Register to the PDS API Community
THIS IS A LEGALLY BINDING AGREEMENT between Practice Fusion, Inc., a Delaware corporation ("Practice Fusion"), and you ("Developer/API User"). BY CLICKING "I AGREE," OR BY OTHERWISE SIGNING UP FOR AN ACCOUNT, OR BY ACCESSING OR USING THE APPLICATION ACCESS APIS (DEFINED BELOW), YOU ARE ENTERING INTO THIS APPLICATION ACCESS DEVELOPER/API USER AGREEMENT (THIS "AGREEMENT") AND YOU AGREE TO BE BOUND BY ITS TERMS AND CONDITIONS. Please read this Agreement carefully, and do not sign up for an account or use the Application Access APIs if you are unwilling or unable to be bound by this Agreement. You and we are each individually referred to in this Agreement as a "Party," and collectively referred to as the "Parties."
A. Practice Fusion operates a web-based electronic medical record, patient portal and clinical workflow solution (the "Practice Fusion Solution") as a business associate (as defined by the Health Insurance Portability and Accountability Act of 1996, as amended ("HIPAA")) of various health care professionals (each, a "Practitioner");
B. In accordance with the requirements of 45 CFR §§ 170.315(g)(7), 170.315(g)(9) and 170.315(g)(10) (the "Application Access CEHRT Regulations"), Practice Fusion has developed the Application Access APIs ("Application Access APIs") and associated instructions, specifications and sample code ("Application Access Documentation") to facilitate patient matching and access to the USCDI V1 (as defined in the Application Access CEHRT Regulations);
C. Developer/API User has developed or has rights to a software solution (the "Developer Application") and desires to create interoperability between the Developer Application and the Practice Fusion Solution through the Application Access APIs (the "Integration"); and
NOW, THEREFORE, in consideration of the mutual covenants and agreements provided herein below and other consideration, the receipt and sufficiency of which is hereby acknowledged, Developer/API User and Practice Fusion hereby agree as follows:
Terms used in this document
API Technology Supplier: Health IT developer of certified API technology, i.e. Practice Fusion
API Data Provider: Health care organization that deploys the API technology
API User: Persons and entities that use or create software applications that interact with API technology i.e. Developer/API User
1. DEVELOPER/API User GUIDELINES
1.1. REGISTRATION DATA
Developer/API User agrees to: (i) provide accurate, current, and complete information as may be requested by Practice Fusion (the "Registration Data"); (ii) maintain the security and confidentiality of any PINs, passwords or other credentials created by Developer API User or provided by Practice Fusion in connection with this Agreement; and (iii) maintain and promptly update the Registration Data, and any other information Developer API User provides to Practice Fusion, and keep all such information accurate, current and complete.
1.2. DEVELOPER/API USER GUIDELINES
Developer/API User agrees that it will not use the Developer/API User Application or the Application Access APIs to: (i) transmit spam or upload, post or otherwise transmit any data, text, software, documents or other materials ("Content") that is inaccurate, harmful, obscene, defamatory, racist or is otherwise offensive to others; (ii) pretend to be Practice Fusion, any of its affiliates, or someone else, or otherwise misrepresent Developer's/API User’s identity or affiliation; (iii) forge headers or otherwise manipulate identifiers (including URLs) in order to disguise the origin of any Content transmitted through the Developer/API User Application; (iv) disrupt the normal flow of dialogue or otherwise act in a manner that negatively affects other users' ability to use the Practice Fusion Solution; (v) upload, post, collect, use or store any data including without limitation personal or other data about users of the Practice Fusion Solution unless specifically authorized by such users; or (vi) injure the interests Practice Fusion, any of its affiliates, or other users of the Practice Fusion Solution.
2. LIMITED LICENSE AND RESTRICTIONS
2.1. LIMITED LICENSE
Subject to Developer's/API User’s compliance with this Agreement, including, without limitation, the restrictions set forth in this Article 2, Practice Fusion hereby grants to Developer/API User a limited, non-exclusive, non-sublicensable, non-transferable, royalty free license during the Term (as defined below) to access and use the Application Access APIs and Application Access Documentation for the sole purpose of the Integration.
