Sanomics Portal: Terms and Conditions of Use
Last Updated: 8th April, 2019 Effective from: 8th April, 2019
THIS IS A LEGALLY BINDING AGREEMENT BETWEEN SANOMICS LIMITED (“Sanomics” or “we” or “us”) AND YOU. BY SIGNING THE CONSENT FORM OR BY OTHERWISE SIGNING UP OR FOR AN ACCOUNT, OR BY ACCESSING OR USING THE SANOMICS PORTAL AND SERVICES (DEFINED BELOW), YOU AGREE TO BE BOUND BY THESE TERMS AND CONDITIONS (THIS AGREEMENT), WHICH FORM A LEGALLY BINDING CONTRACT. PLEASE READ THIS AGREEMENT CAREFULLY, AND DO NOT SIGN UP FOR AN ACCOUNT OR USE THE SERVICES IF YOU ARE UNWILLING OR UNABLE TO BE BOUND BY THIS AGREEMENT. YOU AND WE ARE COLLECTIVELY REFERRED TO AS THE “PARTIES”.
Privacy Notice and Consent for Processing Personal Data of Users of the Sanomics Portal
Data shared on Sanomics Portal will contain personal identifiable information (PII) and protected health information (PHI). Sanomics is committed to compliance with the Personal Data (Privacy) Ordinance (Cap. 486) ("PDPO") and all other laws of Hong Kong Special Administrative Region (“Laws of HKSAR”). The PII provided by you to Sanomics will be data of you and/ or your patients that is provided either by you, your Authorized Workforce (as defined below), or your patients. Data generated by Sanomics, such as patient test result reports, will be generated and sent to you by Sanomics as the controller (“Controller”) of the data. By agreeing to this Agreement, you consent to the following:
1. Submit the PII data (include your name, address, email address, phone number, specialty, title, and any other information) supplied by you to set up your portal account to Sanomics’s location in Hong Kong Special Administrative Region (“HKSAR”) for the purpose of facilitating the provision of Sanomics’ services to your patients upon your requests;
2. Storage of yourPII data on Sanomics portal and other secure servers operated by Sanomics.
3. Use of your PII data to contact you regarding your patients;
4. Use of your PII data to contact you regarding educational information about Sanomics’ products and services; and
5. Use of your personal data to notify you of any advocacy opportunities, such as Advisory Boards, which may be available at Sanomics.
You are responsible for maintaining the confidentiality of all laboratory reports and other PII and PHI, which you access via the Services in accordance with local requirements. You will maintain appropriate privacy and security with regard to all personnel, systems, and administrative processes used by you or members of your Authorized Workforce, to transmit, store and process PHI through the use of the Services. As a health care provider, you represent that you will abide by all applicable the Law of HKSAR obligations with respect to use of the Services and acknowledge that Sanomics is not responsible for any non-compliance of laws done by you.
You may grant access to records available via the Services to other healthcare professionals (“Authorised Persons”). It is your responsibility to revoke access to such Authorised Persons promptly when you do not want them have access to such records.
If you are granted access rights to PHI available via the Services by another healthcare provider, you may use such information solely for purposes permitted by the Law of HKSAR, including patient treatment and health care operational purposes; provided that: (i) you may access only information pertaining to individuals with whom you have a treatment relationship or for whom a provider who has a treatment relationship with the individual has requested a professional consultation from you; or (ii) you have received authorization from a patient to access and use their health information.
Grant of Rights
Sanomics grants to you a non-exclusive, personal, non-transferable, limited right to access and use the Sanomics Portal and its related services and/or any other services offered to or through this website (collectively, the “Services”), in accordance with and subject to your full compliance with the terms and conditions set forth in this Agreement. You will not: (a) make the Services, in whole or in part, available to any other person, entity or business other than as expressly permitted herein; (b) copy, reverse engineer, decompile or disassemble the Services, in whole or in part, or otherwise attempt to discover the source code to any software that may be used by or in connection with the Services; or (c) modify, combine, integrate, render interoperable, or otherwise access for purposes of automating data conversion or transfer, the Services with any other service or software not provided or approved by us. You obtain no rights to the Services except for those rights that are expressly granted herein.
Access to the Services
The Services are targeted to made available to physicians and health care providers who order Sanomics testing services, to members of a Sanomics Portal’s Authorized Workforce (as defined and described below) and to authorized Sanomic’s official staff who manage data for many health care providers.
