Terms of Service | AI for EM Documentation & Decision Support

These Terms of Service govern your use of our software applications ("apps"), our website located at https://www.palm-ER.com, and any related services provided by palmER Worldwide LLC.

When you use our software, whether via mobile, web, or any other platform, you agree to abide by these Terms of Service and to comply with all applicable laws and regulations. If you do not agree with these Terms of Service, you are prohibited from further using our software, accessing our website, or using any other services provided by palmER Worldwide LLC.

By accepting these Terms, you also enter into our Business Associate Agreement (the "BAA") if you are a Covered Entity or you submit Protected Health Information (PHI) through the services. The BAA is incorporated by reference and attached as Schedule A. All clinical use that involves PHI is governed by the BAA.

We, palmER Worldwide LLC, reserve the right to review and amend any of these Terms of Service at any time and at our sole discretion. Thus, you are advised to review this page for any changes. We will notify you of any changes by posting the new Terms of Service on this page. Any changes to these Terms of Service will take effect immediately from the date of publication.

Privacy Policy

Our Privacy Policy explains how we collect, use, and protect your information. By using our services, you also agree to the terms outlined in our Privacy Policy.

We employ commercially reasonable safeguards to protect your data, including encryption at rest and in transit, access control measures, and secure infrastructure. However, no system can be 100% secure, and you acknowledge that you use our services at your own risk. To the extent of any conflict between the Privacy Policy and the BAA with respect to PHI, the BAA controls.

HIPAA Business Associate Agreement

By accepting these Terms of Service, you also accept and agree to the Business Associate Agreement (attached as Schedule A and incorporated by reference). The BAA becomes effective on the earlier of your acceptance of these Terms or the date we first receive, create, maintain, or transmit PHI for you.

All uses and disclosures of PHI through our services are subject to the BAA. In the event of any conflict between these Terms of Service and the BAA, the BAA will prevail with respect to PHI.

License to process PHI: You grant us a limited, non-exclusive, non-transferable license to use, process, transmit, store, and disclose PHI solely as necessary to provide the services under these Terms and the BAA, including proper management and administration, legal compliance, security, and de-identification under 45 CFR 164.514. We will not sell PHI or use PHI for marketing.

If your organization requires a separate, signed version of the BAA, you may request one by contacting us at baa@palm-ER.com.

Definitions

PHI (Protected Health Information): Information defined at 45 CFR 160.103, including electronic PHI (ePHI), that relates to the past, present, or future physical or mental health or condition of an individual, the provision of healthcare to an individual, or payment for healthcare, and that identifies the individual or could reasonably be used to identify the individual.
AI-generated content: Text or other outputs generated by artificial intelligence models integrated within our applications.
Clinical decision support: Tools and outputs intended to assist healthcare professionals with clinical decision-making, not to replace their professional judgment.

Limitations of Use

By using our software and website, you warrant on behalf of yourself, any entity who you represent who has entered into these Terms of Service, and your users that you will not:

Modify, copy, prepare derivative works of, decompile, or reverse engineer our software or any materials and software contained within;
Remove any copyright or proprietary notations from our software or website;
Transfer or "mirror" the software or associated materials to another server or person;
Knowingly or negligently use our services in a way that abuses or disrupts our networks or any other service we provide;
Use our software in violation of any applicable laws or regulations;
Infringe the privacy, intellectual property rights, or other rights of third parties;
Create multiple accounts to circumvent trial limitations or subscription requirements;
Use false information to access additional free trials;
Share or transfer trial access to unauthorized users.

We may integrate with third-party services (such as OpenAI, Anthropic, Supabase, Google, Stripe, and Customer-io). Your interactions with these services are governed by their respective terms and privacy policies. We are not responsible for their actions, omissions, or data practices.

Intellectual Property

The intellectual property in the materials in our software and on our website is owned by or licensed to palmER Worldwide LLC. You may use the software solely for your internal professional use and in compliance with these Terms and the BAA when handling PHI.

This constitutes the grant of a license, not a transfer of title. This license terminates automatically if you violate these Terms of Service and may be terminated by us at any time. We do not acquire any ownership rights in your PHI or other customer data; you grant us the limited license described in the HIPAA section to operate the services.

