R14-065 1!
1 RESOLUTION NO. R14 -065
2
3 A RESOLUTION OF THE CITY COMMISSION OF THE
4 CITY OF BOYNTON BEACH, FLORIDA, APPROVING
5 AND AUTHORIZING THE CITY MANAGER TO
6 ENTER INTO A SOFTWARE LICENSE AGREEMENT
7 WITH MEDAPOINT, INC., OF AUSTIN TEXAS, FOR
8 THE USE OF "ADVANCECLAIM" EMS /AMBULANCE
9 BILLING SOFTWARE; AND PROVIDING AN
10 EFFECTIVE DATE.
11
12 WHEREAS, the Fire Rescue Department has the responsibility of billing patients
13 and/or the patient's insurance utilizing an ambulance billing software that was purchased in
14 2007; and
15 WHEREAS, the current software has become inadequate due to age and lack of
16 updates /progression and therefore the department is requesting authorization for the use of a
17 new interne based computer software program for EMS Transport Billing functions; and
18 WHEREAS, upon recommendation of staff, the City Commission has determined
19 that it is in the best interests of the residents of the City to approve a Software License
20 Agreement with MedaPoint, Inc., of Austin, TX for the use of "AdvanceClaim"
21 EMS /Ambulance Billing Software and authorize the City Manager to enter into a Software
22 License Agreement with a startup cost of $3,900 and a usage fee of 0.89 per billable claim
23 payable monthly with an initial term of one (1) year.
24 NOW, THEREFORE, BE IT RESOLVED BY THE CITY COMMISSION OF
25 THE CITY OF BOYNTON BEACH, FLORIDA, THAT:
26 Section 1. The foregoing "Whereas" clauses are hereby ratified and confirmed as
27 .eing true and correct and are hereby made a specific part of this Resolution upon adoption
28 ereof.
• pps3 City Cbb\ Auto \Data\217 \Items\208 \3081\ 3979\ Reso_-_ Medapomt _Software_License_Agreement Doc
it
1 Section 2. The City Commission of the City of Boynton Beach, Florida does
1
2 hereby approve a Software License Agreement with MedaPoint, Inc., of Austin, TX for the
3 use of "Advance Claim" EMS /Ambulance Billing Software and authorize the City Manager to
4 enter into a Software License Agreement with a startup cost of $3,900 and a usage fee of 0.89
5 per billable claim payable monthly with an initial term of one (1) year, a copy of which is
6 attached hereto as Exhibit "A".
7 Section 3. This Resolution shall become effective immediately upon passage.
8
9 PASSED AND ADOPTED this 5 day of August, 2014.
10
11 CITY OF BOYNTON BEACH, FLORIDA
12
13
14 rL �. * Z ` --'
15
, or r
16 ,,
17 ' 1I
18 ►ail: .! _ 41..
-
19 • e Mayor - Joe Casello
21 '� °+ N H\ \
22 C. ,�
23 Commissioner - Dav I T. erker
24
25
26 %-
27 • -- • ner - ack • ray
28
29
30 , - 14.„,..f. .../ e,e 4 t/ Ir
31 Commissioner - Michael M. Fitzpatf
32 ATTEST:
33
34 ! - a
35 al . P I *to, MMC,
38 (C. rte
\ ,. 4
11' TO N ,8ti,
\Apps3 C ty Cbb\Auto \Data\217\1tems\208 \3081 \ 3979\ Reso_-_ Medapomt _Software_License_Agreement Doc
)
SOFTWARE LICENSE AGREEMENT
This Software License Agreement ( "Agreement ") is dated August /a, 2014 (`'Agreement Effective
Date ") by and between MedaPoint, Inc. ( "MedaPoint "), a Texas corporation, wit 1 a principal place of
business located at 3005 South Lamar Avenue, Suite D109 - -136, Austin, Texas 78704 and City of
Boynton Beach ( "Licensee "), a municipal corporation organized and operating under the Laws of Florida,
located at 100 E. Boynton Beach Blvd. P.O. Box 310 Boynton Beach, Florida. 33425, to license the
software specified herein subject to the Terms and Conditions attached and incorporated into this
Agreement as Attachment A. MedaPoint and Licensee are each a "Party" and together are the "Parties."
By executing this Agreement the Parties agree to the Terms and Conditions.
1. SOFTWARE. Licensee may use the following software ( "Software ") pursuant to the terms of this
Agreement and the Agreement:
• AdvanceClaimTM EMS /Ambulance Billing Software
The Software provided herein shall be hosted by MedaPoint. Licensee may use the Software licensed
herein solely in connection with the EMS /Ambulance Billing of City of Boynton Beach Fire Resccue.
2. TERM. The term of this Agreement shall begin on the Agreement Effective Date and end one (1)
year thereafter ( "Initial Term "). Within ninety (90) days of the date this Agreement terminates, the
Parties may mutually agree in writing to renew this Agreement for additional terms.
3. FEE. The fee for the Software licensed pursuant to this Agreement is a subscription fee for a
software service license subject to the Terms and Conditions contained in Attachment "A." The
subscription fee for use of the Software is:
• Annual AdvanceClaimTM Base Fee:
• Includes system licensing, unlimited user logins, and online training
$3900.00, due upon contract execution
• AdvanceClaimTM Usage Fees:
$0.89 per billable claim, invoiced monthly for previous month's actual use
Optional Fees:.
• Patient Statements Direct(printed, mailed, stamped by clearinghouse) $0.68 per statement
• HCFA Drop to Paper $0.32 per submission
MAINTENANCE AND SUPPORT SERVICES. The subscription fees include fees for Maintenance
and Support Services and hosting of the Software. In addition, MedaPoint shall provide standard support
service for resolving login issues, basic usage questions and defect/service outage reporting caused by
MedaPoint. MedaPoint customer support service will assist Licensee should Licensee encounter
problems with the Software or have questions about its usage. Licensee acknowledges that standard
support is to facilitate normal operational usage of the Software and not value -added services that will
require a trained professional to accomplish. Any additional integration or Licensee -side configuration is
not included in the subscription fee. At the request of Licensee, MedaPoint can facilitate integration and
custom development efforts that are above and beyond the scope of the services described in this Section,
subject to mutual written agreement.
