|
Delaware
(State or other jurisdiction of
incorporation or organization) |
| |
7389
(Primary Standard Industrial
Classification Code Number) |
| |
01-0969591
(I.R.S. Employer
Identification Number) |
|
|
Large accelerated filer
☐
|
| |
Accelerated filer
☐
|
|
|
Non-accelerated filer
☒
|
| |
Smaller reporting company
☐
|
|
| | | |
Emerging growth company
☒
|
|
| | |
Page
|
| |||
| | | | 2 | | | |
| | | | 6 | | | |
| | | | 41 | | | |
| | | | 43 | | | |
| | | | 44 | | | |
| | | | 45 | | | |
| | | | 46 | | | |
| | | | 62 | | | |
| | | | 74 | | | |
| | | | 82 | | | |
| | | | 93 | | | |
| | | | 97 | | | |
| | | | 101 | | | |
| | | | 102 | | | |
| | | | 103 | | | |
| | | | 103 | | | |
| | | | 104 | | |
| | |
Fiscal year ended
February 28(29), |
| |
For the nine months ended
November 30, |
| ||||||||||||||||||
| | |
2019
|
| |
2020
|
| |
2019
|
| |
2020
|
| ||||||||||||
| | |
(in thousands, except percentages)
|
| |
(in thousands, except percentages)
|
| ||||||||||||||||||
Adjusted Gross Profit
|
| | | $ | 34,498 | | | | | $ | 59,140 | | | | | $ | 36,579 | | | | | $ | 45,753 | | |
Adjusted Gross Margin
|
| | | | 36.4% | | | | | | 44.6% | | | | | | 41.5% | | | | | | 41.2% | | |
Adjusted EBITDA
|
| | | $ | (38,865) | | | | | $ | (33,119) | | | | | $ | (35,131) | | | | | $ | (29,618) | | |
| | |
For the fiscal year ended
February 28(29), |
| |
For the nine months ended
November 30, |
| ||||||||||||||||||
| | |
2019
|
| |
2020
|
| |
2019
|
| |
2020
|
| ||||||||||||
| | |
(in thousands, except percentages)
|
| |
(in thousands, except percentages)
|
| ||||||||||||||||||
Revenue
|
| | | $ | 94,811 | | | | | $ | 132,507 | | | | | $ | 88,066 | | | | | $ | 111,126 | | |
Less: | | | | | | | | | | | | | | | | | | | | | | | | | |
Cost of revenue, excluding depreciation and amortization
|
| | | | (60,568) | | | | | | (73,685) | | | | | | (51,737) | | | | | | (66,052) | | |
Gross profit, excluding depreciation and amortization
|
| | | | 34,243 | | | | | | 58,822 | | | | | | 36,329 | | | | | | 45,074 | | |
Add: | | | | | | | | | | | | | | | | | | | | | | | | | |
Stock-based compensation, cost of revenue
|
| | | | 255 | | | | | | 318 | | | | | | 250 | | | | | | 679 | | |
Adjusted Gross Profit
|
| | | $ | 34,498 | | | | | $ | 59,140 | | | | | $ | 36,579 | | | | | $ | 45,753 | | |
Gross margin, excluding depreciation and amortization
|
| | | | 36.1% | | | | | | 44.4% | | | | | | 41.3% | | | | | | 40.6% | | |
Adjusted Gross Margin
|
| | | | 36.4% | | | | | | 44.6% | | | | | | 41.5% | | | | | | 41.2% | | |
| | |
For the fiscal year ended
February 28(29), |
| |
For the nine months ended
November 30, |
| ||||||||||||||||||
| | |
2019
|
| |
2020
|
| |
2019
|
| |
2020
|
| ||||||||||||
| | |
(in thousands)
|
| |
(in thousands)
|
| ||||||||||||||||||
Net Loss
|
| | | $ | (56,496) | | | | | $ | (51,365) | | | | | $ | (49,226) | | | | | $ | (45,926) | | |
Adjusted for:
|
| | | | | | | | | | | | | | | | | | | | | | | | |
Interest expense, net
|
| | | | 2,374 | | | | | | 2,925 | | | | | | 2,071 | | | | | | 3,663 | | |
Income tax provision
|
| | | | 55 | | | | | | 129 | | | | | | 49 | | | | | | 85 | | |
Depreciation and amortization
|
| | | | 9,391 | | | | | | 8,516 | | | | | | 6,415 | | | | | | 6,090 | | |
Stock-based compensation
|
| | | | 5,721 | | | | | | 6,002 | | | | | | 4,895 | | | | | | 6,310 | | |
Acquisition and integration-related costs
|
| | | | — | | | | | | 567 | | | | | | 567 | | | | | | — | | |
Other expense
|
| | | | 90 | | | | | | 107 | | | | | | 98 | | | | | | 160 | | |
Adjusted EBITDA
|
| | | $ | (38,865) | | | | | $ | (33,119) | | | | | $ | (35,131) | | | | | $ | (29,618) | | |
| | |
For the fiscal year ended
February 28(29), |
| |
For the nine months ended
November 30, |
| ||||||||||||||||||
| | |
2019
|
| |
2020
|
| |
2019
|
| |
2020
|
| ||||||||||||
| | |
(in thousands)
|
| |
(in thousands)
|
| ||||||||||||||||||
Revenue
|
| | | $ | 94,811 | | | | | $ | 132,507 | | | | | $ | 88,066 | | | | | $ | 111,126 | | |
Cost of revenue, excluding depreciation and amortization(1)
|
| | | | 60,568 | | | | | | 73,685 | | | | | | 51,737 | | | | | | 66,052 | | |
Operating expenses: | | | | | | | | | | | | | | | | | | | | | | | | | |
Product and technology(1)
|
| | | | 35,708 | | | | | | 42,306 | | | | | | 33,595 | | | | | | 36,624 | | |
Sales and marketing(1)
|
| | | | 23,456 | | | | | | 30,050 | | | | | | 23,202 | | | | | | 23,841 | | |
General and administrative(1)
|
| | | | 19,665 | | | | | | 26,154 | | | | | | 20,125 | | | | | | 20,537 | | |
Depreciation and amortization
|
| | | | 9,391 | | | | | | 8,516 | | | | | | 6,415 | | | | | | 6,090 | | |
Total operating expenses
|
| | | | 88,220 | | | | | | 107,026 | | | | | | 83,337 | | | | | | 87,092 | | |
Loss from operations
|
| | | | (53,977) | | | | | | (48,204) | | | | | | (47,008) | | | | | | (42,018) | | |
Interest expense, net
|
| | | | (2,374) | | | | | | (2,925) | | | | | | (2,071) | | | | | | (3,663) | | |
Other expense
|
| | | | (90) | | | | | | (107) | | | | | | (98) | | | | | | (160) | | |
Loss before income taxes
|
| | | | (56,441) | | | | | | (51,236) | | | | | | (49,177) | | | | | | (45,841) | | |
Income tax expense
|
| | | | (55) | | | | | | (129) | | | | | | (49) | | | | | | (85) | | |
Net loss
|
| | | $ | (56,496) | | | | | $ | (51,365) | | | | | $ | (49,226) | | | | | $ | (45,926) | | |
| | |
For the fiscal year ended
February 28(29), |
| |
For the nine months ended
November 30, |
| ||||||||||||||||||
| | |
2019
|
| |
2020
|
| |
2019
|
| |
2020
|
| ||||||||||||
| | |
(in thousands)
|
| |
(in thousands)
|
| ||||||||||||||||||
Cost of revenue
|
| | | $ | 255 | | | | | $ | 318 | | | | | $ | 250 | | | | | $ | 679 | | |
Product and technology
|
| | | | 1,108 | | | | | | 1,674 | | | | | | 1,312 | | | | | | 2,212 | | |
Sales and marketing
|
| | | | 1,199 | | | | | | 1,482 | | | | | | 1,162 | | | | | | 1,494 | | |
General and administrative
|
| | | | 3,159 | | | | | | 2,528 | | | | | | 2,171 | | | | | | 1,925 | | |
Total stock-based compensation
|
| | | $ | 5,721 | | | | | $ | 6,002 | | | | | $ | 4,895 | | | | | $ | 6,310 | | |
| | |
For the fiscal year ended
February 28(29), |
| |
For the nine months ended
November 30, |
| ||||||||||||||||||
| | |
2019
|
| |
2020
|
| |
2019
|
| |
2020
|
| ||||||||||||
Revenue
|
| | | | 100% | | | | | | 100% | | | | | | 100% | | | | | | 100% | | |
Cost of revenue, excluding depreciation and amortization
|
| | | | 64% | | | | | | 56% | | | | | | 59% | | | | | | 59% | | |
Operating expenses: | | | | | | | | | | | | | | | | | | | | | | | | | |
Product and technology
|
| | | | 38% | | | | | | 32% | | | | | | 38% | | | | | | 33% | | |
Sales and marketing
|
| | | | 25% | | | | | | 23% | | | | | | 26% | | | | | | 21% | | |
General and administrative
|
| | | | 21% | | | | | | 20% | | | | | | 23% | | | | | | 18% | | |
Depreciation and amortization
|
| | | | 10% | | | | | | 6% | | | | | | 7% | | | | | | 5% | | |
Total operating expenses
|
| | | | 93% | | | | | | 81% | | | | | | 95% | | | | | | 78% | | |
Loss from operations
|
| | | | (57)% | | | | | | (36)% | | | | | | (53)% | | | | | | (38)% | | |
Interest expense, net
|
| | | | (3)% | | | | | | (2)% | | | | | | (2)% | | | | | | (3)% | | |
Other expense
|
| | | | (0)% | | | | | | (0)% | | | | | | (0)% | | | | | | (0)% | | |
Loss before income taxes
|
| | | | (60)% | | | | | | (39)% | | | | | | (56)% | | | | | | (41)% | | |
Income tax expense
|
| | | | (0)% | | | | | | (0)% | | | | | | (0)% | | | | | | (0)% | | |
Net loss
|
| | | | (60)% | | | | | | (39)% | | | | | | (56)% | | | | | | (41)% | | |
| | |
For the nine months ended
November 30, |
| |
Changes
|
| ||||||||||||||||||
| | |
2019
|
| |
2020
|
| |
Amount
|
| |
%
|
| ||||||||||||
| | |
(in thousands, except percentages)
|
| |||||||||||||||||||||
Revenue
|
| | | $ | 88,066 | | | | | $ | 111,126 | | | | | $ | 23,060 | | | | | | 26% | | |
| | |
For the nine months ended
November 30, |
| |
Change
|
| ||||||||||||||||||
| | |
2019
|
| |
2020
|
| |
Amount
|
| |
%
|
| ||||||||||||
| | |
(in thousands, except percentages)
|
| |||||||||||||||||||||
Cost of revenue, excluding depreciation and amortization
|
| | | $ | 51,737 | | | | | $ | 66,052 | | | | | $ | 14,315 | | | | | | 28% | | |
| | |
For the nine months ended
November 30, |
| |
Changes
|
| ||||||||||||||||||
| | |
2019
|
| |
2020
|
| |
Amount
|
| |
%
|
| ||||||||||||
| | |
(in thousands, except percentages)
|
| |||||||||||||||||||||
Operating expenses: | | | | | | | | | | | | | | | | | | | | | | | | | |
Product and technology
|
| | | $ | 33,595 | | | | | $ | 36,624 | | | | | $ | 3,029 | | | | | | 9% | | |
Sales and marketing
|
| | | | 23,202 | | | | | | 23,841 | | | | | | 639 | | | | | | 3% | | |
General and administrative
|
| | | | 20,125 | | | | | | 20,537 | | | | | | 412 | | | | | | 2% | | |
Depreciation and amortization
|
| | | | 6,415 | | | | | | 6,090 | | | | | | (325) | | | | | | (5)% | | |
Total operating expenses
|
| | | $ | 83,337 | | | | | $ | 87,092 | | | | | $ | 3,755 | | | | | | 5% | | |
| | |
For the nine months ended
November 30, |
| |
Changes
|
| ||||||||||||||||||
| | |
2019
|
| |
2020
|
| |
Amount
|
| |
%
|
| ||||||||||||
| | |
(in thousands, except percentages)
|
| |||||||||||||||||||||
Interest expense, net
|
| | | $ | 2,071 | | | | | $ | 3,663 | | | | | $ | 1,592 | | | | | | 77% | | |
| | |
Fiscal Year Ended
February 28(9), |
| |
Changes
|
| ||||||||||||||||||
| | |
2019
|
| |
2020
|
| |
Amount
|
| |
%
|
| ||||||||||||
| | |
(in thousands, except percentages)
|
| |||||||||||||||||||||
Revenue
|
| | | $ | 94,811 | | | | | $ | 132,507 | | | | | $ | 37,696 | | | | | | 40% | | |
| | |
Fiscal Year Ended
February 28(9), |
| |
Changes
|
| ||||||||||||||||||
| | |
2019
|
| |
2020
|
| |
Amount
|
| |
%
|
| ||||||||||||
| | |
(in thousands, except percentages)
|
| |||||||||||||||||||||
Cost of revenue, excluding depreciation and amortization
|
| | | $ | 60,568 | | | | | $ | 73,685 | | | | | $ | 13,117 | | | | | | 22% | | |
| | |
Fiscal Year Ended
February 28(9), |
| |
Changes
|
| ||||||||||||||||||
| | |
2019
|
| |
2020
|
| |
Amount
|
| |
%
|
| ||||||||||||
| | |
(in thousands, except percentages)
|
| |||||||||||||||||||||
Operating expenses: | | | | | | | | | | | | | | | | | | | | | | | | | |
Product and technology
|
| | | $ | 35,708 | | | | | $ | 42,306 | | | | | $ | 6,598 | | | | | | 18% | | |
Sales and marketing
|
| | | | 23,456 | | | | | | 30,050 | | | | | | 6,594 | | | | | | 28% | | |
General and administrative
|
| | | | 19,665 | | | | | | 26,154 | | | | | | 6,489 | | | | | | 33% | | |
Depreciation and amortization
|
| | | | 9,391 | | | | | | 8,516 | | | | | | (875) | | | | | | (9)% | | |
Total operating expenses
|
| | | $ | 88,220 | | | | | $ | 107,026 | | | | | $ | 18,806 | | | | | | 21% | | |
| | |
Fiscal Year Ended
February 28(9), |
| |
Changes
|
| ||||||||||||||||||
| | |
2019
|
| |
2020
|
| |
Amount
|
| |
%
|
| ||||||||||||
| | |
(in thousands, except percentages)
|
| |||||||||||||||||||||
Interest expense, net
|
| | | $ | (2,374) | | | | | $ | (2,925) | | | | | $ | 551 | | | | | | 23% | | |
| | |
For the nine months ended
November 30, |
| |||||||||
| | |
2019
|
| |
2020
|
| ||||||
| | |
(in thousands)
|
| |||||||||
Net cash used in operating activities
|
| | | $ | (23,983) | | | | | $ | (35,628) | | |
Net cash used in investing activities
|
| | | | (2,675) | | | | | | (1,932) | | |
Net cash provided by financing activities
|
| | | | 23,611 | | | | | | 423,343 | | |
| | |
Payments due by period
|
| |||||||||||||||||||||||||||
| | |
Less than
1 year |
| |
Years 2 – 3
|
| |
Years 4 – 5
|
| |
More than
5 years |
| |
Total
|
| |||||||||||||||
| | |
(in thousands)
|
| |||||||||||||||||||||||||||
Operating lease obligations(1)
|
| | | $ | 6,559 | | | | | $ | 13,155 | | | | | $ | 11,666 | | | | | $ | 17,190 | | | | | $ | 48,570 | | |
Fees on debt(2)
|
| | | | 118 | | | | | | — | | | | | | — | | | | | | — | | | | | | 118 | | |
Data license in connection with joint development agreement
|
| | | | 211 | | | | | | 468 | | | | | | 321 | | | | | | — | | | | | | 1,000 | | |
Name
|
| |
Age
|
| |
Position
|
|
Executive Officers | | | | | | | |
Rajeev Singh | | |
52
|
| | Chief Executive Officer and Director | |
Stephen Barnes | | |
50
|
| | Chief Financial Officer | |
Robert Cavanaugh | | |
51
|
| | President | |
Michael Hilton | | |
56
|
| | Chief Product Officer | |
Non-Employee Directors | | | | | | | |
J. Michael Cline(2) | | |
61
|
| | Chairman of the Board | |
Senator William H. Frist, M.D. | | |
68
|
| | Director | |
Jeffrey Jordan(2) | | |
62
|
| | Director | |
Cindy Kent(3) | | |
52
|
| | Director | |
Peter Klein(1) | | |
58
|
| | Director | |
Dawn Lepore(1)(3) | | |
66
|
| | Director | |
Thomas Neff(1)(2) | | |
83
|
| | Director | |
Patricia Wadors(3) | | |
56
|
| | Director | |
Name
|
| |
Fees Earned or
Paid in Cash ($) |
| |
Stock
Awards ($)(1) |
| |
Option
Awards ($)(2) |
| |
Total
($) |
| ||||||||||||
J. Michael Cline
|
| | | | — | | | | | | — | | | | | | — | | | | | | — | | |
Senator William H. Frist, M.D.
|
| | | | — | | | | | | — | | | | | | 101,136 | | | | | | 101,136 | | |
Jeffrey Jordan
|
| | | | — | | | | | | — | | | | | | — | | | | | | — | | |
Cindy Kent(3)
|
| | | | — | | | | | | 75,000 | | | | | | — | | | | | | 75,000 | | |
Peter Klein
|
| | | | — | | | | | | — | | | | | | 101,136 | | | | | | 101,136 | | |
Dawn Lepore
|
| | | | — | | | | | | — | | | | | | 101,136 | | | | | | 101,136 | | |
James C. Madden, V(4)
|
| | | | — | | | | | | — | | | | | | — | | | | | | — | | |
Thomas Neff
|
| | | | — | | | | | | — | | | | | | 101,136 | | | | | | 101,136 | | |
Patricia Wadors
|
| | | | — | | | | | | — | | | | | | 192,400 | | | | | | 192,400 | | |
Michael T. Yang(5)
|
| | | | — | | | | | | — | | | | | | — | | | | | | — | | |
Board Committee
|
| |
Chairperson
Fee |
| |
Member
Fee |
| ||||||
Audit Committee
|
| | | $ | 20,000 | | | | | $ | 10,000 | | |
Compensation Committee
|
| | | | 10,000 | | | | | | 5,000 | | |
Nominating and Corporate Governance Committee
|
| | | | 10,000 | | | | | | 5,000 | | |
Name and Principal Position
|
| |
Fiscal
Year |
| |
Salary
($) |
| |
Option
Awards ($)(1) |
| |
Non-Equity
Incentive Plan ($)(1)(2) |
| |
All Other
Compensation ($)(3) |
| |
Total
($) |
| ||||||||||||||||||
Rajeev Singh
Chief Executive Officer |
| | | | 2021 | | | | | | 400,000 | | | | | | 1,764,000 | | | | | | 340,000 | | | | | | 3,000 | | | | | | 2,507,000 | | |
| | | 2020 | | | | | | 394,231 | | | | | | 2,553,600 | | | | | | 194,167 | | | | | | 3,000 | | | | | | 3,144,998 | | | ||
Robert Cavanaugh
President |
| | | | 2021 | | | | | | 375,000 | | | | | | 1,176,000 | | | | | | 262,500 | | | | | | 3,000 | | | | | | 1,816,500 | | |
| | | 2020 | | | | | | 372,115 | | | | | | 960,000 | | | | | | 152,010 | | | | | | 3,000 | | | | | | 1,487,125 | | | ||
Stephen H. Barnes
Chief Financial Officer |
| | | | 2021 | | | | | | 360,000 | | | | | | 1,176,000 | | | | | | 198,000 | | | | | | 3,000 | | | | | | 1,737,000 | | |
| | | 2020 | | | | | | 358,846 | | | | | | 648,000 | | | | | | 115,716 | | | | | | 3,000 | | | | | | 1,125,562 | | |
| | |
Option Awards(1)
|
| ||||||||||||||||||
Name
|
| |
Number of
Securities Underlying Unexercised Options Exercisable |
| |
Number of
Securities Underlying Unexercised Options Unexercisable(2) |
| |
Option
Exercise Price Per Share(4) |
| |
Option
Expiration Date |
| |||||||||
Rajeev Singh
|
| | | | 1,600,000 | | | | | | —(a) | | | | | $ | 4.20 | | | |
10/30/2025
|
|
| | | | | 26,875 | | | | | | 3,125(b) | | | | | $ | 4.50 | | | |
7/26/2027
|
|
| | | | | 21,250 | | | | | | 8,750(c) | | | | | $ | 4.70 | | | |
5/2/2028
|
|
| | | | | 221,666 | | | | | | 310,334(e) | | | | | $ | 9.60 | | | |
6/24/2029
|
|
| | |
Option Awards(1)
|
| ||||||||||||||||||
Name
|
| |
Number of
Securities Underlying Unexercised Options Exercisable |
| |
Number of
Securities Underlying Unexercised Options Unexercisable(2) |
| |
Option
Exercise Price Per Share(4) |
| |
Option
Expiration Date |
| |||||||||
| | | | | 17,846(3) | | | | | | — | | | | | $ | 17.50 | | | |
6/16/2030
|
|
| | | | | — | | | | | | 150,000(f) | | | | | $ | 17.50 | | | |
6/16/2030
|
|
Stephen H. Barnes
|
| | | | 156,000 | | | | | | —(g) | | | | | $ | 4.20 | | | |
2/1/2025
|
|
| | | | | 14,375 | | | | | | 625(d) | | | | | $ | 4.20 | | | |
4/26/2027
|
|
| | | | | 6,020 | | | | | | 2,480(c) | | | | | $ | 4.70 | | | |
5/2/2028
|
|
| | | | | 56,250 | | | | | | 78,750(e) | | | | | $ | 9.60 | | | |
6/24/2029
|
|
| | | | | 10,635(3) | | | | | | — | | | | | $ | 17.50 | | | |
6/16/2030
|
|
| | | | | — | | | | | | 100,000(f) | | | | | $ | 17.50 | | | |
6/16/2030
|
|
Robert Cavanaugh
|
| | | | 564,750 | | | | | | —(a) | | | | | $ | 4.20 | | | |
10/30/2025
|
|
| | | | | 14,375 | | | | | | 625(d) | | | | | $ | 4.20 | | | |
4/26/2027
|
|
| | | | | 6,020 | | | | | | 2,480(c) | | | | | $ | 4.70 | | | |
5/2/2028
|
|
| | | | | 83,333 | | | | | | 116,667(e) | | | | | $ | 9.60 | | | |
6/24/2029
|
|
| | | | | 13,971(3) | | | | | | — | | | | | $ | 17.50 | | | |
6/16/2030
|
|
| | | | | — | | | | | | 100,000(f) | | | | | $ | 17.50 | | | |
6/16/2030
|
|
Stockholder
|
| |
Shares of Series E
Preferred Stock |
| |
Warrants to
Purchase Common Stock |
| |
Total Purchase
Price |
| |||||||||
Entities affiliated with Andreessen Horowitz(1)
|
| | | | 209,538 | | | | | | 50,799 | | | | | $ | 5,000,000 | | |
Avanti Holdings, LLC(2)
|
| | | | 83,815 | | | | | | 24,703 | | | | | $ | 1,999,989 | | |
Stephen H. Barnes
|
| | | | 6,286 | | | | | | 1,523 | | | | | $ | 149,996 | | |
Entities affiliated with Carrick Capital(3)
|
| | | | 419,076 | | | | | | 101,600 | | | | | $ | 9,999,971 | | |
Robert Cavanaugh
|
| | | | 41,907 | | | | | | 10,160 | | | | | $ | 999,983 | | |
Michael Hilton and Hilton Family Trust(4)
|
| | | | 83,815 | | | | | | 21,179 | | | | | $ | 1,999,989 | | |
Name of beneficial owner
|
| |
Number of
shares beneficially owned |
| |
Percentage of
Shares Beneficially Owned |
| ||||||
5% and Greater Stockholders: | | | | | | | | | | | | | |
Entities affiliated with Andreessen Horowitz(1)
|
| | | | 5,398,708 | | | | | | 9.7% | | |
ARK Investment Management LLC(2)
|
| | | | 4,617,526 | | | | | | 8.3% | | |
Executive Officers and Directors: | | | | | | | | | | | | | |
Rajeev Singh(3)
|
| | | | 2,598,115 | | | | | | 4.5% | | |
Robert Cavanaugh(4)
|
| | | | 824,062 | | | | | | 1.5% | | |
Stephen Barnes(5)
|
| | | | 313,078 | | | | | | * | | |
J. Michael Cline(6)
|
| | | | 1,381,255 | | | | | | 2.5% | | |
Senator William H. Frist, M.D.(7)
|
| | | | 300,812 | | | | | | * | | |
Jeffrey Jordan
|
| | | | — | | | | | | * | | |
Cindy Kent
|
| | | | — | | | | | | * | | |
Peter Klein(8)
|
| | | | 7,500 | | | | | | * | | |
Dawn Lepore(9)
|
| | | | 8,750 | | | | | | * | | |
Thomas Neff(10)
|
| | | | 21,014 | | | | | | * | | |
Patricia Wadors(11)
|
| | | | 5,000 | | | | | | * | | |
All executive officers and directors as a group (12 persons)(12)
|
| | | | 6,381,625 | | | | | | 10.8% | | |
| | |
Shares of Common Stock
|
| |||||||||||||||||||||
Name
|
| |
Number
Beneficially Owned Prior to Offering |
| |
Number
Registered for Sale Hereby |
| |
Number
Beneficially Owned After Offering |
| |
Percent
Owned After Offering |
| ||||||||||||
Carlyle USA LLC
|
| | | | 1,016,015 | | | | | | 1,016,015 | | | | |
|
—
|
| | | | | — | | |
Clinton Phillips
|
| | | | 565,807 | | | | | | 565,807 | | | | |
|
—
|
| | | | | — | | |
NCF Corporation
|
| | | | 384,551 | | | | | | 384,551 | | | | |
|
—
|
| | | | | — | | |
Moody Sisters One, LLC
|
| | | | 134,576 | | | | | | 134,576 | | | | |
|
—
|
| | | | | — | | |
All Other Selling Stockholders(1)
|
| | | | 721,293 | | | | | | 394,492 | | | | | | 326,801 | | | | | | * | | |
| | |
Page
|
| |||
Audited financial statements | | | | | | | |
| | | | F-2 | | | |
| | | | F-3 | | | |
| | | | F-4 | | | |
| | | | F-5 | | | |
| | | | F-6 | | | |
| | | | F-7 | | | |
Unaudited interim financial statements | | | | | | | |
| | | | F-34 | | | |
| | | | F-35 | | | |
| | | | F-36 | | | |
| | | | F-38 | | | |
| | | | F-39 | | |
| | |
February 28,
2019 |
| |
February 29,
2020 |
| |
Pro forma
February 29, 2020 |
| |||||||||
Assets
|
| | | | | | | | | | | | | | | | | | |
Current assets: | | | | | | | | | | | | | | | | | | | |
Cash and cash equivalents
|
| | | $ | 42,701 | | | | | $ | 33,155 | | | | | $ | 84,321 | | |
Accounts receivable
|
| | | | 371 | | | | | | 294 | | | | | | 294 | | |
Unbilled revenue
|
| | | | 65 | | | | | | 895 | | | | | | 895 | | |
Current portion of deferred contract acquisition costs
|
| | | | 908 | | | | | | 1,368 | | | | | | 1,368 | | |
Current portion of deferred financing fees
|
| | | | — | | | | | | 279 | | | | | | 279 | | |
Prepaid and other current assets
|
| | | | 2,840 | | | | | | 12,944 | | | | | | 12,944 | | |
Total current assets
|
| | | | 46,885 | | | | | | 48,935 | | | | | | 100,101 | | |
Property and equipment, net
|
| | | | 15,274 | | | | | | 13,625 | | | | | | 13,625 | | |
Goodwill
|
| | | | — | | | | | | 4,013 | | | | | | 4,013 | | |
Acquired technology, net
|
| | | | — | | | | | | 2,054 | | | | | | 2,054 | | |
Deferred contract acquisition costs
|
| | | | 2,922 | | | | | | 3,876 | | | | | | 3,876 | | |
Other assets
|
| | | | 681 | | | | | | 745 | | | | | | 745 | | |
Total assets
|
| | | $ | 65,762 | | | | | $ | 73,248 | | | | | $ | 124,414 | | |
Liabilities, convertible preferred stock and stockholders’ deficit
|
| | | | | | | | | | | | | | | | | | |
Current liabilities: | | | | | | | | | | | | | | | | | | | |
Accounts payable
|
| | | $ | 2,454 | | | | | $ | 5,273 | | | | | $ | 5,273 | | |
Accrued expenses
|
| | | | 3,140 | | | | | | 6,580 | | | | | | 6,580 | | |
Accrued compensation
|
| | | | 19,612 | | | | | | 23,838 | | | | | | 23,838 | | |
Deferred rent and other current liabilities
|
| | | | 541 | | | | | | 674 | | | | | | 674 | | |
Due to customers
|
| | | | 8,511 | | | | | | 4,674 | | | | | | 4,674 | | |
Current portion of deferred revenue
|
| | | | 22,407 | | | | | | 28,919 | | | | | | 28,919 | | |
Total current liabilities
|
| | | | 56,665 | | | | | | 69,958 | | | | | | 69,958 | | |
Loans payable, net of unamortized issuance costs
|
| | | | 19,200 | | | | | | 21,144 | | | | | | 72,310 | | |
Deferred rent and other noncurrent liabilities
|
| | | | 5,353 | | | | | | 5,523 | | | | | | 5,523 | | |
Deferred revenue
|
| | | | 501 | | | | | | 396 | | | | | | 396 | | |
Total liabilities
|
| | | | 81,719 | | | | | | 97,021 | | | | | | 148,187 | | |
Convertible preferred stock: | | | | | | | | | | | | | | | | | | | |
Preferred stock; 19,513,996 shares authorized; 18,640,901 and
19,513,939 issued and outstanding at February 28, 2019 and February 29, 2020, respectively (liquidation value of $239,244 at February 29, 2020); 25,000,000 shares authorized, no shares issued and outstanding, pro forma |
| | | | 214,664 | | | | | | 233,022 | | | | | | — | | |
Commitments (note 13) | | | | | | | | | | | | | | | | | | | |
Stockholders’ deficit | | | | | | | | | | | | | | | | | | | |
Common stock par value $0.0001; 65,000,000 shares authorized; 3,616,549 and 6,033,450 shares issued and outstanding at February 28, 2019 and February 29, 2020, respectively; 500,000,000 shares authorized, 36,914,769 shares issued and outstanding, pro forma
|
| | | | 1 | | | | | | 2 | | | | | | 4 | | |
Additional paid-in capital
|
| | | | 38,881 | | | | | | 64,071 | | | | | | 297,091 | | |
Accumulated deficit
|
| | | | (269,503) | | | | | | (320,868) | | | | | | (320,868) | | |
Total stockholders’ deficit
|
| | | | (230,621) | | | | | | (256,795) | | | | | | (23,773) | | |
Total liabilities, convertible preferred stock and stockholders’ deficit
|
| | | $ | 65,762 | | | | | $ | 73,248 | | | | | $ | 124,414 | | |
| | |
Fiscal Year
|
| |||||||||
| | |
2019
|
| |
2020
|
| ||||||
Revenue
|
| | | $ | 94,811 | | | | | $ | 132,507 | | |
Cost of revenue, excluding depreciation and amortization
|
| | | | 60,568 | | | | | | 73,685 | | |
Operating expenses: | | | | | | | | | | | | | |
Product and technology
|
| | | | 35,708 | | | | | | 42,306 | | |
Sales and marketing
|
| | | | 23,456 | | | | | | 30,050 | | |
General and administrative
|
| | | | 19,665 | | | | | | 26,154 | | |
Depreciation and amortization
|
| | | | 9,391 | | | | | | 8,516 | | |
Total operating expenses
|
| | | | 88,220 | | | | | | 107,026 | | |
Loss from operations
|
| | | | (53,977) | | | | | | (48,204) | | |
Interest expense, net
|
| | | | (2,374) | | | | | | (2,925) | | |
Other expense
|
| | | | (90) | | | | | | (107) | | |
Loss before income taxes
|
| | | | (56,441) | | | | | | (51,236) | | |
Income tax expense
|
| | | | (55) | | | | | | (129) | | |
Net loss
|
| | | $ | (56,496) | | | | | $ | (51,365) | | |
Net loss per share, basic and diluted
|
| | | $ | (12.17) | | | | | $ | (9.13) | | |
Weighted-average common shares outstanding, basic and diluted
|
| | | | 4,641,256 | | | | | | 5,626,713 | | |
Pro forma net loss per common share, basis and diluted
|
| | | | | | | | | $ | (8.39) | | |
Pro forma weighted-average shares outstanding, basic and diluted
|
| | | | | | | | | | 34,633,452 | | |
| | | | | | | | | | | | | | | |
Stockholders’ Deficit
|
| |||||||||||||||||||||||||||
| | |
Convertible
Preferred Stock |
| | |
Common stock
|
| |
Additional
paid-in capital |
| |
Accumulated
deficit |
| |
Total
|
| |||||||||||||||||||||||||||
| | |
Shares
|
| |
Amount
|
| | |
Shares
|
| |
Amount
|
| ||||||||||||||||||||||||||||||
Balance, March 1, 2018
|
| | | | 16,545,536 | | | | | $ | 167,010 | | | | | | | 3,242,319 | | | | | $ | 1 | | | | | $ | 29,310 | | | | | $ | (213,007) | | | | | $ | (183,696) | | |
Sale of Series E preferred stock, net
|
| | | | 2,095,365 | | | | | | 47,654 | | | | | | | — | | | | | | — | | | | | | — | | | | | | — | | | | | | — | | |
Issuance of common stock warrants in
connection with sale of Series E preferred stock |
| | | | — | | | | | | — | | | | | | | — | | | | | | — | | | | | | 2,279 | | | | | | | | | | | | 2,279 | | |
Issuance of common stock in lieu of bonus
payment |
| | | | — | | | | | | — | | | | | | | 121,143 | | | | | | — | | | | | | 569 | | | | | | — | | | | | | 569 | | |
Exercise of stock options and common stock warrants
|
| | | | — | | | | | | — | | | | | | | 253,087 | | | | | | — | | | | | | 1,002 | | | | | | — | | | | | | 1,002 | | |
Stock-based compensation expense
|
| | | | — | | | | | | — | | | | | | | — | | | | | | — | | | | | | 5,721 | | | | | | — | | | | | | 5,721 | | |
Net loss
|
| | | | — | | | | | | — | | | | | | | — | | | | | | — | | | | | | — | | | | | | (56,496) | | | | | | (56,496) | | |
Balance, February 28, 2019
|
| | | | 18,640,901 | | | | | $ | 214,664 | | | | | | | 3,616,549 | | | | | $ | 1 | | | | | $ | 38,881 | | | | | $ | (269,503) | | | | | $ | (230,621) | | |
Sale of Series F preferred stock, net
|
| | | | 873,038 | | | | | | 18,358 | | | | | | | — | | | | | | — | | | | | | — | | | | | | — | | | | | | — | | |
Issuance of common stock warrants in
connection with sale of Series F preferred stock |
| | | | — | | | | | | — | | | | | | | — | | | | | | — | | | | | | 1,585 | | | | | | — | | | | | | 1,585 | | |
Issuance of common stock in connection with acquisition
|
| | | | — | | | | | | — | | | | | | | 289,320 | | | | | | — | | | | | | 6,164 | | | | | | — | | | | | | 6,164 | | |
Issuance of common stock warrants in connection with July 2019 debt
|
| | | | — | | | | | | — | | | | | | | — | | | | | | — | | | | | | 779 | | | | | | — | | | | | | 779 | | |
Issuance of common stock in connection with joint development agreement
|
| | | | — | | | | | | — | | | | | | | 251,211 | | | | | | — | | | | | | 3,869 | | | | | | | | | | | | 3,869 | | |
Exercise of stock options and common stock warrants
|
| | | | — | | | | | | — | | | | | | | 1,876,370 | | | | | | 1 | | | | | | 6,791 | | | | | | — | | | | | | 6,792 | | |
Stock-based compensation expense
|
| | | | — | | | | | | — | | | | | | | — | | | | | | — | | | | | | 6,002 | | | | | | — | | | | | | 6,002 | | |
Net loss
|
| | | | — | | | | | | — | | | | | | | — | | | | | | — | | | | | | — | | | | | | (51,365) | | | | | | (51,365) | | |
Balance, February 29, 2020
|
| | | | 19,513,939 | | | | | $ | 233,022 | | | | | | | 6,033,450 | | | | | $ | 2 | | | | | $ | 64,071 | | | | | $ | (320,868) | | | | | $ | (256,795) | | |
| | |
Fiscal Year
|
| |||||||||
| | |
2019
|
| |
2020
|
| ||||||
Cash flows from operating activities: | | | | | | | | | | | | | |
Net loss
|
| | | $ | (56,496) | | | | | $ | (51,365) | | |
Adjustments to reconcile net loss to net cash used in operating activities:
|
| | | | | | | | | | | | |
Depreciation and amortization expense
|
| | | | 9,391 | | | | | | 8,516 | | |
Amortization of deferred contract acquisition costs
|
| | | | 794 | | | | | | 985 | | |
Noncash interest expense
|
| | | | 425 | | | | | | 834 | | |
Noncash bonus
|
| | | | 569 | | | | | | 5,884 | | |
Loss on disposal of equipment
|
| | | | — | | | | | | 299 | | |
Stock-based compensation expense
|
| | | | 5,721 | | | | | | 6,002 | | |
Changes in operating assets and liabilities:
|
| | | | | | | | | | | | |
Accounts receivable and unbilled revenue
|
| | | | 6,522 | | | | | | (683) | | |
Accounts payable and accrued expenses
|
| | | | 1,515 | | | | | | 5,838 | | |
Deferred contract acquisition costs
|
| | | | (2,499) | | | | | | (2,399) | | |
Deferred revenue and due to customers
|
| | | | 16,192 | | | | | | 2,286 | | |
Accrued compensation
|
| | | | 2,381 | | | | | | (1,671) | | |
Deferred rent and other liabilities
|
| | | | (555) | | | | | | 220 | | |
Other assets
|
| | | | (508) | | | | | | (8,993) | | |
Net cash used in operating activities
|
| | | | (16,548) | | | | | | (34,247) | | |
Cash flows from investing activities: | | | | | | | | | | | | | |
Capitalized software development costs
|
| | | | (1,943) | | | | | | — | | |
Purchases of property and equipment
|
| | | | (1,175) | | | | | | (3,315) | | |
Net cash paid in acquisition of MD Insider
|
| | | | — | | | | | | (206) | | |
Net cash used in investing activities
|
| | | | (3,118) | | | | | | (3,521) | | |
Cash flows from financing activities: | | | | | | | | | | | | | |
Proceeds from sale of preferred stock, net
|
| | | | 49,933 | | | | | | 19,943 | | |
Proceeds from stock option and warrant exercises
|
| | | | 1,002 | | | | | | 6,619 | | |
Proceeds from borrowings on debt
|
| | | | 3,000 | | | | | | 1,660 | | |
Repayment of debt principal
|
| | | | (5,000) | | | | | | — | | |
Principal payments under capital leases
|
| | | | (102) | | | | | | — | | |
Net cash provided by financing activities
|
| | | | 48,833 | | | | | | 28,222 | | |
Net increase (decrease) in cash and cash equivalents
|
| | | | 29,167 | | | | | | (9,546) | | |
Cash and cash equivalents, beginning of period
|
| | | | 13,534 | | | | | | 42,701 | | |
Cash and cash equivalents, end of period
|
| | | $ | 42,701 | | | | | $ | 33,155 | | |
Supplemental cash flow information: | | | | | | | | | | | | | |
Interest paid
|
| | | $ | 2,609 | | | | | $ | 2,391 | | |
Issuance of common stock in lieu of cash bonus
|
| | | $ | 569 | | | | | $ | — | | |
Fixed assets included in accounts payable
|
| | | $ | 93 | | | | | $ | 45 | | |
Other receivable related to stock option exercises
|
| | | $ | — | | | | | $ | 173 | | |
Income taxes paid
|
| | | $ | — | | | | | $ | 55 | | |
Offering costs included in prepaid assets and accounts payable and accrued expenses
|
| | | $ | — | | | | | $ | 3,042 | | |
Common stock issued in connection with joint development agreement
|
| | | $ | — | | | | | $ | 3,869 | | |
Common stock issued in connection with acquisition
|
| | | $ | — | | | | | $ | 6,164 | | |
Common stock warrants issued in connection with debt
|
| | | $ | — | | | | | $ | 779 | | |
Property and Equipment
|
| |
Estimated Useful Life
|
|
Office equipment and furniture | | | 7 years | |
Computer equipment | | | 3 – 5 years | |
Computer software | | | 3 – 5 years | |
Leasehold improvements | | |
Lesser of estimated useful life or remaining lease term