User of Record
Users and individuals who register for an account on behalf of a User must provide their full legal name and their organization information as part of the registration process. The user in whose name an account is established serves as that account’s “User of Record”. Only the User of Record is entitled to the rights, remedies or benefits under this Agreement.
For purposes of this Agreement, the term “Authorized Workforce” means those individuals who are employees, volunteers, interns, trainees, and other persons whose conduct, in the performance of work for Sanomics, is under the direct control of such Sanomics, whether or not paid by the Sanomics, and who Sanomics has identified using the Sanomics Portal as authorized to access the Services on their behalf. If you are a member of a Sanomics’s Authorized Workforce, and such Sanomics has authorized you to access the Services on its behalf by authorizing Sanomics to create a unique set of “Credentials” (i.e., username and password) for you, then you are authorized under this Agreement to access the Services solely on behalf and at the direction of such Provider. As such, you may sign in and use the functionality of the Services solely on behalf and at the direction of such User. You are solely responsible for all activities occurring under the User of Record’s account and/or using your Credentials. You consent to and authorize the disclosure to such User of any content related to, or otherwise generated by your use of the Services, including secure messages sent or received using your Credentials. You hereby agree and acknowledge that you are subject to, and we may enforce against you, all of the covenants, obligations, restrictions, limitations, acknowledgements, consents, representations and warranties set forth in this Agreement that are applicable to the person addressed as “you” in this Agreement, and you hereby grant and make all rights, waivers and releases set forth in this Agreement that are granted and made by the person addressed as “you” in this Agreement, but you are entitled to none of, and hereby waive and agree not to exercise or assert any of, the rights, remedies or benefits under this Agreement other than the limited, non-exclusive, non-transferable, personal right under this paragraph to sign in and use the functionality of the Services solely on behalf and at the direction of such Provider. Notwithstanding anything contained herein, you acknowledge that your access to the Services may be terminated by the Provider or us at any time, for any reason or no reason at all, with or without notice. By (i) accessing any of the Services under a Provider’s account(s), or (ii) contacting us by any means and requesting or directing us to take any action with respect to any Provider’s account(s) or data held by such account(s), or (iii) asserting any right or authority with respect to such account(s) or data, you represent and warrant that you have the authority to act on such Provider’s behalf and that you are not using the Services, or otherwise engaging in the activities described in clauses (i) through (iii) above, for the benefit or at the direction, of any person or entity other than such Provider.
A Provider of Record may grant a Consulted Provider access to patient records for consulting purposes. As a Consulted Provider, you attest that you are a healthcare provider authorized to handle protected health information and to view the shared patient’s report. You will not use the information shared with you for any purpose but to consult on the shared patient’s care, as requested by the Provider of Record.
Your Authorized Workforce
You may permit your Authorized Workforce to use the Services on your behalf, subject to the terms of this Agreement. In such event, you will:
• Require each member of your Authorized Workforce to have unique Credentials, and will provide valid institution email addresses to Sanomics of each such member for which you are seeking access;
• Train all members of your Authorized Workforce in the requirements of this Agreement and the Policies and Procedures relating to their access to and use of the Sanomics Provider Portal and Services, and ensure that they comply with such requirements;
• Suspend and/or terminate access to and use of the Services by any member of your Authorized Workforce who violates the terms of this Agreement or the Sanomics Provider Portal Policies and Procedures, and notify Sanomics of the same;
• Ensure that only the person to whom a specific set of Credentials has been assigned accesses the Services with such Credentials; and
• Immediately notify us using the Sanomics Portal of the termination of employment of any member of your Authorized Workforce, or of your withdrawal of authorization for any such person to access the Services.
You agree that your use of the Services is subject to verification by us of your identity and credentials as a health care provider, and to your ongoing qualification as such. As a registered user, you will have log-in information, including a username and password. Your account is personal to the primary account holder, and you may not share your account and log-in information with, or allow access to your account by, any third party. As you will be responsible for all activity that occurs under your account and access credentials, you should take care to preserve the confidentiality of your username and password, and any device that you use to access the Service.
By signing up for the Services, you agree to receive email notifications about the service, permissions and access changes, and information about our products and services.