HIPAA. Due to the highly sensitive and confidential information being stored by MedaPoint, the Parties
shall agree to execute a HIPAA Business Associate Agreement, which shall be incorporated into and
attached to this Agreement as Attachment "B."
IN WITNESS OF THE FOREGOING, the Parties have set their hands and seals the day
and year first written above.
CITY OF BOYNTON BEACH
ATTEST:
Y: d
a
0 ET PRAINITO G` Y '� LORI LAVERRIERE
" Y CLERK CITY MANAGER
APPROVED ; O FORM: 1
0 (.I
OF r E OF TH - gATTORNEY
MEDAPOIN ' IN •
WITNESSES: A
\ /Q, BY: L/L /ta , N . " L
Eric Becket 6 0
— aaP` I-- Print Name: •!L! c 40cE.41-
Title: i 0r,4e lf./rof' C
STATE OF TEXAS )
COUNTY OF Tr owl, s )
THE FOREGO G INSTRUMENT _ �w,as ckn w before me this L day of
ilikil (A , 2014, by L.F-I G { (/lt r representative of MEDAPOINT,
INC., wh6 is personally known to me or has produced 13 LI L46 1/1)5C) as
identification, and by execution hereof certifies that (s)he • . the authorized to execution this
agreement.
i / /
OTAR PUBLIC
My Commission Expires:
411tre, IU NM, a
Print or Type Name
ANDREA R CAMA HO
e NOTARY PUBLIC
,< :1, STATE OP TEXAS
IR DIRIQ114117
ATTACHMENT A
SOFTWARE TERMS AND CONDITIONS
These Software Terms and Conditions ("Terms and Conditions') supplement the Agreement and set forth the terms and conditions under which
MedaPoint will provide access to certain proprietary technology to Licensee The Terms and Conditions set forth the terms and conditions under
which Licensee may Use (as defined herein) MedaPomt's Software indicated on the Agreement
I. LICENSE GRANT AND RIGHT OF USE
1 . License Grant. Subject to all limitations and restnctions contained herein and the Agreement, MedaPoint grants Licensee a subscnpuon.
software as a service (SaaS), nonexclusive and nontransferable nght to use the Software as hosted by MedaPoint as described in the
Agreement ( "Use ")
2. Use. Ltcensee shall not allow any web site, that is not fully owned by Licensee or Agreemented with for hosting purposes, to frame,
syndicate, distribute, replicate. or copy any portion of Licensee's web site that provides direct or indirect access to the Software.
3. Additional Restrictions. In no event shall Licensee dtcassemble, decompile, or reverse engineer the Software or Confidential Information
(as defined herein) or permit others to do so Disassembling, decompilmg, and reverse engineering include, without limitation (i)
converting the Software from a machine- readable form into a human- readable form. (m) disassembling or decompilmg the Software
by using any means or methods to translate machine - dependent or machine - independent object code into the anginal human - readable
source code or any approximation thereof, (cu) examining the machine - readable object code that controls the Software's operation and
creating the ongtmal source code or any approximation thereof by, for example, studymg the Software's behavior m response to a vanety
of inputs, or (iv) performing any other activity related to the Software that could be construed to be reverse engmeenng, dtsassentbimg,
or decompiling To the extent any such acuvity may be permitted pursuant to wntten agreement, the results thereof shall be deemed
Confidential Information subject to the requirements of this Agreement Licensee may use MedaPomt' Confidential Information solely in
connecnon with the Software and pursuant to the terms of this Agreement
ii. PAYMENT
4. Fees. Licensee shall pay MedaPomt the fees indicated on the Agreement All fees shall be paid to MedaPomt within ten (10) days of the
date of mvotce All payment, including all invoicing and applicable late charges, shall be subject to Florida's Local Government Prompt
Payment Act, sections 218 70-218 80, Flonda Statutes
5. Tares. Licensee is a tax - exempt entity, and shall provide a valid tax exemption certificate to MedaPoint as proof If Licensee fails to do so.