|
|
Fiscal periods ending February 28(29),
|
| | | | | | |
2021
|
| | | $ | 111,741 | | |
2022
|
| | | | 42,461 | | |
2023
|
| | | | 8,390 | | |
2024
|
| | | | 1,960 | | |
Total
|
| | | $ | 164,552 | | |
| | |
Fiscal Year
Ended |
| |||||||||
| | |
2019
|
| |
2020
|
| ||||||
Customer 1
|
| | | | 35% | | | | | | 24% | | |
Customer 2
|
| | | | 3% | | | | | | 13% | | |
Customer 3
|
| | | | 14% | | | | | | 12% | | |
Customer 4
|
| | | | 8% | | | | | | 10% | | |
Customer 5
|
| | | | 11% | | | | | | 9% | | |
Total
|
| | | | 71% | | | | | | 68% | | |
| Consideration Paid | | | | | | | |
|
Cash consideration
|
| | | $ | 324 | | |
|
Fair value of equity issued
|
| | | | 5,114 | | |
|
Fair value of contingent consideration
|
| | | | 1,050 | | |
|
Total consideration paid
|
| | | $ | 6,488 | | |
| Assets acquired: | | | | | | | |
|
Cash and cash equivalents
|
| | | $ | 118 | | |
|
Accounts receivable
|
| | | | 98 | | |
|
Prepaid expenses
|
| | | | 5 | | |
|
Goodwill
|
| | | | 4,013 | | |
|
Intangible assets
|
| | | | 2,900 | | |
|
Other assets
|
| | | | 17 | | |
|
Total assets acquired
|
| | | $ | 7,151 | | |
| Liabilities assumed: | | | | | | | |
|
Accounts payable
|
| | | $ | 321 | | |
|
Accrued expenses and other current liabilities
|
| | | | 342 | | |
|
Total liabilities assumed
|
| | | $ | 663 | | |
|
Net assets acquired
|
| | | $ | 6,488 | | |
| | |
February 28/29,
|
| |||||||||
| | |
2019
|
| |
2020
|
| ||||||
Capitalized software development costs
|
| | | $ | 32,862 | | | | | $ | 35,867 | | |
Computer software
|
| | | | 10,275 | | | | | | 8,829 | | |
Computer equipment
|
| | | | 7,828 | | | | | | 9,383 | | |
Office equipment, furniture, and leasehold improvements
|
| | | | 8,012 | | | | | | 8,903 | | |
Office equipment and furniture under capital leases
|
| | | | 1,252 | | | | | | 1,251 | | |
| | | | | 60,229 | | | | | | 64,233 | | |
Less accumulated depreciation
|
| | | | (44,955) | | | | | | (50,608) | | |
Total
|
| | | $ | 15,274 | | | | | $ | 13,625 | | |
| | |
February 28/29,
|
| |||||||||
| | |
2019
|
| |
2020
|
| ||||||
Accrued professional and consulting fees
|
| | | $ | 755 | | | | | $ | 3,375 | | |
Accrued software, hardware, and communication costs
|
| | | | 154 | | | | | | 228 | | |
Accrued litigation matter
|
| | | | 1,100 | | | | | | 1,100 | | |
Accrued taxes
|
| | | | 335 | | | | | | 512 | | |
Accrued other
|
| | | | 796 | | | | | | 1,365 | | |
Total
|
| | | $ | 3,140 | | | | | $ | 6,580 | | |
| | |
February 28, 2019
|
| |||||||||||||||||||||
| | |
Level 1
|
| |
Level 2
|
| |
Level 3
|
| |
Fair Value
|
| ||||||||||||
Assets | | | | | | | | | | | | | | | | | | | | | | | | | |
Cash equivalents:
|
| | | | | | | | | | | | | | | | | | | | | | | | |
Money market funds
|
| | | $ | 28,661 | | | | | $ | — | | | | | $ | — | | | | | $ | 28,661 | | |
| | |
February 29, 2020
|
| |||||||||||||||||||||
| | |
Level 1
|
| |
Level 2
|
| |
Level 3
|
| |
Fair Value
|
| ||||||||||||
Assets | | | | | | | | | | | | | | | | | | | | | | | | | |
Cash equivalents:
|
| | | | | | | | | | | | | | | | | | | | | | | | |
Money market funds
|
| | | $ | 21,332 | | | | | $ | — | | | | | $ | — | | | | | $ | 21,332 | | |
| | |
February 28,
2019 |
| |
February 29,
2020 |
| ||||||
Principal outstanding
|
| | | $ | 20,000 | | | | | $ | 22,000 | | |
Interest payable-in-kind
|
| | | | — | | | | | | 273 | | |
Unamortized issuance costs
|
| | | | (800) | | | | | | (1,129) | | |
| | | | $ | 19,200 | | | | | $ | 21,144 | | |
Series
|
| |
Par value
|
| |
Shares
authorized |
| |
Issued and
outstanding |
| |
Carrying
amount |
| |
Liquidation
value |
| |||||||||||||||
A-1
|
| | | $ | 0.0001 | | | | | | 3,560,000 | | | | | | 3,559,995 | | | | | $ | 10,000 | | | | | $ | 10,000 | | |
A-2
|
| | | | 0.0001 | | | | | | 2,579,999 | | | | | | 2,579,994 | | | | | | 10,000 | | | | | | 10,000 | | |
B
|
| | | | 0.0001 | | | | | | 4,058,736 | | | | | | 4,058,731 | | | | | | 16,944 | | | | | | 16,944 | | |
C
|
| | | | 0.0001 | | | | | | 601,160 | | | | | | 601,151 | | | | | | 7,000 | | | | | | 7,000 | | |
D
|
| | | | 0.0001 | | | | | | 1,751,874 | | | | | | 1,751,871 | | | | | | 30,000 | | | | | | 30,000 | | |
E
|
| | | | 0.0001 | | | | | | 6,089,189 | | | | | | 6,089,159 | | | | | | 140,720 | | | | | | 145,300 | | |
F
|
| | | | 0.0001 | | | | | | 873,038 | | | | | | 873,038 | | | | | | 18,358 | | | | | | 20,000 | | |
| | | | | | | | | | | 19,513,996 | | | | | | 19,513,939 | | | | | $ | 233,022 | | | | | $ | 239,244 | | |
| | |
Fiscal year
|
| |||||||||
| | |
2019
|
| |
2020
|
| ||||||
Cost of revenue
|
| | | $ | 255 | | | | | $ | 318 | | |
Product and technology
|
| | | | 1,108 | | | | | | 1,674 | | |
Sales and marketing
|
| | | | 1,199 | | | | | | 1,482 | | |
General and administrative
|
| | | | 3,159 | | | | | | 2,528 | | |
Total stock-based compensation
|
| | | $ | 5,721 | | | | | $ | 6,002 | | |
| | |
Fiscal year
|
| |||
| | |
2019
|
| |
2020
|
|
Estimated fair value of common stock
|
| |
$2.40 – $3.35
|
| |
$4.80 – $9.55
|
|
Exercise price
|
| |
$4.70 – $6.75
|
| |
$9.60 – $18.70
|
|
Expected volatility
|
| |
46% – 50%
|
| |
50%
|
|
Expected term (in years)
|
| |
6.25
|
| |
6.25
|
|
Risk-free interest rate
|
| |
2.65% – 2.94%
|
| |
1.67% – 2.62%
|
|
Dividend yield
|
| |
—
|
| |
—
|
|
| | |
Stock Options
|
| |
Weighted-
Average Exercise Price |
| |
Weighted
Remaining Contractual Life In Years |
| |
Aggregate
Intrinsic Value |
| |||||||||
Balance, February 28, 2018
|
| | | | 6,970,591 | | | | | | | | | | | | | | | | | |
Granted
|
| | | | 1,635,115 | | | | | | | | | | | | | | | | | |
Exercised
|
| | | | (249,027) | | | | | | | | | | | | | | | | | |
Forfeited
|
| | | | (209,135) | | | | | | | | | | | | | | | | | |
Balance, February 28, 2019
|
| | | | 8,147,544 | | | | | | | | | | | | | | | | | |
Granted
|
| | | | 2,084,046 | | | | | $ | 10.80 | | | | | | | | | | | |
Exercised
|
| | | | (1,843,001) | | | | | $ | 3.70 | | | | | | | | | | | |
Forfeited
|
| | | | (392,533) | | | | | $ | 5.70 | | | | | | | | | | | |
Balance, February 29, 2020
|
| | | | 7,996,056 | | | | | $ | 6.19 | | | |
7.0 years
|
| | | $ | 73,631 | | |
Vested and expected to vest as of February 29, 2020
|
| | | | 7,996,056 | | | | | $ | 6.20 | | | |
7.0 years
|
| | | $ | 73,631 | | |
Exercisable as of February 29, 2020
|
| | | | 4,579,458 | | | | | $ | 4.35 | | | |
5.6 years
|
| | | $ | 50,573 | | |
| | |
Common Stock
Warrants |
| |
Exercisable
|
| |
Exercise
Price |
| |
Expiration
Date |
| ||||||
Balance, February 28, 2018
|
| | | | 928,945 | | | | | | | | | | | | | | |
Issued
|
| | | | 541,159 | | | | | | | | | | | | | | |
Exercised
|
| | | | (4,061) | | | | | | | | | | | | | | |
Balance, February 28, 2019
|
| | | | 1,466,043 | | | | | | | | | | | | | | |
Issued
|
| | | | 220,594 | | | | | | | | | | | | | | |
Exercised
|
| | | | (33,369) | | | | | | | | | | | | | | |
Balance, February 29, 2020
|
| | | | 1,653,268 | | | | | | 1,653,268 | | | |
$0.0005 – $23.75
|
| |
April 2020 – October 2029
|
|
| | |
Number of Warrants
Outstanding at February 28/29, |
| | | | | | | |||||||||
| | |
2019
|
| |
2020
|
| |
Exercise
Price |
| |
Expiration Date
|
| ||||||
Series E holders
|
| | | | 1,162,483 | | | | | | 1,129,114 | | | |
$0.0005
|
| |
July 2026 – March 2028
|
|
Series F holders
|
| | | | — | | | | | | 85,000 | | | |
$0.0005
|
| |
October 2029
|
|
Customer
|
| | | | 160,000 | | | | | | 160,000 | | | |
$13.75
|
| |
April 2020
|
|
Lenders
|
| | | | 143,560 | | | | | | 279,154 | | | |
$0.005 – $23.75
|
| |
Nov 2022 – July 2029
|
|
Total
|
| | | | 1,466,043 | | | | | | 1,653,268 | | | | | | | | |
| | |
Fiscal year
|
| |||||||||
| | |
2019
|
| |
2020
|
| ||||||
Domestic
|
| | | $ | (56,586) | | | | | $ | (51,795) | | |
Foreign
|
| | | | 144 | | | | | | 558 | | |
Total
|
| | | $ | (56,442) | | | | | $ | (51,237) | | |
| | |
Fiscal year
|
| |||||||||
| | |
2019
|
| |
2020
|
| ||||||
Currently payable: | | | | | | | | | | | | | |
Federal
|
| | | $ | — | | | | | $ | — | | |
State and Local
|
| | | | — | | | | | | — | | |
Foreign
|
| | | | 55 | | | | | | 129 | | |
Total currently payable
|
| | | | 55 | | | | | | 129 | | |
Deferred: | | | | | | | | | | | | | |
Federal
|
| | | | — | | | | | | — | | |
State and Local
|
| | | | — | | | | | | — | | |
Foreign
|
| | | | — | | | | | | — | | |
Total deferred
|
| | | | — | | | | | | — | | |
Provision (benefit) for income taxes
|
| | | $ | 55 | | | | | $ | 129 | | |
| | |
Fiscal year
|
| |||||||||
| | |
2019
|
| |
2020
|
| ||||||
Federal income tax expense at statutory tax rate
|
| | | | 21.0% | | | | | | 21.0% | | |
State income taxes, net of federal tax benefit
|
| | | | 6.0 | | | | | | 7.5 | | |
Stock-based compensation
|
| | | | (2.1) | | | | | | 3.9 | | |
Transaction costs
|
| | | | 0.0 | | | | | | (0.2) | | |
Changes in valuation allowances
|
| | | | (24.8) | | | | | | (31.4) | | |
Other
|
| | | | (0.2) | | | | | | (1.0) | | |
Effective Income Tax Rate
|
| | | | (0.1)% | | | | | | (0.2)% | | |
| | |
Fiscal year
|
| |||||||||
| | |
2019
|
| |
2020
|
| ||||||
Deferred tax assets: | | | | | | | | | | | | | |
Net operating loss and tax credit carryforwards
|
| | | $ | 55,664 | | | | | $ | 76,508 | | |
Other accruals and reserves
|
| | | | 3,529 | | | | | | 3,413 | | |
Stock-based compensation
|
| | | | 491 | | | | | | 561 | | |
Deferred rent
|
| | | | 1,066 | | | | | | 1,280 | | |
Interest expense deduction limitation carryforward
|
| | | | 742 | | | | | | 1,549 | | |
Intangibles
|
| | | | 19 | | | | | | — | | |
Property, plant & equipment
|
| | | | 252 | | | | | | 526 | | |
Other
|
| | | | 139 | | | | | | 355 | | |
Valuation allowance
|
| | | | (61,902) | | | | | | (83,640) | | |
Deferred tax assets
|
| | | | — | | | | | | 552 | | |
Deferred tax liabilities: | | | | | | | | | | | | | |
Intangibles
|
| | | | — | | | | | | (552) | | |
Deferred tax liabilities
|
| | | | — | | | | | | (552) | | |
Net deferred taxes
|
| | | $ | — | | | | | $ | — | | |
| | |
Fiscal year
|
| |||||||||
| | |
2019
|
| |
2020
|
| ||||||
Balance at the beginning of the period
|
| | | $ | 47,908 | | | | | $ | 61,902 | | |
(Decrease) increase due to NOLs and temporary differences
|
| | | | 13,994 | | | | | | 16,100 | | |
(Decrease) increase due to acquisitions
|
| | | | — | | | | | | 5,638 | | |
Balance at the end of the period
|
| | | $ | 61,902 | | | | | $ | 83,640 | | |
| | |
Fiscal year
|
| |||||||||
| | |
2019
|
| |
2020
|
| ||||||
Net loss
|
| | | $ | (56,496) | | | | | $ | (51,365) | | |
Net loss per common share, basic and diluted
|
| | | $ | (12.17) | | | | | $ | (9.13) | | |
Weighted-average shares used to compute net loss per common share, basic and diluted
|
| | | | 4,641,256 | | | | | | 5,626,713 | | |
| | |
Fiscal year
|
| |||||||||
| | |
2019
|
| |
2020
|
| ||||||
Stock options
|
| | | | 8,147,544 | | | | | | 7,996,056 | | |
Common stock warrants
|
| | | | 182,288 | | | | | | 317,861 | | |
Total
|
| | | | 8,329,832 | | | | | | 8,313,917 | | |
| | |
Fiscal Year Ended
February 29, 2020 |
| |||
Numerator: | | | | | | | |
Net loss
|
| | | $ | (51,365) | | |
Deemed dividend attributable to preferred shareholders
|
| | | | (239,294) | | |
Net loss attributable to common stockholders
|
| | | $ | (290,609) | | |
Denominator: | | | | | | | |
Weighted-average shares used to compute net loss per common share, basic and diluted
|
| | | | 5,626,713 | | |
Pro forma adjustment to reflect conversion of convertible preferred stock
|
| | | | 28,964,247 | | |
Pro forma adjustment to reflect automatic cashless exercise of warrants
|
| | | | 42,492 | | |
Weighted-average shares used to compute pro forma net loss per common share, basic and diluted
|
| | | | 34,633,452 | | |
Pro forma net loss per common share, basic and diluted
|
| | | $ | (8.39) | | |
Fiscal years ending February 28(29),
|
| | | | | | |
2021
|
| | | $ | 6,104 | | |
2022
|
| | | | 6,580 | | |
2023
|
| | | | 6,577 | | |
2024
|
| | | | 6,625 | | |
2025
|
| | | | 5,664 | | |
Thereafter
|
| | | | 21,516 | | |
| | | | $ | 53,066 | | |
| | |
November 30,
2020 |
| |
February 29,
2020 |
| ||||||
Assets
|
| | | ||||||||||
Current assets: | | | | | | | | | | | | | |
Cash and cash equivalents
|
| | | $ | 418,938 | | | | | $ | 33,155 | | |
Accounts receivable, net
|
| | | | 15,432 | | | | | | 294 | | |
Unbilled revenue
|
| | | | 1,334 | | | | | | 895 | | |
Current portion of deferred contract acquisition costs
|
| | | | 2,048 | | | | | | 1,368 | | |
Current portion of deferred financing fees
|
| | | | 163 | | | | | | 279 | | |
Prepaid and other current assets
|
| | | | 6,598 | | | | | | 12,944 | | |
Total current assets
|
| | | | 444,513 | | | | | | 48,935 | | |
Property and equipment, net
|
| | | | 10,496 | | | | | | 13,625 | | |
Goodwill
|
| | | | 4,013 | | | | | | 4,013 | | |
Acquired technology, net
|
| | | | 967 | | | | | | 2,054 | | |
Deferred contract acquisition costs
|
| | | | 6,195 | | | | | | 3,876 | | |
Other assets
|
| | | | 1,311 | | | | | | 745 | | |
Total assets
|
| | | $ | 467,495 | | | | | $ | 73,248 | | |
Liabilities, convertible preferred stock and stockholders’ equity (deficit)
|
| | | | | | | | | | | | |
Current liabilities: | | | | | | | | | | | | | |
Accounts payable
|
| | | $ | 4,136 | | | | | $ | 5,273 | | |
Accrued expenses
|
| | | | 3,437 | | | | | | 6,580 | | |
Accrued compensation
|
| | | | 27,459 | | | | | | 23,838 | | |
Deferred rent and other current liabilities
|
| | | | 531 | | | | | | 674 | | |
Due to customers
|
| | | | 3,449 | | | | | | 4,674 | | |
Current portion of deferred revenue
|
| | | | 34,427 | | | | | | 28,919 | | |
Total current liabilities
|
| | | | 73,439 | | | | | | 69,958 | | |
Loans payable, net of unamortized issuance costs
|
| | | | — | | | | | | 21,144 | | |
Deferred rent and other noncurrent liabilities
|
| | | | 5,375 | | | | | | 5,523 | | |
Deferred revenue
|
| | | | 394 | | | | | | 396 | | |
Total liabilities
|
| | | | 79,208 | | | | | | 97,021 | | |
Convertible preferred stock: | | | | | | | | | | | | | |
Preferred stock par value $0.0001; 25,000,000 shares authorized; 0 and 19,513,939 issued and outstanding at November 30, 2020 and February 29, 2020, respectively
|
| | | | — | | | | | | 233,022 | | |
Commitments (note 11) | | | | | | | | | | | | | |
Stockholders’ equity (deficit) | | | | | | | | | | | | | |
Common stock par value $0.0001; 500,000,000 shares authorized; 55,171,467 and 6,033,450 shares issued and outstanding at November 30, 2020 and February 29, 2020, respectively
|
| | | | 5 | | | | | | 2 | | |
Additional paid-in capital
|
| | | | 755,076 | | | | | | 64,071 | | |
Accumulated deficit
|
| | | | (366,794) | | | | | | (320,868) | | |
Total stockholders’ equity (deficit)
|
| | | | 388,287 | | | | | | (256,795) | | |
Total liabilities, convertible preferred stock and stockholders’ equity (deficit)
|
| | | $ | 467,495 | | | | | $ | 73,248 | | |
| | |
Three months ended November 30,
|
| |
Nine months ended November 30,
|
| ||||||||||||||||||
| | |
2020
|
| |
2019
|
| |
2020
|
| |
2019
|
| ||||||||||||
Revenue
|
| | | $ | 38,444 | | | | | $ | 29,652 | | | | | $ | 111,126 | | | | | $ | 88,066 | | |
Cost of revenue, excluding depreciation and amortization
|
| | | | 22,743 | | | | | | 17,538 | | | | | | 66,052 | | | | | | 51,737 | | |
Operating expenses: | | | | | | | | | | | | | | | | | | | | | | | | | |
Product and technology
|
| | | | 13,018 | | | | | | 11,046 | | | | | | 36,624 | | | | | | 33,595 | | |
Sales and marketing
|
| | | | 8,644 | | | | | | 7,924 | | | | | | 23,841 | | | | | | 23,202 | | |
General and administrative
|
| | | | 8,414 | | | | | | 8,551 | | | | | | 20,537 | | | | | | 20,125 | | |
Depreciation and amortization
|
| | | | 2,114 | | | | | | 2,033 | | | | | | 6,090 | | | | | | 6,415 | | |
Total operating expenses
|
| | | | 32,190 | | | | | | 29,554 | | | | | | 87,092 | | | | | | 83,337 | | |
Loss from operations
|
| | | | (16,489) | | | | | | (17,440) | | | | | | (42,018) | | | | | | (47,008) | | |
Interest expense, net
|
| | | | (35) | | | | | | (827) | | | | | | (3,663) | | | | | | (2,071) | | |
Other expense
|
| | | | (42) | | | | | | (18) | | | | | | (160) | | | | | | (98) | | |
Loss before income taxes
|
| | | | (16,566) | | | | | | (18,285) | | | | | | (45,841) | | | | | | (49,177) | | |
Income tax expense
|
| | | | (29) | | | | | | (12) | | | | | | (85) | | | | | | (49) | | |
Net loss
|
| | | $ | (16,595) | | | | | $ | (18,297) | | | | | $ | (45,926) | | | | | $ | (49,226) | | |
Net loss per share, basic and diluted
|
| | | $ | (0.32) | | | | | $ | (3.17) | | | | | $ | (1.50) | | | | | $ | (9.20) | | |
Weighted-average common shares outstanding, basic and diluted
|
| | | | 51,578,863 | | | | | | 5,776,478 | | | | | | 30,635,348 | | | | | | 5,351,313 | | |
| | |
Convertible Preferred stock
|
| | |
Stockholders’ Deficit
|
| ||||||||||||||||||||||||||||||||||||
| | | | | | | | | | | | | | | |
Common stock
|
| |
Additional
paid-in capital |
| |
Accumulated
deficit |
| | ||||||||||||||||||||
| | |
Shares
|
| |
Amount
|
| | |
Shares
|
| |
Amount
|
| |
Total
|
| |||||||||||||||||||||||||||
Balance February 28, 2019
|
| | | | 18,640,901 | | | | | $ | 214,664 | | | | | | | 3,616,549 | | | | | $ | 1 | | | | | $ | 38,881 | | | | | $ | (269,503) | | | | | $ | (230,621) | | |
Exercise of stock options and common stock warrants
|
| | | | — | | | | | | — | | | | | | | 90,322 | | | | | | — | | | | | | 356 | | | | | | — | | | | | | 356 | | |
Stock-based compensation expense
|
| | | | — | | | | | | — | | | | | | | — | | | | | | — | | | | | | 1,436 | | | | | | — | | | | | | 1,436 | | |
Net loss
|
| | | | — | | | | | | — | | | | | | | — | | | | | | — | | | | | | — | | | | | | (15,903) | | | | | | (15,903) | | |
Balance, May 31, 2019
|
| | | | 18,640,901 | | | | | $ | 214,664 | | | | | | | 3,706,871 | | | | | $ | 1 | | | | | $ | 40,673 | | | | | $ | (285,406) | | | | | $ | (244,732) | | |
Issuance of common stock in connection with acquisition
|
| | | | — | | | | | | — | | | | | | | 279,436 | | | | | | — | | | | | | 6,164 | | | | | | — | | | | | | 6,164 | | |
Issuance of common stock warrants
in connection with July 2019 debt |
| | | | — | | | | | | — | | | | | | | — | | | | | | — | | | | | | 779 | | | | | | — | | | | | | 779 | | |
Exercise of stock options and common stock warrants
|
| | | | — | | | | | | — | | | | | | | 415,420 | | | | | | — | | | | | | 1,428 | | | | | | — | | | | | | 1,428 | | |
Stock-based compensation expense
|
| | | | — | | | | | | — | | | | | | | — | | | | | | — | | | | | | 1,895 | | | | | | — | | | | | | 1,895 | | |
Net loss
|
| | | | — | | | | | | — | | | | | | | — | | | | | | — | | | | | | — | | | | | | (15,026) | | | | | | (15,026) | | |
Balance, August 31, 2019
|
| | | | 18,640,901 | | | | | $ | 214,664 | | | | | | | 4,401,727 | | | | | $ | 1 | | | | | $ | 50,939 | | | | | $ | (300,432) | | | | | $ | (249,492) | | |
Issuance of common stock in connection with acquisition
|
| | | | — | | | | | | — | | | | | | | 9,884 | | | | | | — | | | | | | — | | | | | | — | | | | | | — | | |
Sale of Series F preferred stock, net
|
| | | | 873,038 | | | | | | 18,358 | | | | | | | — | | | | | | — | | | | | | — | | | | | | — | | | | | | — | | |
Issuance of common stock warrants
in connection with sale of Series F Preferred Stock |
| | | | — | | | | | | — | | | | | | | — | | | | | | — | | | | | | 1,585 | | | | | | — | | | | | | 1,585 | | |
Exercise of stock options and common stock warrants
|
| | | | — | | | | | | — | | | | | | | 213,453 | | | | | | — | | | | | | 728 | | | | | | — | | | | | | 728 | | |
Stock-based compensation expense
|
| | | | — | | | | | | — | | | | | | | — | | | | | | — | | | | | | 1,564 | | | | | | — | | | | | | 1,564 | | |
Net loss
|
| | | | — | | | | | | — | | | | | | | — | | | | | | — | | | | | | — | | | | | | (18,297) | | | | | | (18,297) | | |
Balance, November 30, 2019
|
| | | | 19,513,939 | | | | | $ | 233,022 | | | | | | | 4,625,064 | | | | | $ | 1 | | | | | $ | 54,816 | | | | | $ | (318,729) | | | | | $ | (263,912) | | |
| | |
Convertible Preferred stock
|
| | |
Stockholders' Equity (Deficit)
|
| ||||||||||||||||||||||||||||||||||||
| | | | | | | | | | | | | | | |
Common stock
|
| |
Additional
|
| |
Accumulated
|
| | | | | | | |||||||||||||||
| | |
Shares
|
| |
Amount
|
| | |
Shares
|
| |
Amount
|
| |
paid-in capital
|
| |
deficit
|
| |
Total
|
| |||||||||||||||||||||
Balance February 29, 2020
|
| | | | 19,513,939 | | | | | $ | 233,022 | | | | | | | 6,033,450 | | | | | $ | 2 | | | | | $ | 64,071 | | | | | $ | (320,868) | | | | | $ | (256,795) | | |
Exercise of stock options and common stock warrants
|
| | | | — | | | | | | — | | | | | | | 347,807 | | | | | | — | | | | | | 2,999 | | | | | | — | | | | | | 2,999 | | |
Stock-based compensation expense
|
| | | | — | | | | | | — | | | | | | | — | | | | | | — | | | | | | 1,259 | | | | | | — | | | | | | 1,259 | | |
Net loss
|
| | | | — | | | | | | — | | | | | | | — | | | | | | — | | | | | | — | | | | | | (13,960) | | | | | | (13,960) | | |
Balance, May 31, 2020
|
| | | | 19,513,939 | | | | | $ | 233,022 | | | | | | | 6,381,257 | | | | | $ | 2 | | | | | $ | 68,329 | | | | | $ | (334,828) | | | | | $ | (266,497) | | |
Exercise of stock options and common stock warrants
|
| | | | — | | | | | | — | | | | | | | 383,575 | | | | | | — | | | | | | 1,726 | | | | | | — | | | | | | 1,726 | | |
Issuance of common stock in initial public offering, net of issuance costs of $4,596
|
| | | | — | | | | | | — | | | | | | | 11,526,134 | | | | | | 1 | | | | | | 231,227 | | | | | | — | | | | | | 231,228 | | |
Conversion of preferred stock into
common stock |
| | | | (19,513,939) | | | | | | (233,022) | | | | | | | 29,479,521 | | | | | | 2 | | | | | | 233,020 | | | | | | — | | | | | | 233,022 | | |
Automatic exercise of warrants into common stock in connection with initial public offering
|
| | | | — | | | | | | — | | | | | | | 1,401,836 | | | | | | — | | | | | | — | | | | | | — | | | | | | — | | |
Issuance of stock options to satisfy bonus obligation
|
| | | | — | | | | | | — | | | | | | | — | | | | | | — | | | | | | 5,735 | | | | | | — | | | | | | 5,735 | | |
Issuance of common stock in connection with 2019 acquisition
|
| | | | — | | | | | | — | | | | | | | 97,019 | | | | | | — | | | | | | 156 | | | | | | — | | | | | | 156 | | |
Stock-based compensation expense
|
| | | | — | | | | | | — | | | | | | | — | | | | | | — | | | | | | 2,105 | | | | | | — | | | | | | 2,105 | | |
Net loss
|
| | | | — | | | | | | — | | | | | | | — | | | | | | — | | | | | | — | | | | | | (15,371) | | | | | | (15,371) | | |
Balance, August 31, 2020
|
| | | | — | | | | | $ | — | | | | | | | 49,269,342 | | | | | $ | 5 | | | | | $ | 542,298 | | | | | $ | (350,199) | | | | | $ | 192,104 | | |
Exercise of stock options
|
| | | | — | | | | | | — | | | | | | | 84,627 | | | | | | — | | | | | | 527 | | | | | | — | | | | | | 527 | | |
Issuance of common stock in
follow-on public offering, net of issuance costs of $600 |
| | | | — | | | | | | — | | | | | | | 5,750,000 | | | | | | — | | | | | | 208,046 | | | | | | — | | | | | | 208,046 | | |
Issuance of common stock in connection with the employee stock purchase plan
|
| | | | — | | | | | | — | | | | | | | 67,498 | | | | | | — | | | | | | 1,259 | | | | | | — | | | | | | 1,259 | | |
Stock-based compensation expense
|
| | | | — | | | | | | — | | | | | | | — | | | | | | — | | | | | | 2,946 | | | | | | — | | | | | | 2,946 | | |
Net loss
|
| | | | — | | | | | | — | | | | | | | — | | | | | | — | | | | | | — | | | | | | (16,595) | | | | | | (16,595) | | |
Balance, November 30, 2020
|
| | | | — | | | | | $ | — | | | | | | | 55,171,467 | | | | | $ | 5 | | | | | $ | 755,076 | | | | | $ | (366,794) | | | | | $ | 388,287 | | |
| | |
Nine months ended November 30,
|
| |||||||||
| | |
2020
|
| |
2019
|
| ||||||
Cash flows from operating activities: | | | | | | | | | | | | | |
Net loss
|
| | | $ | (45,926) | | | | | $ | (49,226) | | |
Adjustments to reconcile net loss to net cash used in Operating activities:
|
| | | | | | | | | | | | |
Depreciation and amortization expense
|
| | | | 6,090 | | | | | | 6,415 | | |
Amortization of deferred contract acquisition costs
|
| | | | 1,187 | | | | | | 695 | | |
Noncash interest expense
|
| | | | 1,395 | | | | | | 533 | | |
Stock-based compensation expense
|
| | | | 6,310 | | | | | | 4,895 | | |
Changes in operating assets and liabilities:
|
| | | | | | | | | | | | |
Accounts receivable and unbilled revenue
|
| | | | (15,577) | | | | | | 123 | | |
Accounts payable and accrued expenses
|
| | | | 569 | | | | | | 4,408 | | |
Deferred contract acquisition costs
|
| | | | (4,187) | | | | | | (1,551) | | |
Deferred revenue and due to customers
|
| | | | 4,281 | | | | | | 10,832 | | |
Accrued compensation
|
| | | | 9,372 | | | | | | 187 | | |
Deferred rent and other liabilities
|
| | | | (324) | | | | | | 106 | | |
Other assets
|
| | | | 1,182 | | | | | | (1,400) | | |
Net cash used in operating activities
|
| | | | (35,628) | | | | | | (23,983) | | |
Cash flows from investing activities: | | | | | | | | | | | | | |
Capitalized software development costs
|
| | | | (374) | | | | | | — | | |
Purchases of property and equipment
|
| | | | (1,500) | | | | | | (2,469) | | |
Net cash acquired in acquisition of MD Insider
|
| | | | — | | | | | | (206) | | |
Earnout payments to MD Insider
|
| | | | (58) | | | | | | — | | |
Net cash used in investing activities
|
| | | | (1,932) | | | | | | (2,675) | | |
Cash flows from financing activities: | | | | | | | | | | | | | |
Proceeds from public offerings, net of underwriters’ discounts and commissions and offering costs
|
| | | | 439,478 | | | | | | — | | |
Proceeds from stock option and warrant exercises
|
| | | | 5,176 | | | | | | 2,008 | | |
Proceeds from sale of Series F Preferred Stock, net.
|
| | | | — | | | | | | 19,943 | | |
Proceeds from stock purchases under employee stock purchase plan
|
| | | | 1,442 | | | | | | — | | |
Proceeds from borrowings on debt
|
| | | | 51,166 | | | | | | 1,660 | | |
Repayments of debt principal
|
| | | | (73,166) | | | | | | — | | |
Payments related to debt retirement
|
| | | | (753) | | | | | | — | | |
Net cash provided by financing activities
|
| | | | 423,343 | | | | | | 23,611 | | |
Net increase (decrease) in cash and cash equivalents
|
| | | | 385,783 | | | | | | (3,047) | | |
Cash and cash equivalents, beginning of period
|
| | | | 33,155 | | | | | | 42,701 | | |
Cash and cash equivalents, end of period
|
| | | $ | 418,938 | | | | | $ | 39,654 | | |
Supplemental cash flow information:
|
| | | | | | | | | | | | |
Interest paid
|
| | | $ | 2,246 | | | | | $ | 1,790 | | |
Income taxes paid
|
| | | $ | 149 | | | | | $ | 55 | | |
Fixed assets included in accounts payable
|
| | | $ | 185 | | | | | $ | 126 | | |
Other receivable related to stock option exercises
|
| | | $ | 249 | | | | | $ | 504 | | |
Offering costs included in accounts payable and accrued expenses
|
| | | $ | 68 | | | | | $ | — | | |
Bonus settled in the form of stock options
|
| | | $ | 5,735 | | | | | $ | — | | |
Common stock issued in connection with acquisition
|
| | | $ | — | | | | | $ | 6,164 | | |
Common stock warrants issued in connection with debt
|
| | | $ | — | | | | | $ | 779 | | |
| | |
For the three months ended November 30,
|
| |
For the nine months ended November 30,
|
| ||||||||||||||||||
| | |
2020
|
| |
2019
|
| |
2020
|
| |
2019
|
| ||||||||||||
Customer 1
|
| | | | 17% | | | | | | 27% | | | | | | 17% | | | | | | 27% | | |
Customer 2
|
| | | | 10% | | | | | | 12% | | | | | | 11% | | | | | | 12% | | |
Customer 3
|
| | | | 10% | | | | | | 11% | | | | | | 10% | | | | | | 11% | | |
Total | | | | | 37% | | | | | | 50% | | | | | | 38% | | | | | | 50% | | |
| | |
November 30,
2020 |
| |||
Customer 1
|
| | | $ | 1,642 | | |
Customer 2
|
| | | | 45 | | |
Customer 3
|
| | | | 8,196 | | |
Fiscal year ending February 28(29),
|
| | | | | | |
Remainder of 2021
|
| | | $ | 42,174 | | |
2022
|
| | | | 126,168 | | |
2023
|
| | | | 46,607 | | |
2024
|
| | | | 14,026 | | |
Total
|
| | | $ | 228,975 | | |
| | |
November 30, 2020
|
| |||||||||||||||||||||
| | |
Level 1
|
| |
Level 2
|
| |
Level 3
|
| |
Fair Value
|
| ||||||||||||
Assets | | | | | | | | | | | | | | | | | | | | | | | | | |
Cash equivalents:
|
| | | | | | | | | | | | | | | | | | | | | | | | |
Money market funds
|
| | | $ | 208,286 | | | | | $ | — | | | | | $ | — | | | | | $ | 208,286 | | |
United States Treasury bills
|
| | | $ | 199,990 | | | | | $ | — | | | | | $ | — | | | | | $ | 199,990 | | |
| | |
February 29, 2020
|
| |||||||||||||||||||||
| | |
Level 1
|
| |
Level 2
|
| |
Level 3
|
| |
Fair Value
|
| ||||||||||||
Assets | | | | | | | | | | | | | | | | | | | | | | | | | |
Cash equivalents:
|
| | | | | | | | | | | | | | | | | | | | | | | | |
Money market funds
|
| | | $ | 21,332 | | | | | $ | — | | | | | $ | — | | | | | $ | 21,332 | | |
Certificates of deposit
|
| | | $ | 5,000 | | | | | $ | — | | | | | $ | — | | | | | $ | 5,000 | | |
| | |
Three months ended November 30,
|
| |
Nine months ended November 30,
|
| ||||||||||||||||||
| | |
2020
|
| |
2019
|
| |
2020
|
| |
2019
|
| ||||||||||||
Cost of revenue
|
| | | $ | 352 | | | | | $ | 75 | | | | | $ | 679 | | | | | $ | 250 | | |
Product and technology
|
| | | | 1,060 | | | | | | 460 | | | | | | 2,212 | | | | | | 1,312 | | |
Sales and marketing
|
| | | | 702 | | | | | | 340 | | | | | | 1,494 | | | | | | 1,162 | | |
General and administrative
|
| | | | 832 | | | | | | 689 | | | | | | 1,925 | | | | | | 2,171 | | |
Total stock-based compensation
|
| | | $ | 2,946 | | | | | $ | 1,564 | | | | | $ | 6,310 | | | | | $ | 4,895 | | |
| | |
Stock Option
|
| |
Weighted
average exercise price |
| |
Weighted
remaining contractual life in years |
| |
Aggregate
intrinsic value |
| ||||||||||||
Balance, February 29, 2020
|
| | | | 7,996,056 | | | | | $ | 6.19 | | | | | | | | | | | | | | |
Granted
|
| | | | 2,163,775 | | | | | | 17.41 | | | | | | | | | | | | | | |
Exercised
|
| | | | (656,009) | | | | | | 4.65 | | | | | | | | | | | | | | |
Forfeited
|
| | | | (200,012) | | | | | | 6.35 | | | | | | | | | | | | | | |
Balance, November 30, 2020
|
| | | | 9,303,810 | | | | | $ | 8.91 | | | | | | 7.2 years | | | | | $ | 400,103 | | |
Vested and expected to vest as of November 30, 2020
|
| | | | 9,303,810 | | | | | $ | 8.91 | | | | | | 7.2 years | | | | | $ | 400,103 | | |
Exercisable as of November 30, 2020
|
| | | | 5,673,184 | | | | | $ | 6.37 | | | | | | 6.2 years | | | | | $ | 258,347 | | |
| | |
Restricted
Stock Units |
| |||
Balance, February 29, 2020
|
| | | | — | | |
Granted
|
| | | | 85,310 | | |
Vested
|
| | | | — | | |
Forfeited
|
| | | | — | | |
Balance, November 30, 2020
|
| | | | 85,310 | | |
| | |
Three months ended
November 30, |
| |
Nine months ended
November 30, |
| ||||||||||||||||||
| | |
2020
|
| |
2019
|
| |
2020
|
| |
2019
|
| ||||||||||||
Net loss
|
| | | $ | (16,595) | | | | | $ | (18,297) | | | | | $ | (45,926) | | | | | $ | (49,226) | | |
Weighted-average shares used in computing net loss per share
|
| | | | 51,578,863 | | | | | | 5,776,478 | | | | | | 30,635,348 | | | | | | 5,351,313 | | |
Net loss per share attributable to common stockholders, basic and diluted
|
| | | $ | (0.32) | | | | | $ | (3.17) | | | | | $ | (1.50) | | | | | $ | (9.20) | | |
| | |
November 30,
|
| |||||||||
| | |
2020
|
| |
2019
|
| ||||||
Stock options
|
| | | | 9,303,810 | | | | | | 9,069,217 | | |
Unvested restricted stock units
|
| | | | 85,310 | | | | | | — | | |
Common stock warrants
|
| | | | — | | | | | | 317,882 | | |
Total
|
| | | | 9,389,120 | | | | | | 9,387,099 | | |
| | |
Amount
|
| |||
SEC registration fee
|
| | | $ | 11,707 | | |
FINRA filing fee
|
| | | | 16,987 | | |
Legal fees and expenses
|
| | | | 50,000 | | |
Accountants’ fees and expenses
|
| | | | 35,000 | | |
Miscellaneous
|
| | | | 11,306 | | |
Total expenses
|
| | | $ | 125,000 | | |
Exhibit
Number |
| |
Description of Exhibit
|
| |
Form
|
| |
File No.