No Third-Party Access
Except as required by law, you will not permit any third party (other than persons who satisfy the definition of Authorized Workforce member and meet the requirements set forth above) to use or access the Services without our prior written agreement. Nor will you authorize or assist any person or entity in accessing, or attempting to access, any portion of the Services via any means other than a commercial browser (such as Internet Explorer, Mozilla Firefox, Safari, or Chrome) or an authorized mobile application developed and operated by us.
You will promptly notify us in writing of any order or demand for compulsory disclosure of health information if the disclosure requires access to or use of the Services by a party other than you or the Authorized Workforce. You will cooperate fully with us in connection with any such demand.
You will notify us if you suspect that your Credentials or the credentials of a member of your Authorized Workforce may have been compromised. You will also notify us in writing in the event that you become aware that any person or entity, whether or not a member of your Authorized Workforce, (a) attempts to access the Services by any means other than a commercial browser, (b) claims to offer a service or system that “integrates with” our Services or (c) requests to use your Credentials or requests that you obtain Credentials in order to access the Services in a manner that would violate this Agreement if you engaged in such activity.
Compliance with Law
You are solely responsible for ensuring that your use of the Services complies with the Law of HKSAR and other laws relating to the maintenance of the privacy, security, and confidentiality of PHI and PII. You will not grant any user, including members of your Authorized Workforce, any rights to access or use of our Services that they would not be allowed to have under applicable laws. We offer no assurance that your use of the Services under the terms of this Agreement will not violate any law or regulation applicable to you. Except as otherwise provided in this Agreement, we will keep information that you or your Authorized Workforce input or upload onto the Services private and will not share it with third parties, unless we believe in good faith that disclosure of Your Information is necessary to (i) comply with a court order, warrant or other legal process, (ii) protect the rights, property or safety of Sanomics or others, (iii) investigate or enforce suspected breaches of this Agreement, or (iv) allow our third-party partners to comply with their obligations under federal, state or local laws.
ACCESS TO THE SERVICES AND THE INFORMATION MAINTAINED VIA THE SERVICES IS PROVIDED “AS IS” AND “AS AVAILABLE” WITHOUT ANY WARRANTY OF ANY KIND, AND WE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, STATUTORY OR OTHERWISE, INCLUDING BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, AND TITLE. YOU ARE SOLELY RESPONSIBLE FOR ANY AND ALL ACTS OR OMISSIONS TAKEN OR MADE IN RELIANCE ON THE SERVICES, INCLUDING THE ACTS OR OMISSIONS OF MEMBERS OF YOUR AUTHORIZED WORKFORCE, OR THE INFORMATION IN THE SERVICES, INCLUDING INACCURATE OR INCOMPLETE INFORMATION.
You hereby agree to indemnify, defend, and hold harmless us and other users, and our and their respective affiliates, officers, directors, employees and agents, from and against any claim, cost or liability, including reasonable attorneys’ fees, arising out of or relating to: (a) the use of the Services by you or your Authorized Workforce; (b) any breach by you or your Authorized Workforce of any representations, warranties or agreements contained in this Agreement; (c) the actions of any person gaining access to the Services under Credentials assigned to you or a member of your Authorized Workforce; (d) the actions of anyone using Credentials assigned to you or any member of your Authorized Workforce that adversely affects the Services or any information accessed through the Services; and (e) your negligent or willful misconduct, or that of any member of your Authorized Workforce. Your indemnification obligations in this Agreement are cumulative, and are not intended to, nor do they, limit your indemnification obligations elsewhere in this Agreement or at law, even if such obligations arise or are occasioned or triggered by a single assertion, claim, circumstance, action, event or transaction.
Limitation of Liability
IN NO EVENT SHALL SANOMICS BE LIABLE FOR ANY SPECIAL, INDIRECT, CONSEQUENTIAL, OR EXEMPLARY DAMAGES, INCLUDING BUT NOT LIMITED TO, LOSS OF PROFITS OR REVENUES, LOSS OF USE, LOSS OF GOODWILL, OR LOSS OF INFORMATION OR DATA.
Changes to these Terms
Sanomics may revise or modify these Terms from time to time or impose new conditions on the use of the Services. Such changes, revisions, or modifications shall be effective immediately upon notice to you, which may be given by any means, including, without limitation, posting on the Portal or by e-mail. Any use of the Services by you after such notice shall be deemed to constitute acceptance of such changes, revisions, or modifications.
© 2019 Sanomics Limited. All rights reserved.