the license, service fees, and other amounts required to be paid hereunder do not include any amount for taxes or levy (including interest
and penalties) Licensee shall reimburse MedaPoint and reimburse MedaPoint for all sales, use, VAT, excise, property or other taxes or
levies which MedaPoint is required to collect or remit to applicable tax authonties
IiI. MAINTENANCE AND SUPPORT SERVICES
6. Maintenance MedaPomt shall provide corrections to reported problems that (i) prevent the Software from conforming in matenal respects
to us specifications, and (n) are replicated and diagnosed by MedaPomt as defects in the Software ( "Mamtenance and Support Services ")
MedaPomt shall begin working on a resolution to Licensee's wntten nonce of reported problems within fourteen (14) days, provided
corrections shall be pnonnzed m MedaPoint discretion A response rs not a guaranty of a solution to the reported problem; however
MedaPornt will keep Licensee apprised of the resolution closure Additional features and functions are not included as part of the
maintenance and support services
7. Service Availability MedaPoint* goal is to provide Software Availability twenty-four hours per day, seven (7) days per week (referred to as
"24x7 Availability") EXCEPT durmg times of scheduled updates However, the parties recognize that 24x7 Availability is only a GOAL,
and MedaPomt cannot represent or guarantee that such goal can be achieved_ These response time goals apply only to public production
servers (a a web servers, application servers, and database servers). McdaPoint shall use efforts to achieve 99% Software Availability
The Software Availability goal exclude any time Licensee requests the site be taken down for schedule! updates MedaPomt does not
and cannot control the flow of data to or from MedaPomt' network and other portions of the Internet Such flow depends m large part
on the performance of Internet services provided or controlled by thtrd games At times, actions or inactions of such third parties can
impair or disrupt Licensee's connections to the Internet (or portions thereof) Although MedaPoint will use efforts to take actions it deems
appropriate to remedy and avoid such events, MedaPoint cannot guarantee that such events will not occur Accordingly. MedaPoint
disclaims any and all liability resulting from or related to such events
8. Exclusions. MedaPomt shall not be obligated to provide Maintenance and Support Services for any software other than the generally
available Software delivered to Licensee pursuant to dos Agreement (collectively the "Unsupported Code "). Any MedaPoint support
services related to Unsupported Code shall be subject to execution of a mutually agreed upon assignment Agreement issued under a
professional services agreement
9. Third Parties. MedaPoint shall have the right to use third parties. including employees of MedaPoint' affiliates and subsidiaries
("SubAgreementors ") in performance of its obligations and services hereunder and, for purposes of this Section, all references to
MedaPoint or its employees shall be deemed to anchide such SubAgreementors. As outlined in the HIPAA Business Associate
Agreement, SubAgreementors are also subject to HIPAA, the Privacy Rule, the HITECH Act, and any corresponding rules or regulations
associated with the same
{ 000269713 1 306'9001821 ; Page 3 of 13
1
IV. OWNERSHIP
10. Reservation of Rights. By signing the Agreement, I icensee irrevocably acknowledges that, subject to the licenses granted herein,
Licensee has no ownership interest in the Software, or MedaPomt matenals provided to Licensee MedaPoint shall own all right, title, and
interest in such Software and MedaPoint materials, subject to any limitations associated wtth intellectual property nghts of thud parties
MedaPoint reserves all rights not specifically granted herein
V. CONFIDENTIALITY
1 1 . Definition. "Confidential Information" includes all information marked pursuant to this Section and disclosed by either party, before or
after the Effective Date, and generally not publicly known, whether tangible or intangible and in whatever form or medium provided, as
well as any information generated by a party that contains. reflects, or is denved from such information.
12. Confidentiality of Software. Ail Confidential information in tangible form shall be marked as "Confidential" or the like or, if intangible
(e.g orally disclosed), shall be designated as being confidential at the time of disclosure and shall be confirmed as such in wrung within
thirty (30) days of the initial disclosure Notwithstandmg the foregoing, the following is deemed MedaPomt Confidential Information with
or without such marking or written confirmation (i) the Software and other related materials furnished by MedaPoint, (u) the oral and
visual information relating to the Software; and the terms and conditions of this Agreement
13. Exceptions. Without granting any nght or license, the obligations of the parties hereunder shall not apply to any matenal or mfonnanon
that (1) is or becomes a part of the public domain through no act or omission by the receiving party, (t) is independently developed by
the other party without use of the disclosing party's Confidential Information, (in) is nghtfully obtained from a third party without any
obligation of confidentiality, or (iv) is already known by the receiving party without any obligation of confidentiality prior to obtaining
the Confidenual Information from the disclosing party In addition, netther party shall be liable for disclosure of Confidential Information
if disclosure is required by law or made in response to a valid order of a court or authorized agency of government, provided that notice
is promptly given to the disclosing party to that the disclosing parry may seek a protective Agreement and engage in other efforts to
minimize the required disclosure The parties shall cooperate fully in seeking such protective order and in engaging in such other efforts
14. Ownership of Confidential information. Nothing m this Agreement shall be construed to convey any title or ownership rights to the
Software or other Confidential Information to Licensee or to any patent, copyright, trademark, or trade secret embodied therein, or to
grant any other nght, title, or ownership interest to the MedaPomt Confidential Information Neither party shall, in whole or in part, sell,
lease, license, assign, transfer, or disclose the Confidential information to any third party and shall not copy, reproduce or distribute the
Confidential lnformauon except as expressly permitted in this Agreement. Each party shall take every reasonable precaution, but no less
than those precautions used to protect its own Confidential Information, to prevent the theft, disclosure, and the unauthonzed copying,
reproduction or distnbutton of the Confidential Information
15. Non- Disclosure. Each party agrees at all times to keep stnctly confidential all Confidential information belonging to the other party
Each party agrees to restrict access to the other party's Confidential information only to those employees or SubAgreementors who (i)
require access in the course of their assigned duties and responsibilities; and (u) have agreed in wnhng to be bound by provisions no less
restrictive than those set forth in this Section
16. injunctive Relief. Each party acknowledges that any unauthonzed disclosure or use of the Confidential Information would cause the other
party imminent irreparable injury and that such party shall be entitled to, m addition to any other remedies available at law or in equity,
temporary, preliminary, and permanent injunctive relief in the event the other party does not fulfill its obligations under this Section
17. Suggesttons/Improvements to Software. Notwithstanding thts Section, unless otherwise expressly agreed in wnting, all suggestions,
solutions, improvements, corrections, and other contributions provided by Licensee regarding the Software or other MedaPomt materials
provided to Licensee shall be owned by MedaPomt, and Licensee hereby agrees to assign any such nghts to MedaPotnt. Nothing m this