|
| |
Exhibit
|
| |
Filing Date
|
| |
Filed
Herewith |
|
2.1 | | | | |
8-K
|
| |
001-39348
|
| |
2.1
|
| |
March 4, 2021
|
| | | | |
3.1 | | | | |
8-K
|
| |
001-39348
|
| |
3.1
|
| |
July 10, 2020
|
| | | | |
3.2 | | | | |
S-1
|
| |
333-236786
|
| |
3.4
|
| |
February 28, 2020
|
| | | | |
4.1 | | | | |
S-1
|
| |
333-236786
|
| |
4.1
|
| |
February 28, 2020
|
| | | | |
4.2 | | | | |
S-1
|
| |
333-236786
|
| |
4.2
|
| |
February 28, 2020
|
| | | | |
4.3 | | | | |
8-K
|
| |
001-39348
|
| |
4.1
|
| |
March 4, 2021
|
| | | | |
4.4 | | | | |
8-K
|
| |
001-39348
|
| |
4.1
|
| |
March 29, 2021
|
| | |||
4.5 | | | | |
8-K
|
| |
001-39348
|
| |
4.2
|
| |
March 29, 2021
|
| | |||
5.1# | | | | | | | | | | | | | | | | | | | |
10.1+ | | | | |
S-1
|
| |
333-236786
|
| |
10.1
|
| |
June 16, 2020
|
| | | | |
10.2+ | | | | |
S-1
|
| |
333-236786
|
| |
10.2
|
| |
June 16, 2020
|
| | | | |
10.3+ | | | | |
S-1
|
| |
333-236786
|
| |
10.3
|
| |
June 16, 2020
|
| | | |
Exhibit
Number |
| |
Description of Exhibit
|
| |
Form
|
| |
File No.
|
| |
Exhibit
|
| |
Filing Date
|
| |
Filed
Herewith |
|
10.4+ | | | | |
S-1
|
| |
333-236786
|
| |
10.4
|
| |
February 28, 2020
|
| | | | |
10.5+ | | | | |
S-1
|
| |
333-236786
|
| |
10.5
|
| |
February 28, 2020
|
| | | | |
10.6+# | | | | | | | | | | | | | | | | | | | |
10.7+ | | | | |
S-1
|
| |
333-236786
|
| |
10.7
|
| |
February 28, 2020
|
| | | | |
10.8 | | | | |
S-1
|
| |
333-236786
|
| |
10.11
|
| |
February 28, 2020
|
| | | | |
10.9† | | | | |
8-K
|
| |
001-39348
|
| |
10.1
|
| |
August 25, 2020
|
| | | | |
10.10 | | | | |
10-Q
|
| |
001-39348
|
| |
10.8
|
| |
October 14, 2020
|
| | | | |
10.11 | | | | |
8-K
|
| |
001-39348
|
| |
10.1
|
| |
November 9, 2020
|
| | | | |
10.12 | | | | |
8-K
|
| |
001-39348
|
| |
10.1
|
| |
March 4, 2021
|
| | | | |
10.13 | | | | |
S-1
|
| |
333-236786
|
| |
10.14
|
| |
February 28, 2020
|
| | | | |
10.14 | | | | |
S-1
|
| |
333-236786
|
| |
10.15
|
| |
February 28, 2020
|
| | | |
Exhibit
Number |
| |
Description of Exhibit
|
| |
Form
|
| |
File No.
|
| |
Exhibit
|
| |
Filing Date
|
| |
Filed
Herewith |
|
10.15 | | | | |
S-1
|
| |
333-236786
|
| |
10.16
|
| |
February 28, 2020
|
| | | | |
10.16 | | | | |
S-1
|
| |
333-236786
|
| |
10.17
|
| |
February 28, 2020
|
| | | | |
10.17 | | | | |
S-1
|
| |
333-236786
|
| |
10.18
|
| |
February 28, 2020
|
| | | | |
10.18 | | | | |
S-1
|
| |
333-236786
|
| |
10.19
|
| |
February 28, 2020
|
| | | | |
10.19 | | | | |
S-1
|
| |
333-236786
|
| |
10.20
|
| |
February 28, 2020
|
| | | | |
10.20 | | | | |
S-1
|
| |
333-236786
|
| |
10.21
|
| |
February 28, 2020
|
| | | | |
10.21 | | | | |
S-1
|
| |
333-236786
|
| |
10.22
|
| |
February 28, 2020
|
| | | | |
10.22† | | | | |
S-1
|
| |
333-236786
|
| |
10.23
|
| |
February 28, 2020
|
| | | | |
10.23† | | | | |
S-1
|
| |
333-236786
|
| |
10.24
|
| |
February 28, 2020
|
| | | |
Exhibit
Number |
| |
Description of Exhibit
|
| |
Form
|
| |
File No.
|
| |
Exhibit
|
| |
Filing Date
|
| |
Filed
Herewith |
|
10.24† | | | | |
S-1
|
| |
333-236786
|
| |
10.25
|
| |
February 28, 2020
|
| | | | |
10.25† | | | Amendment and Restatement of Exhibits F and G to the Amended and Restated Services Agreement by and between the Registrant and Comcast Cable Communications Management, LLC dated September 18, 2017. | | |
S-1
|
| |
333-236786
|
| |
10.26
|
| |
February 28, 2020
|
| | | |
10.26† | | | | |
S-1
|
| |
333-236786
|
| |
10.27
|
| |
February 28, 2020
|
| | | | |
10.27† | | | | |
S-1
|
| |
333-236786
|
| |
10.29
|
| |
February 28, 2020
|
| | | | |
10.28† | | | | |
S-1
|
| |
333-236786
|
| |
10.30
|
| |
February 28, 2020
|
| | | | |
10.29† | | | Second Renewal and Amendment of the Amended and Restated Services Agreement by and between the Registrant and Comcast Cable Communications Management, LLC dated June 19, 2020. | | |
S-1
|
| |
333-236786
|
| |
10.32
|
| |
June 24, 2020
|
| | | |
10.30 | | | | |
S-1
|
| |
333-236786
|
| |
10.31
|
| |
February 28, 2020
|
| | | |
Exhibit
Number |
| |
Description of Exhibit
|
| |
Form
|
| |
File No.
|
| |
Exhibit
|
| |
Filing Date
|
| |
Filed
Herewith |
|
10.31+# | | | | | | | | | | | | | | | | | | | |
10.32+ | | | Master Services Agreement by and between UnitedHealthcare Services, Inc. and Innovation Specialists, LLC d/b/a 2nd.MD dated December 19, 2016. | | | | | | | | | | | | | | |
X
|
|
10.33+ | | | Statement of Work No. 3 to the Master Services Agreement by and between United Healthcare Services, Inc. and Innovation Specialists, LLC d/b/a 2nd.MD dated September 1, 2019. | | | | | | | | | | | | | | |
X
|
|
23.1 | | | Consent of KPMG LLP, independent registered public accounting firm. | | | | | | | | | | | | | | |
X
|
|
23.2# | | | | | | | | | | | | | | | | | | | |
24.1# | | | | | | | | | | | | | | | | | | | |
101.INS | | | XBRL Instance Document | | | | | | | | | | | | | | | | |
101.SCH | | | XBRL Taxonomy Extension Schema Document | | | | | | | | | | | | | | | | |
101.CAL | | | XBRL Taxonomy Extension Calculation Linkbase Document | | | | | | | | | | | | | | | | |
101.DEF | | | XBRL Extension Definition Linkbase Document | | | | | | | | | | | | | | | | |
101.LAB | | | XBRL Taxonomy Label Linkbase Document | | | | | | | | | | | | | | | | |
101.PRE | | | XBRL Taxonomy Extension Presentation Linkbase Document | | | | | | | | | | | | | | | | |
|
Signature
|
| |
Title
|
| |
Date
|
|
|
/s/ Rajeev Singh
Rajeev Singh
|
| |
Chief Executive Officer and Director (Principal Executive Officer)
|
| |
April 1, 2021
|
|
|
/s/ Stephen Barnes
Stephen Barnes
|
| |
Chief Financial Officer (Principal Financial and Accounting Officer)
|
| |
April 1, 2021
|
|
|
*
J. Michael Cline
|
| |
Director
|
| |
April 1, 2021
|
|
|
*
William H. Frist, Sr.
|
| |
Director
|
| |
April 1, 2021
|
|
|
*
Jeffrey Jordan
|
| |
Director
|
| |
April 1, 2021
|
|
|
*
Cindy Kent
|
| |
Director
|
| |
April 1, 2021
|
|
|
*
Peter Klein
|
| |
Director
|
| |
April 1, 2021
|
|
|
*
Dawn Lepore
|
| |
Director
|
| |
April 1, 2021
|
|
|
*
Thomas Neff
|
| |
Director
|
| |
April 1, 2021
|
|
|
*
Patricia Wadors
|
| |
Director
|
| |
April 1, 2021
|
|
|
*By: /s/ RAJEEV SINGH
Rajeev Singh
Attorney-in-fact |
| | | | | | |
Exhibit 10.32
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
MASTER SERVICES AGREEMENT
This Master Services Agreement (“Agreement”) is made as of December 19, 2016 (the “Effective Date”), between:
United HealthCare Services, Inc., a Minnesota corporation with offices at 9900 Bren Road East, Minnetonka, MN 55343 (“Customer”), on behalf of itself and its Affiliates; and
Innovation Specialists, LLC d/b/a 2nd.MD, a Texas limited liability company with principal offices at 1300 Post Oak Boulevard, Suite 725, Houston, Texas 77056 (“Vendor”).
Any Affiliate of Customer may execute a SOW hereunder and in such case, all obligations of, and references to, Customer in this Agreement shall instead refer to such Affiliate. For purposes of this Agreement, “Affiliate” means any entity directly or indirectly controlled by, controlling, or under common control with Customer.
Section 1. Services
Section 1.1 Description of Services. Vendor shall provide to Customer the services (“Services”) as specified in statements of work to this Agreement that are signed by the parties from time to time in a form substantially similar as attached hereto as Exhibit A (“SOWs” or “Statements of Work”). SOWs and any and all other documents referenced as a part of this Agreement are hereby incorporated by reference into this Agreement. SOWs shall constitute the only authorization for Vendor to take any action that will result in expense to or otherwise on behalf of Customer. Customer does not guarantee Vendor any particular amount of work under this Agreement. The Services shall be performed at the locations identified in the SOW, or if not identified, from such location specified by Customer. Vendor shall not use subcontractors without Customer’s prior written consent. Vendor shall provide the Services in accordance with the service levels set forth on in the applicable Order or SOW (“Service Levels”). In the event that a Service Level has not been met, Vendor shall: (i) perform a root-cause analysis to identify the cause of such failure; (ii) promptly correct such failure within the timeframe set forth in the applicable SOW; and (iii) provide Customer with a written report detailing the cause of, and procedure for correcting, such failure within [***] after such Service Level failure has occurred. [***].
Section 1.2 Additional Exhibit Terms. Vendor agrees to comply with the requirements outlined in the following Exhibits attached to this Agreement, which are fully incorporated herein by reference.
Exhibit A – Form of Statement of Work
Exhibit B – Certificate of Compliance for Contractors and Suppliers
Exhibit C – Price List
Exhibit D – HIPAA and GLBA (Business Associate Agreement)
Exhibit E – Standard Contractual Clauses
Exhibit F – Security
Exhibit G – Background Investigations
Exhibit H – Medicare Advantage Regulatory Requirements Appendix
Exhibit I – Master Community & State Appendix
Exhibit J – Exchange Regulatory Appendix
Section 1.3 Personnel.
(A) General Requirements. The parties are independent contractors and nothing in this Agreement or otherwise shall be deemed or construed to create any other relationship, including one of employment, joint venture or agency. Vendor shall be solely responsible for any taxes of any type, including central, state or local tax, employment, withholding or reporting tax, social security taxes, workers’ compensation taxes or costs, unemployment compensation taxes or costs, or any other taxes or charges, provident fund, gratuity, bonus, workmen’s compensation, employee state insurance, other employment law deductions, or private insurance, related to Vendor’s or Vendor’s personnel’s receipt of compensation and performance of Services under this Agreement. Vendor has withheld properly all federal, state and local employment taxes from the wages of its employees and otherwise has conducted and will conduct itself not as an individual or individuals but as a legal entity separate from the persons actually performing the Services pursuant to this Agreement. In addition, Vendor agrees to inform all of its employees performing the Services that they are employees solely of Vendor, and are not eligible to any of Customer’s employee benefit plans, incentive, compensation or other employee programs or policies. Vendor will be solely responsible for compliance with immigration and visa laws and requirements, including compliance with the Immigration and Reform Control Act of 1986 (IRCA) with respect to Vendor employees and contractors. Vendor represents and warrants that all Vendor personnel (1) will hold appropriate and valid visas or other work authorizations for the jurisdiction in which such individuals will be working, each of which will be valid for a period at least equal to the anticipated duration of each such individual’s assignment to the Customer account, and (2) will not be provided by Vendor with any technology or information in violation of any export laws of the U.S. or any other relevant country. Vendor will provide, at no cost to Customer, adequate levels of training and education for Vendor personnel, so that they are properly educated, trained and fully qualified with respect to the Services they are to perform.
Customer Confidential | Page 1 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
(B) Attrition; Removal. Vendor will use commercially reasonable efforts to keep the attrition rate to a reasonably low level. Notwithstanding the transfer, attrition or other turnover of Vendor personnel, Vendor remains obligated to perform the Services without degradation (including in accordance with applicable Service Levels) and in accordance with the terms of this Agreement. If Customer determines in good faith that the continued assignment of any Vendor personnel to Customer’s account is not in Customer’s best interests, then Customer may give Vendor written notice to that effect. After receipt of such notice, Vendor will promptly remove the person in question from Customer’s account and from any Customer facilities and will replace that person with another person of suitable ability and qualifications. Vendor retains the sole right to hire and fire Vendor personnel, and will be solely responsible for oversight of Vendor personnel and any decision to fire any Vendor personnel.
(C) Key Personnel. Each Statement of Work will set forth: (1) the names of all Vendor personnel performing Services under such Statement of Work, (2) the location of each such person, (3) whether a person is designated as “key” (“Key Vendor Personnel”), and (4) with respect to Key Vendor Personnel, the period of time such personnel will be assigned to performing the Services. Vendor will not assign any Key Vendor Personnel to the account of any Customer competitor while such individual is assigned to Customer’s account and for a period of six months following the date that such individual is removed from, or ceases to provide any services in connection with, Customer’s account.
(D) Background Checks and Compliance. Vendor will comply with the applicable requirements of Exhibit G (Background Investigations) before assigning an individual to perform Services. Further, Vendor will cause all Vendor personnel to (1) comply with Customer requests, rules and regulations, and policies regarding safety and health and personal and professional conduct while on site at Customer facilities, (2) comply with applicable requirements of the Vendor Code of Conduct (as defined in Section 5.12), and (3) otherwise conduct themselves in a professional and businesslike manner.
Section 1.4 Subcontracting and Offshoring.
(A) Subcontracting. Vendor may not subcontract any of its obligations under this Agreement without Customer’s prior written approval, which will not be unreasonably withheld (subject to Section 1.4(B)). Vendor will remain responsible for obligations, services and functions performed by subcontractors to the same extent as if such obligations, services and functions were performed by Vendor employees, and for purposes of this Agreement such work will be deemed work performed by Vendor. Vendor will be Customer’s sole point of contact regarding the Services, including with respect to payment. Vendor will not disclose Customer Confidential Information to a subcontractor unless and until such subcontractor has agreed in writing to protect the confidentiality of such Confidential Information in a manner substantially equivalent to that required of Vendor under this Agreement.
Customer Confidential | Page 2 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
(B) Offshoring. Before providing any component of the Services from a location outside of the United States, Vendor must obtain Customer’s written approval, which may be withheld by Customer in its sole discretion. Before entering into a subcontract for work to be performed outside of the United States, Vendor must provide to Customer a description of the scope and material terms (other than financial) of the proposed subcontract. Customer will have the right to approve or disapprove of any such subcontracts and subcontractors in its sole discretion.
Section 2. Pricing and Payment Terms
Section 2.1 Fees. All charges for the Services are set forth in the applicable Statement of Work. Customer will not be required to pay Vendor any amounts for the Services other than (A) the charges in the applicable Statement of Work, and (B) reimbursable expenses, subject to Section 2.3. The parties agree and acknowledge that, except as set forth in the applicable Statement of Work, the charges will be inclusive of, and not subject to adjustment to account for, any inflation or cost of living increases or fluctuation in any currency exchange rates. [***]. Vendor is solely responsible for managing its resources so as to provide the Services in compliance with applicable Service Levels and the other terms of this Agreement and each applicable Statement of Work.
Section 2.2 Expenses; Taxes. All pass-through or out-of-pocket expenses for which Customer is responsible must be expressly identified in the applicable Statement of Work. If a Statement of Work provides that Customer will reimburse Vendor for travel expenses, Vendor will obtain Customer’s prior written approval for travel and all travel will be consistent with Customer’s Travel and Expense Policy, which is available for Vendor to review at http://www.unitedhealthgroup.com/suppliers/default.aspx?. Customer will not be responsible for the payment or reimbursement of expenses not expressly identified as a Customer responsibility in the applicable Statement of Work. With respect to services or materials paid for on a pass-through expenses basis, Customer reserves the right to obtain such services or materials directly from a third party or designate the third party source for such services or materials. Vendor will use commercially reasonable efforts to minimize the amount of pass-through and out-of- pocket expenses. Customer will be responsible for the payment of any sales or use taxes levied on Services provided under this Agreement. Each party will be responsible for any personal property taxes on property it owns or leases, for franchise and privilege taxes on its business, and for taxes based on its net income or gross receipts.
Section 2.3 Invoicing and Payment. Vendor will invoice Customer on a monthly basis in arrears, unless otherwise set forth in the applicable Statement of Work. Vendor’s rates under any Statement of Work may not exceed those set forth on Exhibit C (Price List). As directed by Customer, Vendor will establish an electronic vendor account through the third party internet-based platform specified by Customer, through which Vendor will submit invoices to and receive purchase orders from Customer (the “eProcurement System”). In addition, Vendor will be responsible for any fees or charges imposed on Vendor associated with the eProcurement System, and will not pass such fees or charges through to Customer. If Customer has established an eProcurement System applicable to this Agreement, Customer will not be required to pay any invoice unless Vendor has submitted such invoice through the eProcurement System. Undisputed invoices will be due and payable by Customer within [***] after invoice receipt, or, in the case of invoices submitted outside of the eProcurement System, within [***] after invoice receipt. Customer’s payment of any invoice will not be construed as acceptance of the underlying Services. Vendor will provide invoices with sufficient detail to enable Customer to identify the SOW to which the fees pertain and, for Services provided on a time and materials basis, the invoice will contain the name of the individual performing the Services as well as the number of hours spent performing the Services.
Section 2.4 Disputed Fees; Set-Off. Customer may withhold payment of particular charges that Customer disputes in good faith, pending the resolution of such dispute, provided that Customer provides Vendor with written notice of the amounts being withheld and the reason for withholding such amounts. With respect to any amount to be paid by Customer under this Agreement, Customer may deduct from such amount any amount that Vendor is obligated to pay or credit to Customer.
Customer Confidential | Page 3 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
Section 3. Confidentiality
Section 3.1 Confidentiality Obligations. During the term of this Agreement, from time to time, either party may disclose (the “Disclosing Party”) or make available to the other party (the “Receiving Party”), whether orally, electronically or in physical form, confidential or proprietary information concerning the Disclosing Party and/or its business, products or services in connection with this Agreement (together, “Confidential Information”). Confidential Information of Customer includes, without limitation, business plans, health plan relationships, acquisition plans, systems architecture, information systems, technology, data, computer programs and codes, processes, methods, operational procedures, finances, budgets, policies and procedures, customer, employee, provider, member, patient and beneficiary information, claims information, vendor information (including agreements, software and products), product plans, projections, analyses, plans or results, the existence of any business dealings or agreements between Customer and Vendor, and any other information which is normally and reasonably considered confidential. Each party agrees that during the term of this Agreement and thereafter: (a) it will use Confidential Information belonging to the Disclosing Party solely for the purpose(s) of this Agreement; and (b) it will not disclose Confidential Information belonging to the Disclosing Party to any third party (other than the Receiving Party’s employees, contractors and/or professional advisors on a need-to-know basis who are bound by obligations of nondisclosure and limited use at least as stringent as those contained herein) without first obtaining the Disclosing Party’s written consent. Upon request by the Disclosing Party, the Receiving Party will return all copies of any Confidential Information to the Disclosing Party. Vendor hereby agrees that every individual person who performs under this Agreement shall execute the appropriate documents to undertake obligations of confidentiality consistent with the terms set forth herein. Vendor hereby agrees to provide evidence and/or copies of such duly executed documents to Customer upon request.
Section 3.2 Confidentiality Exclusions. For purposes hereof, Confidential Information will not include any information that the Receiving Party can establish by convincing written evidence: (a) was independently developed by the Receiving Party without use of or reference to any Confidential Information belonging to the Disclosing Party; (b) was acquired by the Receiving Party from a third party having the legal right to furnish same to the Receiving Party without disclosure restrictions; or (c) was at the time in question (whether at disclosure or thereafter) generally known by or available to the public (through no fault of the Receiving Party).
Section 3.3 Required Disclosures. These confidentiality obligations will not restrict any disclosure required by order of a court or any government agency, provided that the Receiving Party gives prompt notice to the Disclosing Party of any such order and reasonably cooperates with the Disclosing Party at the Disclosing Party’s request and expense to resist such order or to obtain a protective order.
Section 3.4 Customer Data. [***].
Section 3.5 Injunctive Relief. The parties acknowledge and agree that the disclosure of Confidential Information may result in irreparable harm for which there is no adequate remedy at law. The parties therefore agree that the Disclosing Party may be entitled to seek an injunction in the event the Receiving Party violates or threatens to violate the provisions of this Section 3, and that no bond will be required. This remedy will be in addition to any other remedy available at law or equity.
Section 3.6 HIPAA and GLBA. Vendor understands and acknowledges that Exhibit D (HIPAA and GLBA) attached hereto will apply in the event Vendor provides Services to Customer pursuant to which Vendor has access to, receives from, creates, or receives on behalf of Customer Protected Health Information, or Vendor has access to, creates, receives, maintains or transmits on behalf of Customer Electronic Protected Health Information (as those terms are defined under the privacy or security regulations issued pursuant to the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and Subtitle D of the Health Information Technology for Economic and Clinical Health Act provisions of the American Recovery and Reinvestment Act of 2009 (“ARRA”)), and/or nonpublic personal information, as defined under the Gramm-Leach-Bliley Act and implementing regulations (“GLBA”), during the performance of its obligations under this Agreement.
Customer Confidential | Page 4 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
Section 3.7 EU Data Protection. If the Services involve the creation, processing, retention, deletion, use or disclosure of personal data (as that term is defined under the EU Data Protection Directive), including of Customer employees and other individuals (“Personal Data”), then Vendor will comply, and will require that its personnel and subcontractors comply, with all applicable requirements of the EU Data Protection Directive, including, without limitation, ensuring that transfers of Personal Data to third countries are made only in accordance with the following: (a) the transfer is to a jurisdiction deemed by the European Commission to have an adequate level of protection; (b) the transfer is subject to contractual provisions approved by the European Commission such as, by way of example only, the Standard Contractual Clauses attached as Exhibit E, which the parties hereby adopt and incorporate into this Agreement by this reference; or (c) pursuant to a framework deemed adequate and approved by the European Commission. For purposes of this Agreement, the “EU Data Protection Directive” means Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and any legislation implementing or revising such directive in applicable EU member states.
Section 3.8 Customer IT Systems Security. Vendor acknowledges and agrees that its access to Customer’s information technology systems will be subject to the provisions of Exhibit F (Security).
Section 4. Work Product and Customer Property
Section 4.1 [***].
Section 4.2 Customer Property. [***].
Section 4.3 Residual Knowledge. Nothing contained in this Agreement will restrict a party from the use of any general ideas, concepts, know-how, methodologies, processes, technologies, algorithms or techniques retained in the unaided mental impressions of such party’s personnel relating to the Services which either party, individually or jointly, develops or discloses under this Agreement, provided that in doing so such party does not breach its obligations under Section 3 or infringe the intellectual property rights of the other party or third parties who have licensed or provided materials to the other party.
Section 5. Representations and Warranties; Compliance with Laws
Section 5.1 General Warranties. Vendor represents and warrants to Customer that: (a) it is duly incorporated and validly existing under applicable laws and in good standing in applicable business locations as required; (b) it has all necessary right, title, license and authority to enter into and perform its obligations under this Agreement; (c) Vendor has appropriate agreements with its employees and Customer-approved subcontractors to allow it to provide the Services in accordance with the terms of this Agreement; and (d) the person signing this Agreement (including each attachment) on behalf of Vendor has full authority to bind Vendor to the terms and conditions hereof.
Customer Confidential | Page 5 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
Section 5.2 Performance Warranties. Vendor represents and warrants to Customer that: (a) the Services performed and the work created under this Agreement will conform with all applicable laws, industry standards and Customer’s instructions and specifications; (b) Vendor will provide the Services in a workmanlike, professional, and ethical manner; (c) the Services performed and the Work Product created under this Agreement will not infringe the copyrights, patents, trade secrets or other intellectual property or other rights of any third party; (d) performing the Services will not conflict with any other agreements to which Vendor is a party; and (e) Vendor will not use any of its own proprietary materials in the Work Product without Customer’s prior written permission and an appropriate perpetual license to Customer.
Section 5.3 Viruses; Disabling Codes. Vendor warrants that any and all computer code and/or software created or modified for, or otherwise supplied to Customer: (A) contains only what is stated in the documentation provided; (B) is free of any open source code, spyware, and any master access key (ID, password, trap door, trojan horse, back door, etc.) to the system, and (C) immediately prior to its delivery to Customer, has been checked for and deemed free of any and all computer viruses and/or other destructive code using a regularly updated, industry-standard software package designed for such purpose (for example, the most current version of Symantec Norton Antivirus) and has been inspected by Vendor’s authorized personnel. In the event any computer code and/or software created or modified for, or otherwise supplied to Customer contains destructive code, then, in addition to any other remedies available to Customer, at Customer’s request, Vendor will, at no cost to Customer:
(1) restore to the fullest extent possible any and all data lost by Customer as a result of the destructive code, and
(2) provide and install a new copy of the computer code and/or software without the presence of destructive code.
Section 5.4 Pass-Through of Third Party Warranties. If third party software or hardware is acquired hereunder, Vendor agrees to pass through to Customer all warranties from such third party software vendors, in addition to the warranties provided in this Agreement.
Section 5.5 Additional Warranties; Disclaimer. Other warranties pertaining to the services or deliverables may be set forth in an applicable Statement of Work. OTHER THAN AS PROVIDED IN THIS AGREEMENT OR ANY STATEMENT OF WORK, THERE ARE NO EXPRESS WARRANTIES AND THERE ARE NO IMPLIED WARRANTIES, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
Section 5.6 Compliance with Laws. Vendor shall comply with all applicable federal, state, county, and local laws, orders, rules, ordinances, regulations, and codes, including without limitation Vendor’s obligations as an employer regarding the health, safety and payment of its employees. Vendor’s compliance shall also include identifying and procuring the required permits, certificates, approvals, and inspections in Vendor’s performance under this Agreement. In addition, Vendor certifies and represents its compliance with the federal laws set forth in Exhibit B, to the extent applicable. Vendor will promptly notify Customer of any change of status with regard to these certifications and representations. These certifications and representations are material statements of fact upon which Customer has relied with respect to this Agreement.
Section 5.7 Payment Card Industry. To the extent that Vendor, in the course of providing Services, stores, processes, transmits or otherwise obtains cardholder data, or performs any activities regulated by the Payment Card Industry (“PCI”) Security Standards Council, Vendor shall comply with the most current version of the PCI Data Security Standard, the PIN Transaction Security Standard, the Payment Application Data Security Standard, the Point-to-Point Encryption Solution Requirements and Testing Procedures, any other applicable program or requirement that is published and/or otherwise mandated by applicable card networks or the PCI Security Standards Council.
Section 5.8 Medicare Advantage. Vendor will comply with the terms of the Medicare Advantage Regulatory Requirements Appendix attached hereto as Exhibit H when performing administrative services or providing products under this Agreement that relate to Medicare Advantage Benefit Plans, as defined in Exhibit H (Medicare Advantage Regulatory Requirements Appendix).
Customer Confidential | Page 6 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
Section 5.9 Other Government Requirements. Vendor will comply with all applicable federal and state legal and regulatory requirements, including but not limited to those set forth in Exhibit I (Master Community & State Appendix) when performing services or providing products under this Agreement that relate to Medicaid and other state government regulated programs, and Exhibit J (Exchange Regulatory Appendix) when performing services or providing products under this Agreement that relate to public Exchanges (as defined in Exhibit J).
Section 5.10 Conflict of Interest.
(A) Vendor hereby represents and warrants to Customer that:
(1) There is no conflict of interest between Vendor’s other contracts, business relationships, revenue-sharing arrangements or other business activities, if any, and the Services to be provided to Customer pursuant to this Agreement, and Vendor will ensure that no such conflict arises during the term of this Agreement (which includes, but is in no way limited to, use of another’s confidential and proprietary information). Accordingly, Vendor agrees that it may not perform duties for any third party, if Vendor believes its duties to such third party may result in a conflict of interest relative to Vendor’s work for Customer, unless Vendor first notifies Customer in writing of the possible conflict of interest and obtains written consent from an authorized representative of Customer.
(2) Vendor will not use for the benefit of Customer any confidential information acquired from any third party and subject to a duty of confidentiality to such third party.
(3) Unless previously disclosed in writing to an authorized representative of Customer, (a) Vendor has not, for at least [***] before the Effective Date, acted as or been paid for services as a consultant, employee or in any other capacity, to any governmental entity with respect to procurement by such governmental entity of health insurance coverage or an administrative services agreement, or (b) participated in any capacity on behalf of a governmental entity in a decision-making capacity in connection with the procurement of health insurance coverage, administrative services agreement or any related services.
(B) Vendor agrees that during the term of this Agreement Vendor will not act as or be paid for services as a consultant for any governmental entity with respect to procurement of such governmental entity’s health insurance coverage or administrative services agreement. It is understood by the parties that Customer does not have the exclusive right to Vendor’s services.
Section 5.11 Utilization of MWVBE Suppliers. As used in this Agreement, “MWVBE Supplier” means a supplier who maintains a valid certification as a minority, women, or veteran (veteran, disabled veteran, service-disabled) business enterprise from any of the following organizations: (A) the National Minority Supplier Development Council (NMSDC), (B) the Women’s Business Enterprise National Council (WBENC), (C) the US Department of Veteran Affairs, or (D) any other third party certification organization approved in advance by Customer. Vendor agrees to provide MWVBE Suppliers with the maximum practicable opportunity to participate in any subcontracts or orders it may award in connection with this Agreement. Vendor will report on a quarterly basis, or as otherwise requested by Customer, the level of MWVBE Supplier participation in this Agreement.
Section 5.12 Additional Compliance Requirements. Vendor agrees to comply with the Anticorruption Policy and Vendor Code of Conduct, which may be found at http://www.unitedhealthgroup.com/suppliers/default.aspx?.
Section 6. Insurance
Section 6.1 Required Coverage. During the term of this Agreement, Vendor will obtain and maintain, at its sole cost and expense, the insurance in the types and minimum amounts outlined below or as required by applicable law, whichever is greater, and any such additional insurance necessary to insure against claims that may arise from or in connection with its obligations under this Agreement, whether such obligations are performed by or on behalf of the Vendor:
Customer Confidential | Page 7 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
Coverage Type | Minimum Limits of Liability |
Commercial General Liability | · [***] · [***] · [***] · [***] |
Worker’s Compensation | In accordance with the laws of the country, state, or province, or territory exercising jurisdiction over employees |
Employer’s Liability (including “Stop Gap” Liability where applicable) | · [***] · [***] · [***] |
Umbrella | · [***] · [***] |
Professional Liability / Errors & Omissions Liability | · [***] · [***] |
Cyber Liability | · [***] · [***] |
Section 6.2 Insurance Ratings. Subject to the Vendor’s right to self-insure coverage as set forth below, insurance shall be issued by insurance companies authorized to conduct business within the jurisdiction in which Services are provided, with a minimum A.M. Best rating of A- VII in the current edition of Best’s Key Rating Guide.
Section 6.3 Additional Insurance Requirements. In the event that any insurance required by this Agreement is written on a claims-made basis, such insurance will have a policy retroactive date that coincides with or predates the Effective Date. Vendor will continue coverage, through either policy renewals or the purchase of an extended reporting period for not less than [***], beginning at the time obligations under this Agreement have been completed. Commercial general liability will include Customer and its Affiliates as additional insured(s) with respect to liability arising out of the Services. Professional liability / errors and omissions liability will provide coverage for liability for loss or damage due to an act, error, omission, or negligence arising from the Services. Cyber liability insurance will provide coverage for liability for damages claimed by third parties arising from data destruction, extortion, theft, hacking, and denial of service attacks impacting Vendor’s operations. Vendor may arrange any required insurance under separate policies for the full minimum limits of liability required, or by a combination of underlying policies and an umbrella or excess liability policy. Any umbrella or excess liability insurance policy will be adequate to satisfy the insurance requirements of this Agreement. Vendor may, with Customer’s prior approval (which shall not be unreasonably withheld), elect to self-insure, in whole or in part, in the amounts and types of insurance required herein. Vendor will (i) maintain a separate reserve or trust for its self- insurance, (ii) provide to Customer a copy of the most recent evaluation of its self-insurance funds prepared by an independent actuary, (iii) warrant that its self-insurance fund will comply with applicable laws and regulations, and (iv) fund its self-insurance funds in accordance with the recommendations of the independent actuary and assure that funds are available at all times to pay claims in the amounts required by this Section 6. The funding of deductibles and self-insured retentions, if any, maintained by Vendor are the sole responsibility of Vendor, including any deductibles or self-insured retentions applicable to claims involving Customer.
Section 6.4 Waiver of Subrogation. Except where prohibited by law, Vendor agrees to waive all rights of subrogation, including any rights of its insurers, against Customer and its Affiliates, under the commercial general liability, automobile liability, workers’ compensation, and employer’s liability coverage, with respect to losses, damages, claims, suits, or demands, however caused.
Section 6.5 Certificates of Insurance. On or before the Effective Date, and upon Customer’s request thereafter, Vendor will provide certificate(s) of insurance providing evidence that Vendor has complied with the insurance requirements set forth in this Agreement. Vendor will give [***] prior written notice to Customer in the event of any cancellation of the insurance required hereunder.
Customer Confidential | Page 8 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
Section 6.6 Notices. In the case of loss or damage or other event involving Customer or its Affiliates that requires notice or other action under the terms of any insurance coverage specified in this Section 6, Vendor will be solely responsible to take such action. Vendor will provide Customer with contemporaneous notice and with such other information as Customer may request regarding the event.
Section 6.7 Subcontractors. Except to the extent (i) otherwise stated in this Agreement, or (ii) agreed by Customer in writing, Vendor shall require, in writing, that each subcontractor adhere to the same insurance requirements as outlined in this Agreement. Vendor may (1) insure any subcontractors under its own policies, or (2) modify the applicable subcontractor’s insurance requirements, with the agreement that any deficiencies in such policies shall be borne by Vendor.
Section 6.8 Limits of Liability. All insurance required of Vendor to provide coverage to Customer and its Affiliates as additional insureds [***]. Such additional insured coverage will apply to [***]. The availability or unavailability of insurance coverage shall not limit, modify or otherwise impact Vendor’s other obligations and liabilities under this Agreement. Vendor’s obligation to maintain the insurance stipulated in this Section 6 shall be in addition to, and not in lieu of, Vendor’s other obligations hereunder, and Vendor’s liability to Customer shall not be limited to the amount of coverage required hereunder. Vendor’s insurance will apply separately to each insured against whom a claim is made or lawsuit is brought, except with respect to the insurer’s limits of liability.
Section 7. Indemnification
To the maximum extent allowed by law, Vendor will defend, indemnify and hold harmless Customer and its directors, officers, employees, and agents (collectively, the “Indemnitees”), from and against any and all claims, losses, damages, suits, fees, judgments, costs and expenses (collectively referred to as “Claims”), including attorneys’ fees incurred in responding to such Claims, that the Indemnitees may suffer or incur arising out of or in connection with: (a) Vendor’s breach of warranty or damages due to Vendor’s negligence or willful misconduct; (b) any allegation that the Indemnitees’ use of any goods or services (including without limitation any computer code and Work Product) created for or provided to Customer in connection with this Agreement constitutes an infringement, contributory infringement or violation of any patent, copyright, trade secret, trademark, or other third party intellectual property right or a misappropriation of a trade secret or other personal rights of a third party; (c) any breach by Vendor of its: (i) confidentiality obligations; (ii) obligations to comply with laws; (iii) obligations under Exhibit D or Exhibit F (if applicable); or (iv) obligation to pay any compensation, fees, salary, bonuses, mandatory or fringe employee benefits, social security, taxes or other withholdings which are alleged to be owed in respect of any personnel or contractors of Vendor; (d) any personal injury (including death) or damage to property resulting from Vendor, Vendor personnel or its agents’ acts or omissions; and (e) Vendor’s introduction of any unauthorized material, including without limitation, a “computer virus” or other contaminant into Customer’s environment. The Indemnitees will give prompt notice of any Claim to Vendor, and Vendor will defend the Indemnitees at the Indemnitees’ request. Vendor may settle, at its sole expense, any Claim for which Vendor is responsible under this Section 7 provided that such settlement shall not limit, unduly interfere, or otherwise adversely affect the rights granted herein, Vendor’s obligations under this Agreement, or impose any additional liability or obligation on Customer or does not contain an unconditional and full release of the Indemnitees’ in respect of such Claim. Customer reserves the right to participate in the defense and/or settlement of any Claim. [***].
Section 8. Liability
Section 8.1 Waiver of Damages. SUBJECT TO SECTION 8.2, IN NO EVENT, WHETHER IN CONTRACT OR IN TORT (INCLUDING BREACH OF WARRANTY, NEGLIGENCE AND STRICT LIABILITY IN TORT), WILL A PARTY BE LIABLE FOR INDIRECT OR CONSEQUENTIAL, EXEMPLARY, PUNITIVE OR SPECIAL DAMAGES, EVEN IF SUCH PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES IN ADVANCE.
Customer Confidential | Page 9 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
Section 8.2 Exceptions; Cumulative Remedies. The limitations set forth in Section 8.1 will not apply with respect to: [***]. The remedies specified in this Agreement are cumulative and in addition to any remedies available at law or in equity.