Developer/API User shall only make instances of the Developer Application that have an Integration to the Practice Fusion Solution available to those Practitioners and patients of such Practitioners that are registered users of both the Practice Fusion Solution and the Developer Application ("Users"). Developer shall not, nor attempt to: (i) violate any Application Access APIs or service limitation (such as using non-API calls), even if workarounds are possible, including limitations on the frequency of access and types of calls; (ii) interfere with, modify or disable any features or functionality of the Application Access APIs or the Practice Fusion Solution, including any mechanisms used to restrict or control such APIs or services, such as anti-circumvention measures; (iii) reverse engineer, decompile, disassemble or derive source code, underlying ideas, algorithms, structure or organizational form of such APIs or services; (v) cause disruption to the Practice Fusion Solution; or related technology; or (v) defeat, avoid, bypass, remove, deactivate or otherwise circumvent any protection mechanisms of such APIs or services. Any violation or attempted violation of this Section 2.2 shall constitute a material breach of this Agreement.
Developer/API User shall test the Integration with the Application Access APIs and shall promptly remedy all defects identified during testing. Once such defects have been remedied and the Developer/API User Application's API is capable of reliably receiving and transmitting information to and from the Application Access APIs in accordance with the specifications in the Application Access Documentation ("Specifications"), Practice Fusion may in its sole discretion enable the Integration. Developer/API User acknowledges and agrees that: (i) Practice Fusion may modify the Application Access APIs at any time in Practice Fusion's sole discretion; (ii) future versions of the Application Access APIs may not permit the operation of, or otherwise be compatible with, any Developer Application(s); and (iii) any updates or changes to the Developer/API User API must continue to adhere to the Specifications and must be resubmitted for testing before the Integration is enabled.
Practice Fusion may engage in actions that are reasonable and necessary to prevent harm to a patient or another person, provided that Practice Fusion reasonably believes that such actions: will substantially reduce a risk of harm, such actions is no broader than necessary; least one condition from each of the following categories be met: type of risk, type of harm, and implementation basis; and allow for a patient right to review harm if applicable.
Practice Fusion may take reasonable and necessary measures to make the Application Access API or Practice Fusion Solution temporarily unavailable or to degrade Application Access API or Practice Fusion Solution performance for the benefit of the overall performance of the Application Access API or Practice Fusion Solution ; provided that such measures shall: be for the time period necessary to resolve any negative impacts; implemented in a consistent and non-discriminatory manner; and consistent with existing service level agreements, where applicable.
Practice Fusion may engage in actions that interfere with the access, exchange, or use of electronic health information ("EHI") in order to protect the security of EHI, provided, that such actions are: directly related to safeguarding the confidentiality, integrity, and availability of EHI; tailored to specific security risks; and implemented in a consistent and non-discriminatory manner.
Practice Fusion may engage in actions that does not fulfill a request to access, exchange, or use EHI in order to protect an individual’s privacy, provided that such actions are either because: preconditions are not satisfied; there is a denial of an individual’s request for their EHI consistent with 45 CFR 164.524(a) (1) and (2); or needed to respect an individual’s request not to share information.
Practice Fusion may engage in actions that does not fulfill a request to access, exchange, or use EHI due to the infeasibility of the request, provided that such actions are either because such actions are due to either: uncontrollable events; segmentation; or infeasibility under the circumstances.
4. INTELLECTUAL PROPERTY
Subject to the rights expressly granted in this Agreement, Practice Fusion reserves and retains all right, title and interest in and to its Intellectual Property Rights (as defined below), including such rights in its APIs, software, systems and data. Without limiting the foregoing, Practice Fusion shall have and retain full and exclusive right, title and ownership interest in and to: (a) the Practice Fusion Solution and Application Access APIs; (b) the Application Access Documentation; (c) all other Practice Fusion products and services; and (d) any Intellectual Property Rights, improvements and modifications in and to any of the foregoing. "Intellectual Property Rights" means all rights in and to copyrights, trade secrets, patents, trademarks and similar rights of any type under the statutory or common laws of any governmental authority, domestic or foreign, including rights in and to all applications, registrations, modifications and improvements relating thereto.
