggregate All insurance policies required must be from an insurance carrier licensed to do business in the State of Subscriber. Vendor agrees to furnish proof of required insurance to the Subscriber when requested. 9. General Provisions 9.1 Assignment Neither party may assign this Agreement, in whole or in part, without the other party’s prior written consent except in the event of an assignment pursuant to the sale of all or substantially all of the assigning party’s business or assets. Any attempt by either party to assign this Agreement other than as permitted above will be null and void. 9.2 Force Majeure Vendor will not be responsible for any failure to perform due to causes beyond its reasonable control, including, but not limited to, acts of God, war, riot, failure of electrical, internet or telecommunications service, acts of civil or military authorities, fire, floods, earthquakes, accidents, strikes, or fuel crises. 9.3 Venue, Jurisdiction and Applicable Law. Any and all claims, disputes or controversies related to this Agreement, or breach thereof, shall be litigated in the District Court for Eagle County, Colorado, which shall be the sole and exclusive forum for such litigation. This Agreement shall be construed and interpreted under and shall be governed by the laws of the State of Colorado. 9.4 Notice Any notice under this Agreement will be in writing and delivered by personal delivery, overnight courier, or certified or registered mail, return receipt requested, and will be deemed given upon personal delivery, two (2) days after deposit with overnight courier or five (5) days after deposit in the mail. Notices will be sent to the Parties to addresses stated in this Agreement, or such other address or designee provided in writing by Parties. 9.5 No Agency The Parties are independent contractors and will have no power or authority to assume or create any obligation or responsibility on behalf of each other. This Agreement will not be construed to create or imply any partnership, agency, or joint venture. 9.6 Waiver No failure or delay by any party in exercising any right, power, or remedy under this Agreement, except as specifically provided herein, shall operate as any waiver of any such right, power, or remedy. 9.7 Severability If any provision of this Agreement is held by a court of competent jurisdiction to be invalid or unenforceable for any reason, the remaining provisions will continue in full force and effect without being impaired or invalidated in any way. The Parties agree to replace any invalid provision with a valid provision that most closely approximates the intent and economic effect of the invalid provision. 9.8 Survival The following provisions shall survive any termination or expiration of this Agreement: All definitions, and Sections 4 through 9. 9.9 Entire Agreement This Agreement, constitutes the complete and exclusive agreement between the Parties with respect to the subject matter hereof, superseding any prior agreements and communications (both written and oral) regarding such subject DocuSign Envelope ID: C690A468-E4CA-4602-A660-ED9EEDBB192A www.patagoniahealth.com SALES AGREEMENT Page 12 of 18 Confidential. ©2022 Patagonia Health, Inc. 15100 Weston Parkway #204, Cary, NC 27513 | 919. 238.4780 | info@patagoniahealth.com matter. This Agreement may only be modified, or any rights under it waived, by mutual agreement of both Parties. 10.0 Other terms 1. Data Ownership a. Vendor acknowledges and agrees that County owns all rights, title and interest in the County Data. The Vendor shall not access County user accounts or County Data, except (1) in the course of data center operations, (2) in response to service or technical issues, (3) for proactive service and problem resolution, (4) as required by the express terms of this contract or (5) at the County’s written request. 2. Data confidentiality a. Vendor agrees to keep confidential all PHI County Data, and agrees not to sell, assign, distribute, or disclose any such confidential information to any other person or entity without seeking written permission from the County. 