Effective June 5, 2020
ACCEPTANCE OF TERMS
If you ARE NOT A NEXTRUST CUSTOMER OR an otherwise AUTHORIZED USER, OR IF YOU do not agree to the terms of this Agreement, do not access or use the Site or Services in any way, and please exit now.
You represent and warrant to NexTrust that (1) you are over the age of eighteen (18) and have authority to enter into and perform the obligations under this Agreement; (2) any information you may submit to NexTrust is truthful, accurate and complete and that you will keep any such information updated; and (3) you will comply with all of the terms of this Agreement.
You will receive a nonexclusive, non-assignable, royalty-free license to access the Site and use the Services solely for your internal business operations subject to the terms of this Agreement. You acknowledge that this Agreement is a services agreement and that NexTrust will not be delivering copies of any software to you as part of the Services. NexTrust or its licensors retain all ownership and intellectual property rights to the Site and Services, and anything developed and delivered under this Agreement. NexTrust reserves the right, in its sole discretion, to terminate your license and access to the Site, or any portion thereof, at any time, for any reason or for no reason at all, without prior notice or any notice.
To create your user account wherein you may access and use the Services (“Account”), you must provide and maintain complete and accurate account information with NexTrust (“Account Information”). Account Information includes Account usernames and passwords as well as Account profile information. NexTrust will use that Account Information to establish and maintain your Account for you. Each Account will have one unrestricted user (“Administrator”) who may, as needed, create additional unrestricted or restricted Account users.
You are responsible for maintaining the confidentiality of your Account’s usernames and passwords. You will not provide false identity information to gain access to or use the Services. You are responsible for all user activities, including by your Administrator, that occur within your Account and that are associated with your Account’s usernames and passwords. You agree to notify NexTrust immediately of any unauthorized use of your Account or any other breach of security. NexTrust will not be liable for any loss that you may incur as a result of someone else using your usernames and passwords to access your Account, either with or without your knowledge; however, you may be held liable for losses incurred by NexTrust or another party due to someone else using your usernames and passwords to access your Account. You may not access or use anyone else's account at any time without the express permission of the respective account’s owner.
NexTrust claims no ownership of the data and information you upload, input, post, transmit, or submit to NexTrust in any form in connection with the Services (each a "Submission" or to “Submit” or to have been “Submitted”). You will not Submit any data, material, code, or other information that is: (i) Protected Health Information (aka “HIPAA PHI”) or payment card information that is unsecured, (ii) protected by copyright, privacy rights, or any other intellectual property right without first obtaining the permission of the owner of such rights, or (iii) obscene, defamatory, harassing, offensive or malicious. With each Submission you grant NexTrust, and where applicable, its affiliated companies and necessary supplier’s permission and license to use your Submission in connection with the Services provided to you. With each Submission you also warrant and represent that you own or otherwise control all of the rights to your Submission as described in this Agreement including, without limitation, all the rights necessary for NexTrust to use your Submitted information as necessary to provide the Services for you.
You agree to indemnify and hold harmless NexTrust, and its owners, officers, employees, and representatives, from and against any and all causes of action, liabilities, claims, costs, losses, damages, and expenses (including reasonable attorney’s fees), arising out of a breach of your representations, warranties or agreements hereunder, including your Submission obligations outlined in the Submitted Data section above. The indemnity obligations under this section shall survive expiration or termination of this Agreement.
You will provide to NexTrust, in the manner specified by NexTrust, all of the billing and payment data, information, and assistance necessary for NexTrust to perform the Services. You acknowledge that NexTrust’s ability to deliver the Services in the manner provided in this Agreement depends upon the accuracy and timeliness of such data, information, and assistance.
As a condition of your use of the Services, you may not use the Services in any manner that could damage, disable, overburden, or impair any NexTrust server, or the network(s) connected to any NexTrust server, or interfere with any other party's use and enjoyment of any Services. You may not attempt to gain unauthorized access to any Services, other users’ accounts, computer systems, or networks connected to any NexTrust server or to any of the Services, through hacking, password mining or any other means. You may not obtain or attempt to obtain any materials or information through any means not intentionally made available through the Services.