Practice Fusion shall have, and Developer/API User hereby grants to Practice Fusion, a nonexclusive, worldwide, irrevocable, perpetual, royalty free, transferable and sublicensable license to use in any manner and for any purpose any feedback, suggestions, recommendations, or information (collectively, "Feedback") provided by Developer/API User related to the Application Access APIs, Application Access Documentation, Confidential Information (as defined below) or the Practice Fusion Solution. Developer/API User has no obligation to provide any Feedback.
5.1. CONFIDENTIAL INFORMATION
Developer/API User acknowledges that, in the course of using the Application Access APIs and undertaking activities relating to this Agreement, it may receive access to information: (i) that is marked as "Confidential" or "Proprietary", or that, if disclosed orally or by demonstration, is identified at the time of initial disclosure as confidential; or (ii) which is otherwise deemed to be confidential by the terms of this Agreement ("Confidential Information"). During and after the Term of this Agreement, Developer/API User shall not use (except as expressly authorized by this Agreement) or disclose such Confidential Information without the prior written consent of Practice Fusion, and shall hold such Confidential Information in strictest confidence and using at least the same degree of care it uses to protect its own Confidential Information of like nature and importance, but no less than a reasonable degree of care. Only employees who have a "need to know" may be given access to Practice Fusion's Confidential Information by Developer/API User and such employees shall be bound in writing by similar confidential obligations as those set forth in this Section. Without limiting the foregoing, Developer/API User shall immediately notify Practice Fusion, if it discovers or has reason to suspect any unauthorized use or disclosure of any Confidential Information. Developer/API User may disclose Confidential Information to the extent required by law, provided that Developer/API User shall make reasonable efforts to give Practice Fusion notice of such requirement prior to any such disclosure and shall take reasonable steps to obtain protective treatment of the Confidential Information.
Notwithstanding the foregoing, Confidential Information shall exclude information that Developer/API User can demonstrate: (a) has become a part of the public domain without any improper action or inaction of Developer/API User, its officers, directors, employees or agents (including breach of this Agreement); (b) was in Developer's /API User’s rightful possession without any obligation of confidentiality prior to receiving it from Practice Fusion; (c) was rightfully disclosed to Developer/API User by a third party without restriction on disclosure; or (d) was independently developed without use of any Confidential Information of Practice Fusion.
If Developer/API User breaches any of its obligations with respect to this Article 5, or if such breach is likely to occur, Practice Fusion shall be entitled to seek equitable relief, including specific performance or an injunction, in addition to any other rights or remedies, including monetary damages, provided by law.
6. TERM, MODIFICATION, AND TERMINATION
This Agreement will commence as of the date you "sign up" and continue until terminated in accordance with the terms of this Agreement ("Term").
6.2. TERMINATION FOR CRITICAL SECURITY ISSUE
In the event that Practice Fusion reasonably believes that a Critical Security Issue (defined below) exists with respect to any Developer/API User Application that has been distributed or made available by Developer/API User or with respect to the Integration, Practice Fusion may immediately disable the Integration or operation of the relevant Developer Application and/or provide Developer/API User with written notice (a "Critical Security Issue Notice") thereof. Following Developer's/API User’s receipt of any Critical Security Issue Notice: (i) Developer/API User shall diligently work to remedy the Critical Security Issue; (ii) Practice Fusion may notify end users of the Practice Fusion Solution that Practice Fusion believes it has identified a Critical Security Issue and Developer/API User is working to remedy the same; and (iii) if the Critical Security Issue is not remedied to Practice Fusion's reasonable satisfaction within thirty (30) days of Practice Fusion's issuance of the Critical Security Issue Notice, Practice Fusion may terminate this Agreement upon written notice to Developer/API User. "Critical Security Issue" means functionality or behavior that, in Practice Fusion's reasonable discretion: (a) compromises patient confidentiality or safety; (b) compromises the integrity or accessibility of patient data, (c) compromises any User accounts in the Practice Fusion Solution; or (d) otherwise exposes the Practice Fusion Solution or the Integration to a security vulnerability.