Subscriptions and Billing

Our apps may offer subscription-based access to certain features or services, including but not limited to palmER AI Suite and palmEM AI.

For web-based subscriptions (e.g., palmER AI Suite), all payments are securely processed via Stripe. Subscriptions renew automatically unless canceled before the end of the current billing cycle. Upon cancellation, access continues until the end of the billing period. We do not offer partial refunds for unused time unless required by law.
For mobile app subscriptions (e.g., palmEM AI on iOS and Android), billing is handled by Apple or Google, depending on your device. All refunds for purchases made via the App Store must be requested through Apple. For Google Play purchases, refunds may be requested through your account or by contacting us at support@palm-ER.com.
If you subscribed via one platform (e.g., web or mobile), cancellation and refund policies are governed by that platform. We cannot process refunds for subscriptions purchased through third-party marketplaces.
We do not store or directly handle your credit card or payment details. All payment processing is handled by secure third-party providers (Stripe, Apple, or Google) in accordance with their own privacy and security policies.

By subscribing, you authorize the applicable platform to charge your payment method on a recurring basis in accordance with their terms and conditions. You are responsible for managing your own subscription settings, including cancellation or changes, through your account on the platform used for purchase.

Trial and Account Restrictions

One Trial Per User Policy

Each individual user is entitled to only one free trial of our services, regardless of the number of email addresses, devices, or accounts they may create. Trials are limited to one per person.

Prohibited Account Activities

You are prohibited from:

Creating multiple accounts to access additional free trials;
Using different email addresses to circumvent trial limitations;
Sharing account credentials with others to extend trial access;
Using technical measures (VPNs, device spoofing, etc.) to appear as a new user;
Creating accounts on behalf of others solely to access additional trials.

Detection and Enforcement

We employ technical measures to detect potential trial abuse, including but not limited to device fingerprinting, IP address tracking, and behavioral analysis. We reserve the right to:

Immediately terminate accounts that violate these restrictions;
Deny trial access to users we reasonably believe have already used a trial;
Require verification of identity before granting trial access;
Block access from devices or networks associated with trial abuse.

Account Termination for Abuse

Violation of these trial restrictions may result in immediate account termination without notice and permanent disqualification from future trial access. We reserve the right to pursue additional remedies as permitted by law.

Liability

Our apps and the materials in our apps and on our website are provided on an "as is" basis. To the extent permitted by law, palmER Worldwide LLC makes no warranties, expressed or implied, and hereby disclaims and negates all other warranties including, without limitation, implied warranties or conditions of merchantability, fitness for a particular purpose, or non-infringement of intellectual property, or other violation of rights.

In no event shall palmER Worldwide LLC or its suppliers be liable for any consequential loss suffered or incurred by you or any third party arising from the use or inability to use our apps, our website, or any other services provided by palmER Worldwide LLC or the materials in our apps, even if palmER Worldwide LLC or an authorized representative has been notified, orally or in writing, of the possibility of such damage.

In the context of this agreement, "consequential loss" includes any consequential loss, indirect loss, real or anticipated loss of profit, loss of benefit, loss of revenue, loss of business, loss of goodwill, loss of opportunity, loss of savings, loss of reputation, loss of use and or loss or corruption of data, whether under statute, contract, equity, tort (including negligence), indemnity, or otherwise.

Our software is intended to be used as educational tools and is not a substitute for professional medical advice or treatment. Our software is not intended to replace the clinical judgment and expertise of a healthcare professional, nor the consultation of authoritative sources like medical textbooks, drug prescribing information, and professional and institutional guidelines. Although significant effort is put into creating and maintaining the content, we do not warrant or guarantee its accuracy or currency. It is the responsibility of the user to confirm the accuracy of all content. The information within our software is based primarily on clinical practice standards within the United States of America and may not be appropriate for use in other countries. The user is advised to consult authoritative sources before making any clinical decisions. Before prescribing or administering any drug, the user must review the manufacturer's current product information or package insert for accepted indications, dosage, adverse effects, contraindications and any other information pertinent to appropriate use. The developer assumes no responsibility for any loss, injury, and or damage to persons or property arising from or related to any use of our products. By using our software, the user assumes liability for and shall indemnify, defend, protect, save, and hold harmless palmER Worldwide LLC, its directors, officers, and agents, from and against any and all liabilities, claims, demands, suits, judgments, damages, and losses (including all costs, fees, and expenses in connection therewith or incident thereto), for death of, or injury or harm to, any person whomsoever, and for loss of, damage to, or destruction of any property whatsoever, including any loss of use thereof.