3. Notification of Legal Requests a. The Vendor shall contact the County upon receipt of any electronic discovery, litigation holds, discovery searches and expert testimonies related to the County’s Data under this contract, or which in any way might reasonably require access to the data of the County. The Vendor shall not respond to subpoenas, service of process and other legal requests related to the County without first notifying the County, unless prohibited by law from providing such notice. 4. Access to Security Logs and Reports a. Upon request the Vendor shall provide the County within a timely manner, access to Security Logs and Reports, Data Center Audit or Vulnerability Scanning reports. 5. Data Center Audit or Vulnerability Scanning a. To ensure the security of County Data maintained by Vendor, the Vendor shall engage an independent third party or utilize independent third-party software services to perform an independent audit or vulnerability scanning of its data centers at least annually at its expense, and provide a redacted version of the audit report upon request. The Vendor may remove its proprietary information from the redacted version. This audit or vulnerability scanning shall include at minimum a scan of the organizations Internet perimeter, web application firewall, physical access to data center, crawling and testing web applications to identify vulnerabilities including for cross-site scripting and SQL injection. Any items that don’t meet standards or are marked as critical must be addressed and corrected by Vendor in a timely manner, as mutually agreed upon by the Parties. 6. Change Control and Advance Notice a. The Vendor shall give 10 business days advance notice and detailed release notes regarding changes to the services to the County of any upgrades that may impact service availability and performance. b. It is understood, as part of its normal business practices, the Vendor updates the production code approximately every six (6) weeks. The release notes are able approximately one week before each update. 7. Export of Data a. Vendor shall provide subscriber their data in a federally defined Continuity of Care Document CCDA format, at no additional cost. If requested by Subscriber, Vendor can provide additional data extraction services at additional cost. 8. Business Continuity and Disaster Recovery a. As a part of the Services, Vendor is responsible for maintaining a backup of County Data and for an orderly and timely recovery of such data in the event that the Services may be interrupted. Vendor shall maintain a contemporaneous backup of County Data that can be recovered within one day (24 hours) at any point in time. Additionally, Vendor shall store a backup of County Data in an off-site “hardened” facility no less than weekly, maintaining the security of County Data, the security requirements of which are further described herein. 9. Definitions a. Authorized Persons - Vendor’s employees, contractors, subcontractors or other agents who need to access the County Data to enable the Vendor to perform the services required. b. Data Breach - means the unauthorized access by a non-Authorized Person(s) that results in the use, DocuSign Envelope ID: C690A468-E4CA-4602-A660-ED9EEDBB192A www.patagoniahealth.com SALES AGREEMENT Page 13 of 18 Confidential. ©2022 Patagonia Health, Inc. 15100 Weston Parkway #204, Cary, NC 27513 | 919. 238.4780 | info@patagoniahealth.com disclosure or theft of a County Data. c. County Data - means all data created or in any way originating with the County, and all data that is the output of computer processing of or other electronic manipulation of any data that was created by or in any way originated with the County or was shared with the County by another law enforcement agency, whether such data or output is stored on the County’s hardware, the Vendor’s hardware or exists in any system owned, maintained or otherwise controlled by the County or by the Vendor. d. County Identified Contact - the person or persons designated in writing by the County to receive security incident or breach notification. e. Security Incident - means the potentially unauthorized access by non-Authorized persons to personal data or non-public data the Vendor believes could reasonably result in the use, disclosure or theft of a County Data within the possession or control of the Vendor. A Security Incident may or may not turn into a Data Breach. f. Go Live - “Go Live” shall mean the first productive use of the Software after cutover to the System 10. Compensation. a. County shall