6.3. TERMINATION FOR BREACH
This Agreement may be terminated at any time by either Developer/API User or Practice Fusion, effective immediately upon notice to the other Party, if the other Party materially breaches any of its responsibilities or obligations under the Agreement, which breach is not remedied within thirty (30) days from receipt of written notice of such breach. In addition, Practice Fusion shall have the right to terminate this Agreement upon thirty (30) days' notice to Developer/API User in the event the legal counsel of Practice Fusion believes that the activities contemplated under this Agreement are or may be a violation under any applicable law or in the event a third party alleges that the Developer/API User Application infringes its Intellectual Property Rights.
6.4. TERMINATION FOR CONVENIENCE/SUSPENSION
Either Party may terminate this Agreement for any reason or no reason, which termination shall be effective thirty (30) days after delivery of notice to the other Party of such termination. Practice Fusion reserves the right to suspend access to the Application Access APIs and Application Access Documentation in the event that Practice Fusion believes that Developer/API User is in breach of this Agreement or impacts the performance of the Practice Fusion Solution or other related technology.
6.5. OBLIGATIONS UPON TERMINATION
Upon expiration or termination of this Agreement: (a) Developer/API User shall return or, at Practice Fusion's request destroy (and, if also requested by Practice Fusion, certify in writing Developer's/API User’s completion of such destruction), all Confidential Information; (b) Developer/API User shall cease all use of the Application Access APIs and Application Access Documentation; and (c) all licenses granted herein shall terminate.
We may update or change the Services or the terms set forth in this Agreement from time to time. Accordingly, we recommend that you review the Agreement on a regular basis. You understand and agree that your continued use of the Services after the Agreement has been updated or changed constitutes your acceptance of the revised Agreement. Without limiting the foregoing, if we make a change to the Agreement that materially affects your use of the Services, we may post notice or notify you via email or our website(s) of any such change.
Notwithstanding the expiration or termination of this Agreement, it is agreed that those rights, obligations, representations and warranties that by their nature are intended to survive such expiration or earlier termination will survive, including, without limitation, the following provisions: Articles 1, 4, 5, 7, 8, 9, 10 and 12 and Sections 2.2, 6.5 and 6.7.
7. TRANSMISSION OF INDIVIDUALLY IDENTIFIABLE HEALTH INFORMATION
7.1. INDIVIDUALLY IDENTIFIABLE HEALTH INFORMATION
Developer/API User acknowledges that certain information transmitted on behalf of Practitioners between the Developer/API User Application and the Practice Fusion Solution may constitute "individually identifiable health information," as defined in 45 CFR § 160.103 ("Individually Identifiable Health Information"). Developer/API User acknowledges and agrees that Practitioners and their patients are subject to or beneficiaries of certain obligations and rights under law, including HIPAA, with respect to Individually Identifiable Health Information. In the event Developer/API User transmits or receives Individually Identifiable Health Information, Developer/API User shall ensure that it has the right, whether (1) through proper patient authorizations or (2) as a covered entity or business associate (as defined under HIPAA) of a covered entity (as defined under HIPAA) in the course of treatment, payment or healthcare operations, to transmit or receive such Individually Identifiable Health Information, and Developer/API User shall comply with its obligations under law.
7.2. DEVELOPER/API USER OBLIGATIONS
Developer/API User shall not access, use or otherwise make available the Integration in a manner that violates any federal or state laws or regulations, including, to the extent applicable, by failing to enter into any necessary business associate contract (as defined under HIPAA) with Practitioner Users or by failing to obtain any necessary authorizations from patients. In addition to the foregoing, Developer/API User acknowledges and agrees that it shall not submit or make available to Practice Fusion any Individually Identifiable Health Information other than sufficient information to identify a patient in accordance with 45 C.F.R. § 170.315(g)(7) through the Integration and on behalf of a Practitioner User, and agrees that it shall not use or disclose Individually Identifiable Health Information in any way that violates any applicable laws or regulations. For the avoidance of doubt, Developer/API User acknowledges and agrees that no business associate contract or relationship exists between Practice Fusion and Developer/API User by virtue of this Agreement or the Integration.
