...

2.  Applicable laws or agreements. You may not use the API in violation of any law or regulation, or rights of any person, including but not limited to intellectual property rights, rights of privacy, or rights of personality, or in any manner inconsistent with this API TOS or other NeoDeck’s agreements to which you are subject.

3.  Scope of acceptable use. You may not use the API or any other technology in a manner that accesses or uses any information beyond what NeoDeck allows under this API TOS; that changes NeoDeck Service; that breaks or circumvents any of NeoDeck’s technical, administrative, process or security measures; that disrupts or degrades the performance of the NeoDeck Service; or that tests the vulnerability of NeoDeck systems or networks.

4.  Malware. You may not transmit any viruses or other computer programming that may damage, detrimentally interfere with, surreptitiously intercept, or expropriate any system or data.

5.  Reverse engineering. You may not attempt to reverse engineer or otherwise derive source code, trade secrets, or know-how in the API or portion thereof.

6.  Functionality. You may not use the API to replicate or compete with core products or services offered by NeoDeck. You acknowledge and agree that NeoDeck has or may in the future offer products or services that are similar to your Application and nothing will prevent NeoDeck from doing so;

7.  Commercial Use. You may charge for your Application. However, you may not sell, rent, lease, sublicense, redistribute, or syndicate access to the API.

8.  Advertising. You may place advertisements on and around your Application. However, you may not:

   1. Place any advertisements within NeoDeck Service channels, and your advertisements may not resemble or be reasonably likely to confuse users as being a NeoDeck Service message.

   2. Use Data or any content from NeoDeck in any advertisements or for purposes of targeting advertisements, in your Application or elsewhere; or

   3. Use contact information obtained from NeoDeck (including email addresses) to contact NeoDeck users outside of NeoDeck without their express permission.

9.  Distribution of your application. You may not distribute or allow access to the APIs to anyone other than, if applicable, the company on whose behalf you entered into this API TOS. Anyone who wants to access our APIs must agree to be bound by this API TOS.

10. Use of NeoDeck Brands or Marks. You must not use NeoDeck Brands in a way that suggests your service is endorsed by, sponsored by, or associated with NeoDeck.

Security Measures

2.  Protections. The network, operating system and software of your web servers, databases, and computer systems (collectively, “Your Systems”) must be properly configured to securely operate your Application and store Data. Your Application must use reasonable security measures to protect your users’ information. You must not architect or select Your Systems in a manner to avoid the foregoing obligation.

3.  Reporting. You must promptly report any security deficiencies in, or intrusions to, your Systems to NeoDeck in writing via email to cs@nd-soft.com or subsequent contact information posted on the Developer Site. This includes any unauthorized access, use, disclosure or destruction of Data. You will work with NeoDeck to immediately correct any security deficiency and will immediately disconnect any intrusions or intruder. In the event of any security deficiency or intrusion involving the Application, NeoMed’s API Service or Data, you will make no public statements regarding such deficiencies or intrusions (e.g., press, blogs, social media, bulletin boards, etc.) without prior written and express permission from NeoDeck in each instance.

4. HIPAA. Developer understands and agrees that these Terms prohibit the access to and use of NeoMed end-users’ hosted application data including all Protected Health Information (“PHI”) as defined by the Health Insurance Portability and Accountability Act (“HIPAA”), unless such access is arranged directly between the Developer and the NeoMed end-user, whose relationship with the Developer may require a separate Business Associate Agreement between those two parties and otherwise comply with all applicable laws.

5. Confidentiality. Developer acknowledges and agrees that the Access Credentials comprise highly sensitive and confidential information of NeoMed (“NeoMed Confidential Information”). Developer agrees to treat the Access Credentials, together with any other information or documentation provided by NeoMed in connection with the Access Credentials, whether in tangible, electronic, oral or other format, as highly confidential information and retain it in confidence using the same degree of care it uses with respect to its own highly confidential information, but in no event less than reasonable care for such information. Developer specifically agrees that the NeoMed Confidential Information will be accessible only by those employees and third-party consultants who (i) are directly involved with the Developer Programs; (ii) have a definite need to access the NeoMed Confidential Information and other information; and (iii) have entered into appropriate agreements with Developer binding them, as individuals or business entities, to the terms of agreements, including without limitation these Terms, entered into between Developer and third parties. NeoMed shall treat confidential information received from Developer on the same basis as set forth above (“Developer Confidential Information”).