compensate Vendor for the Services in a sum computed and payable as set forth in the Order Form. The performance of the Services under this Agreement shall not exceed $75,000. b. Notwithstanding anything to the contrary contained in this Agreement, County shall have no obligations under this Agreement after, nor shall any payments be made to Vendor in respect of any period after December 31 of any year, without an appropriation therefor by County in accordance with a budget adopted by the Board of County Commissioners in compliance with Article 25, title 30 of the Colorado Revised Statutes, the Local Government Budget Law (C.R.S. 29-1-101 et. seq.) and the TABOR Amendment (Colorado Constitution, Article X, Sec. 20). DocuSign Envelope ID: C690A468-E4CA-4602-A660-ED9EEDBB192A www.patagoniahealth.com SALES AGREEMENT Page 14 of 18 Confidential. ©2022 Patagonia Health, Inc. 15100 Weston Parkway #204, Cary, NC 27513 | 919. 238.4780 | info@patagoniahealth.com ORDER FORM Term: ORDER FORM This Agreement will run for an initial term of three (3) years from the Service Effective Date. All fees including monthly subscription fees will increase, at the beginning of each year, by maximum of 4%. All payments made are non- refundable. Vendor may adjust billing for actual named user count at the beginning of each month. Subscriber is responsible for managing and keeping current all active and inactive users in the Vendor system. All professional service fees, after first year, charged at the then current rate. Vendor shall provide County with notice of such increases in fees no later than 60 days prior to the expiration of the then current Term or Renewal Term. The Electronic Health Record solution is deployed in a large number of states and has been used by hundreds of agencies for over a decade. The software is sold "As Is" and the customer will have access to purchased functionality as it exists as of date of contract execution. Any custom work requested beyond existing functionality will be charged, once approved by the customer, at $180/hr. (plus a maintenance fee, if applicable) or at the then prevailing rates. Marketing: Client provides permission for use of Client’s name in Vendor’s marketing material including videos and case studies. DocuSign Envelope ID: C690A468-E4CA-4602-A660-ED9EEDBB192A www.patagoniahealth.com SALES AGREEMENT Page 15 of 18 Confidential. ©2022 Patagonia Health, Inc. 15100 Weston Parkway #204, Cary, NC 27513 | 919. 238.4780 | info@patagoniahealth.com Item / Description Quantity One-Time Upfront Charge Monthly Subscription Fee Includes: Named Users Includes: Base System: complete, end to end, patient registration, electronic charting, billing, and reporting system. Enter data once and it auto-populates throughout the system. Includes Federally certified EHR. Ensures EHR meets all the federal standards including, but not limited to, stringent privacy, security requirements and clinical quality measures. No separate or additional charge for meaningful use certification upgrade. Includes: Patient demographic and contact info will be migrated from Ahlers. Vendor will provide a data migration template indicating which data points are being extracted. Web based (Software as a Service SaaS) EHR eliminates the need for cost and maintenance of servers on customer premises. Includes Electronic Prescription (Surescripts gold certified), no separate or additional per provider charges Connectivity to clearinghouse, no separate or additional clearinghouse Electronic Data Interchange charges. Includes upgrade to ICD, CPT and DSM codes, no separate or additional charges for codes or upgrades Patient portal (meaningful use compliant), no separate or additional charges for users Secure Messaging (staff to staff and agency to patient). 10 Included Included System Setup and Configuration: Patagonia Health will set up customer complete EHR (including any calendar, sliding fee scale, programs, clinical templates, billing and connectivity to clearinghouse) based on customer need. Included NA Item / Description Quantity One-Time Upfront Charge Monthly Subscription Fee Interface: Colorado Immunization Registry. Bi-directional 1 Included Included Immunization Inventory App. 1 Included Included DocuSign Envelope ID: C690A468-E4CA-4602-A660-ED9EEDBB192A www.patagoniahealth.com SALES AGREEMENT Page 16 of 18 Confidential. ©2022 Patagonia Health, Inc. 15100 Weston Parkway #204, Cary, NC 27513 | 919. 