8. REPRESENTATION AND WARRANTIES
8.1. DEVELOPER/API USER REPRESENTATIONS
Developer/API User represents, warrants and covenants to Practice Fusion that: (a) it has the full right, power and authority to enter into this Agreement and to perform the acts required of it hereunder; (b) its execution of this Agreement, and its performance of its obligations and duties hereunder, do not and will not violate any agreement to which it is a Party or by which it is otherwise bound; (c) when agreed to by Developer/API User, this Agreement will constitute the legal, valid and binding obligation of Developer/API User, enforceable against Developer/API User in accordance with its terms; (d) Developer/API User and the Developer/API User Application shall comply with all applicable laws, rules, and regulations; (e) the Developer/API User Application and any Developer/API User APIs and their use as contemplated herein do not infringe the Intellectual Property Rights of any third party; and (f) the Developer/API User Application contains no computer viruses, booby traps, time bombs or other programming designed to interfere with the normal functioning of Practice Fusion's business.
8.2. COMPLIANCE WITH APPLICABLE LAWS
Without limiting Section 8.1, Developer/API User represents and warrants that it shall strictly comply with all applicable laws, regulations and governmental orders in the exercise of its rights and the performance of its obligations under this Agreement. Such laws and regulations include, but are not limited to, HIPAA and its implementing regulations, and the Federal Trade Commission Act.
THE APPLICATION ACCESS APIs, PRACTICE FUSION SOLUTION AND PRACTICE FUSION'S CONFIDENTIAL INFORMATION ARE PROVIDED "AS-IS" AND WITHOUT ANY WARRANTY WHATSOEVER, AND PRACTICE FUSION HEREBY SPECIFICALLY DISCLAIMS, ANY REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED, REGARDING THE APPLICATION ACCESS APIs OR THE PRACTICE FUSION SOLUTION, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NONINFRINGEMENT.
Developer/API User shall defend, indemnify and hold harmless Practice Fusion and its officers, agents, employees, directors, (sub)contractors, and affiliates from and against any claims (including investigations by a governmental or regulatory authority), demand, actions, loss or damage (including legal fees and expenses) arising out of or related to: (i) any claim that the Developer/API User Application infringes or violates any Intellectual Property Rights of any third party; (ii) breach by Developer/API User of any of its representations or warranties set forth in this Agreement; and (iii) claims for death or bodily injury of any person, or damage, loss or destruction of real or tangible personal property, proximately caused by Developer/API User or its agents.
10. LIMITATION OF LIABILITY
UNDER NO CIRCUMSTANCES WILL PRACTICE FUSION BE LIABLE TO DEVELOPER/API USER FOR ANY INDIRECT, INCIDENTAL, CONSEQUENTIAL, SPECIAL OR EXEMPLARY DAMAGES, INCLUDING, BUT NOT LIMITED TO, LOSS OF REVENUE OR ANTICIPATED PROFITS OR LOST BUSINESS, HOWEVER CAUSED, WHETHER FOR BREACH OF CONTRACT, TORT (INCLUDING NEGLIGENCE), OR OTHERWISE, AND WHETHER OR NOT: (I) SUCH DAMAGES WERE FORESEEABLE; OR (II) PRACTICE FUSION HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. IN NO EVENT SHALL PRACTICE FUSION'S LIABILITY HEREUNDER EXCEED $100 USD. THESE LIMITATIONS SHALL SURVIVE AND APPLY NOTWITHSTANDING ANY FAILURE OF ESSENTIAL PURPOSE OR ANY LIMITED REMEDY.
11. FEES FOR FHIR API USE
The Developer/API User does not pay fees for use of the Application Access APIs.
Practice Fusion customers shall pay to Practice Fusion the then standard Transaction Fee if any (which has been made publicly available API Fees 2015 Ed CURES 3.31.23) for Application Access APIs for FHIR (“FHIR API”).
Any notice or other communication to be given hereunder will be in writing and given by express receipted courier or overnight mail, postpaid registered or certified mail return receipt requested, or electronic mail (with a copy concurrently mailed as set forth above). Notice hereunder will be directed to a Party at the address for such Party set forth by the Parties signature below or such other address of which a Party provides notice thereof in accordance with this Section 12.1 to the other Party.
12.2. RELATIONSHIP OF THE PARTIES
The relationship of the Parties is one of independent contractors. No employee or representative of a Party shall have any authority to bind or obligate the other Party in any manner whatsoever, or to create or impose any contractual or other liability on the other Party. The Parties agree and acknowledge that neither owes any fiduciary duties to the other. Each Party shall be solely responsible for the expenses it incurs in connection with its performance of the activities contemplated by this Agreement.