You further agree that you will not, and you will not permit others, to: (i) copy or republish the Site or Services, (ii) make the Services available to any person other than authorized users, (iii) modify or create derivative works based upon the Site or Services, (iv) remove, modify or obscure any copyright, trademark or other proprietary notices contained in the Site or Services, (v) reverse engineer, decompile, disassemble, or otherwise attempt to derive the source code of the Site or Services, or (vi) access the Site or Services in order to build a similar product or competitive product. Subject to the limited licenses granted herein, NexTrust will own all right, title and interest in and to the Site and Services and any other deliverables provided under this Agreement, including all modifications, improvements, upgrades, derivative works and feedback related thereto and intellectual property rights therein. You agree to assign all right, title and interest you may have in the foregoing to NexTrust.
Compliance with Laws
You will comply with all applicable local, state, national and foreign laws in connection with its use of the Services, including those laws related to data privacy, international communications, and the transmission of technical or personal data. You will not use the Services for any purpose that is unlawful or prohibited by the terms of this Agreement.
HEALTHCARE HIPAA BUSINESS ASSOCIATE AGREEMENT
In the event you require a Healthcare HIPAA Business Associate Agreement, NexTrust’s Healthcare HIPAA Business Associate Agreement, attached as Exhibit A, shall apply.
DISCLAIMERS; NO WARRANTY
THE SITE AND SERVICES ARE PROVIDED "AS-IS" AND "AS AVAILABLE" AND NEXTRUST DOES NOT GUARANTEE OR PROMISE ANY SPECIFIC RESULTS FROM USE OF OR CONTINUOUS AVAILABILITY OF THE SITE OR SERVICES. TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, NEXTRUST EXPRESSLY DISCLAIMS ANY WARRANTIES AND CONDITIONS OF ANY KIND, WHETHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT, AND WARRANTIES IMPLIED FOR A COURSE OF PERFORMANCE OR COURSE OF DEALING. Some jurisdictions may not allow the exclusion of implied warranties, so some of the above exclusions may not apply to you.
Your accessing and using the Site and Services is at your own risk. WITHOUT LIMITING THE GENERALITY OF THE FOREGOING, NEXTRUST MAKES NO WARRANTY THAT YOUR USE OF THE SITE AND SERVICES WILL BE UNINTERRUPTED, TIMELY, SECURE OR ERROR-FREE, THAT DEFECTS TO THE SITE AND SERVICES WILL BE CORRECTED, THAT THE SITE AND SERVICES OR THE SERVERS ON WHICH THEY ARE AVAILABLE WILL BE FREE OF VIRUSES OR OTHER HARMFUL COMPONENTS, OR THAT ANY INFORMATION OBTAINED BY YOU ON, THROUGH OR IN CONNECTION WITH THE SITE AND SERVICES OR THIRD PARTY SERVICES WILL BE ACCURATE, RELIABLE, TIMELY OR COMPLETE.
UNDER NO CIRCUMSTANCES WILL NEXTRUST BE RESPONSIBLE FOR ANY LOSS OR DAMAGE (INCLUDING BUT NOT LIMITED TO LOSS OF DATA, PROPERTY DAMAGE, PERSONAL INJURY OR DEATH) RESULTING FROM USE OF THE SITE OR SERVICES, PROBLEMS OR TECHNICAL MALFUNCTION IN CONNECTION WITH USE OF THE SITE OR SERVICES, ANY MATERIAL OBTAINED IN CONNECTION WITH THE SITE OR SERVICES, ANY SUBMISSION, ANY THIRD PARTY SERVICE IN CONNECTION WITH THE SITE OR SERVICES, OR THE CONDUCT OF ANY USERS OF THE SITE OR SERVICES.
YOU ACKNOWLEDGE AND AGREE THAT YOUR USE OF THE SITE AND SERVICES, AND ANY INFORMATION TRANSMITTED OR RECEIVED IN CONNECTION THEREWITH, MAY NOT BE SECURE AND MAY BE INTERCEPTED BY UNAUTHORIZED PARTIES. YOU ASSUME RESPONSIBILITY FOR THE ENTIRE COST OF ANY MAINTENANCE, REPAIR OR CORRECTION TO YOUR COMPUTER SYSTEM OR OTHER PROPERTY OR RECOVERY OR RECONSTRUCTION OF LOST DATA NECESSITATED BY YOUR USE OF THE NEXTRUST SITE AND SERVICES.