Agreement shall preclude MedaPoint from using in any manner or for any purpose it deems necessary, the know -how, techniques, or
procedures acquired or used by MedaPowt in the performance of services hereunder
Vi. WARRANTY
18. Autkortzed Representative. Licensee and MedaPoint warrant that each has the nght to enter into this Agreement and that the Agreement
shall be executed by an authorized representative of each entity and have had the opportunity for legal review of this Agreement
19. Disclaimer of Warranties. Licensee acknowledges and agrees that it is not relying on any statement or warranty not expressly provided
herein with respect to the Software or maintenance, or other services provided hereunder EXCEPT AS OTHERWISE STATED IN
TI-HS AGREEMENT, THE SOFTWARE IS PROVIDED "AS IS" AND MEDAPOINT MAKES NO WARRANTIES, EXPRESS OR
IMPLIED, INCLUDING EXPRESS OR IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
PURPOSE, AND NONINFRINGEMENT
20. No Modifkatlons. Notwithstanding anything to the contrary in this Section. any and all wanantres under this Agreement are VOID if
Licensee has made changes to the Software or has permitted any changes to be made other than by or with the express, written approval of
MedaPomt
VII. LIMITATION OF LIABILITY
100026428 1064001821 1 Page 4 of 13
Each party shall be responsible for its own acts and omissions and those of to employees, staff, and agents Neither party shall be responsible for
the acts and omissions of the other party's employees, staff and agents Nothing in this agreement shall transfer responsibilities of the acts of one
party to the other party
VIII. TERM AND TERMINATION
21. Termination by MedaPoint. This Agreement and any license created hereunder may be terminated by MedaPoint (i) if Licensee fails
to make any payments due hereunder within ten (10) days of the due date, (u) on thirty (30) days written notice to Licensee if Licensee
fails to perform matenal obligations (1 a payment of services agreed upon in this agreement) of it hereunder, and such failure is not cured
within such thirty (30) day penod; or (tit) Licensee files a pennon for bankruptcy or insolvency, has an involuntary pennon filed against
it, commences an action providing for relief under bankruptcy laws, files for the appointment of a receiver, or is adjudicated a bankrupt
concern
22. Termination by Licensee. This Agreement may be terminated by Licensee for any reason, with or without cause, on thirty (30) days
written nonce to MedaPoint. The annual subscription fee and/or training fees shall be reimbursed on a pro rata basis upon termination of
Agreement
23. Termination. Upon termination of this Agreement, Licensee shall no longer access the Software and Licensee shall not circumvent any
secunty mechanisms contained therein
24. Other Remedies. Termination of this Agreement shall not limit either party from pursuing other remedies available to it, including
injunctive relief, nor shall such termination relieve Licensee's obligation to pay all fees that have accrued or are otherwise owed by
Licensee under this Agreement
iX. LICENSEE OBLIGATIONS
25. Ancilliary Agreements. Licensee agrees that no employees of MedaPomt shall be required to individually sign any agreement in
Agreement to perform any services hereunder including, but not limited to, access agreements, security agreements, facilities agreements
or Individual confidentiality agreements
X. MISCELLANEOUS
26. Compliance With Laws. Licensee agrees to comply with all applicable laws, regulations, and ordinances relating to its performance under
this Agreement The parses agree that the Agreement shall not be governed by the United Nations Convention on the International Sale of
Goods or by UCITA, the application of which is expressly excluded
27. Assignment. Neither Party may assign this Agreement or otherwise transfer any license created hereunder whether by operation of law,
change of control, or in any other manner, without the pnor written consent of the other Party Any assignment or transfer in violation of
this Section shall be null and void
28. Survival. The provisions set forth in Sections 2, 5, 6 2, 7, 8, and 10 of this Agreement shall survive termination or
expiration of this Agreement and any applicable license hereunder
29. Notices. Any nonce required under this Agreement shall be given in wnung and shall be deemed effective upon delivery to the party
to whom addressed All notices shall be sent to the applicable address specified on the face page hereof or to such other address as the
parties may designate m writing Unless otherwise specified all notices to MedaPoint shall be sent to the attention of the CEO Any
notice of matenal breach shall clearly define the breach including the specific Agreement that has been breached Coptes of all notices
shall be furnished to Licensee's legal counsel, located at Goren, Cherof, Doody & Ezrol, P A , 3099 E Commercial Blvd , Suite 200, Ft.
Lauderdale. Honda 33308
30. Force Majeure. Neither Party shall not be liable for any delay or failure to perform its obhgations hereunder if such delay or failure
arises from any cause or causes beyond the reasonable control of that Party Such causes shall include, but are not limited to, acts of God
floods, fires, Toss of electricity or other utilities, or delays by Licensee in providing required resources or support or performing any other
requirements hereunder
31. Reatricted Rights. Use of the Software by or for the United States Government is conditioned upon the Government agreeing that the
Software is subject to Restncted Rights as provided under the provisions set forth in FAR 52 227 -19 Licensee shall be responsible for
assuring that this provision is included in all agreements with the United States Government and that the Software, when delivered to the
Govenuttent, is correctly marked as required by applicable Government regulations governing such Restricted Rights as of such delivery
32. Entire Agreement. This Agreement constitutes the entire agreement between the Parties regarding the subject matter hereof and
supersedes all proposals and prior discussions and wnungs between the Parties with respect thereto. Any signed copy of this Agreement
made by reliable means (e.g , photocopy or facsimile) shall be considered an original
33. Modiflcadons. The parties agree that this Agreement cannot be altered, amended, or modified, except by a wrung signed by an authorized
representative of each Party
34. Nonsolicitation. Dunng the term of this Agreement and for a penod of two (2) years thereafter, Licensee agrees not to solicit, nor
attempt to solicit, the services of any employee or SubAgteementor of MedaPoint without the pnor written consent of MedaPoint
Notwithstandmg, nothing in the Agreement shall prevent licensee from the use of general solicitations to the public, not specifically
directed to employees of'btedapoint. Inc
35. No Waiver No failure or delay m enforcing any nght or exercising any remedy will be deemed a waiver of any nght or remedy
00026975 1 30(9(01R21 Page 5 of 13
36. SeverabWty and Reformation. Each provision of this Agreement is a separately enforceable provision If any provision of this
Agreement is determined to be or becomes unenforceable or Illegal, such provision shall be reformed to the minimum extent necessary m
Agreement for this Agreement to remain in effect to accordance with its terms as modified by such reformation
37. Choice of Law. This agreement shall be governed and interpreted by the laws of the state of Flonda without regard to the conflicts of law
provisions of any state or Jurisdiction Venue for all actions under or regarding this Agreement shall be brought in Palm Beach County,
Flonda
PUBLIC RECORDS In order to comply with Florida's Public Records Act, Chapter 119, Flonda Statutes, and
pursuant specifically to section 119.0701, Florida Statutes, MedaPoint shall:
a. Keep and maintain public records that ordinarily and necessarily would be required by the
Licensee in order to perform the services under the Agreement.