12.3. DEVELOPER/ API USER CONTRACTORS
Developer/API User may use third-party independent contractors ("Contractors") to create Developer/API User Applications in accordance herewith, provided that such use is pursuant to a written, binding agreement between each Contractor and Developer/API User that is at least as protective of Practice Fusion's rights in the Application Access APIs, the Practice Fusion Solution, and Practice Fusion's Confidential Information as this Agreement (such agreement between Contractor and Developer/API User, the "Contractor Agreement"). Developer/API User shall ensure that each Contractor fully complies with its Contractor Agreement, and Developer/API User shall be liable to Practice Fusion for any breach by Contractor thereof.
Developer/API User may not assign, transfer or otherwise convey this Agreement, or any of its rights hereunder, to any entity without the prior written consent of Practice Fusion, and any such attempted assignment, transfer or conveyance without such consent shall be null and void. Subject to the foregoing, this Agreement shall be binding upon and shall inure to the benefit of the permitted successors and assigns of each Party.
Developer/API User shall not issue any press release or publicity regarding this Agreement or its relationship with Practice Fusion hereunder, or otherwise use in advertising, publicity or otherwise the name or any trademark or service mark of Practice Fusion or any affiliate of Practice Fusion, without obtaining Practice Fusion's prior written consent.
12.6. HEADINGS; INTERPRETATION; SEVERABILITY
Sections, titles or captions in no way define, limit, extend or describe the scope of this Agreement nor the intent of any of its provisions. The words "include", "includes" and "including" shall be deemed to be followed by the phrase "without limitation." The word "will" shall be construed to have the same meaning and effect as the word "shall." The word "or" shall be construed to have the same meaning and effect as "and/or." The words "herein", "hereof' and "hereunder", and words of similar import, shall be construed to refer to this Agreement in its entirety and not to any particular provision hereof. The headings used in this Agreement are used for convenience only and are not to be considered in construing or interpreting this Agreement. If any provision of this Agreement is held to be invalid, illegal or unenforceable (whether in whole or in part): (i) such holding shall not affect the validity, legality or enforceability of any other provisions of this Agreement; and (ii) such invalid, illegal or unenforceable provision shall be deemed modified to the extent, but only to the extent, necessary to make such provision valid, legal and enforceable.
12.7. GOVERNING LAW/VENUE
This Agreement will be governed by and construed in accordance with the laws of the State of California, excluding the conflict of laws principles thereof or of any other jurisdiction. The Parties hereby consent to: (a) personal jurisdiction of and venue in the state or federal courts located in and serving the City and County of San Francisco, California; and (b) to service of process being effected upon them by registered mail sent to the addresses set forth in this Agreement. Each Party waives a jury trial in any matter arising out of or relating to this Agreement.
12.8. ENTIRE AGREEMENT; WAIVER; AMENDMENT
This Agreement sets forth the entire agreement of the Parties as to its subject matter and supersedes all prior agreements, negotiations, representations, and promises between them with respect to its subject matter, whether written or oral. A waiver of rights under this Agreement will not be effective unless it is in writing and signed by an authorized representative of the Party that is waiving such rights. The failure of either Party to require the performance of any obligation of this Agreement, or the waiver by either Party of any breach of this Agreement, shall not act as a bar to subsequent enforcement of such term or obligation or be deemed a waiver of any subsequent breach. This Agreement may not be amended or modified by the Parties in any manner, except by an instrument in writing signed on behalf of each of the Parties to which such amendment or modification applies by a duly authorized officer or representative.
This Agreement may be executed and delivered in one (1) or more counterparts, by facsimile, email, in person or otherwise, each of which will be deemed an original, but all of which together will constitute one (1) and the same instrument.
IN WITNESS WHEREOF, the Parties hereto have caused this Agreement to be executed by their respective duly authorized officers or representatives as of the Effective Date.
Address for Notices:
PRACTICE FUSION, INC.
305 Church at North Hills St.
Raleigh, NC 27609
Date of last revision: March 31, 2023