FOR YOUR CONVENIENCE, NEXTRUST’S WEBSITES MAY INLCUDE LINKS TO THIRD-PARTY WEBSITES THAT WILL LET YOU LEAVE A NEXTRUST WEBSITE. ANY SUCH LINKED THIRD-PARTY WEBSITE IS NOT OWNED, OPERATED, OR UNDER THE CONTROL OF NEXTRUST AND NEXTRUST IS NOT RESPONSIBLE FOR THE CONTENTS OF ANY LINKED THIRD-PARTY WEBSITE OR ANY LINK CONTAINED IN A LINKED THIRD-PARTY WEBSITE, OR ANY CHANGES OR UPDATES TO SUCH THIRD-PARTY WEBSITES. NEXTRUST IS NOT RESPONSIBLE FOR WEBCASTING OR ANY OTHER FORM OF TRANSMISSION RECEIVED FROM ANY LINKED THIRD-PARTY WEBSITE. THE INCLUSION OF ANY LINK TO SUCH THIRD-PARTY WEBSITE DOES NOT IMPLY ENDORSEMENT BY NEXTRUST OF THE WEBSITE. IF YOU DECIDE TO ACCESS ANY OF THE THIRD-PARTY WEBSITES LINKED FROM THE SITE, YOU DO SO AT YOUR OWN RISK. SOME OF NEXTRUST’S third-party suppliers MAY HAVE the right to suspend or terminate the performance of their services TO NEXTRUST for contractual non-compliance by nextrust. YOU AGREE NOT TO LINK ANY OTHER WEBSITE TO ANY NEXTRUST WEBSITE WITHOUT THE PRIOR WRITTEN PERMISSION OF NEXTRUST.
LIMITATION OF LIABILITY
TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT WILL NEXTRUST AND/OR ITS SUPPLIERS BE RESPONSIBLE OR LIABLE FOR ANY INCIDENTAL, INDIRECT, CONSEQUENTIAL, SPECIAL, PUNITIVE, OR EXEMPLARY DAMAGES OF ANY KIND, INCLUDING LOST REVENUES OR PROFITS, LOSS OF BUSINESS OR LOSS OF DATA REGARDLESS OF WHETHER IT WAS ADVISED, HAD REASON TO KNOW, OR IN FACT KNEW OF THE POSSIBILITY THEREOF ARISING OUT OF OR IN CONNECTION WITH YOUR USE OF THE SITE OR SERVICES. YOU ACKNOWLEDGE AND AGREE THAT ANY DAMAGES YOU INCUR ARISING OUT OF NEXTRUST’S ACTS OR OMISSIONS OR YOUR USE OF THE SITE OR SERVICES ARE NOT IRREPARABLE AND ARE INSUFFICIENT TO ENTITLE YOU TO AN INJUNCTION OR OTHER EQUITABLE RELIEF RESTRICTING THE AVAILABILITY OF OR ANY PERSON'S ABILITY TO ACCESS ANY PORTION OF THE SITE OR SERVICES.
Copyright and Use of Materials
The information and materials contained in the Site and Services are protected under worldwide copyright laws and treaty provisions. Contents of the Site and Services are owned by NexTrust or other third parties. You may download, copy, and distribute NexTrust documents and brochures for your organization’s noncommercial use only; however, you are NOT authorized to make any changes to the same. Prior written permission must be obtained from NexTrust for any other use of the materials. You may NOT modify, copy, license, publish, distribute, transmit, upload, reuse, report, or use the content of the Site or Services for public or commercial purposes.
NexTrust®, BillFlash®, and MyProviderLink® are registered trademarks of NexTrust, Inc. NexTrust may own other trademarks and/or trade names that are not included here. The absence of a product or service name or logo from this list does not constitute a waiver of NexTrust’s trademark or other intellectual property rights concerning that name or logo. The names of third parties or their services used in connection with the Site or Services may be the trademarks of their respective owners.