Section 9. Organizational Resiliency and Force Majeure
Section 9.1 Resiliency Planning. Vendor will, at its sole expense, establish and maintain an organizational resilience program designed to protect physical, intangible, environmental and human assets critical to Vendor’s provision of the Services. Vendor’s organizational resilience program will identify and address significant hazards or threats that may impact the Services or Vendor’s critical assets. Vendor’s organizational resilience program will include, to the extent applicable, (i) risk assessments and controls, (ii) written business continuity plans for the Services and supporting facilities, (iii) written disaster recovery plans for critical technology and systems infrastructure, and (iv) corporate crisis management response protocols, as necessary to enable continued performance under this Agreement if any event (including a corporate crisis, technological accident, or human- caused event) should cause a material disruption of the Services or pose a significant threat to Vendor’s critical assets. Vendor’s organizational resilience program will be consistent with industry standards and best practices relevant to the healthcare industry, with any standards imposed on Vendor or Customer by a relevant regulatory authority, and with the specific requirements (if any) set forth in the applicable Statement of Work. Vendor will provide its organizational resilience program documentation (or relevant components thereof) to Customer for review at Customer’s request, within [***] of Customer’s request. In addition, Vendor will make available for discussion its personnel who are responsible for the organizational resilience program. Statements of Work under this Agreement may specify different obligations with respect to Vendor’s organizational resilience program or specific aspects of that program. These different obligations will apply to the Services or products provided under the applicable Statement of Work only, and will not be construed to apply to any other Statement of Work.
Section 9.2 Testing; Resiliency Reviews. Vendor will periodically update relevant components of its organizational resilience program to address changes to Vendor’s critical assets, the Services, and relevant regulatory requirements or private sector standards for organizational resiliency and corporate preparedness. In addition, Vendor will test the operability of all components of its organizational resilience program at least [***] (and more frequently, if required under a Statement of Work or under the terms of the relevant business continuity plan or disaster recovery plan) to confirm that such plans are fully operational. Vendor will functionally test disaster recovery plans for critical technology and systems infrastructure at least [***] and provide the results of such test to Customer at its request. At Customer’s request, Vendor will certify to Customer in writing that all components of Vendor’s organizational resilience program (specifically including business continuity plans and disaster recovery plans) are fully operational. At Customer’s request (no more than [***]), Vendor will participate in a resiliency review and will meet with Customer and provide Customer with all information (including detailed business continuity plans and disaster recovery plans) reasonably necessary for Customer to review Vendor’s organizational resilience program. If at any time Customer reasonably determines that Vendor is materially non-compliant with the organizational resiliency requirements set forth herein or in the applicable Statement of Work, or if Vendor fails to meet its obligations with respect to testing, certification, or participation in the resiliency review [***].
Customer Confidential | Page 10 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
Section 9.3 Implementation of Resiliency Plans. Upon the occurrence of any event that disrupts the provision of Services, Vendor will promptly implement the relevant components of its organizational resilience program (including relevant business continuity plans and disaster recovery plans) and will restore the disrupted Services within the earliest of: (a) the timeframes required in the relevant recovery/continuity plan, (b) the timeframes required in the applicable Statement of Work or elsewhere in this Agreement, or (c) otherwise as necessary to continue to meet applicable Service Levels. Vendor will not increase its charges or charge Customer any usage fees with respect to the implementation of any component of Vendor’s organizational resilience program. Whenever any event, including a Force Majeure Event, causes Vendor to allocate limited resources between or among Vendor’s customers, Vendor will not give any other customers priority over Customer, subject to the Service Levels or recovery time objectives set forth in this Agreement and any applicable Statement of Work.
Section 9.4 Force Majeure.
(A) As used in this Agreement, a “Force Majeure Event” means an act of God, riot, civil disorder, or any other similar event beyond the reasonable control of a party, provided that the event is not caused, directly or indirectly, by such party. Notwithstanding the foregoing, no event will be considered a Force Majeure Event if and to the extent that the nonperforming party could have (1) prevented the event (or any resulting defaults or delays in performance) by taking reasonable precautions, or (2) circumvented the event (or any resulting defaults or delays in performance) through the use of alternate sources, workaround plans or other means (in the case of Vendor, including by meeting its obligations with respect to developing, maintaining and implementing an organizational resilience program as described in this Section 9 or an applicable Statement of Work).
(B) Subject to Section 9.5, in the case of a Force Majeure Event the nonperforming party will be excused from further performance or observance of the obligation(s) so affected for as long as such circumstances prevail and such party continues to use commercially reasonable efforts to recommence performance to whatever extent possible without delay. Any party so delayed in its performance will promptly notify the party to whom performance is due by telephone and in writing and will describe at a reasonable level of detail the circumstances causing such default or delay.
Section 9.5 Alternate Source; Termination Rights.
(A) With respect to Critical Services (as defined below), if the performance of all or a portion of such Critical Services is prevented or delayed (including by a Force Majeure Event) for more than [***], then Customer may procure such Services from an alternate source [***]. As used in this Agreement, “Critical Services” means those specific Services identified in the applicable Statement of Work as “critical,” [***]. The timeframes set forth in this paragraph may, for any or all components of the Services, be superseded by more specific requirements set forth in the applicable Statement of Work.
(B) With respect to Non-Critical Services (as defined below), if the performance of all or a portion of such Non-Critical Services is prevented or delayed (including by a Force Majeure Event) for more than [***], then Customer may procure such Services from an alternate source[***]. As used in this Agreement, “Non-Critical Services” means all Services that are not Critical Services. The timeframes set forth in this paragraph may, for any or all components of the Services, be superseded by more specific requirements set forth in the applicable Statement of Work.
(C) If the performance of any Services is prevented or delayed (including by a Force Majeure Event) for more than [***] (in the case of Critical Services) or [***] (in the case of Non-Critical Services), then Customer will have the option to terminate this Agreement or any impacted Statement of Work [***]. The timeframes set forth in this paragraph may, for any or all components of the Services, be superseded by more specific requirements set forth in the applicable Statement of Work.
Customer Confidential | Page 11 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
Section 10. Term and Termination
Section 10.1 Agreement Term and Termination. This Agreement shall commence and be effective as of the date above and shall continue until (a) terminated by Customer at any time with or without cause, upon written notice to Vendor without any charge, liability, or obligation whatsoever, except for payment for Services performed by Vendor specified in a SOW but not yet paid for by Customer; or (b) terminated by either party if the other party materially breaches or defaults on any of the provisions of this Agreement, and such breach is not cured within [***] after the breaching party receives written notice. Termination of this Agreement shall not impact any signed SOWs then in effect, which shall continue in effect until completed or otherwise terminated under Section 10.2 or Section 10.3, and shall be governed by the terms of this Agreement while in effect.
Section 10.2 SOW Termination for Convenience. The term of an SOW shall be as outlined thereunder. Upon [***] Customer may, for its own convenience and with or without cause, terminate any SOW, in whole or in part, without any charge, liability or obligation whatsoever except for payment for Services performed by Vendor but not yet paid for by Customer.
Section 10.3 SOW Termination for Cause. If either party materially breaches or defaults on any of the provisions of any SOW, and such breach is not cured within [***] after the breaching party receives written notice, then in addition to all other rights and remedies of law or equity or otherwise, the injured party shall have the right to terminate any SOW(s) impacted by such breach without any obligation or liability, at any time thereafter.
Section 10.4 Termination for Change of Control. Notwithstanding anything to the contrary in this Agreement or SOW, Customer may terminate this Agreement and/or a SOW without further liability, upon [***] in the event of a Change of Control of Vendor. For purposes of this Agreement, “Change in Control” means (a) the acquisition by any person, entity or group, within the meaning of Section 13(d)(3) or 14(d)(2) of the Securities Exchange Act of 1934, as amended (the “Exchange Act”), of beneficial ownership (as defined in the Exchange Act) of 20% or more of the outstanding shares of common stock of Vendor or the combined voting power of Vendor’s then-outstanding voting securities in a single transaction or series of related transactions; (b) a change in 50% or more of the directors of Vendor in any 12 month period; (c) a reorganization, merger, consolidation or share exchange in which the shareholders of Vendor immediately prior to such transaction hold less than 51% of the outstanding shares of Vendor after such transaction; (d) the sale (in a single transaction or a series of related transactions) of either: (i) all or substantially all of the assets of Vendor, or (ii) the assets which are provided to Customer hereunder or used to provide Services to Customer hereunder; or (e) the first purchase under any tender offer or exchange offer pursuant to which shares of Vendor common stock or other voting securities are purchased.
Section 10.5 Insolvency. Either party will have the right to immediately, or with such written notice as such party deems reasonable, terminate this Agreement and any SOWs in the event the other party: (a) ceases to do business as a going concern; (b) becomes subject to any bankruptcy or insolvency proceeding under federal or state statute (and if the proceeding is involuntary, it is not dismissed within 60 days of its commencement); (c) becomes insolvent or becomes subject to direct control by a trustee, receiver or similar authority; (d) has wound up, dissolved or liquidated, voluntarily or otherwise; (d) makes a general assignment for the benefit of its creditors; or (e) takes any action authorizing or in furtherance of any of the foregoing.
Section 10.6 Effect of Termination. Upon expiration or termination of this Agreement (or any SOW, as applicable) each party shall, upon the request of the other: (a) return all papers, materials and properties of the other held by such party; and (b) provide reasonable assistance in the termination of this Agreement, as may be necessary for the orderly, non-disrupted business continuation of each party. In no event will Vendor inhibit in any way Customer’s attempt to effect a smooth transition. At Customer’s option, upon termination of this Agreement or a Statement of Work for any reason, Vendor will: (1) certify to Customer in writing that all Confidential Information of Customer has been returned or destroyed, as required under this Agreement [***].
Customer Confidential | Page 12 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
Section 10.7 Survival. Customer and Vendor’s respective obligations hereunder which by their nature would continue beyond the termination of this Agreement or expiration of any SOW, shall survive. This includes, by way of example but not limited to, the obligations provided under the Sections or Exhibits with the following headings: "CONFIDENTIALITY", “INDEMNIFICATION", any warranty by Vendor, Exhibit D (HIPAA and GLBA), Exhibit H (Medicare Advantage Regulatory Requirements Appendix), Exhibit I (Master Community & State Appendix), and Exhibit J (Exchange Regulatory Appendix).
Section 11. Assignment; Divestiture.
Vendor may not assign this Agreement or any SOW, or any of Vendor’s rights (except the right to receive payments hereunder) or duties under this Agreement, without the prior written consent of Customer. Any attempted assignment without Customer’s consent will be void. Customer may freely assign all or any part of this Agreement, without the consent of Vendor, either: (a) to an Affiliate; or (b) incidental to a sale, transfer or other disposition by Customer or an Affiliate of all or substantially all of the assets of that component of Customer’s business or its Affiliate's business having the benefit of the goods and/or services under this Agreement. In the event Customer either: (a) acquires any entity which has entered into an Agreement with Vendor, or (b) acquired any goods or services from Vendor under a separate agreement within any twelve (12) months prior to the Effective Date, Vendor shall in both cases, upon Customer notice, execute any documents necessary to allow such goods and services to be governed by this Agreement, and any price adjustments shall be made immediately on a go forward basis. All benefits under this Agreement shall accrue and inure to each party's valid and legal heirs, successors and assigns. From time to time, Customer (or its Affiliates) may divest some or all interests in certain business units or Affiliates. Following the divestiture, at Customer’s request, Vendor will continue to provide Services to such divested business unit or entity under the terms of this Agreement and any applicable SOWs (including for the then-current charges) for 24 months, or any shorter period specified by Customer.
Section 12. Export Related to Services
Vendor shall not, absent proper authorization and licensing, if applicable, from all United States agencies having jurisdiction, including without limitation the United States Bureau of Industry and Security (United States Department of Commerce) and the United States Department of State, and from any other relevant jurisdiction that requires any license or other government approval, Export any Item in the course of performing the Services hereunder. Customer makes no representations as to whether or under what conditions any Item supplied by Customer may be Exported. For purposes of this Section, “Item” means any data, technology, commodity or other item, including without limitation, computer software, computer hardware, or telecommunications hardware or software or encryption device or algorithm, and “Export” means “export,” “release,” or “reexport,” as those terms are defined in 15 Code of Federal Regulations §734.2(b), as such regulation may be amended and in effect from time to time.
Section 13. Record Keeping and Audit
Vendor agrees to maintain accurate and complete records relating to the provision of Services under this Agreement. If Vendor has a formal records management program which includes a documented and compliant records retention schedule (based on applicable federal, state and industry recordkeeping requirements) and a corresponding employee training program, during the term of this Agreement and for [***] following the expiration or termination of this Agreement, Vendor will apply records retention practices in the normal course of business according to the retention periods set forth in Vendor’s records retention schedule. If Vendor does not maintain a documented and compliant records retention schedule, then Vendor will maintain records relating to the provision of Services under this Agreement for a period of [***] from the creation of the applicable record, except to the extent that Customer may require a longer or shorter retention period for specific categories of records. Vendor agrees that, during the term of this Agreement and for a period of [***] after the expiration or termination of this Agreement or the applicable Statement of Work, as appropriate, Customer or its designee(s) may, at any time upon not less than [***] notice to Vendor, (i) examine the books and records of Vendor (and its subcontractors hereunder, if any) related to Vendor’s and any of its subcontractors’ performance under this Agreement, and (ii) verify the integrity of Customer data and examine the systems that process, store, secure, support, and transmit that data (“Audit”). Vendor will cooperate fully, and cause its subcontractors to cooperate fully, with any such Audit(s) and will provide all books, records, data and other documentation reasonably requested by Customer. Customer may make copies of such documentation. The Audit(s) will be conducted during normal business hours, and at Customer’s expense; provided however if such Audit reveals overcharges to Customer, Vendor will bear the cost of such Audit.
Customer Confidential | Page 13 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
Section 14. Entire Agreement; Order of Precedence.
This Agreement contains the entire understanding of the parties and may be amended only by a writing signed by the parties. This Agreement (including its Exhibits), and any SOWs placed hereunder shall constitute the entire agreement between Customer and Vendor. In the event of a conflict between the terms and conditions of this Agreement and the terms and conditions of any Statement of Work, the terms and conditions of this Agreement will control, unless the Statement of Work makes specific reference to the Section of this Agreement that is to be amended in the Statement of Work. Any exceptions expressly agreed upon in writing by Customer (or an applicable Affiliate) and Vendor under a particular Statement of Work will apply only for purposes of that Statement of Work, and will not be deemed to in any way amend, modify, cancel, or waive the provisions of this Agreement or any other Statement of Work. Notwithstanding the foregoing, no Statement of Work or any provision thereof will be effective to: (A) decrease any limitation of liability, reduce the scope of recoverable damages, or restrict or eliminate exceptions to the limitation of liability; (B) expand, eliminate or restrict the scope of any indemnity obligations set forth in this Agreement or any Exhibit hereto; or (C) waive, settle or resolve any claims or disputes between the Parties. Any amendment or modification to this Agreement or any duly executed SOW hereunder shall not be valid, enforceable, or binding on the parties unless such amendment or modification (a) is a written instrument duly executed by the authorized representatives of both parties and (b) references this Agreement and any SOW, if applicable, and identifies the specific sections contained therein which are amended or modified. No amendment or modification shall adversely affect vested rights or causes of action that have accrued prior to the effective date of such amendment or modification. The terms and conditions of the Exhibits and any SOW hereunder are integral parts of this Agreement and are fully incorporated herein by this reference. No conflicting or supplemental pre-printed provisions on Vendor and Customer forms (including without limitation shrink wrap terms, terms on purchase orders or invoices) shall be binding on the parties.
Section 15. Choice of Law/Venue
This Agreement and the rights and obligations of the parties hereunder shall be construed in accordance with and governed by the laws of the State of Minnesota, excluding its conflict of laws principles and excluding the Uniform Computer Information Transactions Act (UCITA) as may be enacted, amended, or modified by the various states. The parties hereby agree that the United Nations Convention on Contracts for the International Sale of Goods will not apply to this Agreement or any related transaction between the parties. The parties irrevocably and unconditionally consent to venue in Hennepin County, Minnesota (and hereby waive any claims of forum non conveniens with respect to such venue) and to the non-exclusive jurisdiction of competent Minnesota state courts in Hennepin County or federal courts in the District of Minnesota for all litigation which may be brought with respect to the terms of, and the transactions and relationships contemplated by, this Agreement. The parties further consent to the jurisdiction of any state court located within a district that encompasses assets of a party against which a judgment has been rendered for the enforcement of such judgment against the assets of such party.
Section 16. Use of Name and Publicity
Vendor will not have any right to use the names, logos, trademarks, trade names, or other marks of Customer or any of its Affiliates (collectively, the “Customer Marks”), including in connection with any advertising, sales promotions, press releases and other publicity matters, unless and until each use is approved in advance and in writing by the UnitedHealth Group Chief Communications Officer. Customer may withdraw its permission for Vendor to use any of the Customer Marks at any time at its sole discretion by giving written notice to Vendor.
Customer Confidential | Page 14 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
Section 17. Severability
If any provision of this Agreement is held to be invalid or unenforceable by a court of competent jurisdiction, then the remaining portions of this Agreement shall be construed as if not containing such provision, and all other rights and obligations of the parties shall be construed and enforced accordingly.
Section 18. Notices
All notices, approvals, waivers, and other communications under this Agreement (other than routine operational communications), will be in writing and will be deemed duly given (A) when delivered by hand, (B) one business day after being given to an express courier with a reliable system for tracking delivery, or (C) four business days after the date of mailing, when mailed by United States mail, registered or certified mail, return receipt requested, postage prepaid, and addressed as follows:
Notices to Customer: | Notices to Vendor: |
Attn: Legal Department | Attn: Jason Melton |
UnitedHealth Group | Innovation Specialists, LLC d/b/a 2nd.MD |
9900 Bren Road East | 1300 Post Oak Blvd., Suite 725 |
MN008-T502 | Houston, TX 77056 |
Minnetonka, MN 55343 | |
With a copy to: | With a copy to: |
Attn: Enterprise Sourcing & Procurement | Attn: Legal |
UnitedHealth Group | Innovation Specialists, LLC d/b/a 2nd.MD |
9900 Bren Road East | 1300 Post Oak Blvd., Suite 725 |
MN008-W240 | Houston, TX 77056 |
Minnetonka, MN 55343 |
Section 19. Non-Solicitation
During the term of this Agreement and for a period of [***] thereafter, neither Customer nor Vendor will directly or indirectly solicit or seek to procure (other than by general advertising) the employment of: (A) in the case of Customer, any Vendor employee engaged in the provision of the Services; and (B) in the case of Vendor, any Customer personnel.
Section 20. No Waiver
No waiver or failure to exercise any option, right, or privilege under the terms of this Agreement on any occasion or occasions shall be construed to be a waiver of the same or any other option, right or privilege on any other occasion.
Section 21. Third Party Beneficiaries.
This Agreement is entered into solely between, and may be enforced only by, Customer and Vendor. This Agreement will not be deemed to create any rights in third parties or to create any obligations of a party to any third parties, other than in and to Customer’s Affiliates receiving Services hereunder.
(SIGNATURE PAGE TO FOLLOW)
Customer Confidential | Page 15 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
ACCEPTED AND AGREED: | ||||
UNITED HEALTHCARE SERVICES, INC. | INNOVATION SPECIALISTS, LLC D/B/A 2ND.MD | |||
By: | /s/ Eric J Noyes | By: | /s/ Jason Melton | |
(Authorized Signature) | (Authorized Signature) | |||
Name: | Eric J Noyes | Name: | Jason Melton | |
(Print or Type) | (Print or Type) | |||
Title: | Sr. Director | Title: | Chief Executive Officer | |
Date: | 12/20/2016 | Date: | 12/20/2016 |
Customer Confidential | Page 16 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
EXHIBIT A
ORM OF STATEMENT OF WORK
STATEMENT OF WORK NO.
This is Statement of Work (“SOW”) No. to the MASTER SERVICES AGREEMENT dated etween: [***] (the “Agreement”),
United HealthCare Services, Inc., (“Customer”) on behalf of itself and its Affiliates; and
Innovation Specialists, LLC d/b/a 2nd.MD (“Vendor”). All capitalized terms not otherwise defined in this SOW will have the meanings assigned to them in the Agreement. Unless modified herein, all terms in the Agreement shall remain unchanged and in full force and effect.
1. | CUSTOMER SEGMENT(S) RECEIVING SERVICES: |
2. | PURPOSE AND HIGH-LEVEL SCOPE OF SERVICES: |
3. | DETAILED DESCRIPTION OF SERVICES: |
4. | PERSONNEL: |
5. | WORK PRODUCT/DELIVERABLES: |
6. | MILESTONES/DEADLINES: |
7. | FEES: [Select from Fixed-Bid or Time & Materials options below, delete both Option headings, text of non- choice and this note] |
Option1: Fixed-Bid
Based on the above tasks and assumptions, Vendor will perform the Services and provide the Work Product for a fixed price of [insert $] which will be invoiced [insert payment schedule].
If Customer terminates this SOW prior to delivery of all Work Product, the charges will be prorated at the time of termination and Customer agrees to pay for Services through the termination date. Applicable federal, state and local taxes are not included in the estimated charges.
Option 2: Time & Materials
Vendor will perform the Services and provide the Work Product at an hourly rate of [insert rate $]. Customer will be charged only for the actual hours provided by Vendor in performing the Services and providing the Work Product. Vendor estimates the total number of hours to complete the Services to be [insert # hours] for an estimated funding requirement of [insert $]. The total fees incurred by Customer under this SOW shall not exceed [insert same $ as estimated funding requirement] without Customer’s prior written consent.
If Customer terminates this SOW, Customer agrees to pay Vendor for actual hours worked by Vendor in performing the Services prior to the date of termination.
The terms and conditions contained in this SOW constitute the parties’ complete understanding and agreement relating to the subject matter hereof. Notwithstanding anything to the contrary in the Agreement or elsewhere, in the event of a conflict between this SOW and the Agreement, the Agreement will control. No other terms and conditions, beyond those contained herein, will be valid unless mutually agreed to by Customer and Vendor in a writing signed by authorized representatives of each party.
Customer Confidential | Page 17 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
ACCEPTED AND AGREED: | ||||
UNITED HEALTHCARE SERVICES, INC. | INNOVATION SPECIALISTS, LLC D/B/A 2ND.MD | |||
By: | By: | |||
(Authorized Signature) | (Authorized Signature) | |||
Name: | Name: | |||
(Print or Type) | (Print or Type) | |||
Title: | Title: | |||
Date: | Date: |
Customer Confidential | Page 18 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
EXHIBIT B
CERTIFICATE OF COMPLIANCE FOR CONTRACTORS AND SUPPLIERS
Vendor certifies and represents that it is, as of the Effective Date, and shall remain throughout the term of the Agreement in compliance with the following federal laws, to the extent applicable to Vendor and the Services:
1. | General. |
FAR Clause | Date | Title |
52.204-9 | Jan 2011 | Personal Identify Verification of Contractor Personnel |
52.222-21 | Feb 1999 | Prohibition of Segregated Facilities |
52.222-26 | Mar 2007 | Equal Opportunity |
52.222-35 | Sep 2010 | Equal Opportunity for Veterans |
52.222-36 | Oct 2010 | Affirmative Action for Workers with Disabilities |
52.222-37 | Sep 2010 | Employment Reports on Veterans |
52.222-40 | Dec 2010 | Notification of Employee Rights Under the National Labor Relations Act |
52.222-50 | Feb 2009 | Combating Trafficking in Persons |
52.223-18 | Aug 2011 | Encouraging Contractor Policies to Ban Text Messaging While Driving |
52.244-6 | Dec 2010 | Subcontracts for Commercial Items |
DFARS Clause | Date | Title |
252.204-7000 | Dec 1991 | Disclosure of Information |
2. | Contract Value > $150,000. |
If the total fees under the Agreement, including all SOWs executed pursuant to the Agreement, exceed an aggregate total of $150,000, then Vendor shall comply with the Laws listed in Section 1 above and the following:
FAR Clause | Date | Title |
52.219-8 | Jan 2011 | Utilization of Small Business Concerns |
3. | Contract Value > $5 Million. |
If the total fees under the Agreement, including all SOWs executed pursuant to the Agreement, exceed an aggregate total of $5,000,000, then Vendor shall comply with the Laws listed in Section 1 above and the following:
FAR Clause | Date | Title |
52.203-13 | Apr 2010 | Contractor Code of Business Ethics and Conduct |
4. | Equal Opportunity. |
This contractor and subcontractor shall abide by the requirements of 41 CFR 60- 1.4(a), 60-300.5(a) and 60-741.5(a). These regulations prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities, and prohibit discrimination against all individuals based on their race, color, religion, sex, or national origin. Moreover, these regulations require that covered prime contractors and subcontractors take affirmative action to employ and advance in employment individuals without regard to race, color, religion, sex, national origin, protected veteran status or disability.
To the extent applicable, the employee notice requirements set forth in 29 C.F.R. Part 471, Appendix A to Subpart A, are hereby incorporated by reference into this contract.
Customer Confidential | Page 19 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
EXHIBIT C
PRICE LIST
Consulting Services | Hourly Rate/Discount off List |
a. | Training | |
b. | Implementation/Installation | |
c. | Configuration | |
d. | Customization | |
e. | Other consulting |
Customer Confidential | Page 20 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
EXHIBIT D
HIPAA and GLBA
(BUSINESS ASSOCIATE AGREEMENT)
The parties hereby agree as follows:
1. | DEFINITIONS |
1.1 All capitalized terms used in this Exhibit not otherwise defined in this Exhibit have the meanings established in either the Agreement or for purposes of the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations, as amended and supplemented by HITECH, as each is amended from time to time (collectively, “HIPAA”). To the extent a term is defined in both the Agreement and in this Exhibit or in HIPAA, the definition in this Exhibit or in HIPAA, shall govern.
1.2 “Affiliate” shall have the meaning ascribed to it in the Agreement. If the term “Affiliate” is not defined in the Agreement, then “Affiliate” shall mean, for purposes of this Exhibit, any subsidiary of UnitedHealth Group Inc.
1.3 “Breach” means the acquisition, access, use or disclosure of PHI in a manner not permitted by the Privacy Rule that compromises the security or privacy of the PHI as defined, and subject to the exclusions set forth, in 45 C.F.R. § 164.402.
1.4 “Breach Rule” means the federal breach regulations, as amended from time to time, issued pursuant to HIPAA and codified at 45 C.F.R. Part 164 (Subpart D).
1.5 “Compliance Date” means the later of September 23, 2013 or the effective date of the Agreement.
1.6 “Electronic Protected Health Information” or “ePHI” means PHI that is transmitted or maintained in Electronic Media.
1.7 “HITECH” means Subtitle D of the Health Information Technology for Economic and Clinical Health Act provisions of the American Recovery and Reinvestment Act of 2009, 42 U.S.C. §§ 17921-17954, and all associated existing and future implementing regulations, when and as each is effective.
1.8 “PHI” means Protected Health Information, as defined in 45 C.F.R. § 160.103, and is limited to the Protected Health Information received from, or received, maintained, created or transmitted on behalf of, Customer (for itself and/or applicable Covered Entity customers) by Vendor in performance of the Services.
1.9 “Privacy Rule” means the federal privacy regulations, as amended from time to time, issued pursuant to HIPAA and codified at 45 C.F.R. Parts 160 and 164 (Subparts A & E).
1.10 “Security Rule” means the federal security regulations, as amended from time to time, issued pursuant to HIPAA and codified at 45 C.F.R. Parts 160 and 164 (Subparts A & C).
1.11 “Services” as used in this Exhibit, means, to the extent and only to the extent they involve the receipt, creation, maintenance, transmission, use or disclosure of PHI, the services provided by Vendor to Customer as set forth in the Agreement.
Customer Confidential | Page 21 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
2. | RESPONSIBILITIES OF VENDOR |
With regard to its use and/or disclosure of PHI, Vendor agrees to:
2.1 not use and/or further disclose PHI except as necessary to provide the Services, as permitted or required by this Exhibit, and in compliance with each applicable requirement of 45 C.F.R. § 164.504(e), or as otherwise Required by Law; provided that, to the extent Vendor is to carry out a Covered Entity’s obligations under the Privacy Rule, Vendor will comply with the requirements of the Privacy Rule that apply to that Covered Entity in the performance of those obligations.
2.2 implement and use appropriate administrative, physical and technical safeguards and, as of the Compliance Date, comply with applicable Security Rule requirements with respect to ePHI, to prevent use or disclosure of PHI other than as provided for by this Exhibit, including at a minimum, but in any event not limited to, any safeguards set forth in the Agreement or other applicable contracts or agreements between the parties. For the avoidance of doubt, the requirements set forth in the Agreement or other applicable contracts or agreements between the parties do not limit in any way whatsoever Vendor’s obligations under this Section 2.2 to comply with applicable Security Rule requirements.
2.3 without unreasonable delay, and in any event on or before [***] after its discovery by Vendor, report to Customer in writing: (i) any use or disclosure of PHI not provided for by this Exhibit of which it becomes aware in accordance with 45 C.F.R. § 164.504(e)(2)(ii)(C); and/or (ii) any Security Incident of which Vendor becomes aware in accordance with 45 C.F.R. § 164.314(a)(2)(i)(C).
2.4 without unreasonable delay, and in any event on or before [***] after its Discovery by Vendor, notify Customer of any incident that involves an unauthorized acquisition, access, use or disclosure of PHI, even if Vendor believes the incident will not rise to the level of a Breach. The notification shall include, to the extent possible, and shall be supplemented on an ongoing basis with: (i) the identification of all individuals whose Unsecured PHI was or is believed to have been involved; (ii) all other information required for or requested by Customer (or the applicable Covered Entity) to perform a risk assessment in accordance with 45 C.F.R. § 164.402 with respect to the incident to determine whether a Breach of Unsecured PHI occurred; and (iii) all other information reasonably necessary to provide notice to the applicable Covered Entities individuals, HHS and/or the media, all in accordance with the Breach Rule. Notwithstanding the foregoing, in Customer’s sole discretion and in accordance with its directions, and without limiting in any way any other remedy available to Customer at law, equity or contract, including but not limited to any rights or remedies the Customer may have under the Agreement, Vendor [***].
2.5 in accordance with 45 C.F.R. § 164.502(e)(1)(ii) and 45 C.F.R. § 164.308(b)(2), ensure that any subcontractors of Vendor that create, receive, maintain or transmit PHI on behalf of Vendor agree, in writing, to the same restrictions and conditions on the use and/or disclosure of PHI that apply to Vendor with respect to that PHI, including complying with the applicable Security Rule requirements with respect to ePHI; provided that, in any event Vendor shall require its subcontractors (and shall require those subcontractors to require their subcontractors) to report to Vendor any use or disclosure of PHI or Security Incident required to be reported under Sections 2.3 and 2.4 on or before [***] after its discovery by any of those subcontractors.
2.6 make available its internal practices, books and records relating to the use and disclosure of PHI to the Secretary for purposes of determining the applicable Covered Entity’s compliance with the Privacy Rule.
Customer Confidential | Page 22 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
2.7 document, and within [***] after receiving a written request from Customer, make available to Customer information necessary for Customer or its applicable Covered Entity customer to make an accounting of disclosures of PHI about an Individual or, when and as requested by Customer, make that information available directly to an Individual, all in accordance with 45 C.F.R. § 164.528 and, as of the later of the date compliance is required by final regulations or the effective date of the Agreement, 42 U.S.C. § 17935(c).
2.8 provide access to Customer, within [***] after receiving a written request from Customer, to PHI in a Designated Record Set about an Individual, or when and as requested by Customer, provide that access directly to an Individual, all in accordance with the requirements of 45 C.F.R. § 164.524, including as of the Compliance Date, providing or sending a copy to a designated third party and providing or sending a copy in electronic format in accordance with 45 C.F.R. § 164.524.
2.9 to the extent that the PHI in Vendor’s possession constitutes a Designated Record Set, make available, within [***] after a written request by Customer, PHI for amendment and incorporate any amendments to the PHI as requested by Customer, all in accordance with 45 C.F.R. § 164.526.
2.10 accommodate reasonable requests for confidential communications in accordance with 45 C.F.R. § 164.522(b), as requested by Customer or as directed by the Individual to whom the PHI relates.
2.11 notify Customer in writing within [***] after Vendor’s receipt directly from an Individual of any request for an accounting of disclosures, access to or amendment of PHI or for confidential communications as contemplated in Sections 2.7-2.10.
2.12 request, use and/or disclose only the minimum amount of PHI necessary to accomplish the purpose of the request, use or disclosure; provided, that Vendor shall comply with 45 C.F.R. §§ 164.502(b) and 164.514(d) as of the Compliance Date.
2.13 not directly or indirectly receive remuneration in exchange for any PHI as prohibited by 45 C.F.R. § 164.502(a)(5)(ii) as of the Compliance Date.
2.14 not make or cause to be made any communication about a product or service that is prohibited by 45 C.F.R. §§ 164.501 and 164.508(a)(3) as of the Compliance Date.
2.15 not make or cause to be made any written fundraising communication that is prohibited by 45 C.F.R. § 164.514(f) as of the Compliance Date.
2.16 mitigate, to the extent practicable, any harmful effect that is known to Vendor of a use or disclosure of PHI by Vendor that is not permitted by the requirements of this Exhibit.
2.17 comply with all applicable federal, state and local laws and regulations.
2.18 not use, transfer, transmit or otherwise send or make available, any PHI outside of the geographic confines of the United States of America without Customer’s advance written consent.
2.19 Government Program Requirements. To the extent that Vendor receives, uses or discloses PHI pertaining to Individuals enrolled in managed care plans through which Customer or one or more of its affiliates participate in government funded health care programs, receipt, use and disclosure of the PHI pertaining to those individuals shall comply with the applicable program requirements.
Customer Confidential | Page 23 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
2.20 Privacy and Safeguards for NPI. Vendor understands and acknowledges that to the extent it is a nonaffiliated third party under GLBA that creates or receives NPI from or on behalf of Customer or an Affiliate, Vendor and its authorized representatives: (i) shall not use or disclose NPI for any purpose other than to perform its obligations under the Agreement; (ii) shall implement appropriate administrative, technical, and physical safeguards designed to ensure the security and confidentiality of the NPI, protect against any anticipated threats or hazards to the security or integrity of the NPI and protect against unauthorized access to or use of the NPI that could result in substantial harm or inconvenience to any consumer; and (iii) shall, for as long as Vendor has NPI, provide and maintain appropriate safeguards for the NPI in compliance with this Exhibit and the GLBA.
3. | OTHER PERMITTED USES AND DISCLOSURES OF PHI |
Unless otherwise limited in this Exhibit, in addition to any other uses and/or disclosures permitted or required by this Exhibit, Vendor may:
3.1 use and disclose PHI, if necessary, for proper management and administration of Vendor or to carry out the legal responsibilities of Vendor, provided that the disclosures are Required by Law or any third party to which Vendor discloses PHI for those purposes provides written assurances in advance that: (i) the information will be held confidentially and used or further disclosed only for the purpose for which it was disclosed to the third party or as Required by Law; and (ii) the third party promptly will notify Vendor of any instances of which it becomes aware in which the confidentiality of the information has been breached.
4. | TERMINATION AND COOPERATION |
4.1 Termination. If Customer knows of a pattern or practice of Vendor that constitutes a material breach or violation of this Exhibit then Customer may provide written notice of the breach or violation to Vendor and Vendor must cure the breach or end the violation on or before [***] after receipt of the written notice. If Vendor fails to cure the breach or end the violation within the specified timeframe, Customer may terminate this Exhibit and the Agreement. Customer also may terminate this Exhibit and the Agreement to the extent that any of Customer’s applicable Covered Entity customers terminates its agreement with Customer.
4.2 Effect of Termination or Expiration. Within [***] after the expiration or termination for any reason (or to any extent) of the Agreement and/or this Exhibit, Vendor shall return or destroy all applicable PHI, if feasible to do so, including all applicable PHI in possession of Vendor’s subcontractors. To the extent return or destruction of the PHI is not feasible, Vendor shall notify Customer in writing of the reasons return or destruction is not feasible and, if Customer agrees, may retain the PHI subject to this Section 4.2. Under any circumstances, Vendor shall extend any and all protections, limitations and restrictions contained in this Exhibit to Vendor’s use and/or disclosure of any applicable PHI retained after the expiration or termination (to any extent) of the Agreement and/or this Exhibit, and shall limit any further uses and/or disclosures solely to the purposes that make return or destruction of the PHI infeasible.
4.3 Cooperation. Each party shall cooperate in good faith in all respects with the other party in connection with any request by a federal or state governmental authority for additional information and documents or any governmental investigation, complaint, action or other inquiry.
5. | MISCELLANEOUS |
5.1 Construction of Terms. The terms of this Exhibit to the extent they are unclear, shall be construed to allow for compliance by the applicable Covered Entity and Customer with HIPAA.
5.2 Survival. Sections 4.2, 4.3, 5.1, 5.2, and 5.3 shall survive the expiration or termination for any reason of the Agreement and/or of this Exhibit.
5.3 No Third Party Beneficiaries. Nothing in this Exhibit shall confer upon any person other than the parties and their respective successors or assigns, any rights, remedies, obligations or liabilities whatsoever.
Customer Confidential | Page 24 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
EXHIBIT E
STANDARD
CONTRACTUAL CLAUSES
Data Processing Agreement Supplemental Terms and Conditions (Standard Contractual Clauses (processors))
For the purposes of Article 26(2) of Directive 95/46/EC for the transfer of personal data to processors established in third countries which do not ensure an adequate level of data protection, these terms and conditions are entered into between
(i) United HealthCare Services, Inc., a Minnesota corporation with offices at 9900 Bren Road East, Minnetonka, MN 55343, on behalf of itself and its subsidiaries ("UHS") ("Data Exporter"), and
(ii) Innovation Specialists, LLC d/b/a 2nd.MD, with offices at 1300 Post Oak Blvd., Suite 725, Houston, Texas 77056 (the "Data Importer").
each a "Party", and together the "Parties"
Recitals
A | Data Importer provides services to UHS and or various of its subsidiaries outside the European Economic Area (EEA) (the "Services"). For the purpose of these Clauses, Data Importer is receiving Personal Data, as defined in Attachment 1, as part of the performance of services as a Data Importer, and UHS shall transfer Personal Data to Data Importer as Data Exporter. |
B | The Parties agree that all processing and movement of Personal Data, performed as part of or otherwise in connection with the Services shall be governed by these Clauses which are hereby incorporated into all agreements between the Data Importer and UHS or its subsidiaries and governing the Services, if any. |
C | The Parties have therefore agreed on the following Contractual Clauses (the "Clauses") in order to adduce adequate safeguards with respect to the protection of privacy and fundamental rights and freedoms of individuals for the transfer by the Data Exporter to the Data Importer of the Personal Data specified in Attachment 1. |
Customer Confidential | Page 25 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
Attachment 1
Processing of Personal Data
1. | DEFINITIONS |
For the purposes of this Attachment 1:
(a) | 'applicable data protection law' means the legislation protecting the fundamental rights and freedoms of individuals and, in particular, their right to privacy with respect to the Processing of Personal Data applicable to a Controller in the Member State in which the Data Exporter is established; |
(b) | 'Controller' means the natural or legal person, public authority, agency or any other body which alone or jointly with others determines the purposes and means of the processing of Personal Data; |
(c) | 'Data Exporter' means United HealthCare Services, Inc. (“data exporter”), on behalf of itself and its Affiliates; |
(d) | 'Data Importer' means Innovation Specialists, LLC d/b/a 2nd.MD; |
(e) | 'Directive' means Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the Processing of Personal Data and on the free movement of such data |
(f) | 'Personal Data' means any information relating to an identified or identifiable natural person ('Data Subject'); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity; |
(g) | 'Process/Processing', means any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction; |
(h) | 'Processor' means a natural or legal person, public authority, agency or any other body which processes Personal Data on behalf of the Controller; |
(i) | 'Special Categories of data' means Personal Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, health, sex life, criminal convictions, and actual or alleged criminal offences; |
(j) | 'Subprocessor' means any Processor engaged by the Data Importer or by any other Subprocessor of the Data Importer who agrees to receive from the Data Importer or from any other Subprocessor of the Data Importer Personal Data exclusively intended for Processing activities to be carried out on behalf of the Data Exporter after the transfer in accordance with his instructions, the terms of this Exhibit and the terms of the relevant written subcontract; |
(k) | 'Supervisory Authority' means a public authority responsible for monitoring the application within its territory of the provisions adopted by a Member State pursuant to the Directive; |
Customer Confidential | Page 26 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
(l) | 'technical and organisational security measures' means those measures aimed at protecting Personal Data against accidental or unlawful destruction or accidental loss, alteration, unauthorised disclosure or access, in particular where the Processing involves the transmission of data over a network, and against all other unlawful forms of Processing. |
2. | DETAILS OF THE TRANSFERS |
The details of the transfers of Personal Data are specified in Appendix 1 which forms an integral part of this Exhibit.