Medical Liability Limitation

To the maximum extent permitted by law:

Our software does not diagnose, treat, or cure any disease;
We are not responsible for medical decisions based on our software;
We disclaim liability for adverse clinical outcomes;
Users are responsible for all patient care decisions;
These limitations apply regardless of software use context.

Because some jurisdictions do not allow limitations on implied warranties, or limitations of liability for consequential or incidental damages, these limitations may not apply to you.

Healthcare Professional Use

If you are a healthcare professional:

Maintain professional licenses and compliance with all applicable laws and regulations;
Validate and customize all AI-generated content before clinical use;
You are solely responsible for all clinical decisions;
When handling PHI, comply with all requirements of the BAA (Schedule A) and applicable privacy laws including HIPAA.

Healthcare professionals who are Covered Entities or who work for Covered Entities are responsible for ensuring compliance with HIPAA and all other applicable healthcare privacy regulations when using our services.

Validation Requirement for AI-Generated Content

All AI outputs must:

Be verified by a licensed clinician before any clinical application;
Be treated as educational resources only;
Be customized per individual case and clinical context;
Not be used as the sole basis for clinical decisions.

Responsible Use of Protected Health Information

If you are using our services to handle PHI:

You must comply with all requirements set forth in the BAA (Schedule A);
You are responsible for obtaining all necessary patient authorizations and consents as required by law;
You must implement appropriate safeguards in accordance with HIPAA and other applicable regulations;
You agree to use PHI only for the purposes permitted under the BAA and applicable law.

We maintain HIPAA-compliant security standards and will fulfill our obligations as a Business Associate as set forth in Schedule A. However, you remain responsible for your own compliance obligations as a Covered Entity, including but not limited to ensuring that you have the legal right to share PHI with us.

Decision Support Tool Limitations

Clinical tools:

Assist but do not replace professional clinical judgment;
May not account for all relevant clinical factors;
Should not be solely relied upon for clinical decision-making;
Are based on generalized medical knowledge and may not apply to specific patient circumstances.

No Guarantee of Clinical Outcomes

We do not guarantee:

Accuracy or completeness of clinical suggestions or recommendations;
Completeness of differential diagnoses;
Suitability of clinical workflows for specific patient populations;
Any particular clinical results or patient outcomes.

Indemnification by Healthcare Users

You agree to indemnify, defend, and hold harmless palmER Worldwide LLC, its officers, directors, employees, and agents from and against any and all claims, liabilities, damages, losses, and expenses arising from or relating to:

Your use of our software;
Any violations of HIPAA or other healthcare privacy regulations;
Regulatory actions related to your use of our services;
Medical malpractice or confidentiality breaches related to your use of our software.

Beta and Trial Disclaimer

Trial and beta features:

Are provided "as is" without warranties or technical support guarantees;
May be modified, discontinued, or removed at any time without notice;
Must be independently validated before any clinical use;
Should not be relied upon for critical clinical decisions.

Right to Terminate

We may terminate your account:

Immediately for breach of these Terms of Service, including trial abuse or multiple account creation;
For suspected fraudulent activity or circumvention of subscription policies;
For violation of the Business Associate Agreement;
With or without cause, upon reasonable notice.

Upon termination, our and your obligations regarding the return or destruction of PHI are governed exclusively by the BAA (Schedule A).

Notice regarding Apple

To the extent that you are using or accessing our apps on an iOS device, you acknowledge and agree to the terms of this clause. You acknowledge that these Terms of Service are between you and palmER Worldwide LLC only, not with Apple Inc. (Apple), and Apple is not responsible for our apps and any materials available in our apps.

Apple has no obligation to furnish you with any maintenance and support services with respect to our apps.