b. Provide the public with access to public records on the same terms and conditions that the
Licensee would provide the records and at a cost that does not exceed the cost provided to Chapter 119, Flonda
Statutes, or as otherwise provided by law
c Ensure that public records that are exempt or confidential and exempt from public records
disclosure requirements are not disclosed except as authorized by law.
d. Meet all requirements for retaining public records and transfer, at no cost, to the Licensee all
public records in possession of MedaPoint upon termination of the Agreement and destroy any duplicate public
records that are exempt or confidential and exempt from public records disclosure requirements. All records stored
electronically must be provided to the Licensee in a format that is compatible with the information technology
systems of the Licensee CSV format is acceptable
e If MedaPoint does not comply with a public records request, the Act requires the Licensee to
enforce the Agreement. MedaPoint shall require any and all contractors and subcontractors to keep records and
accounts of all services provided as may be necessary in order to record complete and correct entries as to fees and
expenses charged for services under this Agreement
38 ,SOVEREIGrN IMMiJNITY Licensee is a Florida municipal corporation and enjoys limited sovereign
immunity. Nothing in the Agreement is intended, nor shall be construed or interpreted, to waive, or modify the
immunities and limitations on liability provided for in Section 768.28, Florida Statutes, as may be amended from
time to time, or any successor statute thereof. To the contrary, all terms and provisions contained in the Agreement,
or any disagreement or dispute concerning it, shall be construed or resolved so as to insure Licensee of the Iimitation
from liability provided to the State's subdivisions by state law
39. ATTORNEYS' FEES In the event that either Party brings suit for enforcement of this Agreement, each
Party shall bear its own attorneys' fees and court costs, except as otherwise provided under the indemnification
provisions set forth herein above.
40. A(2RFF.MFNT SUBJECT TO FUNDING'. This Agreement shall remain in full force and effect only as
long as the expenditures provided for in the Agreement have been appropriated by the City Commission of the City
of Boynton Beach in the annual budget for each fiscal year of this Agreement, and is subject to termination based on
lack of funding
41 INDEPENDENT CONTRACTOR. The parries acknowledge that MedaPoint is an independent contractor
and that it will be responsible for its obligations as employer for those individuals providing any services and it is
not the Licensee's employee for all purposes, including but not limited to, the application of the Fair Labor
Standards Act minimum wage and overtime payments, Federal Insurance Contribution Act, the Social Security Act,
the Federal Unemployment Tax Act, the provisions of the internal Revenue Code, the State Workers Compensation
Act, and the State unemployment insurance law. MedaPoint shall retain sole and absolute discretion in the
judgment of the manner and means of carrying out MedaPoint's activities and responsibilities hereunder provided,
further that administrative procedures applicable to services rendered under this Agreement shall be those of
MedaPomt, which policies of MedaPoint shall not conflict with Licensee, or United States policies, rules, or
regulations relating to the use of MedaPoint's funds provided for herein. MedaPoint agrees that it is a separate and
independent enterprise from the Licensee, that it has full opportunity to find other business, that it has made its own
investment in its business, and that it will utilize a high level of skill necessary to perform the work. This
Agreement shall not be construed as creating any joint employment relationship between MedaPoint and Licensee
and the Licensee will not be liable for any obligation incurred by MedaPoint, including but not limited to unpaid
;00026978 1 306 -9001 82 t ; Page 6 of 13
t _
minimum wages and/or overtime premiums. MedaPoint shall supply competent and physically capable employees
who shall have and wear proper identification.
42 COUNTERPARTS This Agreement may be executed in one or more counterparts, all of which when
taken together shall constitute one and the same instrument. In the event that any signature is delivered by facsimile
transmission or by e-mail delivery of a PDF format data file, such signature shall create a valid and binding
obligation of the party executing (or on whose behalf such signature is executed) with the same force and effect as if
such facsimile or .PDF signature page were an original thereof.
43. THIRD PARTiEa. Nothing herein expressed or implied is intended or shall be construed to confer upon or
give to any person or entity, other than the Parties hereto, any rights or remedies by reason of this Agreement;
provided, however, that third party suppliers of software products bundled with the Software are third party
beneficiaries to this Agreement as it applies to their respective software products.
ATTACHMENT B
BUSINESS ASSOCIATE AGREEMENT ("BA AGREEMENT")
To the extent that the City of Boynton Beach (the "Covered Entity") discloses Protected Health Information
to MedaPoint, Inc., (the "Business Associate ") in connection with services or products provided to Covered Entity,
or as otherwise required by the Health Insurance Portability and Accountability Act of 1996, as amended,
( "HIPAA "), Covered Entity and Business Associate agree to the following terms and conditions, which are intended
to comply with HIPAA, the Health Information Technology for Economic and Clinical Health Act of 2009 (the
"HITECH Act "), and, to the extent applicable, the Federal Trade Commission's Red Flags Rule.
1. General Terms and Conditions
(a) Business Associate. "Business Associate" shall generally have the same meaning as the term
"business associate" at 45 CFR Part 160.103, and in reference to the party to this BA Agreement, shall mean
Business Associate as defined above.