3. | THIRD-PARTY BENEFICIARY CLAUSE |
3.1 | The Data Subject can enforce against the Data Exporter this Clause, Clause 4(b) to (i), Clause 5(a) to (e), and (g) to (j), Clause 6.1 and 6.2, Clause 7, Clause 8.2, and Clauses 9 to 12 as third-party beneficiary. |
3.2 | The Data Subject can enforce against the Data Importer this Clause, Clause 5(a) to (e) and (g), Clause 6, Clause 7, Clause 8.2, and Clauses 9 to 12, in cases where the Data Exporter has factually disappeared or has ceased to exist in law unless any successor entity has assumed the entire legal obligations of the Data Exporter by contract or by operation of law, as a result of which it takes on the rights and obligations of the Data Exporter, in which case the Data Subject can enforce them against such entity. |
3.3 | The Data Subject can enforce against the Subprocessor this Clause, Clause 5(a) to (e) and (g), Clause 6, Clause 7, Clause 8.2, and Clauses 9 to 12, in cases where both the Data Exporter and the Data Importer have factually disappeared or ceased to exist in law or have become insolvent, unless any successor entity has assumed the entire legal obligations of the Data Exporter by contract or by operation of law as a result of which it takes on the rights and obligations of the Data Exporter, in which case the Data Subject can enforce them against such entity. Such third-party liability of the Subprocessor shall be limited to its own Processing operations under this Exhibit. |
3.4 | The parties do not object to a Data Subject being represented by an association or other body if the Data Subject so expressly wishes and if permitted by national law. |
4. | OBLIGATIONS OF THE DATA EXPORTER |
The Data Exporter agrees and warrants:
(a) | that the Processing, including the transfer itself, of the Personal Data has been carried out in accordance with the relevant provisions of the applicable data protection law (and, where applicable, has been notified to the relevant authorities of the Member State where the Data Exporter is established) and does not violate the relevant provisions of that State; |
(b) | that it has instructed and throughout the duration of the Personal Data Processing services will instruct the Data Importer to Process the Personal Data transferred only on the Data Exporter's behalf and in accordance with the applicable data protection law and this Exhibit; |
(c) | that the Data Importer will provide sufficient guarantees in respect of the technical and organisational security measures specified in Appendix 2 to this contract; |
(d) | that after assessment of the requirements of the applicable data protection law, the security measures are appropriate to protect Personal Data against accidental or unlawful destruction or accidental loss, alteration, unauthorised disclosure or access, in particular where the Processing involves the transmission of data over a network, and against all other unlawful forms of Processing, and that these measures ensure a level of security appropriate to the risks presented by the Processing and the nature of the data to be protected having regard to the state of the art and the cost of their implementation; |
Customer Confidential | Page 27 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
(e) | that it will ensure compliance with the security measures; |
(f) | that, if the transfer involves Special Categories of data, the Data Subject has been informed or will be informed before, or as soon as possible after, the transfer that its data could be transmitted to a third country not providing adequate protection within the meaning of the Directive; |
(g) | to forward any notification received from the Data Importer or any Subprocessor pursuant to Clause 5(b) and Clause 8.3 to the Supervisory Authority if the Data Exporter decides to continue the transfer or to lift the suspension; |
(h) | to make available to the Data Subjects upon request a copy of this Exhibit, with the exception of Appendix 2, and a summary description of the security measures, as well as a copy of any contract for subprocessing services which has to be made in accordance with this Exhibit, unless this Appendix 1 or the Agreement contain commercial information, in which case it may remove such commercial information; |
(i) | that, in the event of subprocessing, the processing activity is carried out in accordance with Clause 11 by a Subprocessor providing at least the same level of protection for the Personal Data and the rights of the Data Subject as the Data Importer under this Exhibit; and |
(j) | that it will ensure compliance with Clause 4(a) to (i). |
5. | OBLIGATIONS OF THE DATA IMPORTER |
The Data Importer agrees and warrants:
(a) | to Process the Personal Data only on behalf of the Data Exporter and in compliance with its instructions and this Exhibit; if it cannot provide such compliance for whatever reasons, it agrees to inform promptly the Data Exporter of its inability to comply, in which case the Data Exporter is entitled to suspend the transfer of data and/or terminate the Agreement; |
(b) | that it has no reason to believe that the legislation applicable to it prevents it from fulfilling the instructions received from the Data Exporter and its obligations under the Agreement and that in the event of a change in this legislation which is likely to have a substantial adverse effect on the warranties and obligations provided by this Exhibit, it will promptly notify the change to the Data Exporter as soon as it is aware, in which case the Data Exporter is entitled to suspend the transfer of data and/or terminate the Agreement; |
(c) | that it has implemented the technical and organisational security measures specified in Appendix 2 before Processing the Personal Data transferred; |
(d) | that it will promptly notify the Data Exporter about: |
(i) | any legally binding request for disclosure of the Personal Data by a law enforcement authority unless otherwise prohibited, such as a prohibition under criminal law to preserve the confidentiality of a law enforcement investigation; |
(ii) | any accidental or unauthorised access; and |
(iii) | any request received directly from a Data Subject without responding to that request, unless it has been otherwise authorised to do so; |
Customer Confidential | Page 28 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
(e) | to deal promptly and properly with all inquiries from the Data Exporter relating to its Processing of the Personal Data subject to the transfer and to abide by the advice of the Supervisory Authority with regard to the Processing of the data transferred; |
(f) | at the request of the Data Exporter to submit its data Processing facilities for audit of the Processing activities covered by this Exhibit which shall be carried out by the Data Exporter or an inspection body composed of independent members and in possession of the required professional qualifications bound by a duty of confidentiality, selected by the Data Exporter, where applicable, in agreement with the Supervisory Authority; |
(g) | to make available to the Data Subject upon request a copy of this Exhibit, or any existing contract for subprocessing, unless this Exhibit or the contract contain commercial information, in which case it may remove such commercial information, with the exception of Appendix 2 which shall be replaced by a summary description of the security measures in those cases where the Data Subject is unable to obtain a copy from the Data Exporter; |
(h) | that, in the event of subprocessing, it has previously informed the Data Exporter and obtained its prior written consent; |
(i) | that the Processing services by the Subprocessor will be carried out in accordance with Clause 11; and |
(j) | to send promptly a copy of any Subprocessor agreement it concludes under this Exhibit to the Data Exporter. |
6. | Liability |
6.1 | The parties agree that any Data Subject, who has suffered damage as a result of any breach of the obligations referred to in Clause 3 or in Clause 11 by any party or Subprocessor is entitled to receive compensation from the Data Exporter for the damage suffered. |
6.2 | If a Data Subject is not able to bring a claim for compensation in accordance with paragraph 6.1 against the Data Exporter, arising out of a breach by the Data Importer or its Subprocessor of any of their obligations referred to in Clause 3 or in Clause 11, because the Data Exporter has factually disappeared or ceased to exist in law or has become insolvent, the Data Importer agrees that the Data Subject may issue a claim against the Data Importer as if it were the Data Exporter, unless any successor entity has assumed the entire legal obligations of the Data Exporter by contract or by operation of law, in which case the Data Subject can enforce its rights against such entity. |
6.3 | The Data Importer may not rely on a breach by a Subprocessor of its obligations in order to avoid its own liabilities. |
6.4 | If a Data Subject is not able to bring a claim against the Data Exporter or the Data Importer referred to in paragraphs 6.1 and 6.2, arising out of a breach by the Subprocessor of any of their obligations referred to in Clause 3 or in Clause 11 because both the Data Exporter and the Data Importer have factually disappeared or ceased to exist in law or have become insolvent, the Subprocessor agrees that the Data Subject may issue a claim against the Subprocessor with regard to its own processing operations under this Exhibit as if it were the Data Exporter or the Data Importer, unless any successor entity has assumed the entire legal obligations of the Data Exporter or Data Importer by contract or by operation of law, in which case the Data Subject can enforce its rights against such entity. The liability of the Subprocessor shall be limited to its own processing operations under this Exhibit. |
Customer Confidential | Page 29 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
the Data Subject can enforce its rights against such entity. The liability of the Subprocessor shall be limited to its own processing operations under this Exhibit.
7. | Mediation and jurisdiction |
7.1 | The Data Importer agrees that if the Data Subject invokes against it third-party beneficiary rights and/or claims compensation for damages under this Exhibit, the Data Importer will accept the decision of the Data Subject: |
(a) | to refer the dispute to mediation, by an independent person or, where applicable, by the supervisory authority; |
(b) | to refer the dispute to the courts in the Member State in which the Data Exporter is established. |
7.2 | The parties agree that the choice made by the Data Subject will not prejudice its substantive or procedural rights to seek remedies in accordance with other provisions of national or international law. |
8. | CO-OPERATION WITH SUPERVISORY AUTHORITIES |
8.1 | The Data Exporter agrees to deposit a copy of this contract with the Supervisory Authority if it so requests or if such deposit is required under the applicable data protection law. |
8.2 | The parties agree that the Supervisory Authority has the right to conduct an audit of the Data Importer and of any Subprocessor which has the same scope and is subject to the same conditions as would apply to an audit of the Data Exporter under the applicable data protection law. |
8.3 | The Data Importer shall promptly inform the Data Exporter about the existence of legislation applicable to it or any Subprocessor preventing the conduct of an audit of the Data Importer, or any Subprocessor, pursuant to paragraph 8.2. In such a case the Data Exporter shall be entitled to take the measures foreseen in Clause 5(b). |
9. | GOVERNING LAW |
This Exhibit shall be governed by English law.
10. | VARIATION OF CONTRACT |
The parties undertake not to vary or modify this Exhibit. This does not preclude the parties from adding clauses on business-related issues where required as long as they do not contradict the Exhibit.
11. | SUBPROCESSING |
11.1 | The Data Importer shall not subcontract any of its Processing operations performed on behalf of the Data Exporter under this Exhibit without the prior written consent of the Data Exporter. Where the Data Importer subcontracts its obligations under this Exhibit, with the consent of the Data Exporter, it shall do so only by way of a written agreement with the Subprocessor which imposes the same obligations on the Subprocessor as are imposed on the Data Importer under this Exhibit. Where the Subprocessor fails to fulfil its data protection obligations under such written agreement the Data Importer shall remain fully liable to the Data Exporter for the performance of the Subprocessor's obligations under such agreement. |
11.2 | The prior written contract between the Data Importer and the Subprocessor shall also provide for a third- party beneficiary clause as laid down in Clause 3 for cases where the Data Subject is not able to bring the claim for compensation referred to in paragraph 6.1 against the Data Exporter or the Data Importer because they have factually disappeared or have ceased to exist in law or have become insolvent and no successor entity has assumed the entire legal obligations of the Data Exporter or Data Importer by contract or by operation of law. Such third-party liability of the Subprocessor shall be limited to its own processing operations under this Exhibit. |
Customer Confidential | Page 30 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
11.3 | The provisions relating to data protection aspects for subprocessing of the contract referred to in paragraph 11.1 shall be governed by English law. |
11.4 | The Data Exporter shall keep a list of subprocessing agreements concluded under this Exhibit and notified by the Data Importer pursuant to Clause 5(j), which shall be updated at least once a year. The list shall be available to the Data Exporter's Supervisory Authority. |
12. | OBLIGATION AFTER THE TERMINATION OF PERSONAL DATA PROCESSING SERVICES |
12.1 | The parties agree that on the termination of the provision of data Processing services, the Data Importer shall, at the choice of the relevant Data Exporter, return all the Personal Data transferred and the copies thereof to the Data Exporter or shall destroy all the Personal Data and certify to the Data Exporter that it has done so, unless legislation imposed upon the Data Importer prevents it from returning or destroying all or part of the Personal Data transferred. In that case, the Data Importer warrants that it will guarantee the confidentiality of the Personal Data transferred and will not actively Process the Personal Data transferred any more. |
12.2 | The Data Importer warrants that upon request of the Data Exporter and/or of the Supervisory Authority, it will submit its data Processing facilities for an audit of the measures referred to in paragraph 12.1. |
Customer Confidential | Page 31 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
APPENDIX 1
Data Exporters
The Data Exporter is a healthcare services and information technology company.
Data Importer
The Data Importer is a company undertaking data processing activities.
Data Subjects
The Personal Data transferred may concern the following categories of Data Subjects:
1. | Customers of the Data Exporter and personnel employed by or working on behalf of such customers. |
2. | Persons whose data are relevant to contracts for health care entered into by customers with the Data Exporter. |
Categories of data
The Personal Data transferred may concern the following categories of data:
(a) | [***] |
(b) | [***] |
(c) | [***] |
(d) | [***] |
(e) | [***] |
(f) | [***] |
(g) | [***] |
(h) | [***] |
(i) | [***] |
(j) | [***] |
(k) | [***] |
(l) | [***] |
(m) | [***] |
Customer Confidential | Page 32 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
Special Categories of data
The Personal Data transferred concern the following special categories of data:
· | [***] |
Processing operations
Members book and attend a virtual consultation with a specialist using the 2nd.MD application which is downloadable through their Apple or Android phone or tablet device (the “App”). During the consultation, the specialist will capture information relating to the Member’s condition and the outcome of the consultation. This will be recorded securely in the App and will not be shared with the data exporter without the Member’s consent.
Customer Confidential | Page 33 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
APPENDIX 2
Technical and Organisational Security Measures
The Data Importer has implemented a suitable set of information security controls including policies, practices, procedures and organizational structures to protect the confidentiality, integrity and availability of personal data entrusted to it and to protect against unauthorised or accidental access, change, loss or destruction, unauthorised transmission or other unauthorised processing as well as other misuse. Furthermore, the Data Importer has a security assessment program where periodic independent assessments are undertaken with an aim to ensure continual effectiveness.
The technical/ organizational security measures implemented by the Data Importer in accordance with Clause 4(c) of this Exhibit are as set out below (as amended and updated from time to time by the Data Importer):
Organizational Measures
With regard to organizational protection the Data Importer undertakes to apply at least the following measures:
Security Management
· | The security measures set forth in Exhibit F (Security) and Exhibit D (HIPAA and GLBA – Business Associate Agreement) to the Agreement to which these Standard Contractual Clauses are attached. |
Personnel Security (Human Resources Security)
· | The security measures set forth in Exhibit F (Security) and Exhibit G (Background Investigations) D. |
Business Continuity Planning
· | The measures set forth in Exhibit F (Security) and Section 9 of the Agreement to which these Standard Contractual Clauses are attached. |
Physical & Environmental Security
· | The security measures set forth in Exhibit F (Security) to the Agreement to which these Standard Contractual Clauses are attached. |
Technical Measures
With regard to technical protection the Data Importer undertakes to apply at least the following measures:
Workstation Security
· | Access rights will be granted based on job role, terminated upon transfer or termination. Maintain a strong password policy requiring a minimum length, complexity, password expiration and account lockout upon multiple failed logon attempts. Workstations will be protected with boot passwords, hard drive encryption and antivirus, as well as other applicable security measures set forth in Exhibit F (Security) to the Agreement to which these Standard Contractual Clauses are attached. |
Customer Confidential | Page 34 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
Server Security
· | In addition to the other applicable security measures set forth in Exhibit F (Security) to the Agreement to which these Standard Contractual Clauses are attached, access rights will be granted based on job role, terminated upon transfer or termination. Maintain a strong password policy requiring a minimum length, complexity, password expiration and account lockout upon multiple failed logon attempts. [***]. |
Network Security
· | In addition to the other applicable security measures set forth in Exhibit F (Security) to the Agreement to which these Standard Contractual Clauses are attached, the production network will be protected by firewalls. Strict ingress / egress rules will be configured to restrict communications between servers to only those the application requires. The production network will be monitored by an intrusion detection system and administrators will receive security alerts. All network access will be logged. [***]. |
Customer Confidential | Page 35 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
EXHIBIT F
SECURITY
The requirements of this Exhibit are applicable if and to the extent that: (1) Vendor accesses Customer Information Systems (as defined below); or (2) Vendor creates, has access to, or receives from or on behalf of Customer any Customer Information (as defined below) in electronic format. The requirements set forth in this Exhibit are in addition to, and do not substitute for: (i) any of Vendor’s other obligations under the Agreement, including any Exhibits or applicable Statements of Work; and (ii) any requirements imposed upon Vendor by applicable law. To the extent that any requirements set forth in this Exhibit conflict with other requirements under the Agreement (including any Exhibits or applicable Statements of Work), then the requirement most protective of Customer, in Customer’s reasonable determination, shall apply.
1. Definitions. The following terms shall have the meanings as set forth below:
1.1 “Confidential Information” has the meaning set forth in the Agreement.
1.2 “Customer” means United Healthcare Services, Inc.
1.3 “Customer Information” means any Confidential Information of Customer that includes or is comprised of any of the following:
(a) Protected health information (i.e., any information that would be termed “protected health information” under the provisions of the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations);
(b) Non-public personal information (i.e., any information that would be termed “non-public personal information” under the Federal Gramm-Leach-Bliley Act, any related state statutes, and any related federal or state regulations);
(c) Personal data (i.e., any information relating to an identified or identifiable natural person, as further defined under the European Union Directive 95/46/EC and each EU member state's implementing laws, including any regulations and codes of conduct issued under such laws);
(d) Cardholder data, as that term is defined in the most current version of the Payment Card Industry (PCI) Data Security Standard; or
(e) Other personal information (i.e., other personally identifiable information about individuals, or information that can be used to identify individuals, the disclosure and/or use of which is restricted by applicable federal or state law, including social security numbers).
1.4 “Customer Information Systems” means information systems resources supplied or operated by Customer or its contractors, including without limitation, network infrastructure, computer systems, workstations, laptops, hardware, software, databases, storage media, proprietary applications, printers, and internet connectivity that are owned, controlled or administered by or on behalf of Customer.
1.5 “HITRUST” means the Health Information Trust Alliance.
1.6 “HITRUST CSF” or “CSF” means the HITRUST common security framework against which Vendor’s security program will be assessed, validated and certified. The common security framework is comprised of a common set of information security requirements with standardized assessment and reporting processes accepted and adopted by healthcare organizations.
Customer Confidential | Page 36 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
1.7 “HITRUST CSF Certification” means a CSF third-party validated report with certification, which certification has been issued by HITRUST based on testing performed by an independent CSF assessor and reviewed, approved and certified by HITRUST.
1.8 “HITRUST CSF Self-Assessment Report” means the report issued by HITRUST upon its validation of the self-assessment conducted by Vendor using the standard methodology, requirements, and tools provided under HITRUST’s CSF Assurance Program.
1.9 “HITRUST CSF Validated Report” means a CSF third-party validated report, issued by an authorized CSF assessor based on on-location testing.
1.10 “Independent Certification/Attestation” means: (a) a HITRUST CSF Certification; or (b) an alternative certification (e.g., EHNAC, SOC 2 Type 2, or ISO27001) designed to document and measure performance against control objectives that map to applicable HITRUST CSF requirements, controls, and control specifications and/or other relevant standards (“Alternative Certification”), as approved by Customer pursuant to Section 3.4 and described in Attachment 2.
1.11 “Mitigate” means Vendor has deployed security controls as necessary to reduce the adverse effects of threats and reduce risk exposure to a level reasonably acceptable by Customer.
1.12 “Remediation” or “Remediate”, as applicable, means that Vendor has completely resolved a security exposure or Security Incident, such that the vulnerability no longer poses a risk to Customer Information Systems or Vendor Processing Resources, as applicable.
1.13 “Security Incident” means the unauthorized access, use, disclosure, modification, or destruction of Customer Information or access to or interference with the operations of any Customer Information Systems or Vendor Processing Resources. Security Incidents are classified as follows:
(a) “High Severity” or severity 1 (severe impact) means [***].
(b) “Medium Severity” or severity 2 (major impact) means [***].
(c) “Low Severity” or severity 3 (moderate impact) means [***].
1.14 “Services” has the meaning set forth in the Agreement. If the term “Services” is not defined in the Agreement, then Services means any services or functions provided by Vendor to Customer under the Agreement.
1.15 “Vendor Processing” means any information collection, storage or processing performed by Vendor or its subcontractors that: (i) directly or indirectly supports the Services or functions now or hereafter furnished to Customer; and (ii) involves the storage, processing, use or creation of, or access to, any Customer Information.
1.16 “Vendor Processing Resources” means information processing resources supplied or operated by Vendor, including without limitation, network infrastructure, computer systems, workstations, laptops, hardware, software, databases, storage media, printers, proprietary applications, Internet connectivity, printers and hard copies which are used, either directly or indirectly, in support of Vendor Processing.
Customer Confidential | Page 37 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
2. | General Requirements. |
2.1 Security Program. Vendor shall maintain a comprehensive security program under which Vendor documents, implements and maintains the physical, administrative, and technical safeguards necessary to: (a) comply with applicable law; and (b) protect the confidentiality, integrity, availability, and security of Vendor Processing Resources and Customer Information. Vendor’s security program shall be consistent with the requirements of this Exhibit and shall be designed to ensure compliance with the provisions of applicable law, including without limitation the Health Information Portability and Accountability Act (HIPAA), the Health Information Technology for Economic and Clinical Health Act (HITECH), the Payment Card Industry Data Security Standards (PCI DSS), and Sarbanes-Oxley (SOX).
2.2 Vendor Security Contact. Vendor shall designate [***] to serve as Vendor’s points of contact for Customer on all security issues. Vendor’s Security Representatives shall be responsible for overseeing compliance with this Exhibit. Vendor shall maintain [***] for the Security representatives’ roles, and will replace a Security Representative within [***] should an individual serving as one of the Security Representatives change roles or no longer be employed by Vendor. Within [***] of the Effective Date and within [***] of identifying a new individual to serve in such role, Vendor will provide Customer with the name and title of, and the [***] contact information (including email and phone number) for the Security Representatives.
2.3 Policies and Procedures. Vendor shall maintain written security management policies and procedures to identify, prevent, detect, contain, and correct violations of measures taken to protect the confidentiality, integrity, availability, or security of Vendor Processing Resources and/or Customer Information. Such policies and procedures shall: (a) assign specific data security responsibilities and accountabilities to specific role(s); (b) include a formal risk management program which includes periodic risk assessments; and (c) provide an adequate framework of controls that safeguard Vendor Processing Resources, Customer Information Systems and Customer Information. Vendor shall provide such policies and procedures to Customer for review upon Customer’s request at any time during the Term.
2.4 Subcontractors. To the extent that any Vendor subcontractor accesses Customer Information Systems or creates, has access to, or receives from or on behalf of Customer any Customer Information in electronic format, Vendor shall enter into a written agreement with such subcontractor [***].
2.5 IT Change and Configuration Management. In addition to any specific requirements set forth in the applicable Statement of Work, Vendor shall employ reasonable processes, consistent with industry best practices, for change management, code inspection, repeatable builds, separation of development and production environments, and testing plans. Code inspections must include a comprehensive process to identify vulnerabilities and malicious code, including but not limited to logic-bombs, sniffers, and backdoors. In addition, Vendor shall ensure that processes are documented and implemented for vulnerability management, patching, and verification of system security controls prior to their connection to production networks.
2.6 Change Notifications. In addition to any specific requirements and subject to any specific conditions set forth in the Agreement or the applicable Statement of Work, Vendor shall provide Customer with at least [***] prior written notice of any relevant material changes that will negatively impact security, to Vendor’s information technology infrastructure, facilities, or resources associated with information security governance and oversight, security, network, and infrastructure operations and any key personnel responsible for ensuring a secure environment spanning Vendor, any of its subcontractors, and Customer.
2.7 Data Retention. Vendor shall not retain any Customer data following completion of the applicable Services, except to the extent: (a) required by law; (b) required pursuant to Exhibit H (Medicare Advantage Regulatory Requirements Appendix); or (c) expressly required by Customer in writing. At Customer’s request, Vendor shall certify to Customer in writing that all Customer data has been returned or destroyed, as required under this Agreement.
Customer Confidential | Page 38 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
3. | Security Assessment and Independent Certification Requirements |
3.1 Applicability. Vendor is required to demonstrate to Customer, through an Independent Certification / Attestation as further set forth in this Section 3, that Vendor has in place appropriate controls to protect Customer Information.
3.2 Security Assessment. [***] Vendor shall have completed a security assessment conducted by Customer’s Information Risk Management department (“Security Assessment”). The Security Assessment may: (a) rely on the Independent Certification/Attestation Vendor provided to Customer; or (b) be in addition to the Independent Certification/Attestation, in Customer’s sole discretion. In addition, Customer may require additional Security Assessments in connection with Statements of Work for new or additional Services. Any remediation requirements identified during a Security Assessment will be documented and tracked using a tool provided by Customer (e.g., a vendor portal or spreadsheet). Vendor will complete such remediation requirements within the agreed upon timeframes. Material remediation requirements may also be set forth in Attachment 1 or the applicable Statement of Work. [***].
3.3 Independent Certification / Attestation – HITRUST CSF Certification. Vendor shall have, as of the Effective Date, and shall maintain through the period described in Section 3.6, a HITRUST CSF Certification. To the extent that Vendor does not have a HITRUST CSF Certification as of the Effective Date, or is the process of obtaining a HITRUST CSF Certification, the requirements of Section 3.4 or Section 3.5, as applicable, shall apply. In order to meet the requirements of this Exhibit, the scope of all assessment, review, testing, validation and certification activities under Vendor’s HITRUST CSF Certification must include all Vendor Processing Resources and Vendor Processing, as well as applicable Vendor facilities used in connection with the provision of the Services.
3.4 Independent Certification / Attestation – Other. Subject to Customer’s prior written consent, which may be withheld or conditioned in Customer’s sole discretion, Vendor may meet the requirements of this Section 3 by obtaining and maintaining an Alternative Certification. To the extent that Customer approves the use of an Alternative Certification, the approved Alternative Certification and a description of the relevant control objectives or similar requirements shall be set forth in Attachment 2.
3.5 HITRUST CSF Implementation Requirements. To the extent that Vendor has not obtained a HITRUST CSF Certification (and Customer has not approved the use of an Alternative Certification), then: (a) the requirements of Section 3.7 shall apply; and (b) Vendor shall (i) complete and provide to Customer a HITRUST CSF Self-Assessment Report, (ii) obtain and provide to Customer a HITRUST CSF Validated Report, and (iii) obtain and provide to Customer a HITRUST CSF Certification by the respective deadlines set forth in Attachment 3. Vendor’s failure to meet the foregoing requirements shall be deemed to be a material breach of the Agreement. If Vendor has begun the process of obtaining a HITRUST CSF Certification before the Effective Date, then Vendor represents and warrants to Customer that all corrective action plans that are necessary to obtain a HITRUST CSF Validated Report and/or HITRUST CSF Certification and that have been identified to Vendor prior to the Effective Date are included in Attachment 3.
3.6 Independent Certification / Attestation Timing Requirements. To the extent that an Independent Certification/Attestation is required under this Exhibit, Vendor shall maintain such Independent Certification/Attestation (and continue to meet the applicable requirements of this Exhibit regarding such Independent Certification/Attestation) until the later of: (a) the expiration or earlier termination of the Agreement; or (b) Vendor no longer maintains (including in archived or secure storage) or has access to, any Customer Information.
3.7 Interim Requirements. Until such time as Vendor obtains either a HITRUST CSF Certification or an Alternative Certification approved by Customer, the requirements of Attachment 4 shall apply.
Customer Confidential | Page 39 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
3.8 Reporting of Findings. Upon Customer’s request, Vendor shall report to Customer any findings and associated corrective action plans identified during a self-assessment or any third party assessment, including any assessment related to Vendor’s Independent Certification / Attestation. Vendor will provide Customer with any further information associated with such findings, as reasonably requested by Customer.
4. | Security Monitoring and Response |
4.1 Mitigation and Remediation of Security Exposures. Vendor will Mitigate or Remediate any High Severity security exposure or finding discovered by Customer or Vendor within [***] from the time Vendor becomes aware of the exposure or finding. Vendor will Mitigate or Remediate any Medium Severity or Low Severity security exposure or finding discovered by Customer or Vendor within [***] from the time Vendor becomes aware of the exposure or finding. With respect to security exposures that are Mitigated (but not Remediated), Vendor must Remediate such security exposures within [***] after being Mitigated (in the case of High Severity exposures) and [***] after being Mitigated (in the case of Medium Severity exposures), and [***] after being Mitigated (in the case of Low Severity exposures). If Vendor fails to Mitigate or Remediate any security exposure or finding within the required timeframe: [***].
4.2 Incident Response. Vendor shall maintain formal processes to detect, identify, report, respond to, Mitigate, and Remediate Security Incidents in a timely manner.
4.3 Incident Notification. Vendor shall notify Customer in writing within [***] of any Security Incident(s) which result in, or which Vendor reasonably believes may result in, unauthorized access to, modification of, or disclosure of Customer Information, Customer Information Systems or other Customer applications. Vendor shall provide Customer with a written Remediation plan within [***] of the Security Incident. Notwithstanding the notice provisions of the Agreement, Vendor shall send all notifications and written communications required under this Section to Customer at SIR@uhc.com.
4.4 Incident Remediation. Upon becoming aware of a Security Incident, Vendor will assign a severity level (i.e., High Severity, Medium Severity or Low Severity) based on the definitions set forth in this Exhibit. Vendor will reclassify the Severity Level of any Security Incident upon Customer’s reasonable request. Vendor will Mitigate or Remediate any High Severity Security Incident within [***] from the time Vendor becomes aware of the incident. Vendor will Mitigate or Remediate any Medium Severity or Low Severity Security Incident within [***] from the time Vendor becomes aware of the incident. With respect to Security Incidents that are Mitigated (but not Remediated), Vendor must Remediate such Security Incidents within [***] after being Mitigated (in the case of High Severity incidents) and [***] after being Mitigated (in the case of Medium Severity incidents), and [***] after being Mitigated (in the case of Low Severity incidents). If Vendor fails to Mitigate or Remediate any Security Incident within the required timeframe: [***].
4.5 Site Outage. Vendor shall promptly report to Customer any Vendor site outages where such outage may impact Customer or Vendor’s ability to fulfill its obligations to Customer.
Customer Confidential | Page 40 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
5. | Hosting, Virtualization Services, and Data Aggregation |
5.1 Limits on Shared Hosting and Virtualization. Vendor shall not utilize (nor permit any subcontractor to utilize) any shared hosting or virtualized “cloud” hosting arrangements in support of Customer without Customer’s prior written approval.
5.2 Co-Mingled or Aggregated Data. Vendor shall not [***] Customer Information or any Confidential Information of Customer (including, for example, program code, database scripts, data extracts, process flows, calculations, macros, and business logic) [***] without Customer’s prior written approval. Vendor will obtain Customer’s prior written approval of each Vendor (or subcontractor) data center in which Customer Information is stored or processed.
5.3 Logical and Physical Segregation. Vendor shall physically and/or logically segregate Customer data from data of other Vendor customers.
6. | Licenses; Software Development |
6.1 No License Granted. Nothing in this Exhibit grants to Vendor, either expressly or by implication, any right or license to access or use for any purpose any Customer Information, Customer Information Systems, or any software in Customer’s computing environments. This Exhibit does not transfer to Vendor title of any ownership rights or rights in patents, copyrights, trademarks and trade secrets included in Customer Information Systems.
6.2 Software Usage. Vendor shall not attempt to copy, alter, decompile, reverse engineer, or disassemble any of the software programs contained in Customer Information Systems.
6.3 Software Development. If the Services include the development of software product(s), including web applications, for Customer, such software shall be developed and maintained in accordance with the development methodology specified by Customer. Such software shall satisfy the appropriate Customer information security policies and guidelines that are furnished by Customer to Vendor (which are incorporated herein by reference). Vendor shall comply with any instructions, guidelines or minimum compliance controls that are furnished by Customer to Vendor (which are incorporated herein by reference) to enable Customer to comply with SOX and/or other applicable laws and regulations. To the extent that Vendor uses internally-developed software or web applications to provide the Services, even if such items are not developed exclusively for Customer, then (a) Vendor shall insure that such items comply with any instructions, guidelines or minimum compliance controls that are furnished by Customer to Vendor (which are incorporated herein by reference) to enable Customer to comply with applicable laws and regulations, and (b) Vendor will provide Customer with such information as is reasonably necessary for Customer to confirm that applicable compliance controls are in place.
7. Audit. Notwithstanding anything to the contrary in the Agreement, Vendor will provide to Customer, its auditors (including internal audit staff and external auditors), inspectors, regulators and other representatives as Customer may from time to time designate in writing, access [***] to any facility or part of a facility at which either Vendor or any of its subcontractors is performing Vendor Processing or which contains Vendor Processing Resources, and to data and records relating to Vendor Processing, Vendor Processing Resources, and information security for the purpose of performing audits and inspections of Vendor and any of its subcontractors to (a) verify the integrity of Customer Information and examine the systems that process, store, secure, support and transmit Customer Information; (b) verify Vendor’s and its subcontractors’ compliance with the requirements of this Exhibit, and (c) review general controls and security practices and procedures. Vendor will cooperate fully with Customer or its designees in connection with audit functions and with regard to examinations by regulatory authorities. Customer’s auditors and other representatives will comply with Vendor’s reasonable security requirements in the performance of such audit.
8. Amendments. Notwithstanding anything to the contrary set forth in the Agreement, Customer may amend this Exhibit by providing at least [***] prior written notice to Vendor if Customer reasonably determines that such amendment is necessary for Customer to comply with the Standards for Privacy of Individually Identifiable Health Information or the Security Standards for the Protection of Electronic Protected Health Information (both of which are set forth at 45 CFR Parts 160 and 164) or any other federal, state or local law, regulation, ordinance, or requirement relating to the confidentiality, integrity, availability, or security of Customer Information.
Customer Confidential | Page 41 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
Attachment 1
Security Assessment Remediation Requirements
¨ Not applicable.
x Applicable.
# | Remediation Requirement | Completion Criteria | Implementation Date |
Independent | [***] | [***] | No later than [***] |
Review of | be performed [***] in order to | from the Effective Date of | |
Information | provide reasonable assurance | of this MSA | |
Security | that security practices and | ||
operations are effective. |
(add rows as necessary)
Customer Confidential | Page 42 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
Attachment 2
Alternative Certification Requirements
¨ Not applicable.
x Applicable.
Customer approves and consents to the SOC 2 Type II submitted by Vendor as an Alternative Certification in compliance with Section 3.3 of this Exhibit E (Security), until such time that Vendor obtains the SOC 2 Type 2 report mapped with HITRUST CSF. Vendor shall maintain such Alternative Certification in compliance with this Agreement at all times.
Furthermore, Vendor is in the process of obtaining SOC 2 Type 2 report mapped with HITRUST CSF. The controls tested during this process, as well as in future assessments, as part of the SOC 2 Type II shall cover all of the HITRUST controls in the then current mapping principles to HITRUST CSF or as otherwise communicated to Vendor in writing during the term of this Agreement. The current version can be found at: https://hitrustalliance.net/csf-rmf-related-documents/ OR https://hitrustalliance.net/soc2/]. Vendor will obtain the SOC 2 Type 2 report mapped with HITRUST CSF no later than [***] from the Effective Date of this MSA. Vendor will provide Customer with a copy of the SOC 2 Type 2 report mapped with HITRUST CSF documentation, along with any supporting documentation requested of Vendor, within [***] of receipt from the certifying authority. Vendor shall maintain its certification in compliance with this Agreement at all times.
Customer Confidential | Page 43 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
Attachment 3
HITRUST CSF Implementation Plan
x Not applicable.
¨ Applicable.
1. | Implementation Deadlines. |
Requirement | Deadline |
HITRUST CSF Self-Assessment Report | [[***] after the Effective Date] |
HITRUST CSF Validated Report | [[***] after the Effective Date] |
HITRUST CSF Certification | [[***] after the Effective Date] |
2. | Corrective Action Plans. |
Customer Confidential | Page 44 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
Attachment
4
Interim Requirements
x Not applicable.
¨ Applicable.
1. | Definitions. The following terms shall have the meanings as set forth below: |
1.1 “Device” means equipment or electronic media on which Customer Information is accessed, stored or processed, including without limitation storage drives or tapes, removable drives or media (to the extent permitted by Customer), desktop and laptop computers, tablets, and mobile devices.
1.2 “Vendor Personnel” will mean employees, contractors or agents of Vendor, or of its subcontractors, who provide Services (or any component thereof) to Customer.
2. | Security Management (Infrastructure Protection) |
Vendor shall maintain industry standard procedures to protect Vendor Processing Resources, including, at a minimum:
(a) | Formal security programs (e.g., policies, standards, processes); |
(b) | Content aware solutions (i.e., data loss prevention) to discover, monitor, and protect data during transit/at rest across network, storage, and endpoint systems; |
(c) | Processes for becoming aware of and maintaining security patches and fixes; |
(d) | Router filters, firewalls, and other mechanisms to restrict access to the Vendor Processing Resources, including without limitation, all local site networks that may be accessed via the Internet (whether or not such sites transmit information); |
(e) | Resources used for mobile access to Customer Information Systems shall be protected against attack and penetration through the use of firewalls, malware detection/prevention, and encryption; and |
(f) | Processes to prevent, detect, and eradicate malicious code (e.g., viruses) and to notify Customer of instances of malicious code detected on Vendor Processing Resources that may affect Customer Information or Customer Information Systems. Notwithstanding the notice provisions of the Agreement, Vendor shall send all notifications and written communications required under this Section to Customer at SIR@uhc.com. |
3. | Risk Management |
3.1 General Requirements. Vendor shall maintain appropriate safeguards and controls and exercise due diligence to protect Customer Information and Vendor Processing Resources against unauthorized access, use, and/or disclosure, considering all of the factors and/or requirements listed below. In the event of any conflict or inconsistency between relevant requirements, Vendor shall protect the Customer Information and Vendor Processing Resources in accordance with [***]:
(a) | Federal and state legal and regulatory requirements; |
(b) | Information technology and healthcare industry best practices (e.g., HITRUST Common Security Framework); |
(c) | Sensitivity of the data; |
(d) | Relative level and severity of risk of harm should the integrity, confidentiality, availability or security of the data be compromised, as determined by Vendor as part of an overall risk management program; |
(e) | Customer’s data security requirements, as set forth in this Exhibit, the due diligence process and/or in the Agreement; and |
(f) | Any further information security requirements which are included in a Statement of Work or equivalent document which is attached to or relates to the Agreement. |
Customer Confidential | Page 45 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
3.2 Internal Risk Assessment. Vendor shall periodically [***] evaluate its processes and systems to ensure continued compliance with obligations imposed by law, regulation or contract with respect to the confidentiality, integrity, availability, and security of Customer Information and Vendor Processing Resources. Vendor shall document the results of these evaluations and any remediation activities taken in response to such evaluations, and provide a copy to Customer, upon Customer’s request.
3.3 Internal Records. Vendor shall maintain mechanisms to capture, record, and examine information relevant to Security Incidents and other security-related events. In response to such events, Vendor shall take appropriate action to address and remediate identified vulnerabilities to Customer Information and Vendor Processing Resources, including as set forth in this Exhibit.
3.4 Vulnerability Assessment and Patch Management. Vendor shall provide Customer with the results of external vulnerability testing, internal infrastructure vulnerability testing, and application vulnerability testing. Vendor will perform (and, at Customer’s request, allow Customer to perform) penetration tests of applicable Vendor environments, including perimeter vulnerability testing, internal infrastructure vulnerability testing, and application testing. Vendor shall also ensure that appropriate patches and security updates are applied in accordance with OEM recommendations or (subject to Customer’s prior written approval) industry standards and best practices. Vendor shall provide process documentation and assessment results to Customer upon Customer’s request.