If our apps fails to conform to any applicable warranty, you may notify Apple and Apple will refund the purchase price of the mobile application to you. To the maximum extent permitted by applicable law, Apple will have no other warranty obligation whatsoever with respect to our apps and any other claims, losses, liabilities, damages, costs, or expenses attributable to any failure to conform to any warranty will be our responsibility.

Apple is not responsible for addressing any claims by you or any third party relating to our apps or your use of our apps, including but not limited to (1) product liability claims; (2) any claim that our mobile applications fail to conform to any applicable legal or regulatory requirement; and (3) claims arising under consumer protection or similar legislation.

Apple is not responsible for the investigation, defense, settlement, and discharge of any third-party claim that our mobile applications infringe that third party's intellectual property rights.

You agree to comply with any applicable third-party terms when using our apps, including any Usage Rules set forth in the Apple App Store Agreement of Service.

Apple and Apple's subsidiaries are third-party beneficiaries of these Terms of Service, and upon your acceptance of these Terms of Service, Apple will have the right (and will be deemed to have accepted the right) to enforce these Terms of Service against you as a third-party beneficiary of these Terms of Service.

You hereby represent and warrant that (1) you are not located in a country that is subject to a U.S. Government embargo, or that has been designated by the U.S. Government as a "terrorist supporting" country; and (2) you are not listed on any U.S. Government list of prohibited or restricted parties.

Arbitration and Dispute Resolution

Disputes shall be resolved by binding arbitration under AAA rules in Delaware. You waive jury trial and class actions. Nothing in this section limits either party's ability to comply with HIPAA, respond to or cooperate with the U.S. Department of Health and Human Services or other regulators, or seek injunctive relief to protect PHI or confidential information.

Severance

If a clause is unenforceable, it shall be severed, and the remainder shall remain valid.

Governing Law

These Terms are governed by the laws of the State of Delaware, without regard to conflict of law principles. All disputes shall be resolved through binding arbitration as outlined above, and not in a court of law, except to enforce arbitration decisions or seek injunctive relief. Nothing in this section limits either party's ability to comply with HIPAA, respond to or cooperate with the U.S. Department of Health and Human Services or other regulators, or seek injunctive relief to protect PHI or confidential information.

Subprocessors and Subcontractors

We may use subcontractors and subprocessors to provide the services. Where a subcontractor creates, receives, maintains, or transmits PHI on our behalf, we will maintain a written agreement that imposes obligations no less protective than those in the BAA. A current list of infrastructure and service subprocessors is available upon request at hipaa@palm-ER.com.

Contact Us

If you have questions or legal inquiries:

General Support: support@palm-ER.com
Privacy Inquiries: privacy@palm-ER.com
HIPAA Compliance: hipaa@palm-ER.com
BAA Requests: baa@palm-ER.com
Security Reporting: security@palm-ER.com
DMCA Complaints: dmca@palm-ER.com

SCHEDULE A: BUSINESS ASSOCIATE AGREEMENT

This Business Associate Agreement ("Agreement") is by and between palmER Worldwide LLC ("Business Associate") and you or the entity you represent ("Covered Entity"). This Agreement incorporates and is incorporated into the Terms of Service or other service agreement between the parties (the "Underlying Agreement"). Capitalized terms not defined here have the meanings in the HIPAA Rules or the HITECH Act. The Effective Date is the earlier of acceptance of the Terms of Service or the date Business Associate first receives, creates, maintains, or transmits Protected Health Information for Covered Entity.

DEFINITIONS

The following terms used in this Agreement shall have the same meaning as those terms in the HIPAA Rules: Breach, Data Aggregation, Designated Record Set, Disclosure, Health Care Operations, Individual, Minimum Necessary, Notice of Privacy Practices, Protected Health Information, Required By Law, Secretary, Security Incident, Subcontractor, Unsecured Protected Health Information, and Use.

Specific definitions:

(a) Business Associate: "Business Associate" shall generally have the same meaning as the term "business associate" at 45 CFR 160.103, and in reference to the party to this Agreement, shall mean palmER Worldwide LLC.

(b) Covered Entity: "Covered Entity" shall generally have the same meaning as the term "covered entity" at 45 CFR 160.103, and in reference to the party to this Agreement, shall mean you or the entity you represent.

(c) HIPAA Rules: "HIPAA Rules" shall mean the Privacy, Security, Breach Notification, and Enforcement Rules at 45 CFR Part 160 and Part 164.