(b) Covered Entity. "Covered Entity" shall generally have the same meaning as the term "covered entity"
at 45 CFR Part 160.103, and in reference to the party to this agreement, shall mean the City of Boynton Beach
(c) JJPAA Rule. " HIPAA Rules" shall mean the Privacy, Secunty, Breach Notification, and
Enforcement Rules at 45 CFR Part 160 and Part 164
(d) The following terms used in this BA Agreement shall have the same meaning as those terms in the
HIPAA Rules: Breach, Data Aggregation, Designated Record Set, Disclosure, Health Care Operations, Individual,
Minimum Necessary, Notice of Privacy Practices, Protected Health Information, Required by Law, Secretary,
Security Incident, Subcontractor, Unsecured Protected Health information, and Use All other capitalized teens
used but not otherwise defined in this BA Agreement shall have the same meaning as those terms in the Privacy
Rule and Security Rule, including 45 CFR Part 160 103 and 164.501
2. Obligations and Activities of Business Associate
(a) Business Associate agrees to not Use or disclose Protected Health information other than as
permitted or required by this BA Agreement or as Required by Law.
;00026978 1 306-9001821 ; Page 7 of 13
(b) Business Associate agrees to use appropriate safeguards and comply with Subpart C of 45 CFR
Part 164 with respect to electronic protected health information, to prevent Use or Disclosure of the Protected Health
information other than as provided for by this BA Agreement
(c) Business Associate agrees to report to Covered Entity's Privacy Official, within five (5) business
days, any Use or Disclosure of the Protected Health Information not provided for by this BA Agreement, of which it
becomes aware, including breaches of Unsecured Protected Health Information as required by 45 CFR Part 164.410
Such report shall include, without limitation, the identification of each Individual whose Unsecured Protected Health
Information has been, or is reasonably believed by the Business Associate to have been, accessed, acquired, or
disclosed during such Breach This includes, but is not limited to, a Breach of the security of any data covered by
Section 817 5681, Florida Statutes
(d) In accordance with 45 CFR Part 164.502(e)(1)(ii) and Part 164.308(b)(2), if applicable, Business
Associate agrees to ensure that any agent or Subcontractor that create, receive, maintain or transmit Protected
Health information on behalf of Business Associate agrees to the same restrictions, conditions and requirements
that apply to Business Associate with respect to such information
(e) To the extent Business Associate has Protected Health Information in a Designated Record Set,
Business Associate agrees to provide access, at the request of Covered Entity, to Protected Health Information in a
Designated Record Set, to Covered Entity in order to meet the requirements under 45 C.F.R. Part 164.524, including
provision of records in electronic form, to the extent required by the HITECH Act
(f) Business Associate agrees to make any amendment(s) to Protected Health information in its
possession contained in a Designated Record Set that Covered Entity directs or agrees to pursuant to 45 C.F.R. Part
164.526, at the request of Covered Entity, or take other measures as necessary to satisfy Covered Entity's
obligations under 45 CFR Part 164.526
(g) To the extent that Business Associate is to carry out one or more of Covered Entity's obligation(s)
under Subpart E of 45 CFR Part 164, Business Associate shall comply with the requirements of Subpart E that apply
to Covered Entity in the performance of such obligation(s).
(h) Business Associate agrees to make its mternal practices, books, and records relating to the Use and
Disclosure of Protected Health Information received from, or created or received by Business Associate on behalf of
Covered Entity, available to the Secretary, in a time and manner designated by the Secretary, for purposes of the
Secretary determining Covered Entity's compliance with the HIPAA Rules.
(i) Business Associate agrees to document and maintain a record of all Disclosures of Protected
Health Information in its possession and information related to such Disclosures as would be required for Covered
Entity to respond to a request by an Individual for an accounting of Disclosures of Protected Health Information in
accordance with 45 C.F.R. Part 164.528, the HITECH Act, and Florida law
(1) Business Associate agrees to provide to Covered Entity information collected in accordance with
Section 2(i) of this BA Agreement, to permit Covered Entity to respond to a request by an Individual for an
accounting of Disclosures of Protected Health Information in accordance with 45 C.F.R. Part 164.528, the HITECH
Act, and Florida law
(k) Business Associate agrees to, subject to subsection 4(c) below, return to the Covered Entity or
destroy, within fifteen (15) days of the termination of this Agreement, the Protected Health Information in its
possession and retain no copies.
(1) Business Associate agrees to mitigate, to the extent practicable, any harmful effect that is known
to either party, of a use or Disclosure of Protected Health Information in violation of this BA Agreement.
{00026978 i 306- 9001821 i Page 8 or 13
(m)
(n) In addition to its overall obligations with respect to Protected Health Information, to the extent
required by the Security Rule, Business Associate will
(1 ) implement administrative, physical, and technical safeguards that reasonably and
appropnately protect the confidentiality, integnty, and availability of the electronic Protected Health Information
(EPHI) that it creates, receives, maintains, or transmits on behalf of Covered Entity as required by HIPAA;
(2) ensure that any agent or Subcontractor to whom it provides such EPHI agrees to
implement reasonable and appropriate safeguards to protect the EPHI; and
(3) report to Covered Entity any Secunty Incident of which it becomes aware
(o) Except as otherwise allowed in this BA Agreement, HIPAA, and the HITECH Act, Business
Associate shall not directly or indirectly receive remuneration in exchange for any Protected Health Information of
an Individual unless the Individual has provided a valid, HIPAA- compliant authorization
(p) Business Associate shall use and disclose only the Minimum Necessary Protected Health
Information to accomplish the intended purpose of such Use, Disclosure or request. Prior to any Use or Disclosure,
Business Associate shall determine whether a Limited Data Set would be sufficient for these purposes.
(q) Covered Entity, in its sole and absolute discretion, may elect to delegate to Business Associate the
requirement under HIPAA and the HITECH Act to notify affected Individuals of a Breach of Unsecured Protected
Health Information if such Breach results from, or is related to, an act or omission of Business Associate or the
agents or representatives of Business Associate. If Covered Entity elects to make such delegation, Business
Associate shall perform such notifications and any other reasonable remediation services (1) at Business Associate's
sole cost and expense, and (2) in compliance with all applicable laws including HIPAA and the HITECH Act.