PROTECTING YOUR DATA
You may not assign this Agreement or any right under this Agreement without the written consent of NexTrust. Any assignment in violation of this provision will be void.
NexTrust will be excused from performance under this Agreement for any period during which, and to the extent that NexTrust or any subcontractor is prevented from performing any obligation or Service, in whole or in part, as a result of causes beyond its reasonable control, and without its fault or negligence, including without limitation, acts of God, strikes, lockouts, riots, acts of terrorism or war, epidemics, communication line failures, and power failures.
Any portion or provision of this Agreement that is held to be invalid, illegal or unenforceable shall be ineffective to the extent of such invalidity, illegality or unenforceability, without affecting in any way the remaining portions or provisions hereof.
The Site and Services are owned and operated by NexTrust, Inc. from its offices within the state of Utah in the United States of America. NexTrust makes no representation that materials or services on the Site and Services are appropriate or available for use in other locations. Those who choose to access the Site and Services from other locations do so on their own initiative and are responsible for compliance with applicable local laws. You and NexTrust agree that sole and exclusive jurisdiction for any action or proceeding arising out of or related to this Agreement will be in state or federal court located in Salt Lake City, Utah.
Any rights not expressly granted herein are reserved.
Please direct your questions to the appropriate contact(s) as listed on the Site.
I HAVE READ THIS AGREEMENT AND AGREE TO ALL OF THE PROVISIONS CONTAINED ABOVE.
Exhibit A – Healthcare HIPAA Business Associate Agreement
This HEALTHCARE HIPAA BUSINESS ASSOCIATE AGREEMENT ("BAA") is made part of and incorporated into the Agreement by and between the Parties to which this BAA is appended. Notwithstanding the foregoing, in the event the Agreement DOES NOT INVOLVE OR REQUIRE the exchange or sharing of health information which is subject to HIPAA (as defined below), this BAA WILL NOT APPLY AND HAS NO LEGAL FORCE or effect on the Parties.
“Breach” means the acquisition, access, use, or disclosure of PHI in a manner not permitted under the Privacy Rule, Security Rule, or HITECH Act, as described in 45 CFR § 164.402.
“Business Associate”, as is contemplated and described in 45 CFR § 160.103, means a person or entity who is a Party to the Agreement who receives and uses PHI from a Covered Entity or a Business Associate, as the case may be.
“Covered Entity” means a health plan, a health care clearinghouse, or a health care provider who transmits any health information in electronic form, as defined in 45 CFR § 160.103.
“Data Aggregation Services” means the combining of PHI by Business Associate for purposes of analysis of the same.
“Designated Record Set”, as described by 45 CFR § 164.501, means a group of records maintained by or for a Covered Entity that is comprised of medical records and billing records about an individual maintained by or for a Covered Entity; enrollment information or medical record management systems maintained by or for a health plan; or, used in whole or in part, by or for the Covered Entity to make decisions about individuals.
“EPHI” means electronic protected health information as defined in 45 CFR § 160.103.
“HIPAA” means the Health Insurance Portability and Accountability Act of 1996, as amended.
“HIPAA Rules” means the Privacy, Security, Breach Notification, and Enforcement Rules at 45 CFR Part 160 and Part 164.
“HITECH Act” means the Health Information Technology for Economic and Clinical Health Act, enacted as part of the American Recovery and Reinvestment Act of 2009; in particular, and for purposes of this BAA, HITECH Act means Subtitle D of the act, which addresses the privacy and security concerns associated with the electronic transmission of health information.
“PHI” means protected health information, as defined in 45 CFR § 160.103.
“Privacy Rule” means the provisions contained in 45 CFR Part 160 and Subparts A and E of Part 164.
“Secretary” means the Secretary of Health and Human Services or any other officer or employee of HHS to whom the authority involved has been designated.
“Security Rule” means the provisions contained in 45 CFR Part 160 and Subparts A and C of Part 164.
“Unsecured PHI” means PHI that is not rendered unusable, unreadable, or indecipherable to unauthorized individuals through the use of a technology or methodology specified by the Secretary.