(d) HITECH Act: "HITECH Act" means the Health Information Technology for Economic and Clinical Health Act, Public Law 111-5, and its implementing regulations.

(e) Underlying Agreement: "Underlying Agreement" means the Terms of Service or other written agreement under which Business Associate provides services to Covered Entity.

(f) De-identified Data: "De-identified Data" has the meaning set forth at 45 CFR 164.514(a) to (c).

OBLIGATIONS AND ACTIVITIES OF BUSINESS ASSOCIATE

Business Associate agrees to:

(a) Not use or disclose Protected Health Information other than as permitted or required by this Agreement or as Required By Law;

(b) Use appropriate safeguards, and comply with Subpart C of 45 CFR Part 164 with respect to electronic Protected Health Information, to prevent use or disclosure of Protected Health Information other than as provided for by this Agreement. Business Associate maintains administrative, technical, and physical safeguards appropriate to the size and complexity of its operations and the nature and scope of Protected Health Information processed, including encryption in transit and at rest, access controls, audit logging, and vulnerability management;

(c) Report to Covered Entity any use or disclosure of Protected Health Information not provided for by this Agreement of which it becomes aware, including Breaches of Unsecured Protected Health Information as required at 45 CFR 164.410, and any Security Incident of which it becomes aware. Business Associate shall provide such notification within ten (10) business days of becoming aware of such non-permitted use, disclosure, or Security Incident. If Business Associate determines a Breach of Unsecured Protected Health Information occurred, it shall provide written notice to Covered Entity without unreasonable delay and in no case later than thirty (30) calendar days after discovery, including the content required by 45 CFR 164.410(c). Notwithstanding the foregoing, the parties acknowledge the ongoing existence and occurrence of attempted but ineffective Security Incidents that are trivial in nature, such as pings and other broadcast service attacks, and Covered Entity acknowledges and agrees that no additional notification to Covered Entity of such ineffective Security Incidents is required, as long as no such incident results in unauthorized access, use, or disclosure of Protected Health Information;

(d) Mitigate, to the extent practicable, any harmful effect of a use or disclosure of Protected Health Information by Business Associate in violation of this Agreement that is known to Business Associate;

(e) In accordance with 45 CFR 164.502(e)(1)(ii) and 164.308(b)(2), ensure that any Subcontractors that create, receive, maintain, or transmit Protected Health Information on behalf of Business Associate are bound by a written agreement with restrictions and conditions no less protective than this Agreement with respect to such information;

(f) Make available Protected Health Information in a Designated Record Set to Covered Entity as necessary to satisfy Covered Entity's obligations under 45 CFR 164.524. Business Associate shall provide such information to Covered Entity within fifteen (15) business days of receiving a request from Covered Entity. Business Associate will not respond directly to Individuals unless directed in writing by Covered Entity. If Business Associate receives a request directly from an Individual, Business Associate will promptly forward it to Covered Entity;

(g) Make any amendment(s) to Protected Health Information in a Designated Record Set as directed or agreed to by Covered Entity pursuant to 45 CFR 164.526, or take other measures as necessary to satisfy Covered Entity's obligations under 45 CFR 164.526. Business Associate shall incorporate any such amendments within fifteen (15) business days of receiving direction from Covered Entity. Business Associate will not respond directly to Individuals unless directed in writing by Covered Entity. If Business Associate receives an amendment request directly from an Individual, Business Associate will promptly forward it to Covered Entity;

(h) Maintain and make available the information required to provide an accounting of Disclosures to Covered Entity as necessary to satisfy Covered Entity's obligations under 45 CFR 164.528. Business Associate shall provide such information to Covered Entity within thirty (30) days of receiving a request from Covered Entity. Business Associate will not respond directly to Individuals unless directed in writing by Covered Entity. If Business Associate receives an accounting request directly from an Individual, Business Associate will promptly forward it to Covered Entity;

(i) To the extent Business Associate is to carry out one or more of Covered Entity's obligation(s) under Subpart E of 45 CFR Part 164, comply with the requirements of Subpart E that apply to Covered Entity in the performance of such obligation(s);

(j) Make its internal practices, books, and records available to the Secretary for purposes of determining compliance with the HIPAA Rules; and

(k) When using, disclosing, or requesting Protected Health Information from Covered Entity, or in accordance with any provision of this Agreement, limit Protected Health Information to the minimum necessary to accomplish the intended purpose of the use, disclosure, or request, consistent with Covered Entity's minimum necessary policies and procedures.