Business Associate shall also provide Covered Entity with the opportunity, in advance, to review and approve of the
form and content of any Breach notification that Business Associate provides to Individuals
(r) Business Associate agrees to comply with the following:
(I) Sections 164.308 (administrative safeguards), 164.310 (physical safeguards), 164.312
(technical safeguards) and 164 316 (policies and procedures and documentation requirements) of the Security Rule
shall apply to Business Associate in the same manner that such sections apply to Covered Entity. The additional
requirements of the HITECH Act that relate to security and that are made applicable with respect to covered entities
shall also be applicable to Business Associate and shall be and by this reference hereby are incorporated into this
BA Agreement
1(0126971 1 306.9001821 ; Page 9 of 13
(2) Unless Covered Entity agrees, m writing, that this requirement is infeasible with respect
to particular data, Business Associate shall secure all Protected Health Information by a technology standard that
renders Protected Health Information unusable, unreadable, or indecipherable to unauthorized individuals and is
developed or endorsed by a standards developing organization that is accredited by the American National
Standards Institute and is consistent with guidance issued by the Secretary specifying the technologies and
methodologies that render Protected Health Information unusable, unreadable, or indecipherable to unauthorized
individuals, including the use of standards developed under Section 3002(b)(2)(BXvi) of the Public Health Service
Act, as added by the HITECH Act
(3) Business Associate may Use and Disclose Protected Health Information that Business
Associate obtains or creates only if such Use or Disclosure, respectively, is in compliance with each applicable
requirement of Section 164.504(e) of the Privacy Rule, relatmg to business associate contracts. The additional
requirements of Subtitle D of the HITECH Act that relate to privacy and that are made applicable with respect to
Covered Entity shall also be applicable to Business Associate and shall be and by this reference hereby are
incorporated into this BA Agreement.
(4) In accordance with Section 164 504(e)( I )(ii) of the Privacy Rule, each party agrees that,
if it knows of a pattern of activity or practice of the other party that constitutes a material Breach or violation of the
other party's obligation under the BA Agreement, the non - breaching party will take reasonable steps to cure the
Breach or end the violation, as applicable, and, if such steps are unsuccessful, terminate the contract or arrangement,
if feasible, or if termination is not feasible, report the problem to the Secretary.
3. Permitted Uses and Disclosures of Protected Health Information by Business Associate
(a) General Use and Disclosure Provisions
Except as otherwise limited m this BA Agreement, Business Associate may Use or Disclose Protected Health
Information obtained from or on behalf of Covered Entity to perform functions, activities, or services for, or on
behalf of, Covered Entity as specified in this BA Agreement, provided that such Use or Disclosure complies with
HIPAA. Business Associate acknowledges and agrees that it acquires no title or rights to the Protected Health
information, including any de- identified information, as a result of this BA Agreement.
(b) $Decific Use and Disclosure Provisions
(i) Business Associate may only Use or Disclose Protected Health Information as necessary
to perform functions, activities, or services for, or on behalf of, Covered Entity to fulfill its
obligations under any consulting agreement, service agreement or any other agreement with
Covered Entity (collectively "Underlying Agreement "), provided that such Use or Disclosure
would not violate the Privacy Rule or Security Rule if done by the Covered Ennty.
(2) Business Associate agrees to make Uses and Disclosures and requests for Protected
Health Information consistent with Covered Entity's Minimum Necessary policies and procedures
(3) Business Associate may Use and disclose Protected Health Information for the proper
and necessary management and administration of Business Associate or to carry out the legal responsibilities of
Business Associate, provided that, as to any such Disclosure, the following requirements are met
(i) the Disclosure is required by law; or
(ii) Business Associate obtains reasonable assurances from the person to whom the
information is disclosed that it will remain confidential and used or further disclosed only as required by law or for
the purpose for which it was disclosed to the person, and the person notifies Business Associate of any instances of
which it is aware in which the confidentiality of the information has been breached.
1000269'8 1 306- 9001%21 ; Page 10 of 13
(4) Except as otherwise limited in this BA Agreement, Business Associate may Use
Protected Health Information to provide Data Aggregation services to Covered Entity, relating to the Health Care
Operations of Covered Entity.
{
(5) If the Underlying Agreement permits or requires Business Associate to Use de- identified
Protected Health Information, the Protected Health Information must be de- identified in accordance with 45 CFR
164.514 (a) -(c).
4. Term, Survival and Termination
(a) Tend
The term of this BA Agreement shall be effective upon the date of execution by Covered Entity and Business
Associate and shall terminate when Business Associate no longer possesses Protected Health Information from
Covered Entity or on the date Covered Entity terminates for cause set forth herein, whichever is sooner
(b) Termination for Cause
Upon Covered Entity's knowledge of a material Breach by Business Associate, Covered Entity shall provide wntten
notice to Business Associate and may terminate this BA Agreement and any Underlying Agreement with Business
Associate if Business Associate does not cure the Breach or end the violation within 30 days.
(c) Effect of Termination
(1) Except as provided below in section 4(c)(2) of this BA Agreement, upon termination of this
Agreement, for any reason, Business Associate shall return to Covered Entity or destroy all Protected Health
Information received from Covered Entity, or created or received by Business Associate on behalf of Covered
Entity, that the Business Associate still maintains in any form. This provision shall apply to Protected Health
Information that is in the possession of Subcontractors or agents of Business Associate. Business Associate shall
retain no copies of the Protected Health Information
(2) in the event that Business Associate determines that returning or destroying the Protected
Health Information is infeasible, Business Associate shall provide to Covered Entity wntten notification of the
conditions that make return or destruction infeasible, and if Covered Entity determines that return or destruction is
infeasible, Business Associate shall extend the protections of this BA Agreement to such Protected Health
Information and limit further Uses and Disclosures of such Protected Health Information to those purposes that
make the return or destruction infeasible, for so long as Business Associate maintains such Protected Health
information.