3.5 Audit and Attestation Practices. Vendor shall provide to Customer [***] information on its audit processes, procedures and controls, including a report on any findings and remediation efforts. If Vendor has not, as of the Effective Date, obtained a HITRUST CSF Certification or an Alternative Certification approved by Customer to permanently substitute for the HITRUST CSF Certification, then Vendor shall provide Customer an interim Alternative Certification. Vendor shall provide such Alternative Certification as of the Effective Date and [***] thereafter until (a) Vendor obtains a HITRUST CSF Certification approved by Customer, or (b) the Agreement expires or is terminated.
3.6 Vendor Locations. Unless previously authorized by Customer in writing, all work performed by Vendor related to the Agreement shall be performed from the Vendor location(s) designated in the Agreement and/or relevant Statement of Work(s).
4. | Personnel Security |
4.1 Access to Customer Information. Vendor shall require that Vendor Personnel who have, or may be expected to have, access to Customer Information or Customer Information Systems comply with the provisions of the Agreement, including this Exhibit and any confidentiality agreement(s) or Business Associate Agreement(s) binding upon Vendor. Vendor will remain responsible for any breach of this Exhibit by Vendor Personnel.
4.2 Security Awareness. Vendor shall ensure that Vendor Personnel remain aware of industry standard security practices, and their responsibilities for protecting the Customer Information. Vendor shall provide information security awareness training and education to all Vendor Personnel upon hire, during the on-boarding process, and annually thereafter. Such information security awareness education and training shall address the responsibilities related to the Services provided to Customer. Customer may, at its option, review the content of, and request modifications to, the training curriculum. Vendor shall accommodate all of Customer’s reasonable requests in this regard. Participation in such training by Vendor Personnel shall be mandatory and Vendor shall track attendance and, at Customer’s request, provide a confirmation that all Vendor Personnel have completed such training. Vendor’s information security awareness training shall include, but not be limited to:
(a) | Protection against malicious software (such as viruses); |
(b) | Appropriate password protection and password management practices; |
(c) | Appropriate use of workstations and computer system accounts; |
(d) | HIPAA and HITECH requirements, including the Privacy Rule and Security Rule; |
(e) | Vendor’s information security policies; |
(f) | Any applicable acceptable use policies; |
Customer Confidential | Page 46 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
(g) | Relevant obligations set forth in the Agreement; and |
(h) | Procedures for reporting Security Incidents. |
4.3 Sanction Policy. Vendor shall maintain a sanction policy to address violations of Vendor’s internal security requirements or security requirements which are imposed on Vendor by law, regulation, or contract.
4.4 Supervision of Workforce. Vendor shall maintain processes for authorizing and supervising Vendor Personnel and for monitoring access to Customer Information, Customer Information Systems and/or Vendor Processing Resources.
5. | Physical Security. |
Vendor shall maintain appropriate physical security controls (including facility and environmental controls) to prevent unauthorized physical access to Vendor Processing Resources and areas in which Customer Information is stored or processed. Where practicable, this obligation shall include controls to physically protect hardware (e.g., lockdown devices). Vendor shall adopt and implement a written facility security plan which documents such controls and the policies and procedures through which such controls will be maintained. Vendor shall maintain appropriate records of maintenance performed on Vendor Processing Resources and on the physical control mechanisms used to secure Vendor Processing Resources. Vendor shall obtain Customer’s prior written approval before moving storage or processing of Customer Information, or Vendor Personnel who have access to Customer Information or Customer Information Systems, to any location not previously authorized by Customer. Vendor agrees and acknowledges that any such relocation may require updates to any applicable Independent Attestation/Certification, and Vendor will not complete any such relocation until such updates have been completed.
6. | Security Monitoring and Response |
6.1 Incident Response. Vendor shall maintain formal processes to detect, identify, report, respond to, Mitigate, and Remediate Security Incidents in a timely manner.
6.2 Incident Notification. Vendor shall notify Customer in writing within [***] of any Security Incident(s) which result in, or which Vendor reasonably believes may result in, unauthorized access to, modification of, or disclosure of Customer Information, Customer Information Systems or other Customer applications. Vendor shall provide Customer with a written Remediation plan within [***] of the Security Incident. Notwithstanding the notice provisions of the Agreement, Vendor shall send all notifications and written communications required under this Section to Customer at SIR@uhc.com.
6.3 Incident Remediation. Upon becoming aware of a Security Incident, Vendor will assign a severity level (i.e., High Severity, Medium Severity or Low Severity) based on the definitions set forth in this Exhibit. Vendor will reclassify the Severity Level of any Security Incident upon Customer’s reasonable request. Vendor will Mitigate or Remediate any High Severity Security Incident within [***] from the time Vendor becomes aware of the incident. Vendor will Mitigate or Remediate any Medium Severity or Low Severity Security Incident within [***] from the time Vendor becomes aware of the incident. With respect to Security Incidents that are Mitigated (but not Remediated), Vendor must Remediate such Security Incidents within [***] after being Mitigated (in the case of High Severity incidents) and [***] after being Mitigated (in the case of Medium Severity incidents), and [***] after being Mitigated (in the case of Low Severity incidents). If Vendor fails to Mitigate or Remediate any Security Incident within the required timeframe: [***].
Customer Confidential | Page 47 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
6.4 Site Outage. Vendor shall promptly report to Customer any Vendor site outages where such outage may impact Customer or Vendor’s ability to fulfill its obligations to Customer.
7. | Data and Communications Security |
7.1 Exchange of Customer Information. Vendor shall utilize a method of transmitting Customer Information electronically that limits the unauthorized access to and/or modification of such information.
7.2 Data Retention. Vendor shall not retain any Customer data following completion of the applicable Services, except to the extent (a) required by law, (b) required pursuant to Exhibit H (Medicare Advantage Regulatory Requirements Appendix), or (c) expressly required by Customer in writing. Subject to the foregoing, Vendor shall ensure that following the completion of the applicable Services, the Customer data used in connection with such Services is Securely Deleted in accordance with Vendor’s records retention policy, which shall be developed by Vendor and reviewed by Customer. At Customer’s request, Vendor shall certify to Customer in writing that all Customer data has been destroyed as required hereunder. As used herein, “Securely Deleted” (or “Securely Delete”) means that (i) hard copy materials are destroyed and cannot be reconstructed (e.g., shredded);
(ii) electronic files are deleted and overwritten to a level sufficient to ensure that they cannot be retrieved or reconstructed and that any Customer data contained in the files is rendered unreadable, unusable and indecipherable; and (iii) Devices are physically destroyed, degaussed or overwritten in accordance with NIST Special Publication 800-88. Vendor shall Securely Delete any Customer data provided by Customer but not required by Vendor for performance of the applicable Services promptly after Vendor discovers that such data is not needed, provided, however, that if such prompt deletion would require Vendor to reallocate resources and impact Vendor’s ability to meet Service Level requirements or deadlines established by Customer, then Customer and Vendor will work together to establish a schedule for such deletion.
7.3 Encryption. Vendor shall ensure that all Customer data containing Customer Information whether stored (i.e., “data at rest”) or that Vendor transmitted (i.e., “data in motion”) over the public internet is encrypted using valid encryption processes. Full disk encryption must be implemented on any desktop or laptop computer on which Customer data is stored or processed. Valid encryption processes for data at rest are consistent with NIST Special Publication 800-111, Guide to Storage Encryption Technologies for End User Devices. Valid encryption processes for data in motion are those which comply, as appropriate [***]: (a) NIST Special Publications 800-52, Guidelines for the Selection and Use of Transport Layer Security (TLS) Implementations; 800- 77, Guide to IPsec VPNs, or (b) the requirements of applicable data security and/or privacy laws in the country from which the Customer Information originates, or (c) other which are Federal Information Processing Standards (FIPS) 140-2 validated. Vendor shall maintain such encryption for all transmissions by Vendor of Customer data via public networks (e.g., the Internet). Such transmissions include, but are not limited to:
(i) | Sessions between web browsers and web servers; |
(ii) | Email containing Customer Information (including passwords); |
(iii) | Transfer of files via the Internet (e.g., FTP); |
(iv) | Laptop / desktop encryption; |
(v) | Mobile Device encryption; and |
(vi) | Removable storage media encryption (e.g., thumb drive, external hard drives, writable CD drives, backup tapes). |
7.4 Protection of Systems, Devices and Storage Media. With respect to all Vendor systems or Devices containing Customer data, Vendor shall ensure all reasonable, industry-standard measures are taken to physically secure such Devices to prevent any unauthorized disclosure while in transit and while at rest. Vendor shall ensure that all Devices on which Customer data was stored or processed are Securely Deleted before such Devices are used for any other purpose. No Device on which Customer data was stored or processed may be sold, donated, discarded, or otherwise disposed of or used by any organization unless such Device has been Securely Deleted. All media on which Customer data is stored shall be protected against unauthorized access or modification. Vendor shall maintain reasonable and appropriate processes and mechanisms to maintain accountability and tracking of the receipt, removal and transfer of Devices, including certification of the Device being Securely Deleted.
Customer Confidential | Page 48 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
7.5 Data Integrity. Vendor shall maintain processes to prevent unauthorized or inappropriate modification of Customer Information, for both data in transit and data at rest.
8. | Access Control |
8.1 Identification and Authentication. All access to any Customer Information or any Vendor Processing Resources shall be Identified and Authenticated as defined in this Section. “Identification” (or “Identify,” as the context requires) refers to processes which establish the identity of the person or entity requesting access to Customer Information and/or Vendor Processing Resources. “Authentication” (or “Authenticate,” as the context requires) refers to processes which validate the purported identity of the requestor. For access to Customer Information or Vendor Processing Resources, Vendor shall require Authentication by the use of an individual, unique user ID and an individual password or other appropriate Authentication technique approved by Customer in writing. Vendor shall obtain written approval from Customer prior to using digital certificates as part of Vendor’s Identification or Authorization processes. Vendor shall maintain procedures to ensure the protection, integrity, and soundness of all passwords created by Vendor and/or used by Vendor in connection with the Agreement.
8.2 Account Administration. Vendor shall maintain appropriate processes for requesting, approving, and administering accounts and access privileges for Vendor Processing Resources and Customer Information. These processes shall be required for both Customer-related accounts and Vendor’s internal accounts for Vendor Processing Resources, and shall include procedures for granting and revoking emergency access to Vendor Processing Resources and Customer Information. All access by Vendor Personnel to Customer Information Systems shall be subject to prior approval by Customer and shall follow Customer standard policies and procedures.
8.3 Access Control. Vendor shall maintain appropriate access control mechanisms to prevent all access to Customer Information and/or Vendor Processing Resources, except by (a) specified users expressly authorized by Customer and (b) Vendor Personnel who have a “need to access” to perform a particular function in support of Vendor Processing. The access and privileges granted shall be limited to the minimum necessary to perform the assigned functions. Vendor shall maintain processes to ensure that Vendor Personnel access to Customer Information is revoked no later than [***] upon termination and [***] in the case of involuntary termination. Vendor shall maintain appropriate mechanisms and processes for detecting, recording, analyzing, and resolving unauthorized attempts to access Customer Information or Vendor Processing Resources. If Vendor Personnel change roles or for any other reason no longer require access to Customer Information Systems, Vendor will notify Customer within [***]. In the case of involuntary termination, Vendor will notify Customer within [***]. Notwithstanding the notice provisions of the Agreement, Vendor shall send all notifications and written communications required under this Section to Customer at [***].
8.4 Personal Devices and Removable Media. Vendor shall ensure the Vendor Personnel will not be permitted to, and will not, utilize personal computing equipment for accessing Customer Information Systems or processing Customer Information. Vendor shall monitor and prevent Customer data from being sent via social media or personal email accounts. Vendor shall restrict access to, and the use of removable media, such as USB ports, writable optical media, portable hard drives, and other removable media. Vendor may not (and shall cause Vendor Personnel to not) use any such removable media to store or transfer Customer Information without Customer’s prior written approval.
9. | Network Security |
Vendor shall only have access to Customer Information Systems authorized by Customer and shall use such access solely for providing Services to Customer. Vendor shall not attempt to access any applications, systems or data which Customer has not authorized Vendor to access or which Vendor does not need to access in order to perform Services for Customer. Vendor further agrees to access such applications, data and systems solely to the extent minimally necessary to provide Services to Customer. Vendor's attempt to access any applications, data or systems in violation of the terms in this Section shall be a material breach of the Agreement.
Customer Confidential | Page 49 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
EXHIBIT G
BACKGROUND INVESTIGATIONS
Vendor shall, at its own expense, perform a background investigation on each individual assigned to perform Services under the Agreement which will involve: (i) unescorted access to any Customer facility, (ii) direct access or connectivity to any Customer Information Systems (as defined in Exhibit F), (iii) access to protected health information or non-public personal information, or (iv) driving on behalf of Customer (collectively, “High Access Services”).
Prior to the assignment of any individual to perform High Access Services, Vendor shall provide Customer with written confirmation that a background investigation have been successfully completed and passed in accordance with the requirements set forth below. Vendor shall be responsible for obtaining any necessary consent from such individuals to permit Customer full access to the background investigation reports. Vendor agrees to keep all such reports for a period of at least [***] past the last date the individual was assigned to Customer.
Vendor shall not permit any former employee of Customer, UnitedHealth Group, or any of their Affiliates to perform High Access Services without the prior written approval of the UnitedHealth Group Employee Relations department.
Should Vendor become aware, at any time during an individual’s assignment for Customer, that the individual is disqualified from performing High Access Services, Vendor shall immediately remove such individual from his or her assignment with Customer and shall notify Customer in writing within [***] of gaining such knowledge.
Customer reserves the right to regularly audit Vendor to determine whether the terms set forth herein are being completed to the satisfaction of Customer. Should Vendor fail to comply with any term of this Exhibit, Vendor shall, upon written request from Customer, pay to Customer a penalty of [***] per occurrence (i.e., per individual), which amounts Customer, at its sole discretion, may offset against sums otherwise owed to Vendor. Notwithstanding anything to the contrary in the Agreement or otherwise, this remedy is cumulative and in addition to any remedies available at law or in equity.
Nothing contained in this Agreement shall be construed to create any obligation on the part of Customer to disclose to Vendor, or to any individual, the reasons for its determination to terminate, or to decline, the assignment of an individual, or share any information obtained through a background investigation, except to the extent required by law.
Vendor shall meet the requirements of the Fair Credit Reporting Act, any regulations issued thereunder, and any other applicable state and federal laws.
Background Investigation Requirements:
1. | Background investigations shall include: |
• | Social Security Number (SSN) trace verification (including disclosure of all other names by which the individual has been known and a check for validity, a suspicious issuance date or a deceased person result); |
• | System for Award Management (SAM) database for debarment from federal programs; |
• | Office of Foreign Assets Control Specially Designated Nationals (SDN) List; |
• | Felony and misdemeanor convictions filed at federal, state, and county government levels for the individual’s home, school and work addresses for the previous seven year period, including participation in court-ordered programs, deferred adjudication, probation and parole; |
• | the US Department of Justice National Sex Offender Public Website (NSOPW); and |
• | The following investigations, as applicable: |
Customer Confidential | Page 50 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
In the event the assignment requires: | …the background investigation must include: |
Driving on behalf of Customer | Motor Vehicle history in state of current licensure, state of residence, and state of assignment, if different. |
Licensed health professional | FACIS Level 3 search |
Educational degrees, licenses, or professional certifications required for the position | Verifications of such degrees / licenses / certifications |
2. | Vendor Assignment Screening Matrix |
Vendor shall make an initial determination as to whether an individual to be assigned to perform High Access Services has passed or failed the background investigation, or requires further review, in accordance with the following screening matrix:
If the background investigations results in a discrepancy or a positive hit, as applicable, consult this matrix and the legend below: | |||||||
SSN | R | ||||||
SAM Database | F | ||||||
SDN List | F | ||||||
NSOPW | R | ||||||
Educational Degree* | R | ||||||
License(s) * | F | ||||||
Certification(s) * | F | ||||||
Year 1 | Year 2 | Year 3 | Year 4 | Year 5 | Year 6 | Year 7 | |
Felony | F | F | F | F | F | F | F |
Misdemeanor Involving Theft, Fraud, Drugs or Violence | F | F | F | R | R | R | R |
DMV – Major Violation(s)* | F | F | F | R | R | R | R |
DMV – Minor Violation(s)* | R | R | P | P | P | P | P |
FACIS Level 3 * | R | R | R | R | R | R | R |
* = If applicable to the position
LEGEND
F = FAIL
P = PASS
R = Requires evaluation and approval by Customer’s Employee Relations Department (HRdirect).
DMV – Minor Violation(s) = Any moving violation other than a Major Violation, as defined below.
DMV – Major Violation(s) = Hit and run, negligent homicide, reckless driving, careless driving, driving while license is suspended or revoked, driving while intoxicated, driving under the influence, and/or possession of open container of alcoholic beverage.
3. | Drug Free Workplace Policy |
Vendor is committed to protecting the safety, health, and well-being of its employees and all people who come into contact with its workplace(s) and property, and/or use its products and services. Recognizing that drug abuse poses a direct and significant threat to this goal, Vendor is committed to ensuring a drug-free working environment for all of its employees. Vendor will implement and enforce a policy that prohibits the illicit use, possession, sale, conveyance, distribution, or manufacture of illegal drugs, intoxicants, or controlled substances in any amount or in any manner.
Customer Confidential | Page 51 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
EXHIBIT H
MEDICARE
ADVANTAGE REGULATORY REQUIREMENTS APPENDIX
VENDOR – DELEGATED ENTITY
THIS MEDICARE ADVANTAGE REGULATORY REQUIREMENTS APPENDIX (this “Exhibit”) supplements and is made part of the Agreement.
SECTION 1
APPLICABILITY
This Exhibit applies to the administrative services performed and products provided by Vendor pursuant to the Agreement as such services and products relate to Medicare Advantage Benefit Plans. In the event of a conflict between this Exhibit and other appendices or any provision of the Agreement, the provisions of this Exhibit shall control except: (1) with regard to Benefit Plans outside the scope of this Exhibit; or (2) as required by applicable law.
SECTION 2
DEFINITIONS
For purposes of this Exhibit, the following terms shall have the meanings set forth below.
2.1 Benefit Plan: A certificate of coverage, summary plan description, or other document or agreement, whether delivered in paper, electronic, or other format, under which a Payer is obligated to provide coverage of Covered Services for a Customer.
2.2 CMS Contract: A contract between the Centers for Medicare & Medicaid Services (“CMS”) and a Medicare Advantage Organization for the provision of Medicare benefits pursuant to the Medicare Advantage Program under Title XVIII, Part C of the Social Security Act.
2.3 Covered Service: A health care service or product for which a Customer is entitled to receive coverage from a Payer, pursuant to the terms of the Customer’s Benefit Plan with that Payer.
2.4 Customer: For the purposes of this Exhibit, Customer means a person eligible and enrolled to receive coverage from a Payer for Covered Services.
2.5 Medicare Advantage Benefit Plans: Benefit Plans sponsored, issued or administered by a Medicare Advantage Organization as part of the Medicare Advantage program or as part of the Medicare Advantage program together with the Prescription Drug program under Title XVIII, Part C and Part D, respectively, of the Social Security Act (as those program names may change from time to time).
2.6 Medicare Advantage Customer or MA Customer: A Customer eligible for and enrolled in a Medicare Advantage Benefit Plan that is covered under the Agreement.
2.7 | Medicare Advantage Organization or MA Organization: For purposes of this Exhibit, MA Organization is: |
(a) UnitedHealthcare Insurance Company or one of its affiliates that has entered into a contract with CMS for the purpose of offering a Benefit Plan to MA Customers; or (b) Payer.
2.8 Payer: An entity obligated to a Customer to provide reimbursement for Covered Services under the Customer’s Benefit Plan.
Customer Confidential | Page 52 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
SECTION 3
DELEGATED ACTIVITIES
3.1 MA Organization Accountability; Delegated Activities. Vendor acknowledges and agrees that MA Organization oversees and is accountable to CMS for any functions and responsibilities described in the CMS Contract and applicable Medicare Advantage regulations, including those that MA Organization has delegated to Vendor under the Agreement. In addition to the other provisions of this Exhibit, the following shall apply with respect to any functions and responsibilities under the CMS Contract that MA Organization has delegated to Vendor pursuant to the Agreement:
(a) Vendor shall perform or arrange for the provision of those delegated activities set forth in the Agreement.
(b) | Vendor shall comply with any reporting responsibilities as set forth in the Agreement. |
(c) If MA Organization has delegated to Vendor any activities related to the credentialing of health care providers, Vendor must comply with all applicable CMS requirements for credentialing, including but not limited to the requirement that the credentials of medical professionals must either be reviewed by MA Organization, or the credentialing process must be reviewed, preapproved, and audited on an ongoing basis by MA Organization.
(d) If MA Organization has delegated to Vendor the selection of health care providers to be participating providers in MA Organization’s Medicare Advantage network, or the selection of contractors or subcontractors to perform services under the CMS Contract, MA Organization retains the right to approve, suspend or terminate the participation status of such health care providers and the agreements with such contractors or subcontractors.
(e) Vendor acknowledges that MA Organization shall monitor Vendor’s performance of delegated activities on an ongoing basis. Such monitoring activities may include site visits and periodic audits. If CMS or MA Organization determines that Vendor has not performed satisfactorily, or has failed to meet all reporting and disclosure requirements in a timely manner, MA Organization may revoke any or all of the delegated activities and reporting requirements. Vendor shall cooperate with MA Organization regarding the transition of any delegated activities or reporting requirements that have been revoked by MA Organization.
SECTION 4
VENDOR REQUIREMENTS
4.1 Data. Vendor shall submit to MA Organization risk adjustment data as defined in 42 CFR 422.310(a) if applicable. By submitting data to MA Organization, Vendor represents to MA Organization, and upon MA Organization’s request, shall certify in writing, that the data is accurate, complete, and truthful, based on Vendor’s best knowledge, information and belief.
4.2 Customer Protection. Vendor agrees that in no event, including but not limited to, non-payment by Vendor or MA Organization, insolvency of Vendor or MA Organization, or breach of the Agreement, shall Vendor bill, charge, collect a deposit from, seek compensation, remuneration or reimbursement from, or have any recourse against any MA Customer or person (other than MA Organization) acting on behalf of the MA Customer for any fees that are the legal obligation of MA Organization under the CMS Contract.
4.3 Eligibility. Vendor agrees to immediately notify MA Organization in the event Vendor is or becomes excluded from participation in any federal or state health care program under Section 1128 or 1128A of the Social Security Act. Vendor shall not employ or contract for the provision of health care services, utilization review, medical social work or administrative services and products, (collectively “Eligibility Services”), with or without compensation, with any individual or entity that is or becomes excluded from participation in any federal or state health care program under Section 1128 or 1128A of the Social Security Act. Vendor shall review the (1) Department of Health and Human Services Officer of Inspector General List of Excluded Individuals and Entities and (2) the System for Award Management (SAM), a portal for the Federal Procurement System, (and any successor lists) prior to the hiring or contracting of any new employee, temporary employee, volunteer, consultant, governing body member or subcontractor for the provision of Eligibility Services. Vendor must continue to review these lists on a monthly basis thereafter to ensure that none of these persons or entities are excluded or become excluded from participation in federal programs.
Customer Confidential | Page 53 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
4.4 Laws. Vendor shall comply with all applicable federal and Medicare laws, regulations, and CMS instructions, including but not limited to: (a) federal laws and regulations designed to prevent or ameliorate fraud, waste, and abuse, including but not limited to, applicable provisions of federal criminal law, the False Claims Act (31 U.S.C. §3729 et seq.), and the anti-kickback statute (§1128B of the Social Security Act); and (b) HIPAA administrative simplification rules at 45 CFR Parts 160, 162, and 164.
4.5 Federal Funds. Vendor acknowledges that MA Organization receives federal payments under the CMS Contract and that payments Vendor receives from or on behalf of MA Organization are, in whole or in part, from federal funds. Vendor is therefore subject to certain laws that are applicable to individuals and entities receiving federal funds.
4.6 CMS Contract. Vendor shall perform the services and provide the products set forth in the Agreement in a manner consistent with and in compliance with MA Organization’s contractual obligations under the CMS Contract.
4.7 | Records. |
(a) Maintenance; Privacy and Confidentiality; Customer Access. Vendor shall maintain records and information related to services performed and products provided by Vendor under the Agreement, in an accurate and timely manner. Vendor shall maintain such records for the longer of the following periods:
(i) in the case of records containing information related to the medical loss ratio information reported to CMS by the MA Organization, including, for example, information related to incurred claims and quality improvement activities, at least [***] from the date such medical loss ratio information is reported to CMS by the MA Organization, or
(ii) in the case of all records, at least [***] from the final date of the CMS Contract period in effect at the time the records were created, or such longer period as required by law.
Vendor shall safeguard MA Customer privacy and confidentiality, including but not limited to the privacy and confidentiality of any information that identifies a particular MA Customer, and shall comply with all federal and state laws regarding confidentiality and disclosure of medical records or other health and enrollment information, including the requirements established by MA Organization and the Medicare Advantage program, as applicable.
(b) Government Access to Records. Vendor acknowledges and agrees that the Secretary of Health and Human Services, the Comptroller General, or their designees shall have the right to audit, evaluate and inspect any pertinent books, contracts, computer or other electronic systems (including medical records), patient care documentation and other records and information belonging to Vendor that involve transactions related to the CMS Contract. This right shall extend through the longer of the following periods:
(i) in the case of records containing information related to the medical loss ratio information reported to CMS by the MA Organization, including, for example, information related to incurred claims and quality improvement activities, at least [***] from the date such medical loss ratio information is reported to CMS by the MA Organization, or
(ii) in the case of all records, at least [***] from the later of the final date of the CMS Contract period in effect at the time the records were created or the date of completion of any audit, or longer in certain instances described in the applicable Medicare Advantage regulations.
For the purpose of conducting the above activities, Vendor shall make available its premises, physical facilities and equipment, records relating to the services performed and the products provided under the Agreement, and any additional relevant information CMS may require.
Customer Confidential | Page 54 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
(c) MA Organization Access to Records. Vendor shall grant MA Organization or its designees such audit, evaluation, and inspection rights identified in subsection 4.7(b) as are necessary for MA Organization to comply with its obligations under the CMS Contract. Whenever possible, MA Organization will give Vendor reasonable notice of the need for such audit, evaluation or inspection, and will conduct such audit, evaluation or inspection at a reasonable time and place.
4.8 Subcontracts. If Vendor has any arrangements, in accordance with the terms of the Agreement, with affiliates, subsidiaries or any other subcontractors, directly or through another person or entity, to perform any of the services or provide any products Vendor is obligated to perform or provide under the Agreement that are the subject of this Exhibit, Vendor shall ensure that all such arrangements are in writing, duly executed, and include all the terms contained in this Exhibit. Vendor shall provide proof of such to MA Organization upon request. In addition, Vendor agrees to oversee and monitor, on an ongoing basis, the services Vendor has subcontracted to another person or entity. Vendor further agrees to promptly amend its agreements with such subcontractors, in a manner consistent with the changes made to this Exhibit by MA Organization, to meet any additional CMS requirements that may apply to the performance of the services or the provision of the products.
4.9 Offshoring. Unless previously authorized by MA Organization in writing, all services provided by Vendor pursuant to the Agreement that are subject to this Exhibit must be performed within the United States, the District of Columbia, or the United States territories.
If MA Organization authorizes Vendor in writing to perform Medicare-related services that involve Medicare beneficiary protected health information (“PHI”) pursuant to the Agreement at locations outside of one of the fifty United Sates, the District of Columbia, or one of the United States Territories (American Samoa, Guam, Northern Marianas, Puerto Rico and Virgin Islands), the following provisions apply:
(a) Vendor represents and warrants to MA Organization that Vendor has in place and will comply with policies and procedures to ensure that all PHI and other personal information remains secure. Vendor will provide written evidence of the policies and procedures upon MA Organization’s request.
(b) Vendor will provide prior written notice to MA Organization of (a) any material change in the Medicare-related services that involve PHI that Vendor performs offshore, (b) any material change in Vendor’s policies and procedures to ensure that all PHI and other personal information remains secure, and
(c) any material change in the tools and systems used by Vendor to ensure that all PHI and other personal information remains secure.
(c) Vendor is prohibited from receiving access to any PHI or other personal information that is not associated with its contractual relationship with MA Organization. If Vendor receives access to PHI or other personal information of MA Organization’s members that is not associated with Vendor’s contractual relationship with MA Organization, Vendor will immediately notify MA Organization that it has received such access, return all PHI or personal information accessed by Vendor, and destroy any such PHI or personal information that remains in Vendor’s possession after doing so (i.e. copies, electronic records, back-ups or temporary files).
(d) Vendor’s services under the Agreement may be terminated [***] upon discovery of a significant security breach.
(e) | Vendor authorizes MA Organization or its designee to conduct an audit of Vendor [***]. |
(f) Vendor acknowledges and agrees that MA Organization will use the results of its audit of Vendor to evaluate the continuation of MA Organization’s relationship with Vendor.
(g) Vendor authorizes MA Organization or its designee to share the results of audits of Vendor with CMS.
Customer Confidential | Page 55 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
SECTION 5
OTHER
5.1 Regulatory Amendment. MA Organization may unilaterally amend this Exhibit to comply with applicable laws and regulations and the requirements of applicable regulatory authorities, including but not limited to CMS. MA Organization shall provide written notice to Vendor of such amendment and its effective date. Unless such laws, regulations or regulatory authority(ies) direct otherwise, the signature of Vendor will not be required in order for the amendment to take effect.
rev. 08-13
Customer Confidential | Page 56 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
EXHIBIT I
MASTER COMMUNITY & STATE APPENDIX
THIS MASTER COMMUNITY & STATE APPENDIX (this “Exhibit”) supplements and is made part of the Agreement. This Exhibit applies with respect to the provision of services Vendor provides for any Customer health plan Affiliate administering a Medicaid or other state-specific (“State”) government funded and regulated program (“State Program”). In the event of a conflict between this Exhibit and other appendices or any provision of the Agreement, the provisions of this Exhibit shall control except with regard to benefit plans outside the scope of this Exhibit or unless otherwise required by law or applicable State regulatory agency. Vendor will comply with the following requirements to the extent applicable to Vendor’s performance of services under the Agreement.
Capitalized terms used but not defined in this Exhibit shall have the meaning assigned to them in the Agreement or other applicable appendix.
1. Regulatory Approval and Filing. In the event Customer is required to file the Agreement with federal, state or local governmental authorities, Customer shall be responsible for filing the Agreement with such authorities as required by any applicable law or regulation. If following any such filing, the governmental authority requests changes to the Agreement, Vendor agrees to cooperate with Customer in preparing the response to the governmental authority.
2. Compliance with Law and Government Contracts. Vendor and Customer agree to comply with all applicable federal, State, and local laws, rules, and regulations in connection with the performance of their obligations under the Agreement. All tasks under the Agreement also must be performed in accordance with the requirements of applicable contracts between any Customer Affiliate and State and/or federal regulatory agencies. Customer will provide or otherwise communicate such requirements to Vendor. Vendor shall ensure all agents, employees, assigns and subcontractors, if any, that are involved in providing services under the Agreement also comply with this Section.
3. Delegation and Oversight. In compliance with the delegation and oversight obligations imposed on Customer Affiliates under their contracts with State and/or federal regulatory agencies, Customer reserves the right to revoke any functions or activities delegated to Vendor under the Agreement, if in the reasonable judgment of Customer or an applicable Customer Affiliate, Vendor’s performance under the Agreement does not comply with obligations under applicable government contracts. This right shall be in addition to Customer’s termination rights under the Agreement.
4. Press Release; Marketing; Advertising; Use of Name and Trademarks. Except as otherwise set forth in the Agreement, Vendor shall not publicly use the name, logo, trademark, trade name, or other marks of Customer without Customer’s prior written consent. The parties mutually agree to provide, at a minimum, at least [***] and opportunity to comment on all press releases, advertisements or other media statements and communications regarding the Agreement, the services or the business relationship between the parties. A party shall obtain the other party’s written consent prior to any publication or use of such materials or communications. Nothing herein shall be construed to create a right or license to make copies of any copyrighted materials.
5. Offshoring. Unless previously authorized in writing by the appropriate Customer health plan Affiliate and State governing agency, if required, all work performed under the Agreement shall be performed from location(s) in the 50 United States. If Vendor receives authorization pursuant to this Section 5 to offshore certain obligations under the Agreement, Customer will provide, and Vendor shall comply with, all applicable offshoring regulations, requirements or restrictions, including any applicable security controls. The parties agree that any offshoring restrictions or requirements may be updated at any time to comply with applicable law and any other requirements.
6. Subcontracts. To the extent required by any regulatory agency governing any Medicare or Medicaid or other governmental benefit plans (or as may be set forth in an appendix) or any accrediting agency, Vendor shall provide advance notice to Customer and obtain Customer’s consent prior to any subcontracting of any of its responsibilities under the Agreement.
Customer Confidential | Page 57 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
7. Regulatory Amendment. Customer may unilaterally amend this Exhibit to comply with applicable regulatory requirements required under law. Upon Customer’s notification of such changes, Customer will provide notice to Vendor. If such regulatory amendment materially affects the position of either party or renders it illegal for a party to continue to perform under the Agreement in a manner consistent with the parties’ intent, then the parties shall negotiate further amendments to this Exhibit or the Agreement as necessary to correct any inequities, to the greatest extent possible.
8. Effect of Termination or Expiration. Within [***] after the expiration or termination for any reason (or to any extent) of the Agreement and/or this Exhibit, Vendor shall return or destroy all applicable PHI, if feasible to do so, including all applicable PHI in possession of Vendor’s agents or subcontractors. To the extent return or destruction of the PHI is not feasible, Vendor shall notify Customer in writing of the reasons return or destruction is not feasible and, if Customer agrees, may retain the PHI subject to this section. Under any circumstances, Vendor shall extend any and all protections, limitations and restrictions contained in this Exhibit to Vendor’s use and/or disclosure of any applicable PHI retained after the expiration or termination (to any extent) of the Agreement and/or this Exhibit, and shall limit any further uses and/or disclosures solely to the purposes that make return or destruction of the PHI infeasible.
Customer Confidential | Page 58 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
EXHIBIT J
EXCHANGE REGULATORY APPENDIX
THIS EXCHANGE REGULATORY APPENDIX (this “Exhibit”) supplements and is made part of the Agreement and shall survive termination of the Agreement to the extent it or applicable law imposes continuing obligations.
SECTION 1
APPLICABILITY
Customer is operating as a certified Qualified Health Plan Issuer (“QHP Issuer”) in one or more public Health Care Exchanges (“Exchange”) created under the terms of the Federal Patient Protection and Affordable Care Act (“PPACA”) and any implementing State law. Customer may be delegating certain of its QHP Issuer's activities, reporting responsibilities, and/or other obligations, to Vendor.
This Exhibit applies solely to the services performed and provided with respect to any Exchange business delegated by United to Vendor pursuant to the Agreement. In the event of a conflict between this Exhibit and other appendices or any provision of the Agreement, the provisions of this Exhibit shall control, except as required by applicable law. Terms in this Agreement shall be as defined in PPACA, as supplemented by any applicable State Exchange law.
SECTION 2
PROVISIONS
This Exhibit is intended to comply with Exchange laws and substantive requirements.
1. The delegated activities and reporting responsibilities are set forth in the Agreement to which this Exhibit is attached. To the extent such delegated activities and reporting responsibilities serve Exchange business, they are designated as “QHP Services”.
2. Vendor acknowledges and agrees that Customer may revoke the delegated activities and reporting standards of Vendor or specify other remedies, for the respective Exchange, in instances where the U.S. Department of Health and Human Services (“HHS”), a State Exchange regulator, or Customer determines that such parties have not performed satisfactorily. To the extent that HHS or a State Exchange regulator directs the revocation, Customer shall provide immediate written notice of such to Vendor, and such revocation shall become effective as directed by HHS or the State Exchange regulator. Vendor shall cooperate with Customer regarding the transition of any QHP Services that have been revoked by United.
3. Vendor must comply with all applicable laws and regulations relating to the standards specified in 45 CFR § 156.340, as it may be amended from time to time, and all other Federal and/or State laws relevant to Customer’s Exchange business being serviced.
4. Vendor must permit access by the Secretary of HHS and the Office of Inspector General or their designees, in the case of Federally Facilitated Exchange (“FFE”) business, or comparable State regulators, in the case of State Exchange business, in connection with their right to evaluate through audit, inspection, or other means, to Vendor's books, contracts, computers, or other electronic systems, including medical records and documentation, relating to the Customer’s obligations as a QHP Issuer in accordance with Federal standards under 45 CFR §156.340, as it may be amended from time to time, with all records retained for at least [***] from the final date of the Agreement period or such lesser period which may be specified in State law for State Exchanges.
5. If submitting FFE data is involved, Vendor is bound by the terms of Customer’s agreement between Qualified Health Plan Issuer and The Centers for Medicare and Medicaid Services or any applicable trading partners or comparable State Exchange agreement, to test its software, and receive Customer’s approval of software as being in the proper format and compatible with the FFE or the applicable State system.
Customer Confidential | Page 59 of 60 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
6. If any State Exchange or HHS for FFEs requires additional specific provisions to be in Customer’s agreement with any delegated or downstream entity, they will be provided to Vendor by Customer and are incorporated herein by reference or by attaching a copy of such provisions to this Exchange Regulatory Exhibit.
7. If Vendor delegates any QHP Services to a downstream entity (as such term is defined in 45 C.F.R. § 156.20), Vendor shall provide written advance notification to Customer of such delegated activities and reporting responsibilities before the applicable effective date of the delegation under federal regulations, Vendor shall bind the downstream entity to all the terms of this Exhibit, including providing for revocation of the delegated activities.
Customer Confidential | Page 60 of 60 | Rev 3.16.16 |
Exhibit 10.33
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
STATEMENT OF WORK NO. 3
This is Statement of Work (“SOW”) No. 03 to the MASTER SERVICES AGREEMENT dated December 19, 2016 (the “Agreement”), between United HealthCare Services, Inc., (“Customer”) on behalf of itself and its Affiliates and Innovation Specialists, LLC d/b/a 2nd.MD (“Vendor”). This SOW is effective as of September 1st, 2019 (the “SOW Effective Date”), regardless of the execution dates hereof. All capitalized terms not otherwise defined in this SOW will have the meanings assigned to them in the Agreement. Unless modified herein, all terms in the Agreement shall remain unchanged and in full force and effect.
1. | CUSTOMER BUSINESS SEGMENT RECEIVING SERVICES: |
Optum Consumer Solutions Group. Key operating differences for Customer’s Client UnitedHealthcare Global are set forth in Exhibit A-6.
2. | DEFINITIONS |
Capitalized terms used in this SOW, but not defined herein, have the respective meaning given to them in the Agreement. In addition to terms otherwise defined in this SOW or in the Agreement, the following terms have the meanings set forth below:
2.1 | “Care Team” means the team of doctors, nurses and other medical professionals, hired and employed by Vendor who each shall have a valid, unrestricted license to engage in their respective profession in a state in the United States. |
2.2 | “Client” means organizations that have purchased, or may purchase, the Services from Customer. |
2.3 | “Client Contract” means the terms of a binding contract executed by and between the Client and Customer under which the parties agreed that Services will be offered to Client by Customer. |
2.4 | “Consultation” means the clinical second opinion review and consultation services performed in accordance with Section 4.3 of this SOW. |
2.5 | “Flow Down Provisions” means all applicable requirements related to the Services, including, but not limited to, subcontractor restrictions, service level agreements or termination rights, from a Client Contract. |
2.6 | “Hosted Services” means Vendor’s secure, proprietary HIPAA-compliant system utilized for Services, including, but not limited to, managing data for Consultations and User data; and, is more fully described in in Section 3.2 of the SOW. |
2.7 | “Member” means an individual within an eligible population of Client that may receive Services under this SOW under the terms of a Client Contract. |
2.8 | “Mobile App” means the secure mobile application provided by Vendor, which is made available to Members for Services. |
2.9 | “Optum” means the UHS Affiliate that is receiving the Services under this SOW, and marketing such Services, in addition to Vendor, to Clients of Optum. |
2.10 | “Participant” means a Member that is receiving Services under this SOW. |
2.11 | “Targeted Outreach” means Vendor targeted outbound calling for high impact conditions for Participants identified by Customer by daily batch files, in which Participants are identified by Customer’s prior authorization process and/or Optum care management algorithm identifying high impact cases. Targeted Outreach will be included for all Clients and Clients can opt-out, if needed. |
Customer Confidential | Page 1 of 38 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
2.12 | “Services”, as referenced herein this SOW, means the Services, as set forth in Sections 3 and 4. |
2.13 | “Specialist” means a board certified, licensed medical doctor, located in the United States, who (i) has completed a multiple year residency in a specific specialty of medicine, (ii) is selected by Vendor based upon their credentials, and (iii) (1) has studied, trained, or are currently working at a leading hospital or teaching institution or (2) has led multiple peer reviewed studies in their field of specialty or (3) is a recognized expert in their field of subspecialty. |
2.14 | “Users” means each of the named individuals (Participants, Customers, and Clients) who have access credentials established by Vendor and are authorized to access and use the Hosted Service in accordance with this SOW and the Agreement. |
3. | PURPOSE AND HIGH-LEVEL SCOPE OF SERVICES: |
Vendor will provide the Services as set forth below and more fully described in this SOW including any exhibits attached hereto.