PERMITTED USES AND DISCLOSURES BY BUSINESS ASSOCIATE

(a) Business Associate may only use or disclose Protected Health Information as necessary to perform the services set forth in the Underlying Agreement;

(b) Business Associate may use or disclose Protected Health Information as Required By Law;

(c) Business Associate agrees to make uses and disclosures and requests for Protected Health Information consistent with Covered Entity's minimum necessary policies and procedures;

(d) Business Associate may not use or disclose Protected Health Information in a manner that would violate Subpart E of 45 CFR Part 164 if done by Covered Entity, except for the specific uses and disclosures set forth below;

(e) Business Associate may use Protected Health Information for the proper management and administration of Business Associate or to carry out the legal responsibilities of Business Associate;

(f) Business Associate may disclose Protected Health Information for the proper management and administration of Business Associate or to carry out the legal responsibilities of Business Associate, provided the disclosures are Required By Law, or Business Associate obtains reasonable assurances from the person to whom the information is disclosed that the information will remain confidential and used or further disclosed only as Required By Law or for the purposes for which it was disclosed to the person, and the person notifies Business Associate of any instances of which it is aware in which the confidentiality of the information has been breached; and

(g) Business Associate may provide Data Aggregation services relating to the Health Care Operations of Covered Entity.

(h) Business Associate may de-identify Protected Health Information in accordance with 45 CFR 164.514(a) to (c). De-identified Data is not Protected Health Information and is not subject to this Agreement. Business Associate may use and disclose De-identified Data for lawful purposes, and will not re-identify or attempt to re-identify such data or contact Individuals.

PROVISIONS FOR COVERED ENTITY TO INFORM BUSINESS ASSOCIATE OF PRIVACY PRACTICES AND RESTRICTIONS

(a) Covered Entity shall notify Business Associate of any limitation(s) in the notice of privacy practices of Covered Entity under 45 CFR 164.520, to the extent that such limitation may affect Business Associate's use or disclosure of Protected Health Information;

(b) Covered Entity shall notify Business Associate of any changes in, or revocation of, the permission by an Individual to use or disclose his or her Protected Health Information, to the extent that such changes may affect Business Associate's use or disclosure of Protected Health Information;

(c) Covered Entity shall notify Business Associate of any restriction on the use or disclosure of Protected Health Information that Covered Entity has agreed to or is required to abide by under 45 CFR 164.522, to the extent that such restriction may affect Business Associate's use or disclosure of Protected Health Information. Covered Entity will not impose restrictions that would cause Business Associate to violate law or this Agreement; and

(d) Covered Entity warrants that it has obtained any necessary authorizations, consents, and other permissions that may be required under applicable law prior to transmitting Protected Health Information to Business Associate.

PERMISSIBLE REQUESTS BY COVERED ENTITY

Covered Entity shall not request Business Associate to use or disclose Protected Health Information in any manner that would not be permissible under Subpart E of 45 CFR Part 164 if done by Covered Entity, except for the uses and disclosures permitted under Sections (e), (f), and (g) of the "Permitted Uses and Disclosures by Business Associate" section above.

TERM AND TERMINATION

(a) Term: The Term of this Agreement shall be effective as of the Effective Date, and shall terminate when all of the Protected Health Information provided by Covered Entity to Business Associate, or created or received by Business Associate on behalf of Covered Entity, is destroyed or returned to Covered Entity, or, if it is infeasible to return or destroy Protected Health Information, protections are extended to such information, in accordance with paragraph (c) of this Section.

(b) Termination for Cause: A material breach by either party of any provision of this Agreement shall constitute a material breach of the Underlying Agreement. If a party learns of a material breach by the other party, it will provide written notice and a thirty (30) day opportunity to cure if feasible. If cure is not feasible and the breaching party has violated the HIPAA Rules, the non-breaching party may report the violation to the Secretary.