Except as otherwise defined herein, capitalized terms have the same meaning as those terms are used in HIPAA, the Privacy Rule, Security Rule, and HITECH Act.
B. PERMITTED USES AND DISCLOSURES OF PHI
C. OBLIGATIONS OF THE PARTY TO WHOM PHI IS DISCLOSED
D. OBLIGATIONS OF DISCLOSING PARTY
1. Term and Termination. The term of this BAA shall be effective as of the date of acceptance by both Parties and shall terminate when PHI provided by the disclosing Party, or created, received or stored by the non-disclosing Party on behalf of the disclosing Party, is destroyed or returned to the disclosing Party, or, if it is infeasible to return or destroy the PHI, protections are extended to such PHI in accordance with the termination provisions set forth herein.
2. Termination for Cause. If either Party knows of a pattern or activity or practice of the other Party that constitutes a material breach or violation of this BAA, then the non-breaching Party shall either: (a) provide an opportunity for the other party to cure the breach or end the violation and terminate this BAA if the other Party does not cure the breach or end the violation within the time specified; (b) immediately terminate this Addendum if the other Party has breached a material term of this BAA and cure is not possible; (c) immediately terminate this BAA if the other Party has breached a material term of this BAA whether or not cure is possible; or (d) if neither termination nor cure is feasible, the non-breaching Party shall report the violation to the Secretary. Material breach shall include a Party’s improper use or disclosure of PHI and any changes or diminution of such Party’s reported security procedures or safeguards that render any or all of such Party’s safeguards unsatisfactory to the other Party. If this BAA is terminated for cause by NexTrust, NexTrust shall have the right to terminate any and all other agreements that with Associate that require the disclosure, use, maintenance, or transmission of PHI, without penalty. In the event of such termination, NexTrust shall not be liable for payment to Associate for any services performed by Associate after the effective date of termination.
3. Effect of Termination. Except has provided herein, upon termination of this BAA, for any reason, the Parties shall cease and desist all uses and disclosures of PHI disclosed, used, maintained, or transmitted pursuant to this BAA (or a prior HIPAA business associate contract between the Parties), and the Parties will immediately return or destroy (if the other Party gives permission to destroy to the other Party) in a reasonable manner consistent with the HIPAA Rules; provided, however, the Parties will cooperate to ensure that no original PHI records are destroyed. This provision shall apply to PHI that is in the possession of subcontractors or Agents of each of the Parties. Except as provided herein, the Parties shall certify to one another that all PHI has been returned or destroyed within 30 days after termination or expiration of this BAA. In the event a Party determines that returning or destroying PHI is infeasible, such Party will provide the other Party with written notification of the conditions that make return or destruction infeasible. Upon mutual agreement of the Parties that return or destruction is infeasible, the Party in possession of the PHI shall extend the protections of this Addendum to such PHI and limit further uses and disclosures of such PHI to those purposes that make the return or destruction infeasible, for so long as such Party maintains such PHI.
1. In the event the Parties are subject to a Business Associate Agreement or addendum, this BAA shall supersede and replace such prior agreement or addendum.
2. In the event of any inconsistency between the provisions of this BAA and the Agreement, the provisions of this BAA will control. In the event of inconsistency between this BAA and mandatory provisions of the Privacy Rule, Security Act, or the HITECH Act, as amended, or their interpretation by any court or regulatory agency with authority over one or both of the Parties, such interpretation controls; provided, however, that if any relevant provision of the Privacy Rule, Security Rule, or the HITECH Act is amended to change the obligations one or both of the Parties as set forth in this BAA, then the Parties agree to negotiate in good faith appropriate non-financial terms or amendments to this BAA to give effect to such revised obligations. Where the provisions of this BAA are different than those mandated by the Privacy Rule, Security Rule, or HITECH Act, but are nonetheless permitted by such rules as interpreted by courts or agencies, the provisions of this BAA control.
Next Trust, Inc.
1755 Propsector Avenue
Park City, UT 84060 5535
Carol Stream, IL
New Years Day
Martin Luther King, Jr. Day
Washington’s Birthday (aka Presidents’ Day)
Thanksgiving (Thu. & Fri.)