238.4780 | info@patagoniahealth.com Immunization Barcode scanning software. 1 Included Included Electronic Patient Consent forms with editor tool included. 5 Included Included Communicator App. 1 Included Included Electronic Fax. 1 Included Included Patient ID Scanning Feature - Directly scan patient ID or insurance information into patient demographics (Scanner purchased by the customer). 1 Included Included Two Factor Authentication. 1 Included Included # of Onsite Training Days - Mountain and Pacific regions (Note: Days quoted are per person days). 3 Included NA Training (Videos): Unlimited, on-demand, access by each user to built- in of training videos. Included NA Total Payments 1. Monthly On-going subscription fee Payments: First 2 months are free. Monthly payments start on the 1st day of January 2023. ($87.50 per user) $875.00 2. Initial Start Up Payment payable upon contract signing: Includes initial Set up/Training ($9,000.00). $9,000.00 3. Payments: Annual payments start January 01, 2023 and continue to December 31, 2025. Payments. January 01, 2023 x 10 mos. - January 01, 2024 x 12 mos.-January 01, 2025 x 12mos Annual payments listed below Three (3) Year Price: Payments Start-up Payment 1st Year 2nd Year 3rd Year 3-Year total Year 4 renewal Payments to Patagonia Health $9,000.00 $8,750.00 $10,920.00 $11,356.80 $40,026.80 $11,811.07 OPTIONAL SOFTWARE SERVICES Item / Description Quantity One-Time Upfront Charge Monthly Subscription Fee Mass Vaccination App 1 $3,000 $150 Onsite training (per day) 1 $3,000 n/a Contactless Patient Experience: 1.00 $0.00 $100.00 DocuSign Envelope ID: C690A468-E4CA-4602-A660-ED9EEDBB192A www.patagoniahealth.com SALES AGREEMENT Page 17 of 18 Confidential. ©2022 Patagonia Health, Inc. 15100 Weston Parkway #204, Cary, NC 27513 | 919. 238.4780 | info@patagoniahealth.com ACH PREAUTHORIZED PAYMENTS (DEBITS) Starting from date September 1, 2023, I hereby authorize Patagonia Health Inc. to initiate debit entries or such adjusting entries, either debit or credit which are necessary for corrections, to my Checking or Savings account indicated below and the financial institution named below to credit (or debit) the same to such account. FINANCIAL INSTITUTION NAME CITY, STATE TRANSIT/ROUTING NUMBER ACCOUNT NUMBER I understand that this ACH authorization will be in effect until I notify my financial institution in writing that I no longer desire ACH, allowing it reasonable time to act on my notification. I also understand that if corrections in the debit amount are necessary, it may involve an adjustment (credit or debit) to my account. I have the right to stop payment of a debit entry by notifying my financial institution before the account is charged. If an erroneous debit entry is charged against my account, I have the right to have the amount of the entry credited to my account by my financial institution. I agree to give my financial institution a written notice identifying the entry, stating that it is in error, and requesting credit back to my account. I will provide this written notice within 45 days after posting. NAME PRACTICE NAME SIGNATURE DATE DocuSign Envelope ID: C690A468-E4CA-4602-A660-ED9EEDBB192A www.patagoniahealth.com SALES AGREEMENT Page 18 of 18 Confidential. ©2022 Patagonia Health, Inc. 15100 Weston Parkway #204, Cary, NC 27513 | 919. 238.4780 | info@patagoniahealth.com SIGNATURE PAGE IN WITNESS WHEREOF, the parties hereto have caused this Agreement to be executed by their duly authorized representative. SIGNATURES: Vendor (Patagonia Health, Inc.) Signature: Name: Ashok Mathur Title: CEO Email: ashok@patagoniahealth.com Phone: (919) 622-6740 Client COUNTY OF EAGLE, STATE OF COLORADO, By and Through Its COUNTY MANAGER By: Jeff Shroll, County Manager Email for Invoices: phinvoices@eaglecounty.us FORM INSTRUCTIONS 1. Please review and fill out the agreement. 2. Signed Sales Agreement can be either faxed to Patagonia Health, Inc., at F: (919) 238-7920 Or emailed to sales@patagoniahealth.com Or mailed to Patagonia Health Inc., 202, Midenhall Way, Cary, NC 27513 (Note Business address is: 15100 Weston Parkway, Suite 204, Cary, NC 27513) Please call your representative with any question. DocuSign Envelope ID: C690A468-E4CA-4602-A660-ED9EEDBB192A