(3) If the Underlying Agreement authorizes Business Associate to Use or disclose Protected
Health Information for its own management and administration or to carry out tts legal responsibilities and Business
Associate needs to retain Protected Health Information for such purposes after termination of the Underlying
Agreement, Business Associate shall.
(i) retain only that Protected Health Information which is necessary for Business
Associate to continue its proper management and administration or to carry out its legal responsibilities;
(ii) return to Covered Entity or, if agreed to by Covered Entity, destroy the
remaining protected health information that the business associate still maintains in any form;
( iii) continue to use appropriate safeguards and comply with Subpart C of 45 CFR
Part 164 with respect to electronic protected health information to prevent Use or Disclosure of the Protected Health
Information, other than as provided for in this section, for as long as Business Associate retains the Protected Health
Information,
(iv) not Use or disclose the protected health information retained by Business
Associate other than for the purposes for which such Protected Health Information was retained and subject to the
same conditions set out at section 3 of this BA Agreement, which applied prior to termination; and
(v) return to Covered Entity or, if agreed to by Covered Entity, destroy the
Protected Health Information retained by Business Associate when it is no longer needed by Business Associate for
its proper management and administration or to carry out its legal responsibilities
100026978 4)6 i Page 11 of 13
(d) Survival
Business Associate's obligations under this BA Agreement shall survive the termination of this BA Agreement and
shall end when all of the Protected Health Information provided by Covered Entity to Business Associate, or created
or received by Business Associate on behalf of Covered Entity, is destroyed or returned to Covered Entity
5. Interpretation and Amendment of this BA Agreement
To the degree the terms of this BA Agreement conflict with the terns of any underlying contract, the terms
of this BA Agreement shall control. A reference in this BA Agreement to a section of the Privacy Rule means the
section as in effect or as amended. Any ambiguity or inconsistency in this BA Agreement shall be resolved in favor
of a meaning that permits Covered Entity to comply with the Privacy Rule, the Security Rule, and the HITECH Act.
The parties hereto agree to negotiate in good faith to amend this BA Agreement from time to time as is necessary for
Covered Entity to comply with the requirements of the Privacy Rule and HIPAA and for Business Associate to
provide services to Covered Entity. However, no change, amendment, or modification of this BA Agreement shall
be valid unless it is set forth in writing and agreed to by both parties
6. No Third Party Rights/Independent Contractors
The parties to this BA Agreement do not intend to create any rights in any third parties. The parties agree
that they are independent contractors and not agents of each other
7 Notices
Any notice required or permitted by this BA Agreement to be given or delivered shall be in writing and
shall be deemed given or delivered if delivered in person, or sent by courier or expedited delivery service, or sent by
registered or certified mail, postage prepaid, return receipt requested, or sent by facsimile (if confirmed), to the
address set forth below. Each party may change its address for purposes of this BA agreement by wntten notice to
the other party.
Notice to Ray Carter, Fire Chief
Vicki Dornieden, Finance & Administration
City of Boynton Beach Fire Rescue
2080 High Ridge Road
Boynton Beach, FL 33426
Telephone: (561) 742 -6332
Facsimile: (561) 742 -6334
With a copy to James A Cherof, City Attorney
City of Boynton Beach
100 E. Boynton Beach Blvd
Boynton Beach, FL 33425
8. Compliance With Red Flags Rule
This Subsection 8 applies if and only to the extent that Business Associate performs "Account Services," as defined
below
(a) Definitions
(l) "Account Services" means the activities Covered Entity engages Business Associate to
perform (I) for Covered Entity in connection with a Covered Account, or (2) for Covered Entity's patients in
connection with a Covered Account. The term "Account Services" includes, but is not limited to, collecting,
processing, or stonng Identifying information in order to open, maintain, or close a Covered Account.
;00026978 1 306-9001921 ; Page 12 of 13
(2) "Covered Account" means any Covered Entity account or relationship with a patient or
customer that meets the Red Flags Rule definition of a Covered Account, as specified in 16 C.F.R Part 681 1(b)(3),
and any account reasonably designated by Covered Entity as a "covered account "
(3) "Identifying Information" has the same meaning as specified for Identifying Information
in the Red Flags Rule, which is subject to change from time to time, and includes any name or number that may be
used, alone or in conjunction with any other information, to identify a specific person, including any (1) name,
social security number, date of birth, official State or government issued driver's license or identification number,
alien registration number, government passport number, employer or taxpayer identification number; (2) unique
biometnc data, such as fingerprint, voice pnnt, retina or ins image, or other unique physical representation; (3)
unique electronic identification number, address, or routing code; or (4) telecommunication identifying information
or access device (as defined in 18 U.S C 1029(e)).
(4) "Red Flags Rule" means the "Identity Theft Red Flags and Address Discrepancies Under
the Fair and Accurate Credit Transactions Act of 2003." promulgated at 16 C.F.R. Part 681
(b) Managing a Program If Business Associate provides Account Services, Business Associate
warrants (1) that it has implemented an identity theft program ( "Program ") that complies with
the Red Flags Rule, and (2) Business Associate's Program applies to all Covered Account(s) for
which it provides Account Services.
(c) Responding to Red Flags When Business Associate detects a Red Flag associated with a Covered
Entity Covered Account, Business Associate shall (1) respond to the Red Flag in accordance
with Business Associate's Program, and (2) within a reasonable time of detecting the Red
Flag, Business Associate shall notify Covered Entity in writing of (i) the Red Flag(s) that were
detected, (ii) the associated Covered Account(s), and (in) the Business Associate's response to the
Red Flag(s)
IN WiTNESS WHEREOF, the parties have executed this BA Agreement, effective as of the last signature
date below
Covered Entity Business Associat • :
City of Boynton Beach MedaPoint, Inc
By By: ._ / I . / L
Name. Name
Title. Title. „ % ,
Date: Date:
:0002697g 1 30!-9001821 1 Page 13 of 13