   Confidential Information of either party hereunder shall not include information that: (a) is or becomes a part of the public domain through no act or omission of the other party; (b) was in the other party's lawful possession prior to the disclosure and had not been obtained by the other party either directly or indirectly from the disclosing party; (c) is lawfully disclosed to the other party by a third party without restriction on disclosure; or (d) is independently developed by the other party. For the avoidance of doubt, nothing in these Terms shall be construed to prohibit or restrict any communication in a manner that violates the Condition of Certification at 45 C.F.R. § 170.403(a). Further, Developer shall not impose any prohibition or restriction on any third party that prohibits or restricts any communication in a manner that violates the Condition of Certification.

   The confidentiality obligations under this Section of these Terms shall survive termination of Developer’s access to the Access Credentials for any reason. The parties acknowledge that money damages will not be an adequate remedy if the Confidentiality provisions of these Terms are breached and, therefore, either party may, in addition to any other legal or equitable remedies, seek injunctive or other equitable relief against such breach or threatened breach without the necessity of posting any bond or surety. In the event that either party is requested or required for the purposes of legal, administrative, or arbitration to disclose any Confidential Information, the party receiving such disclosure request will provide the other party with immediate written notice of any such request or requirement so that such party may seek an appropriate protective order or other relief.

Government Access. You will not knowingly:

1.  Allow or assist any government entities, law enforcement, or other organizations to conduct surveillance or obtain data using your access to the API in order to avoid serving legal process directly on NeoDeck. Any such use by you for law enforcement purposes is a breach of this API TOS.

2.  Display, distribute or otherwise make available Data or any Application to any person or entity that you reasonably believe will use Data to violate the Universal Declaration of Human Rights (located at http://www.un.org/en/documents/udhr/), including without limitation Articles 12, 18, or 19. You will not conduct and your Application will not provide analyses or research that isolates a small group of individuals or any single individual for any unlawful or discriminatory purposes. Exemptions to these restrictions may be requested for exigent circumstances and are subject to prior written approval from NeoDeck.

Term and Termination

1.  Duration of Terms. This API TOS will go into effect on the date upon which you agree to them, by accessing or using the API, and will continue until terminated as set forth herein.

2.  Your Right to Terminate. You may terminate this API TOS by discontinuing use of our APIs.

3.  Suspension; Termination. We may change, suspend or discontinue the access to the API Service and suspend or terminate your use of the API Services, the NeoDeck Services, and/or NeoDeck / NeoMed Brand at any time and for any reason, without notice. Without limiting the foregoing, we may limit your Application's access to the API Service if it, in our sole discretion, may negatively affect our Service or our ability to provide our Service.

4.  Effect of Termination. Upon termination of this API TOS:

   1. Unless we agree otherwise in writing or as stated in this API TOS, you must permanently delete all Data and other information that you stored pursuant to your use of the APIs. NeoDeck may request that you certify in writing your compliance with this section; and

   2. NeoDeck will make commercially reasonable efforts to remove all references and links to your Application from its Services (NeoDeck has no other obligation to delete copies of, references to, or links to your Application).

5. Other Important Terms.

   1.  Legal Representations. You represent and warrant to NeoDeck that, excluding NeoDeck products, you have the right to use, reproduce, transmit, copy, publicly display, publicly perform, and distribute your Application, and that use of your Application by NeoDeck and its users will not violate the rights of any third party (e.g., copyright, patent, trademark, privacy, publicity or other proprietary right of any person or entity), or any applicable regulation or law, including the Digital Millennium Copyright Act, the laws of any country in which your Application is made available and any applicable export laws.

   2.  Modification of the API TOS. We may change, add to or delete this API TOS or any portion thereof from time to time in our sole discretion. If we make a material change to this API TOs, we will provide you with reasonable notice prior to the changes either by emailing to the email address associated with your account or by posting a notice on the Developer Site. You acknowledge that these updates and modifications may adversely impact how you access, use, and communicate with the API. If any change in unacceptable to you, then your only recourse is to cease all use of the API Service. Your continued access or use of the API Service will mean that you agree to the updates and modifications.

   3. Responsibility for Modification of Data. Developer acknowledges that, where permitted by NeoMed end-users, use of the Certified FHIR APIs can result in changes to NeoMed end-users’ hosted application data. Developer accepts full and complete responsibility for changes to such data made by means of access to the Certified FHIR APIs by or on behalf of Developer and/or Developer App, or by means of access by any third party to the extent such third party obtained access to the Certified FHIR APIs as a result of intentional disclosure by Developer or any breach of these Terms or any negligence by Developer, its personnel, agents or third-party contractors. NeoDeck has no liability under these Terms for any such changes, or for any consequences that may arise from such changes, including, but not limited to, incorrectly modified or lost data.

   4. Audit
      Developer agrees that if NeoDeck has reason to suspect that Developer may be in violation of the Developer Terms, NeoDeck may conduct an audit of Developer’s use of the License granted hereunder upon reasonable notice to Developer, but not less than three (3) business days.

...