3.1 | Health Education and Clinical Consultation Services |
Vendor will perform Consultations, as directed and requested by a Participant pursuant to the process described in Section 4. Vendor will cause the Specialists who provide clinical consultations to generally educate Participants about their clinical condition, the treatment options available for their clinical condition and the risks and benefits associated with such options. In arranging for the performance of Consultations, Vendor will conduct certain other administrative services in support of the same, including, but not limited to, Participant medical record retrieval related to the requested Consultation, development of communication to Participants (which includes the Consultation summary), development of communication to a Participant’s treating doctor, if requested, secure transmittal and storage of data associated with the Consultation, and reporting as more fully described herein.
Additionally, Members can text a question through Vendor’s secure Mobile App, and receive an answer within [***]. This service is utilized for a quick response to questions that can be answered without the need to review medical records. This service only applies to clients who have elected to use this service prior to [***]. All new clients sold after [***] will automatically receive this service.
The parties agree to offer the Services to Clients who have a Client Contract with the Customer business segment set forth in Section 1 of this SOW.
3.2 | Hosted Services |
Vendor will, in accordance with the terms and conditions of this SOW and the Agreement, grant access to and use of its website and Mobile App, in English only and other languages as they become available, to the following parties: (i) Customer for (a) testing the delivery of the Services and (b) access via a secure web-dashboard (the “Client Self Reporting Dashboard”), no later than [***], access to reporting as set forth in Section 4.5; and, as applicable, (ii) Members for service delivery of the Services.
3.3 | Supplementary Services |
For the provision of the Services, Vendor will provide supplementary services related to: (1) the “Nurse Portal” to better facilitate access to and delivery of data between Customer and Vendor and Participant; and (2) the delivery of certain other services, as set forth in this SOW, in support of the Services; and, if requested by Customer, (3) the implementation of the “Three Day Gateway”, upon mutual agreement in writing between Vendor and Customer via an amendment to the SOW; and, (4) ancillary services, including, but not limited to, Services marketing, implementation of the Services for Clients, and technical support, as is more fully described in this SOW. The services set forth in this paragraph shall be referred to as “Supplementary” services.
Customer Confidential | Page 2 of 38 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
4. | DETAILED DESCRIPTION OF SERVICES: |
4.1 | Generally. |
4.1.1 | Licensure. Before performing the Services set forth in this SOW, Vendor will secure and obtain, at Vendor’s sole cost and expense, all licenses, credentials, permits, approvals, and authorizations that are required by applicable law for Vendor’s proper and lawful performance of the Services under this SOW. |
4.1.2 | Guidelines. |
• | Policies. For the purposes of performing the Services as required under this SOW, Vendor will provide all Services in accordance with any Customer policies, processes or methodologies, provided Vendor has received notice of such policies. Furthermore, Vendor will cause its personnel to follow and comply with all policies, and, where applicable, methodologies related to the performance of Services. |
• | Applicable Laws. In Vendor’s performance of Services under this SOW, Vendor will comply with all applicable federal rules, regulations, laws, and guidelines and all applicable rules, regulations, laws and guidelines of a state that are applicable to Vendor’s provision of Services within the state (“Laws”). Vendor shall comply with all Laws to which the Services become subject after the SOW Effective Date. Vendor shall adopt all applicable changes in Laws into Vendor’s business practices within timeframes required by the Laws or, if no time frame is required, within [***] of Vendor becoming aware of the Law. Vendor shall modify or revise its business practices as necessary to comply with changes in Laws, applicable state agency requirements, and applicable licensing requirements. |
4.1.3 | Data; Records; Archival. Vendor will securely store, transmit, and archive all raw and processed data files consistent with the requirements set forth in Exhibit E (Security) and Section 13 (Record Keeping and Audit) of the Agreement, respectively. Customer data must be archived for a period [***]. This data will be secured pursuant to Exhibit F (Security) of the Agreement and, when permitted under HIPAA and any applicable laws relating to the privacy of personal information, will be made available to Customer within [***] of receipt of a written request. For purposes of this SOW, “securely archived” means, with respect to electronic materials, such materials are encrypted consistent with NIST Special Publication 800-111, Guide to Storage Encryption Technologies for End User Devices. |
4.1.4 | Participant Relationship with Doctor. [***]. |
4.1.5 | Use of Name |
• | General. Notwithstanding anything to the contrary in Section 16 (Use of Name and Publicity) of the Agreement, Vendor may disclose that Customer is a client of Vendor only to the extent strictly necessary in order for Vendor to distribute, market, and perform the Services set forth in this SOW. |
• | Clients. Unless otherwise set forth in writing by both Customer and Client, Vendor will not use the name or logo of any Client, or other identifying marks belonging to Client, in any context. The foregoing sentence will not preclude Vendor from using the names, logos, trademarks, trade names, or other marks of any Client when Vendor is contractually permitted to do so under an alternate agreement with such Client. Vendor may obtain Client’s written consent to use Client name and logos for Vendor’s internal marketing purposes, to include Vendor sales presentations. Vendor sales presentations will not be printed or distributed if they contain Client name and logos. |
Customer Confidential | Page 3 of 38 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
4.2 | Management of Services |
4.2.1 | Oversight. Vendor will use its best efforts to timely perform the Services, deliverables, quality control, and service level compliance. Vendor will maintain oversight of the personnel and Specialists performing Services to ensure they are performed in accordance with this SOW. |
4.2.2 | Quality Expertise. |
• | Quality Assurance. Vendor will provide quality assurance services in its oversight of the Services and performance of the Services. |
• | Quality Improvement. The parties acknowledge and understand that the Services may require improvements of any one or more individual components to improve the success of the Services and Services (i) offered by Vendor, or, more specifically, (ii) offered to Clients of Customer. Vendor agrees to cooperate with Customer, or any Client of Customer who receive Services hereunder, in an effort to continually improve the User experience and Services offered by Vendor. For purposes of example, Customer may suggest changes to the User experience, and if Vendor is agreeable to such Customer suggested changes, Vendor may voluntarily choose to implement, at its sole cost and expense, the suggestion made by Customer, unless such changes are documented in a SOW as Work Product of Customer.
Vendor will continually improve its design and delivery of the Services, including the Hosted Services. |
4.2.3 | Project Management. |
• | Meetings. The Vendor Project Manager (“Vendor PM”) will participate in telephone conference meetings with Customer, for a mutually agreed upon period and frequency, to discuss project-specific deliverables, including, but not limited to, project-specific needs, data transfers, progress, specification interpretation, milestones, and collaborative resolution of data collection and/or performance issues. |
• | Issue Notification; Resolution. In the event that an error occurs or an issue arises during the SOW Term regarding the Services or Client implementation hereunder (each, an “Issue”), the Vendor will notify Customer of the Issue within [ ***] from the time the Issue is identified. Vendor will work with Customer to determine best course of action to resolve the Issue, which Customer may approve in its sole discretion. Vendor will be liable for all costs associated with resolving such Issue, unless the Issue is directly attributed to Client or Customer. |
• | Training. Vendor will provide training via webinar, or otherwise mutually agreed upon format, as may be customized by Vendor for the Services set forth in this SOW, to Customer (or its employees) regarding the Services, including the Services and Hosted Service, being offered under this SOW. |
Customer Confidential | Page 4 of 38 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
4.2.4 | Participant Experience. |
• | Documentation. The parties have mutually agreed to certain Documentation, and will continue to mutually agree to Documentation that may be developed or determined to be necessary for the performance of Services over the SOW Term. Documentation will be incorporated in the performance of Services after Vendor has received written approval (email is sufficient) from Customer. As used herein, “Documentation” means all operating manuals, user manuals, training and marketing materials, templates, job aids, engagement processes, guides, product descriptions, product specifications, technical manuals, supporting materials, and other information relating to the Services provided by or on behalf of Vendor to Customer. |
• | Language Requirements. Vendor will provide Services in English and such other languages and modes of communication as required by Customer. For purposes of clarification, this will include all Documentation, communication which may occur over the phone, and any verbiage on the Hosted Services. To overcome any Participant language barriers, Vendor will provide access to: (i) its bilingual employees, (ii) an over-the-phone translation service, via the Subcontractor set forth in this SOW, and (iii) other necessary modes of translation as may be agreed upon by the parties. |
4.2.5 | Time is of the Essence. Vendor acknowledges that time is of the essence in the performance of the Services set forth in this SOW. Therefore, if Customer believes, in good faith, that Vendor is not or will not be able to perform the Services in the manner and timelines prescribed, then Customer will notify Vendor, and if Vendor cannot provide Customer with reasonable assurances that, in Customer’s sole discretion, provide Customer with the comfort that the Services will be performed in the manner and timelines prescribed, then Customer may, notwithstanding anything to the contrary herein, engage another vendor to perform the Services. |
4.3 | Consultation Services. |
4.3.1 | Overview. Vendor shall provide Consultations, via video or telephonically, for Participants with Specialists as more fully described in this Section. Consultations are available for a range of medical conditions, currently covering each of the American Board of Medical Specialties and sub-specialties. |
Customer Confidential | Page 5 of 38 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
4.3.2 | Data. |
• | Eligibility Data. [***], Customer or its designee will electronically transmit to Vendor via a mutually agreeable secure, electronic means an eligibility file containing the covered population of Members (the “Eligibility File”). Such Eligibility File will contain an accurate and complete file of Members associated with each Client [***] and will be provided in mutually agreed upon file format and data specifications as to be determined by the parties. If there are issues with Eligibility File, Vendor may agree to perform registration in advance of Customer providing an initial Eligibility File. |
• | Notice of Termination of Benefits. In the event a Member is no longer eligible to participate in the Services, Customer or its designee will provide to Vendor a file denoting that such Member is no longer eligible for Services. For purposes of clarification, Vendor will perform Services in accordance with this SOW for Participants who initiated their Consultation prior to the date in which their benefits were terminated. |
• | Data Acceptance. Each file will be deemed acceptable on the date when Vendor notifies Customer via email that each file was accepted, but not more than [***] after receipt. |
4.3.3 | Consultation. |
• | Pre-Consultation. To obtain a Consultation, Member must have received a diagnosis, and/or treatment plan from a licensed medical practitioner, or remain undiagnosed after multiple visits to specialists, or be identified by Customer for Vendor’s targeted outreach efforts. Members shall access Vendor’s Services, as set forth below, by referral from a Customer program, calling a toll-free number [***], logging into the Landing Page (by entering the following information: [***]), engaging with Vendor following receipt of a communication from Vendor as part of Vendor’s targeted outreach, or using Vendor’s Mobile App (which is available once an account is created via the Vendor’s website). Member agrees to Participant Terms when activating membership through Vendor portal, and can unsubscribe to Vendor communications at any time. Once a Member completes the pre- consultation items set forth above, such Member becomes a Participant, at which time Vendor will make initial contact with the Member [***], including, if needed, making up to [***]. Participant will sign a release of information form when Vendor makes initial contact with the Member. |
• | Consultation by Video or Phone. Participant may select a Specialist with the assistance of the Care Team from Vendor’s list of Specialists. At Participant’s request, Participant shares their medical background with the Care Team. At Participant’s request, the Care Team schedules a Consultation with the selected Specialist. The Participant may speak with a Specialist by secure video or phone. |
Customer Confidential | Page 6 of 38 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
• | Consultation by Text. When available and as mutually agreed upon by the parties, Participant can text a question through the Vendor’s secure Mobile App and Vendor will provide a text response within [***]. The Participant can review the Care Team’s written response through eithereview the Care Team’s written response through either the Mobile App or through the website.r the Mobile App or through the website. |
• | Consultation by Local In-Network Doctor. When available and as mutually agreed upon by the parties, Vendor shall provide the Participant with recommendations of local, in-network physicians, if requested by the Participant and shall transfer all pertinent medical records and a Consultation summary, as directed by the Participant. Vendor will use Participant’s location to locate a physician for the Participant’s needs, located within a [***] radius of the Participant’s home, or other radius as determined by the Participant. |
• | Post-Consultation. Regardless of the mode of Consultation utilized by a Participant, Vendor will provide to Participant, [***] of their Consultation, a Consultation summary. The Consultation summary will include the written notes, health education information and recommendations from the Specialist. Participants can access the summary through the Member Portal or receive the summary via overnight mail. Within the Consultation summary, Vendor may, if mutually agreed upon by the parties, refer a Participant to Customer for further support or inquiries. |
4.3.4 | Medical Record Retrieval; Provider Communication |
• | Generally. Vendor will ensure that its Care Team conduct themselves in a professional and respectful manner when in contact with providers (or their respective agents). |
• | Provider Outreach. Vendor will begin retrieval of Participant’s medical records no later than [***] from receipt of written authorization of the Participant. Vendor will make as many outreach attempts as is necessary to obtain the applicable medical records for a Consultation. Vendor will ensure its record retrieval efforts include a verification process prior to the delivery (via fax, email or telephonically) of any and all PHI. Vendor shall be accountable for working with provider offices to determine the appropriate methods to retrieve medical records. |
• | Medical Record Images. Vendor will store a Participant’s medical records within the Hosted Services, per the record keeping requirements set for the in Section 4.1.3 of this SOW and in accordance with HIPAA and Exhibit F (Security) of the Agreement. |
• | Provider Questions. Vendor will provide a toll-free telephone helpline for providers who may have questions about the Consultation or Consultation procedures, including medical record retrieval. The helpline will be staffed during the hours from [***] during regular business days. |
4.3.5 | Vendor Care Team. |
• | Roles and Responsibilities. Each Participant’s case shall be assigned to a Care Team case manager. A Care Team case manager will conduct the initial intake call with each Member and listen to the Participant’s medical concerns. The Care Team case manager will assist each Member throughout the Consultation process, including the creation of a Participant profile, the scheduling of an appropriate Specialist, and the retrieval and secure digitization of the Participant's medical records. Vendor’s post-session follow-up with Participant will include Consultation satisfaction ratings and effectiveness surveys as agreed to by Customer to evaluate the impact of the Consultation service. |
Customer Confidential | Page 7 of 38 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
• | Response Time: Care Team case managers will support phone service from [***] during regular business days [***]. An answering message service will document all inbound calls during off-hours and deliver messages left by Participants to Vendor on the next business day. The automated attendant will allow the Participant to select ‘urgent’ or ‘non-urgent’. If Participant indicates that the call is urgent (and related to a Consultation or the Services), the Participant will have the opportunity to speak with a live nurse, including during off- hours. The Care Team will respond to all non-urgent Participant requests within [***]. The Care Team shall correspond with Participant digitally, telephonically, or both digitally and telephonically, per the Participant’s designated preferred method of communication. Vendor will endeavor to provide Participant available times for a Consultation with a Specialist within [***] on average after Participant completes their medical record release forms and selects a Specialist. |
4.4 | Training; Education. |
4.4.1 | Member Education. Vendor will educate Members who are Users about its services, via email, if and when provided permission to perform such education by Customer and Member. |
4.4.2 | Customer Training. During the SOW Term, Vendor will provide initial comprehensive training to Customer and, upon Customer request, provide incremental training to Customer in support of the Services throughout the SOW Term. |
4.4.3 | Client Training. During the SOW Term, if requested by Customer, Vendor will provide initial comprehensive training to Clients and, upon Customer request, provide incremental training to Clients in support of the Services throughout the term of such Client Contract. |
4.5 | Reporting. Vendor will provide, at a minimum, the following reports, in both PDF and Excel formats, to Customer and each Client (as set forth below) per a mutually agreed upon frequency, format and delivery method. Vendor will ensure Customer is able to download the following reports in both PDF and Excel formats when the following reports are made available via the Client Self Reporting Dashboard. |
4.5.1 | Telephony Reporting. Vendor will provide to Customer monthly, the following data per the calculations agreed upon by the parties: |
(a) | [***] |
(b) | [***] |
(c) | [***] |
4.5.2 | Service Metric Reporting. |
• | On Demand. Vendor will provide, at a minimum, the following metrics to Customer through the Client Self-Reporting Dashboard, at each of the following levels: Client and Optum book of business. The data in each report shall be delivered per the requirements mutually agreed upon by the parties. |
(a) | [***] |
(b) | [***] |
(c) | [***] |
(d) | [***] |
(e) | [***] |
Customer Confidential | Page 8 of 38 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
• | Quarterly. Vendor will provide, at a minimum, the following metrics to Customer [***], at each of the following levels: Client and Optum book of business. The data in each report shall be delivered per the requirements mutually agreed upon by the parties. |
(a) | [***] |
(b) | [***] |
(c) | [***] |
(d) | [***] |
(e) | [***] |
4.5.3 | Quality Reports. Vendor will also provide Customer with periodic reports [***] |
4.5.4 | regarding Vendor’s quality assurance and quality improvement activities (both more fully described in Section 4.2.2). |
4.5.5 | Regulatory Data and Reports. Vendor will provide reasonable cooperation to Customer in the generation of data and reports as may be required by local, state, or federal oversight agencies, including CMS. Such data and reporting shall be provided in a timely manner and in an electronic format mutually agreeable to the parties. |
4.5.6 | Client Data and Reports. Vendor will provide reasonable cooperation to Customer in the generation of data and reports as may be required by Clients of Customer. Such data and reporting shall be provided in a timely manner and in an electronic format mutually agreeable to the parties. |
4.5.7 | Ad Hoc Reports; Custom Reports. Vendor will provide reasonable cooperation to Customer in the generation of data and reports as may be required by Clients or, if applicable, regulatory oversight agencies. Such data and reporting shall be provided in a timely manner and in an electronic format mutually agreeable to the parties. If additional fees are to be incurred, the parties will mutually agree to such terms via an amendment to this SOW. |
5. | PERSONNEL: |
5.1 | Generally. Vendor shall provide, without the advice, control, or supervision of Customer, an adequate number of staff, who are fully qualified and competent and, where applicable, who have all licenses required by applicable law to perform or deliver the Services. |
5.2 | Resource Management. |
5.2.1 | Constraints. Vendor represents and warrants that it will not perform all or a part of the Services hereunder using off-shore (i.e., non-United States located) resources unless Vendor has been specifically granted written consent to do so by Customer, which consent will not be unreasonably withheld or delayed. |
5.2.2 | Subcontracting. |
• | Vendor will ensure that any subcontractors who perform any part of the Services are approved by UHS in accordance with the terms and conditions of the Agreement (hereinafter, “Approved Subcontractors”), and that such Approved Subcontractors abide by the terms and conditions of the Agreement and this SOW. Vendor is ultimately responsible to ensure that the Services subcontracted to Approved Subcontractors are performed in accordance with the Agreement and this SOW. |
Customer Confidential | Page 9 of 38 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
• | Any changes to Approved Subcontractors will require prior written approval by Customer but will not require the Parties to enter into a written amendment to this SOW. |
5.2.3 | Account Management. Vendor will provide a named account manager (“Vendor AM”) to support Customer for the SOW Term. Vendor will provide Customer with reasonable access to the Vendor AM during normal business hours. The Vendor AM will promptly respond to Customer’ requests no later than [***] from the time of request and shall act in a manner that is consistent with commercially acceptable account management standards. If Vendor AM is unavailable for a period of [***], an alternate Vendor AM will be assigned. |
5.2.4 | Project Management. Vendor PM will be the single point of contact to Customer to answer general operational questions, address any issues related to the Services or the performance of the Services, and to provide any important operational updates. Vendor PM will promptly respond to Customer’s requests no later than [***] from the time of request. If Vendor PM is unavailable for a period of [***], an alternate Vendor PM will be assigned. |
5.2.5 | Specialists. |
• | Warranty. Vendor represents and warrants that all personnel assigned to perform Services under this SOW shall have the proper skill, licensure, certification, training and background to be able to perform Services in a competent and professional manner, without the advice, control, or supervision of Customer. |
• | Engagement. Vendor will maintain active training, support, and communication with Specialists in performance of Services in accordance with this SOW and the Agreement. Vendor will provide Specialists with one or more Vendor points of contact to train and support Specialists in performance of Services in accordance with the terms of this SOW. Vendor will ensure Specialists are familiar with the Services and System. |
• | Oversight. Vendor is responsible to ensure that its Specialists perform the Services contracted to Specialists and comply with all applicable requirements in the Agreement in the SOW. |
5.3 | Training. Vendor will provide its staff, personnel, and Specialists with ongoing training in the proper procedures relative to performance of the Services, including, but not limited to, the obligations under HIPAA. Vendor will cause its personnel to follow and comply with all Customer written or otherwise documented standards, policies and guidelines, and, where applicable, methodologies, related to the performance of Services. |
5.4 | Professionalism. Vendor will cause its staff to conduct themselves in a professional and respectful manner, including, but not limited to, Exhibit G (Vendor Code of Conduct) of the Agreement, while performing the Services and otherwise in accordance with Laws, rules and regulations, including, but not limited to, HIPAA. |
5.5 | Key Personnel. Customer agrees that Vendor personnel performing the Services set forth in this SOW shall not be Key Vendor Personnel (as defined in the Agreement). |
Customer Confidential | Page 10 of 38 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
6. | HOSTED SERVICE: |
6.1 | Generally. |
6.1.1 | Viruses; Disabling Codes. Vendor warrants that the Hosted Service is tested against viruses, Trojan horses, worms, time bombs, cancelbots or other similar harmful devices that could disrupt or disable a computer system or any of its components and said Hosted Service contains no such devices, to the best of Vendor's knowledge based on such testing. |
6.1.2 | Advertising and Links to the Hosted Services. Vendor will ensure the Hosted Service does not include any third-party advertising, without Customer’s prior written consent, nor will Vendor establish, initiate or permit any hypertext links to or from the third party services without Customer’s prior written consent. Vendor will routinely ([***]) audit hypertext links to ensure that the links are working and that such content meets professional standards. Vendor shall provide to Customer a report on any findings and, if applicable, remediation efforts. |
6.1.3 | Web Analytics. Vendor shall not establish, initiate or permit any third-party site tagging (or similar web usage triggers, tracking or web analytics mechanisms) or hypertext links to or from the Hosted Services without Customer’s prior written consent. Vendor’s use of any third-party site tagging (or similar web usage triggers, tracking or web analytics mechanisms) or hypertext links to or from the Hosted Services will be governed by the Terms of Use, set forth in Exhibit A-3 attached hereto. |
6.1.4 | Subcontractor. Customer hereby acknowledges and agrees that the Platform is hosted on servers within the United States that are owned and operated by Amazon Web Services, Inc. Vendor warrants that it has entered into a Business Associate Agreement with Amazon Web Services, Inc., in accordance with Exhibit D of the Agreement. |
6.2 | Vendor Platform. |
6.2.1 | Services. Vendor will cause its software, website, and Mobile App (including all upgrades and improvements as they become available) to perform, throughout the SOW Term, the following core functions, which include the: Member registration, Consultation tracking, records management, User support, and reporting. |
6.2.2 | Availability. The website and Mobile App shall be available as set forth in Exhibit A-2 of this SOW, excluding limited periods of maintenance, or periods of emergency maintenance, internet-wide disruptions, Force Majeure Events, or attributable to the Participant’s software or hardware used to attempt access. |
6.2.3 | Connectivity. Vendor will ensure its Hosted Service is and will continue to be accessible through internet connectivity via the following devices: a smartphone (iOS or Android) or tablet or home computer with internet access (e.g., Internet Explorer, Chrome or Firefox). As between the parties, Customer, Client and Participant shall be responsible for procuring and maintaining the aforementioned devices and services, as required. |
6.2.4 | Service Levels. Vendor shall provide the Hosted Services in accordance with the service levels set forth on Exhibit A-2 of the SOW (the “Service Levels”). In the event that a Service Level has not been met, Vendor shall: [***]. In the event that the Hosted Services have not been provided in accordance with the applicable Service Levels, Customer shall receive the credits and payments from Vendor as identified in Exhibit A-2 of the SOW. |
Customer Confidential | Page 11 of 38 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
6.3 | Access and Use. |
6.3.1 | Grant. [***]. |
6.3.2 | Authorized Use. In addition to the license grant set forth in this SOW, a Participant’s use of the Mobile App and receipt of the Services will be considered authorized use under such license grant. As it relates to Participants, Vendor is granting Customer a license in accordance for Participant’s personal use of the Mobile App and personal benefit of the Services. |
6.4 | Acceptance of Hosted Services. Vendor will afford Customer up to [***] to test the Hosted Services to determine whether they operate properly and in accordance with all specifications (the “Acceptance Criteria”). Such period of time will commence on the date of access to the Hosted Services (i.e., the SOW Effective Date). If, in Customer’s reasonable discretion, any Hosted Service does not meet the Acceptance Criteria, Customer will inform Vendor, and Vendor will at its own expense, correct all deficiencies identified by Customer within a reasonable period of time and until such time as the Hosted Service meets the Acceptance Criteria.
Customer will perform testing on the Hosted Service and any Client-specific landing page that provides Users access to the Hosted Service (for example, www.2nd.MD/Client). |
6.5 | Users. |
6.5.1 | Users of Customer. Customer or its designee will electronically transmit to Vendor a file containing the users of Customer for the purposes of testing the Services and accessing the secure web-based dashboard set forth in this SOW (the “Customer User File”). Such Customer User File will contain an accurate and complete database of Customer users, setting forth the following data elements: full name, email address, and phone number. |
6.5.2 | Participants as Users. Participants who create an account via the Hosted Services will be Users. When Participants are creating such account, Vendor will provide Participants with access credentials (and/or a mechanism that permits such Participant to specify access credentials), through their corresponding Client account. |
6.6 | User Support. |
6.6.1 | Customer Technical Support. Vendor will provide Customer with ongoing technical support (telephone, email and web-based) to employees of Customer. Customer will report problems to Vendor AM (or as otherwise directed) either by telephone or email. Vendor will provide Customer with technical support during the hours from [***] during regular business days. Vendor will use commercially reasonable efforts address reported technical issues within [***] of a report from Customer. |
6.6.2 | Client Technical Support. Vendor will provide Clients of Customer with ongoing technical support (telephone, email and web-based) to employees of Client. Vendor will provide Client with technical support during the hours from [***] during regular business days. Vendor will use commercially reasonable efforts address reported technical issues within [***] of a report from Client. |
Customer Confidential | Page 12 of 38 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
6.6.3 | Participant Technical Support. Vendor will provide first-line technical support to Participants. This support covers all non-health related software questions and questions that are specific to the Hosted Service (e.g., mobile app download & install support, product questions, and wireless issues). For the purposes of clarification, Vendor will provide non- technical questions (i.e., Consultation support) via the Care Team per the response time set forth in Section 4.3.5.2 of the SOW. |
7. | Marketing. |
7.1 | Protocols for Business Development. The parties will utilize the below methods for marketing and distributing the Services to Clients and prospective clients. Vendor will work with Customer, as solely requested by Customer or Customer’s Client, as set forth in the subsections below. |
7.1.1 | Mutual Clients. [***]. |
7.1.2 | Existing Clients or Prospects of Vendor. [***]. |
7.1.3 | Existing Clients or Prospects of Optum. [***]. |
7.2 | Information for Business Development. |
7.2.1 | General. Vendor shall offer to Customer, as may be requested by Customer throughout the SOW Term, information related to the Services being offered under this SOW, including, but not limited to, accessibility, Participant experience, and metrics. |
7.2.2 | Materials. Vendor will provide its logo(s), product name and product information (the “Source Materials”) to Customer, and Customer, in cooperation with Vendor, will create and produce co-branded marketing materials, for the purposes of (i) marketing the Services to Clients and (ii) providing product information to Members regarding the Service. Vendor hereby consents to Customer’s use of its Source Materials in accordance with the terms and conditions of this SOW. |
7.2.3 | Pricing. See Section 12.2.2 of this SOW for long term pricing requirements related to marketing of Vendor’s Services to Clients. |
7.3 | Client Management. |
7.3.1 | Ownership. Optum owns client relationships once the sales process is initiated, regardless of the originator of the opportunity, except when Vendor has an existing relationship with a client or Client, or when a client or Client requests a direct relationship with Vendor. |
7.3.2 | Meetings with Clients; Meetings with Potential Clients. Vendor will participate in meetings with Customer and proposed clients, or Customer and Clients, to discuss matters related to the Services, including, but not limited to, sales meetings, implementation strategy, and collaborative resolution related to any of the same. At the request of Customer, Vendor will participate in such meetings, which will be scheduled at a time as mutually agreed upon by the parties. |
7.3.3 | Pipeline Management. Vendor will provide to Customer a monthly pipeline report, delivered on the first Monday of each month, detailing the status of Clients in progress under this SOW and potential new clients which shall include, at minimum: the name of each Client or prospect client, estimated close and launch dates, number of employees, probability or stage of sale (the “monthly sales report”). The monthly sales report shall be regarded as Confidential Information for the purpose of this SOW. |
Customer Confidential | Page 13 of 38 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
7.4 | Notices. Notwithstanding anything to the contrary in Section 18 (Notices) of the Agreement, a copy of all notices regarding Clients shall be sent by Vendor, via email, to the following Customer contact: [***], or their designee. |
Customer Confidential | Page 14 of 38 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
8. | CLIENT SERVICES: |
8.1 | Implementation. |
8.1.1 | Specifications. Vendor will work with the Client and Customer to design, implement, and launch the Services per the terms of this SOW and the Agreement. |
8.1.2 | Tasks. Vendor will perform the implementation activities necessary to establish its ability to accomplish the following for the Services set forth in this SOW: (i) accept all data, including, but not limited to, medical records and Participant data, required to perform the Services set forth in this SOW; (ii) create a landing page for Client; and, if necessary, (iii) expand their network of Specialists to include Client-requested areas of specialty. The activities set forth for an implementation of a Client shall be implemented by Vendor at the direction of Customer (the “Project Plan”). |
8.1.3 | Resources. Vendor will provide an adequate number of implementation resources with the expertise necessary to perform each Client’s implementation per the Project Plan. |
8.1.4 | Timeline. For each Client implementation, Vendor will perform the activities necessary to launch each Client by the date that is mutually agreed upon in the Project Plan. |
8.1.5 | Approval. Each Project Plan shall require the review and approval of Customer, which shall not be unreasonably withheld, and, where applicable, Customer’s Client. |
8.2 | Communication. The parties will work together to evaluate the need for joint marketing campaigns to promote new capabilities and target Members who may benefit the most from the Services. Vendor will make available to Customer best practices for all Client program launches through a digital engagement and marketing plan and soft launch for Client managers and other key personnel, management training and digital communications. In the event that Customer and Vendor agree that it would be mutually beneficial to implement an ongoing print communication strategy including Member ID cards, fliers, posters or other deliverables for onsite or U.S. mail promotion, Customer or Client may incur additional costs. Vendor shall not proceed with any print communication strategies which include additional costs without receiving prior written approval (email is sufficient) from Customer. |
8.3 | Branding. If requested by Client, Customer and Vendor will work together to develop specific branding requirements for such Client. |
8.4 | Toll Free Number. Vendor will provide, at no charge, an exclusive toll-free number for a designated Client, if requested by Customer or Client. |
8.5 | Metrics. Customer and Vendor will work together to determine success metrics for each Client, and will agree upon acceptable goals based upon use and adherence of Vendor best practices. |
8.6 | Landing Page. Vendor will create a unique branded URL (uniform resource locator) for the Users of each Client to access the Hosted Services (e.g., 2nd.MD/Client) and welcome the new Users (the “Landing Page”). Vendor will configure and brand the Landing Page for each Client using Vendor’s standard template and, at a minimum, both the Customer’s name and logo and the Client’s name and logo as provided by Customer. |
9. | WORK PRODUCT/DELIVERABLES: |
As a result of performing the Services under this SOW, Vendor will provide Customer with the Work Product (as defined under the Agreement) and deliverables set forth in the SOW, including, but not limited to:
Customer Confidential | Page 15 of 38 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
A. | [***]. |
B. | [***]. |
C. | [***]. |
D. | [***]. |
10. | MILESTONES/DEADLINES: |
Vendor will provide the Services, including the Hosted Services, in accordance with the timelines and deadlines set forth in this SOW or, as applicable, as mutually agreed upon in writing between Vendor and Customer; and in accordance with the implementation timelines and deadlines set forth for a Client by Customer or, as applicable to a Client, as mutually agreed upon in writing between Vendor and Customer and Client.
11. | PRIVACY POLICY AND TERMS OF USE: |
Vendor will post, implement and comply with the Terms of Use, set forth in Exhibit A-3 of this SOW, and the Privacy Policy, set forth in Exhibit A-4 of this SOW, respectively (collectively, "Participant Terms"). In the event of any conflict or inconsistency between the terms set forth in the Agreement and the Participant Terms, the terms in this Agreement shall control as between Vendor and Customer.
12. | PERFORMANCE GUARANTEES: |
12.1.1 | The performance guarantees (“PGs”) outlined in Exhibit A-1(b) – Optum Clinical Program Performance Guarantee Summary have been agreed to by the Customer and Vendor. They will be in effect throughout the duration of this SOW. Performance Guarantees are only available for clients who meet the performance guarantee requirements outlined in Exhibit A-1(b). Cross carrier client populations are included in the performance guarantee calculation, only if the requirements are met. |
12.1.2 | [***]. |
12.1.3 | [***]. |
13. | FEES: |
13.1 | Minimum Commitment. Customer does not guarantee Vendor or commit to Vendor any particular amount of Services under this SOW. |
13.2 | Service Fees. |
13.2.1 | Pricing. The pricing set forth in Exhibit A-1 (Pricing) of this SOW, attached hereto, is set forth for a period of [***] in order to market these Services to Clients and to cover any renewal of this scope of work. For the purposes of clarification, Customer may sell the Services to Client for equal to or above the pricing set forth in Exhibit A-1. |
Customer Confidential | Page 16 of 38 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
13.3 | Invoices |
13.3.1 | Delivery. Vendor will send invoices via the third party internet-based platform specified by Customer. |
13.3.2 | Schedule. Vendor will issue invoices in accordance with the terms set forth in Exhibit A-1 of this SOW and the Agreement. |
13.3.3 | Payment Terms. Customer will pay all invoices in accordance with the payment terms set forth in the Agreement. |
13.4 | Effect of Termination. |
13.4.1 | Services Fees. Upon termination of this SOW, Customer shall pay Vendor for all Service Fees due and payable as of the date of termination. |
13.4.2 | Timing. All payments due and payable under this Section will be paid in accordance with the payment terms in Section 2.3 (Invoicing and Payment) of the Agreement. |
14. | TERM AND TERMINATION: |
14.1 | Term |
This SOW will commence on the SOW Effective Date and remain in effect through December 31, 2020 (the “Initial Term”), unless earlier terminated as provided for in this SOW or in the Agreement. This SOW will [***] after the Initial Term. Thereafter, the parties may renew this SOW for another term with a mutually agreed upon amendment to this SOW.
14.2 | Termination |
This SOW may be terminated as provided for in the SOW or in the Agreement.
14.3 | Additional Termination Rights of Customer |
Customer may terminate all, or a portion of, this SOW immediately upon written notice to Vendor and with no liability to Vendor in the event that: (i) all Client Contracts related to this SOW are terminated or not renewed, (ii) following a judgment of a governmental authority or change in any applicable laws and regulations (including a change in the interpretation or enforcement of existing laws and regulations) that would make performance of this SOW, in all material respects, unlawful or illegal for Customer or (iii) in the event that a Client or governmental authority requires Customer to terminate the SOW.
15. | MISCELLANEOUS; ENTIRE AGREEMENT: |
15.1 | Client Contracts. |
Vendor acknowledges that Customer has entered into a Client Contract, and pursuant to each Client Contract, Customer has passed through to Vendor all Flow Down Provisions. Vendor will comply with all applicable Flow Down Provisions as they relate to the Services set forth herein.
15.2 | Customer Data License. |
Customer grants to Vendor a non-exclusive, royalty-free, limited license to access and use Customer Data solely for the purpose of delivering the Services pursuant to this SOW and expressly subject to the limitations set forth in this Agreement. As used in this SOW, “Customer Data” shall also mean all data, information or other materials provided by Customer to Vendor and intended for use with the Services or stored or processed by Vendor as part of the Services. Customer Data is Confidential Information and Proprietary of Customer.
Customer Confidential | Page 17 of 38 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
15.3 | Intellectual Property. |
[***].
[***].
15.4 | Counterparts |
This SOW may be executed in one or more counterparts, each of which will be deemed to be an original copy of this SOW and all of which, when taken together, will be deemed to constitute one and the same instrument, and will become effective when there exists copies hereof (by facsimile or otherwise) which, when taken together, bear the authorized signatures of each of the parties.
15.5 | Entire Agreement |
The terms and conditions contained in this SOW constitute the parties’ complete understanding and agreement relating to the subject matter hereof. Notwithstanding anything to the contrary in the Agreement or elsewhere, in the event of a conflict between this SOW and the Agreement, the Agreement will control. No other terms and conditions, beyond those contained herein, will be valid unless mutually agreed to by Customer and Vendor in writing signed by authorized representatives of each party.