Upon termination of this Agreement for any reason, Business Associate, with respect to Protected Health Information received from Covered Entity, or created, maintained, or received by Business Associate on behalf of Covered Entity, shall:

Retain only that Protected Health Information which is necessary for Business Associate to continue its proper management and administration or to carry out its legal responsibilities;
Return to Covered Entity (or, if agreed to by Covered Entity, destroy) the remaining Protected Health Information that Business Associate still maintains in any form;
Continue to use appropriate safeguards and comply with Subpart C of 45 CFR Part 164 with respect to electronic Protected Health Information to prevent use or disclosure of the Protected Health Information, other than as provided for in this Section, for as long as Business Associate retains the Protected Health Information;
Not use or disclose the Protected Health Information retained by Business Associate other than for the purposes for which such Protected Health Information was retained and subject to the same conditions set out in Sections (e) and (f) under "Permitted Uses and Disclosures By Business Associate" which applied prior to termination;
Return to Covered Entity (or, if agreed to by Covered Entity, destroy) the Protected Health Information retained by Business Associate when it is no longer needed by Business Associate for its proper management and administration or to carry out its legal responsibilities; and
Upon Covered Entity's written instruction, transmit Protected Health Information to another business associate designated by Covered Entity.

This provision shall apply to Protected Health Information that is in the possession of Subcontractors or agents of Business Associate. Business Associate will ensure all Subcontractors return or destroy Protected Health Information consistent with this Section.

In the event that Covered Entity requires Business Associate to retain the Protected Health Information after termination of this Agreement, Covered Entity shall bear the reasonable cost of storage of such Protected Health Information for as long as storage by Business Associate is required.

(d) The obligations of Business Associate under this Section shall survive the termination of this Agreement.

MISCELLANEOUS

(a) Regulatory References: A reference in this Agreement to a section in the HIPAA Rules or the HITECH Act means the section as in effect or as amended, and for which compliance is required.

(b) Amendment: The parties will amend this Agreement as necessary to comply with HIPAA, the HITECH Act, and applicable state law. If such an amendment would materially increase the cost of Business Associate providing services under the Underlying Agreement, Business Associate shall have the option to terminate the Underlying Agreement on thirty (30) days' advance notice. Either party may terminate the Underlying Agreement upon thirty (30) days' written notice in the event the other party does not promptly enter into negotiations to amend this Agreement when requested, or does not enter into an amendment providing assurances regarding the safeguarding of Protected Health Information that satisfy the standards and requirements of applicable laws.

(c) Interpretation: Any ambiguity in this Agreement shall be interpreted to permit compliance with the HIPAA Rules and shall be resolved in a manner that allows Covered Entity and Business Associate to comply with applicable law.

(d) Entire Agreement: The Underlying Agreement together with this Agreement constitutes the entire agreement between the parties with respect to the subject matter contained herein, and this Agreement supersedes and replaces any former business associate agreement or addendum entered into by the parties.

(e) Conflict Between Agreements: In the event of a conflict between the terms of this Agreement and the terms of the Underlying Agreement, the terms of this Agreement shall prevail.

(f) Relationship of Parties: Business Associate is an independent contractor and not an agent of Covered Entity under this Agreement. Business Associate has the sole right and obligation to supervise, manage, contract, direct, procure, perform or cause to be performed all Business Associate obligations under this Agreement.

(g) No Third Party Beneficiaries: Nothing express or implied in this Agreement is intended to confer, nor shall anything herein confer, upon any person other than Covered Entity, Business Associate and their respective successors and assigns, any rights, remedies, obligations, or liabilities whatsoever, and no other person or entity shall be a third party beneficiary of this Agreement.

(h) Governing Law: This Agreement shall be governed by and construed in accordance with the laws of the State of Delaware, regardless of the choice of law rules of any jurisdiction. The parties hereby agree and consent that the exclusive venue and jurisdiction for any and all disputes arising under or related to this Agreement shall be in the federal or state courts in Delaware and waive any contention that any such court is an improper venue for such disputes.

(i) Request for Signed Copy: If your organization requires a separate, signed version of this Agreement for record-keeping purposes, you may request one by contacting Business Associate at baa@palm-ER.com. The process can be initiated at any time, including during a trial period.