ACCEPTED AND AGREED: | ||||
UNITED HEALTHCARE SERVICES, INC. | INNOVATION SPECIALISTS, LLC d/b/a 2nd.MD | |||
By: | /s/Peder D. Gustafson | By: | /s/Kristin Herrera | |
(Authorized Signature) | (Authorized Signature) | |||
Name: | Peder D. Gustafson | Name: | Kristin Herrera | |
(Print or Type) | (Print or Type) | |||
Title: | VP, Enterprise Sourcing & Procurement | Title: | Chief Growth Officer | |
Date: | 12/17/2019 | Date: | 12/18/2019 |
Customer Confidential | Page 18 of 38 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
EXHIBIT A-1
PRICING
I. | Pricing for Clients sold Prior to March 1, 2019: Clients sold before March 1, 2019 will maintain their existing pricing arrangement until Client’s contract renewal. At that time, the Parties will present the pricing options for Pricing for Clients sold between January 1, 2020 through December 31, 2021 (Section III below). See Exhibit A-2 for grandfathered pricing details for Clients sold before March 1, 2019. |
II. | Pricing effective March 1, 2019 through December 31, 2019: |
a. | Customer and Vendor mutually agree to the following pricing for Clients not sold prior to March 1, 2019 during the period March 1, 2019 and December 31, 2019, with the following requirements: |
· | Targeted Outreach for musculoskeletal conditions is implemented for existing and new clients as soon as approval to standardize is obtained by Customer’s development and release process. |
b. | PMPM Option |
i. | [***]: |
1.[***] [***]] [***]
2. [***] [***] [***]
3. [***] [***] [***]
ii. | [***] |
c. | [***] |
i. | [***] |
ii. | [***] |
d. | [***] |
e. | [***] |
III. | Pricing effective January 1, 2020 through December 31, 2021 for all Clients not sold prior to March 1, 2019: |
a. | Customer and Vendor mutually agree to the following pricing for Clients not sold prior to March 1, 2019 during the period January 1, 2020 and December 31, 2021, with the following requirements: |
· | [***]. |
§ | Pricing for Moderate Utilization is subject to change to pricing for Optimal Utilization in the next contract year if utilization [***] in the current contract year. |
§ | Client’s contract with UHC/UMR/Optum will include the following: |
· | Pricing for Moderate Utilization is subject to change to pricing for Optimal Utilization in the next contract year if utilization [***] in the current contract year. |
Customer Confidential | Page 19 of 38 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
UHC/UMR/Optum: Second Opinion Pricing – Moderate Utilization
(effective 1/1/20-12/31/21)
1/1/20-12/31/21 | PMPM | Case Rate |
Client Profile | Customers who | Customers who prefer |
prefer fixed monthly | utilization-based | |
or embedded pricing | pricing | |
and utilization is less | ||
than [***] | ||
UHC/UMR/Optum 2,000-30K ee’s 30,001-60K ee’s |
[***] | [***] |
60,001+ ee’s | ||
[***] | ||
[***] | ||
Implementation | n/a | [***] |
Fee | ||
Other Details |
• [***] access to 2nd.MD consult services within each contract year. • [***] |
• Pay for consults as they occur • Monthly invoices will be issued for cases that occurred in the prior month |
Included in Pricing |
• Expert medical consultations, Text-a-Clinician and Personalized Local Support. • Targeted Outreach • Customized engagement package for clients with [***] |
Customer Confidential | Page 20 of 38 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
UHC/UMR/Optum: Second Opinion Pricing – Optimal Utilization
(effective 1/1/20-12/31/21)
1/1/20-12/31/21 | PMPM | Case Rate |
Client Profile | Customers who | Customers who prefer |
prefer fixed monthly | utilization-based | |
or embedded pricing | pricing | |
and utilization is | ||
greater than [***] | ||
UHC/UMR/Optum 2,000-30K ee’s 30,001-60K ee’s |
[***] | [***] |
60,001+ ee’s | ||
[***] | ||
[***] | ||
Implementation | n/a | [***] |
Fee | ||
Other Details |
• [***] access to 2nd.MD consult services within the contract year • [***] |
• Pay for consults as they occur • Monthly invoices will be issued for cases that occurred in the prior month |
Included in Pricing |
• Expert medical consultations, Text-a-Clinician and Personalized Local Support. • Targeted Outreach • Customized engagement package for clients with over [***] |
Customer Confidential | Page 21 of 38 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
EXHIBIT A-1(b)
PERFORMANCE GUARANTEES
Optum Clinical Program Performance Guarantee Summary
Guarantee Terms & Conditions
· | These guarantees become effective on the later of the service implementation date or execution of an Administrative Services Only Agreement (or Amendment); in the event of early termination of this services agreement, all guarantees are void; performance guarantees shall not apply to contract renewals or extensions of [***]. |
· | Vendor shall not be required to meet any guarantee to the extent the guarantee’s failure is due to Customer or Client actions or inactions, including failure to execute agreed-upon communications or incentive strategies or failure to maintain [***] for those members identified for telephonic outreach (unless another level is specified by a specific guarantee). In the event the valid phone number rate is [***], the targets on all guaranteed measures will be scaled based on a percentage of the valid phone number target delivered. [***]. |
· | Fees at risk are waived in all cases where our performance failure is caused in whole or part by a Force Majeure event of by a labor dispute resulting in a strike; or Optum’s required compliance with any law, regulation, or governmental agency mandate; or anything beyond Optum’s reasonable control. |
· | Prior to the end of the guarantee period, and provided that this agreement remains in force, Optum may specify to the client, in writing, new performance guarantees for the subsequent guarantee period. If new performance guarantees are specified, a new exhibit will be provided that replaces this exhibit for that subsequent guarantee period. |
· | These guarantees can be revised should the services implemented vary from those quoted or agreed upon, an award is not made within [***] of submission of these proposed guarantees, communications or incentive strategies change from the information and descriptions provided to UHC at the time of this quote, or where covered members or average contract size (ACS) varies by more than [***]from assumptions used here of actives and pre-65 retiree members and ACS of respectively. |
· | Results are measured and reported on a plan year basis unless otherwise indicated; results are rounded to the nearest whole number unless the target is specified with more precision. A [***] qualified members are required to provide measurement for any guarantee, although individual programs/guarantees may have additional higher thresholds. Performance guarantees that are not settled [***] of the completion of measurement are considered void. |
· | Any penalties payable pursuant to this Exhibit shall be [***]. |
· | A variety of interventions and reporting mechanisms can be used to collect data and report against these PGs, including but not limited to IVR (interactive voice response), online survey tools and assessments, claims mining or other methodologies. Acceptance of these PGs includes client approval for any and all of these methods to be utilized without additional express or prior permission. |
· | Client agrees that the penalties payable under this agreement are client’s sole remedies for such performance standards hereunder, and that failure to meet a performance standard for which a penalty has been paid or is payable shall not, by itself, constitute a terminable breach under the agreement. |
· | Performance guarantees apply only when applicable to services provided and programs purchased during an entire measurement period. |
Customer Confidential | Page 22 of 38 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
Client Name: Contract Start Date: Contract End Date:
Metric | Definition | Guaranteed Result | Result Timeframe |
% 2nd.MD Fees at Risk |
Calculation | Terms and Conditions | ||
Year 1 |
Year 2 |
Year 3 | ||||||
Outcomes: Savings and ROI | ||||||||
ROI: 2nd.MD |
Meet or exceed the targeted return on investment for the 2nd.MD program | [***] | [***] | [***] | [***] | [***] |
[***].
[***].
|
*Requires the purchase of 2nd.MD program *PG requires a minimum of [***] *2nd.MD team has to be involved in implementation meetings and have a direct relationship with the client to help design and implement the communications program *Follow 2nd.MD’s communication plan and launch the communication [***] of the contract start date *Implementation of Targeted Outreach efforts or a [***] or greater incentive or penalty for musculoskeletal and other mutually agreeable high-impact conditions and properly communicate that incentive to employees *Incentives may include: *Positive incentive (cash awards, deductible credits, HSA contributions, plan design changes); *Punitive disincentives (e.g. copay or co-insurance for individuals not receiving a second opinion for defined conditions) *Payout: In the event of a shortfall in actual gross savings required to reach the ROI guaranteed above, Optum will pay down Client’s investment such that the Gross Savings delivered constitutes the agreed upon rate of return on the net investment after our payout, subject to the agreed to fees at risk. |
*Credible cost estimate providers may include but are not limited to: United Healthcare Healthcare Bluebook Up-to-date FH Consumers Cost Lookup GoodRx.com Health.Costhelper.com Howmuchisit.org Peer reviewed publications | ||||||||
Member | Percent of | [***] | [***] | [***] | [***] | [***] | [***] | *Related to 2nd.MD |
Satisfaction | members | [***] | programs only | |||||
Guarantee | who complete a Consultation and would recommend 2nd.MD to a family member or friend. | [***] |
*In the event that less than [***] survey responses are returned, the measure will be reported at the book of business level *Margin of error is added to the actual results in measuring against the target. |
Customer Confidential | Page 23 of 38 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
A-2
SERVICE LEVELS
for Vendor’s Hosted Services
Section 1. General
The Service Levels referenced in Section 6.2.4 of the SOW are set forth in this Exhibit. This Exhibit describes the methodology pursuant to which Service Levels are implemented and Fee Reductions are calculated and paid by Vendor to Customer. The Service Levels are intended to measure how effectively the Hosted Services are provided to Customer. Vendor shall perform the Hosted Services in a manner consistent with the requirements of the SOW and the Service Levels. This Exhibit does not replace or supersede the specific requirements set forth in the SOW.
Section 2. Service Level Requirements
(A) General. Vendor shall perform the Hosted Services in accordance with the Service Levels. Vendor’s compliance with the Service Levels shall be measured for each period set forth in the table in Section 5 (“Measurement Period”). With respect to those components of the Hosted Services for which a Service Level is not defined, Vendor shall perform such Hosted Services to standards satisfied by well-managed operations performing services similar to the Hosted Services.
(B) Measurement. Vendor shall provide, implement, maintain and utilize the necessary measurement and monitoring tools and procedures, required to measure and report on Vendor’s performance of the Hosted Services against the applicable Service Levels. Such measurement and monitoring shall permit reporting at a level of detail sufficient to verify compliance with the Service Levels, and shall be subject to audit by Customer pursuant to Section 13 of the Agreement. Vendor shall provide Customer with information about and access to such procedures upon request for purposes of verification.
(C) Reporting. Vendor shall provide Customer with monthly reports (each, a “Service Level Report”) with respect to Service Level performance in the preceding month by no later than [***] during the term of this SOW. Service Level Reports shall be in such form and have such content as is reasonably required for Customer to verify Vendor’s performance against the Service Levels. In no event shall the Service Level Report be deemed a substitute for compliance with independent notice requirements specified in the Agreement. The contents of Service Level Reports shall be Confidential Information of Customer.
(D) Adjustments to Service Levels. The Parties expect and intend that the Hosted Services shall be improved over time during the term of the applicable SOW. Accordingly, Vendor shall propose reasonable improvements to the Hosted Services (with appropriate modifications to the applicable Service Levels) [***], commencing on the first anniversary of the SOW Effective Date. At a minimum, such improvements (and modifications to the applicable Service Levels) [***]. Such improvements shall not be implemented or become effective until agreed upon by the Parties in writing.
Section 3. Cooperation and Excused Performance
Section 3.1 Cooperation. In order to meet the Service Levels, Vendor may be required to coordinate its efforts with those of Vendor’s subcontractors or Customer’s subcontractors (collectively, “Third Party Vendors”). With respect to Service Level Defaults (as defined below) caused by Third Party Vendors, (A) Vendor shall provide a single point of contact for the management of the prompt resolution of such Service Level Defaults, and (B) Vendor’s failure to meet such Service Levels shall not be excused, and Vendor shall remain responsible for the performance of the Hosted Services in accordance with the Service Levels, except as set forth in Section 3.2.
Section 3.2 Excused Performance. To the extent that Vendor demonstrates to Customer’s reasonable satisfaction that any Service Level Default is directly attributable to (A) a breach of the Agreement by Customer or Client that prevents Vendor from meeting the applicable Service Level, or (B) acts or omissions of Customer, its Affiliates, or Clients or Customer subcontractors (other than Vendor), then such Service Level Default shall be excused, and no Fee Reduction shall accrue with respect to such Service Level Default, provided that, in each case, Vendor was not able to intervene and either alert Customer of the consequences of such acts or omissions or to take reasonable steps to avert such consequences.
Customer Confidential | Page 24 of 38 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
Section 4. Fee Reductions
In the event that Vendor [***] any Service Level during an applicable Measurement Period (each such event, a “Service Level Default”), and such failure is not excused pursuant to Section 3.2, then Customer shall be entitled to receive a credit (“Fee Reduction”) as set forth in Section 5 and paid as set forth below. If Customer becomes entitled to a Fee Reduction, Vendor shall notify Customer of the applicable Service Level Default and the corresponding Fee Reduction, which notice shall be contained in the next Service Level Report. At any time [***] of Vendor’s notice of a Service Level Default, Customer may elect to claim the corresponding Fee Reduction by issuing a written notice to Vendor. If Customer does not elect, in writing, to waive or collect a Fee Reduction [***], Customer will be deemed to have elected to claim such Fee Reduction.
Customer’s notice of election to claim a Fee Reduction shall create a debt of Vendor to Customer, which shall be discharged by crediting the amount of the applicable Fee Reduction against Vendor’s next invoice(s) to Customer.
Section 5. Service Level Metrics
Section 5.1 Metrics. Service Levels, Measurement Periods, and Fee Reductions are set forth in the table below. To the extent necessary, Service Levels are further defined below.
Service Level |
Definition & Metric |
Measurement Period |
Fee Reduction |
Availability | See Section 5.2 | [***] |
· [***] · [***] · [***] |
Transaction Response Time | [***], defined as the interval from the time the user sends a transaction to the time a visual confirmation of transaction completion is received. This metric shall not apply to the Client Self Reporting Dashboard. | [***] | [***] |
Problem Resolution Time | See Section 5.3 | [***] | See Section 5.3. The aggregate maximum Fee Reduction payable for this Service Level in any given month is [***] per Measurement Period. |
Section 5.2 Availability. Vendor will make the Hosted Services Available continuously, as measured on a [***] basis over the course of each Measurement Period, [***], excluding unavailability caused by Exceptions (as defined below). “Available” means the Hosted Services are available for access and use by Customer in accordance with their full intended functionality. For purposes of calculating Availability percentage, the following are “Exceptions” to the Service Level required and the Hosted Services shall not be considered unavailable to the extent due to: (A) Customer, Client, or Participant’s acts or omissions, (B) Customer, Client, or Participant’s internet connectivity, or (C) Vendor’s regularly-scheduled downtime (which shall occur weekly, Sundays, from [***]).
Customer Confidential | Page 25 of 38 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
Section 5.3 Problem Resolution Time. The Service Level for problem resolution time measures the percentage of problems that Vendor resolves within the required timeframes, based on problem severity level (as defined in Section 5.4). For purposes of this Service Level, “resolve” means that the Hosted Services component impacted by the problem has been restored or that Vendor has put in place a suitable workaround, reasonably approved by Customer, that enables the Hosted Services to be provided as required under the applicable SOW and in accordance with other Service Levels.
Severity Level |
Resolution Time | Fee Reduction |
Urgent | [***] | If Vendor fails to meet the resolution time requirement [***], [***] per Measurement Period |
High | [***] | If Vendor fails to meet the resolution time requirement [***], [***] per Measurement Period |
Medium | [***] | If Vendor fails to meet the resolution time requirement [***], [***] per Measurement Period |
Low | As reasonably agreed by the Parties | N/A |
Section 5.4 Severity Level Definitions.
Severity Level |
Definition |
Urgent | Highest priority. Used for when the end user is unable to access or use the Hosted Services or when significant and substantial adverse operational impact occurs preventing any useful work from being done. |
High | Used when the end user’s production use of the Hosted Services is severely impaired or degraded preventing major functions from being performed. |
Medium | Used when the end user’s production use of an important (but not critical or essential) function of the Hosted Services is disabled or impaired. |
Low | Used for all other Hosted Services interruptions or inquiries. Indicates that the issue causes minor adverse impact to end user’s use of the Hosted Services. |
Customer Confidential | Page 26 of 38 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
EXHIBIT A-3
TERMS OF USE
for HOSTED SERVICES of VENDOR
Acceptance of Terms
This website, located at www.2nd.md ("Website"), is owned and operated by Innovation Specialists LLC (d/b/a 2nd.MD) ("2nd.MD").
This Website provides users with online access to Specialists who may provide health education to Members who have chosen to participate in this Service. 2nd.MD DOES NOT PROVIDE MEDICAL DIAGNOSIS, TREATMENT, OR PRESCRIPTION OF ANY KIND. ALL INFORMATION PROVIDED ON THIS WEBSITE OR IN CONNECTION WITH ANY COMMUNICATIONS SUPPORTED BY 2nd.MD, INCLUDING, WITHOUT LIMITATION, REAL-TIME VIDEO OR EMAIL COMMUNICATIONS BETWEEN PROFESSIONALS UTILIZING THE WEBSITE AND CONSUMERS IS INTENDED TO BE FOR GENERAL INFORMATIONAL AND HEALTH EDUCATION PURPOSES ONLY, AND IS IN NO WAY INTENDED TO CREATE A PHYSICIAN – PATIENT RELATIONSHIP AS DEFINED BY STATE AND FEDERAL LAW. 2nd.MD IS NOT A SUBSTITUTE FOR PROFESSIONAL MEDICAL DIAGNOSIS OR TREATMENT. RELIANCE ON ANY INFORMATION PROVIDED BY 2nd.MD OR ANY PROFESSIONALS THAT UTILIZE 2nd.MD AT THE INVITATION OF 2nd.MD IS SOLELY AT YOUR OWN RISK.
IF YOU THINK YOU MAY HAVE A MEDICAL EMERGENCY, IMMEDIATELY CALL YOUR DOCTOR OR DIAL 911.
The Website also contains text, pictures, graphics, logos, button items, images, works of authorship, and other content (collectively with all information and material about 2nd.MD, "Content"). This Website is intended for use only by users who are at least 18 years of age.
PLEASE NOTE: Your access to and use of this Website are subject to these terms of use ("Terms of Use"), as well as all applicable laws and regulations. Please read these Terms of Use carefully. If you do not accept and agree to be bound by any of these Terms of Use, you are not authorized to access or otherwise use this Website or any information or Content contained on this Website. Your access to and use of this Website constitutes your acceptance of and agreement to abide by each of these terms and conditions set forth below. Unless otherwise indicated, any new Content added to this Website will also be subject to these Terms of Use effective upon the date of any such addition. You are encouraged to review the Website and these Terms of Use periodically for updates and changes.
If you have any questions about these Terms of Use, please contact us at feedback@2nd.md.
Independence of Specialists and Professionals - The specialists and professionals utilizing or featured on the Website site are subscribers and licensees to the Website and not employees. Any health education, opinions, advice, or information expressed by a professional or specialist utilizing or featured on the Website are of the professional and the professional alone. They do not reflect the opinions of 2nd.MD. 2nd.MD does not recommend or endorse any specific tests, physicians, products, procedures, opinions, or other information that may be mentioned on 2nd.MD or by a licensee of 2nd.MD.
The inclusion of professionals and specialists on the Website or in any professional directory located on the 2nd.MD Website does not imply recommendation or endorsement of such professional nor is such information intended as a tool for verifying the credentials, qualifications, or abilities of any professional contained therein. SUCH INFORMATION IS PROVIDED ON AN "AS-IS" BASIS AND 2nd.MD DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR PARTICULAR PURPOSE. 2nd.MD SHALL IN NO EVENT BE LIABLE TO YOU OR TO ANYONE FOR ANY DECISION MADE OR ACTION TAKEN BY ANY PARTY (INCLUDING, WITHOUT LIMITATION, ANY USER) IN RELIANCE ON INFORMATION ABOUT PROFESSIONALS AND SPECIALISTS ON THE WEBSITE. The use of the Website by any
entity or individual to verify the credentials of professionals or specialists is prohibited.
All opinions and statements expressed by a Specialist or Professional on this website and during any session facilitated through this Website are solely the individual and independent opinions and statements of the Specialist or Professional and do not reflect the opinions of 2nd.MD, its affiliates or any other organizations or institutions to which such Specialist or Professional is affiliated or provides services.
Customer Confidential | Page 27 of 38 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
Password Accounts, Passwords, and Security - By registering on the Website, users of the Website ("Users") can receive access to the password-protected portions of the Website (the "User Portal"). When accessing the User Portal, you are entirely responsible for maintaining the confidentiality of your password and account and for any and all activities that occur under your account. You agree to (a)immediately notify 2nd.MD of any unauthorized use of your account or any other breach of security of which you become aware, and (b) exit completely from your account at the end of each online session. 2nd.MD will not be liable for any loss that you may incur as a result of someone else using your password or account, either with or without your knowledge. However, you could be held liable for losses incurred by 2nd.MD or another party due to someone else using your account or password if the use was caused or permitted by You. You may not use anyone else's account at any time, without the permission of the account holder.
Code of Conduct - Users may be asked to comply with a User code of conduct, which will consist of policies and procedures governing User conduct on the Website ("Code of Conduct"). Such Code of Conduct, once added to the Website, may be updated from time to time by 2nd.MD. The most recent Code of Conduct will be posted on the Website and any new material added to the Code of Conduct will be effective upon the date of publication on the Website.
Limited License and Site Access; All Rights Reserved - 2nd.MD hereby grants you a limited license to access and make personal use of this Website, but not to download (other than page caching) or modify it, or any portion of it, except with express written consent of 2nd.MD (e.g., downloading of PDF forms, applications, etc.). This license does not include any resale or commercial use of this Website or the Content; any derivative use of this Website or the Content; or any use of data mining, robots, or similar data gathering and extraction tools. This Website or any portion of this Website may not be reproduced, duplicated, copied, sold, resold, visited, or otherwise exploited for any commercial purpose without the express written consent of 2nd.MD. You may not frame or utilize framing techniques to enclose any trademark, logo, or other proprietary information (including images, text, page layout, or form) of 2nd.MD without 2nd.MD's express written consent. You may not use any meta-tags or any other "hidden text" utilizing any of 2nd.MD's name(s) or service marks without the express written consent of their owners. We (or the respective third party owners of Content) retain all right, title, and interest in this Website and any Content and features offered on this Website, including any and all intellectual property rights. We (or the respective third party owners of Content) reserve all rights not expressly granted herein. Any unauthorized use terminates the permission or license granted by 2nd.MD.
Copyright - Except as otherwise expressly stated, all Content appearing on this Website is the copyrighted work of 2nd.MD or its third party content suppliers and is protected by U.S. and international copyright laws. The compilation (meaning the collection, arrangement and assembly) of all Content is also the exclusive property of 2nd.MD or its third party content suppliers and is protected by U.S. and international copyright laws.
You may download information from this Website and print out a hard copy for your personal use provided that you keep intact and do not remove or alter any copyright or other notice (e.g., trademark, patent, etc.) contained in the information. Except as otherwise expressly stated herein, you may not alter, modify, copy, distribute (for compensation or otherwise), transmit, display, perform, reproduce, reuse, post, publish, license, frame, download, store for subsequent use, create derivative works from, transfer, or sell any information or Content obtained from this Website, in whole or in part, including any text, images, audio, and video in any manner, without the prior written authorization of 2nd.MD or any applicable third party suppliers. The use of Content, including images, by you, or anyone else authorized by you, is prohibited unless specifically permitted by 2nd.MD. Any unauthorized use of text or images may violate copyright laws, trademark laws, the laws of privacy and publicity, and applicable regulations and statutes. 2nd.MD does not warrant or represent that your use of Content or any other materials displayed on this Website will not infringe rights of third parties. Your use of any of the Content beyond the scope of personal use may require a license from the owner of the rights to the data with respect to the use of portrait right, trademark, copyright, design right, right of utilization or any other rights of the persons, products or landscape portrayed in the provided Content. 2nd.MD is not responsible for any claims of ownership rights to any images or data against you. You will indemnify, defend and hold harmless 2nd.MD from and against any losses or claims, by an owner of data or image rights or any third party resulting from any violation by You of these Terms of Use.
Customer Confidential | Page 28 of 38 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
If you believe that any Content on this Website violates or infringes upon your intellectual property rights pursuant to Title 17, United States Code, Section 512(c)(2), please notify us immediately at feedback@2nd.md with all specifics necessary for us to consider and respond to your complaint. You may be asked to provide additional information and follow additional procedures for us to act on your complaint.
Trademarks and Service Marks - Certain trademarks on the Website are the service marks and trademarks of 2nd.MD, the specialists, the professionals or other licensees of 2nd.MD or other third parties. The domain name for this Website, all page headers, custom graphics, and button icons are service marks, trademarks, logos, and/or trade dress of 2nd.MD. All other trademarks, service marks, trade dress, product names, company names or logos, whether registered or not, on the Website are the property of their respective owners. In addition to complying with all applicable laws, you agree that you will not use any such trademarks, service marks, trade dress, or other logos from this Website without the prior written authorization of 2nd.MD and/or other third parties which authorization may be withheld in such parties’ sole discretion.
Connection Requirements - You are responsible for providing and maintaining, at your own risk, option and expense, any hardware, software and communication lines required to access and use this Website, and 2nd.MD reserves the right to change the access configuration of this Website at any time without prior notice.
Prohibited Use - Any use or attempted use of this Website (i) for any unlawful, unauthorized, fraudulent or malicious purpose, or (ii) that could damage, disable, overburden, or impair any server, or the network(s) connected to any server, or (iii) interfere with any other party's use and enjoyment of the Website, or (iv) to gain unauthorized access to any other accounts, computer systems or networks connected to any server or systems through hacking, password mining or any other means, or (v) to access systems, data or information not intended by 2nd.MD to be made accessible to a user, or (vi) attempt to obtain any materials or information through any means not intentionally made available by 2nd.MD, or (vii) any use other than the business purpose for which it was intended, is prohibited.
In addition, in connection with your use of the Website, you agree you will not:
a) Upload or transmit any message, information, data, text, software or images, or other content ("Material") that is unlawful, harmful, threatening, abusive, harassing, tortious, defamatory, vulgar, obscene, libelous, or otherwise objectionable, or that may invade another's right of privacy or publicity;
b) Create a false identity for the purpose of misleading others or impersonate any person or entity, including, without limitation, any 2nd.MD representative, or falsely state or otherwise misrepresent your affiliation with a person or entity;
c) Upload or transmit any material that you do not have a right to reproduce, display or transmit under any law or under contractual or fiduciary relationships (such as nondisclosure agreements);
d) Upload files that contain viruses, trojan horses, worms, time bombs, cancel-bots, corrupted files, or any other similar software or programs that may damage the operation of another's computer or property of another;
e) Delete any author attributions, legal notices or proprietary designations or labels that you upload to any communication feature;
f) Use the Website's communication features in a manner that adversely affects the availability of its resources to other users (e.g., excessive shouting, use of all caps, or flooding continuous posting of repetitive text);
g) Upload or transmit any unsolicited advertising, promotional materials, "junk mail," "spam," "chain letters," "pyramid schemes" or any other form of solicitation, commercial or otherwise;
Customer Confidential | Page 29 of 38 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
h) Violate any applicable local, state, national or international law;
i) Upload or transmit any material that infringes any patent, trademark, service mark, trade secret, copyright or other proprietary rights of any party;
j) Delete or revise any material posted by any other person or entity;
k) Manipulate or otherwise display the Website by using framing, mirroring or similar navigational technology or directly link to any portion of the Website other than the main homepage, www.2nd.md, in accordance with the Limited License and Site Access outlined above;
l) Probe, scan, test the vulnerability of or breach the authentication measures of, this Website or any related networks or systems;
(m) Register, subscribe, attempt to register, attempt to subscribe, unsubscribe, or attempt to unsubscribe, any party for any services or any contests, promotions or sweepstakes if you are not expressly authorized by such party todo so;
(n) Harvest or otherwise collect information about others, including e-mail addresses; or
(o) Use any robot, spider, scraper, or other automated or manual means to access this Website, or copy any content or information on this Website. 2nd.MD reserves the right to take whatever lawful actions it may deem appropriate in response to actual or suspected violations of the foregoing, including, without limitation, the suspension or termination of the user's access and/or account. 2nd.MD may cooperate with legal authorities and/or third parties in the investigation of any suspected or alleged crime or civil wrong. Except as may be expressly limited by the Privacy Policy, 2nd.MD reserves the right at all times to disclose any information as required by Law after first giving you the opportunity to seek a protective order or motion to quash, unless prohibited by law.
Right to Monitor - 2nd.MD neither actively monitors general use of this Website under normal circumstances nor exercises editorial control over the content of any third party's website, e-mail transmission, news group, or other material created or accessible over or through this Website. However, 2nd.MD does reserve the right to monitor such use at any time as it deems appropriate and to remove any materials that, in 2nd.MD's sole discretion, may be illegal, may subject 2nd.MD or other third party to liability, may violate these Terms of Use, or are, in the sole discretion of 2nd.MD, inconsistent with 2nd.MD's purpose for this Website.
No 2nd.MD Editorial Control of Third Party Content; No Statement as to Accuracy - To the extent that any of the Content included in the Website is provided by third party content providers or other Website users, 2nd.MD has no editorial control or responsibility over such Content. Therefore, any opinions, statements, products, services or other information expressed or made available by third party suppliers or users on this Website are those of such third party suppliers or users, respectively. 2nd.MD does not represent or endorse the accuracy or reliability of any opinion, statement or other information provided by any third party, or represent or warrant that your use of the Content displayed on this Website or referenced content or service providers will not infringe rights of third parties not owned by or affiliated with 2nd.MD.
Links to Third Party Websites - This Website may contain hyperlinks to other sites owned and operated by parties other than 2nd.MD. Such hyperlinks are provided only for ready reference and ease of use. We do not control such websites and cannot be held responsible for their content or accuracy and do not endorse these sites unless we specifically so state. In the event this Website provides hyperlinks to other websites that are not owned, operated or maintained by 2nd.MD, you acknowledge and agree that 2nd.MD is not responsible for and is not liable for the content, products, services or other materials on or available from such websites. We accept no liability for any information, products, advertisements, content, services or software accessible through these third party websites or for any action you may take as a result of linking to any such website. Any such websites are likely to set forth specific terms of use and privacy policies that you should review. 2nd.MD is under no obligation to maintain any link on this Website and may remove a link at any time in its sole discretion for any reason whatsoever. 2nd.MD shall not be responsible or liable, directly or indirectly, for any damages or losses caused or alleged to be caused by or in connection with the use of or reliance on such content, products, services or other materials available on or through any such website. 2nd.MD is not responsible for the privacy practices of any other websites.
Customer Confidential | Page 30 of 38 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
Disclaimer - Content and other information contained on this Website has been prepared by 2nd.MD as a convenience to its users and is not intended to constitute advice or recommendations upon which a user may rely. 2nd.MD has used reasonable efforts in collecting, preparing and providing quality information and material, but makes no warranty or guarantee about the accuracy, completeness, or adequacy of the Content or other information contained in or linked to this Website or any other Website maintained by 2nd.MD. Users relying on Content or other information from this Website do so at their own risk.
THE 2nd.MD WEBSITE IS PROVIDED ON AN "AS IS" OR "AS AVAILABLE" BASIS. 2nd.MD AND ITS LICENSEES (INCLUDING THE SPECIALISTS AND PROFESSIONALS UTILIZING THE WEBSITE), TO THE FULLEST EXTENT PERMITTED BY LAW, DISCLAIM ALL WARRANTIES AND CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED, STATUTORY OR OTHERWISE, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY, NON- INFRINGEMENT OF THIRD PARTIES' RIGHTS, SATISFACTORY QUALITY AND FITNESS FOR PARTICULAR PURPOSE. 2nd.MD MAKES NO WARRANTY THAT THE CONTENT IS ACCURATE, TIMELY, UNINTERRUPTED, VIRUS- FREE OR ERROR-FREE, OR THAT ANY SUCH PROBLEMS WILL BE CORRECTED.
Limitation of Liability
IN NO EVENT SHALL 2nd.MD, ITS LICENSEES (INCLUDING THE SPECIALISTS AND PROFESSIONALS UTILIZING THE WEBSITE), OR ANY THIRD PARTIES MENTIONED ON THE WEBSITE BE LIABLE FOR ANY DAMAGES (INCLUDING, WITHOUT LIMITATION, INCIDENTAL AND CONSEQUENTIAL DAMAGES, PERSONAL INJURY/WRONGFUL DEATH, LOST PROFITS, OR DAMAGES RESULTING FROM LOST DATA OR BUSINESS INTERRUPTION) RESULTING FROM THE USE OF OR INABILITY TO USE THE WEBSITE, WHETHER BASED ON WARRANTY, CONTRACT, TORT, OR ANY OTHER LEGAL THEORY, AND WHETHER OR NOT 2nd.MD ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 2NDMD, ITS LICENSEES (INCLUDING THE SPECIALISTS AND PROFESSIONALS UTILIZING THE WEBSITE), OR ANY THIRD PARTIES MENTIONED ON THE WEBSITE SHALL BE LIABLE ONLY TO THE EXTENT OF ACTUAL DAMAGES INCURRED BY YOU, NOT TO EXCEED U.S. $1,000. 2nd.MD, ITS LICENSEES (INCLUDING THE SPECIALISTS AND PROFESSIONALS UTILIZING THE WEBSITE), OR ANY THIRD PARTIES MENTIONED ON THE WEBSITE ARE NOT LIABLE FOR ANY PERSONAL INJURY, INCLUDING DEATH, CAUSED BY YOUR USE OR MISUSE OF THE WEBSITE. ANY CLAIMS ARISING IN CONNECTION WITH YOUR USE OF THE WEBSITE MUST BE BROUGHT WITHIN ONE (1) YEAR OF THE DATE OF THE EVENT GIVING RISE TO SUCH ACTION OCCURRED. YOU UNDERSTAND AND AGREE THAT YOUR USE OF THE WEBSITE IS PREDICATED UPON YOUR WAIVER OF ANY RIGHT TO PARTICIPATE IN A CLASS ACTION SUIT FOR ANY LOSSES OR DAMAGES RESULTING FROM YOUR USE OF THE WEBSITE.
CERTAIN STATE LAWS DO NOT ALLOW LIMITATIONS ON IMPLIED WARRANTIES OR THE EXCLUSION OR LIMITATION OF CERTAIN DAMAGES. IF THESE LAWS APPLY TO YOU, SOME OR ALL OF THE ABOVE DISCLAIMERS, EXCLUSIONS, OR LIMITATIONS MAY NOT APPLY TO YOU, AND YOU MIGHT HAVE ADDITIONAL RIGHTS.
Notices - Any notices to you from 2nd.MD regarding the Website or these Terms of Use will be posted on this Website or made by e-mail or regular mail.
Electronic Communications - When you visit this Website or send e-mails to us, you are communicating with us electronically. You consent to receive communications from us electronically. We will communicate with you by e- mail or by posting notices on this Website. You agree that all agreements, notices, disclosures and other communications that we provide to you electronically satisfy any legal requirement that such communications be in writing. You further agree that any notices provided by us electronically are deemed to be given and received on the date we transmit any such electronic communication as described in these Terms of Use.
Customer Confidential | Page 31 of 38 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
General Provisions
Entire Agreement - These Terms of Use, the Contract, and other policies 2nd.MD may post on this Website constitute the entire agreement between 2nd.MD and you in connection with your use of this Website including, without limitation, the User Portal, and supersedes any prior agreements between 2nd.MD and you regarding use of this Website, including prior versions of these Terms of Use.
Governing Law; Severability of Provisions - The Terms of Use are governed by the laws of the State of Texas, USA and controlling United States Federal Law without regard to any conflicts of law provisions. All parts of these Terms of Use apply to the maximum extent permitted by law. We both agree that if we cannot enforce a part of this contract as written, then that part will be replaced with terms that most closely match the intent of the part we cannot enforce to the extent permitted by law. The invalidity of part of these Terms of Use will not affect the validity and enforceability of the remaining provisions. The section headings are for convenience and do not have any force or effect.
No Agency Relationship - Neither these Terms of Use, nor any Content, materials or features of this Website create any partnership, joint venture, employment, or other agency relationship between us. You may not enter into any contract on our behalf or bind us in any way.
Remedies - You agree that any violation, or threatened violation, by you of these Terms of Use constitutes an unlawful and unfair business practice that will cause us irreparable and unquantifiable harm. You also agree that monetary damages would be inadequate for such harm and consent to our obtaining any injunctive or equitable relief that we deem necessary or appropriate. These remedies are in addition to any other remedies we may have at law or in equity.
Contacting Us – If you have any questions or concerns about these Terms of Use, please contact us at support@2nd.md. We will attempt to respond to your questions or concerns promptly after we receive them.
Customer Confidential | Page 32 of 38 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
EXHIBIT A-4
PRIVACY POLICY
for HOSTED SERVICES of VENDOR
Introduction
2nd.MD is committed to respecting the privacy rights of our customers, visitors, doctors and other users of 2nd.MD's services.
Website Privacy Policy
The management and staff of Innovation Specialists LLC "2nd.MD" are committed to maintaining the confidentiality of non-public, personal information we collect from individuals who visit our website. We want you to understand how and why we collect, use and disclose the personal information about you on our website. This Website Privacy Policy ("Policy") provides you with information concerning our practices and procedures as they relate specifically to information we collect at this website. If you have additional questions or would like further information on this topic, please feel free to write to us at legal@2nd.MD. We may update this Policy from time to time, so please check this Policy periodically for changes. This Privacy Policy applies to this website and does not apply to any other products or services or to information collected in any other way (whether offline or online) by Innovation Specialists or its partnering entities.
Personal Information We Collect and Use at this Website
When you request information, subscribe to a mailing list or for a service or respond to an online survey, we may collect your personal information. We define "personal information" as information that is unique to you and might include your name, e-mail address(es), mailing address(es), telephone number and certain information related to the business you represent such as number of employees and industry type. If you encounter a screen or page that requests information you do not want to share with us, do not enter the information and do not proceed with that screen or page. If your personal information is required in order to allow us to respond to your inquiry, you will receive a notice advising you of this. In each such instance, you will know what personal information we collect through the website, because you actively submit it.
If you do provide us with personal information, we will only use it for the purposes described where it is collected, and we will not sell, license, transmit or disclose this information outside of Innovation Specialists or its partnering entities unless (1) you expressly authorize us to do so, (2) it is necessary to allow our service providers, partnering entities or agents to provide services for us or for you, (3) in order to provide our products or services or those of our partnering entities to you, (4) it is disclosed to entities that perform marketing services on our behalf or to other entities with whom we have joint marketing agreements, (5) it is necessary in connection with a sale of all or substantially all of the assets of Innovation Specialists or the merger of Innovation Specialists into another entity or any consolidation, equity exchange, combination, reorganization, or like transaction in which Innovation Specialists is not the survivor, or (6) otherwise as we are required or permitted by law.
If you are a California resident, you may ask us to refrain from sharing your information (whether collected online or offline) with third parties for their marketing purposes. Please tell us your preference by contacting us as indicated in the "How to Contact Us" section of this Policy.
We appreciate your questions and comments about our website and services and welcome your email messages to mailboxes listed on our website. We will share your messages with those within our organization who are most capable of addressing the issues contained in your message. We will keep a copy of your message until we have had an opportunity to address your concerns. We may archive your message for a certain period of time or discard it, but your email address will not be used for any other purpose.
Confidentiality and Security Measures
We restrict access to personal information collected about you at our website to our employees or others who need to know that information to provide services to you or in the course of conducting our normal business operations. While no website can guarantee security, we maintain appropriate physical, electronic, and procedural safeguards to protect your personal information collected via the website. We protect our databases with various physical, technical and procedural measures and we restrict access to your information by unauthorized persons. We also advise all Innovation Specialists employees about their responsibility to protect customer data and we provide them with appropriate guidelines for adhering to our company's business ethics standards and confidentiality policies.
Customer Confidential | Page 33 of 38 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
We respect our current and former customers' privacy and we value your business.
Innovation Specialists will comply with applicable HIPAA Security and HITECH requirements to develop, document, implement, maintain and use reasonable administrative, technical and physical safeguards to preserve the integrity, availability and confidentiality of Protected Health Information created for or received from "covered entities" as defined under HIPAA.
Use of "Cookies" or Other Data Collection Tools
A cookie is a piece of information which a web server may place on your computer when you visit a website. Cookies are commonly used by websites to improve the user experience and have not been known to transmit computer viruses or otherwise harm your computer. Many cookies last only through a single website session, or visit. Others may have an expiration date, or may remain on your computer until you delete them.
We may use cookies for a number of purposes - for example, to maintain continuity during a user session, to gather data about the usage of our website for research and other purposes, to store your preferences for certain kinds of information and marketing offers, or to store a user name or encrypted identification number so that you do not have to provide this information every time you return to our website.
Our cookies will track only your activity relating to your online activity on this website, and will not track your other Internet activity. Our cookies do not gather personally identifiable information.
You can decide if and how your computer will accept a cookie by configuring your preferences or options in your browser. However, if you choose to reject cookies, you may not be able to use certain of our online products and services or website features.
We may occasionally use other companies to set cookies on our website and gather cookie information for us. In some cases, we may also use another company to operate web servers for our website. We use the cookie information gathered by these companies in the same manner as stated above.
In addition to the information we collect from cookies, we also obtain information which you provide to us online - for example, when you sign up for product updates or when you purchase products or otherwise communicate with us. In some cases, we retain both the cookie information and/or the information you provide to us online - for example, to complete a transaction you requested or to keep historical records of your past transactions. In other cases, we only retain the cookie and/or online information you give us if you request us to do so for your use in subsequent sessions.
Certain pages on our websites contain "web beacons" (also know as Internet tags, pixel tags and clear GIFs). These web beacons allow third parties to obtain information such as the IP address of the computer that downloaded the page on which the beacon appears, the URL of the page on which the beacon appears, the time the page containing the beacon was viewed, the type of browser used to view the page, and the information in cookies set by the third party.
An Internet Protocol ("IP") address is a unique identifier that certain electronic devices use to identify and communicate with each other on the Internet. When you visit our website, we may view the IP address (which may include the city, domain address and service provider) of the device you use to connect to the Internet. We use this information to determine the general physical location of the device and understand from what regions of the world our website visitors come. We also may use this information to enhance our website.
Customer Confidential | Page 34 of 38 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
Opt-Out
In connection with promotions or other projects, we may ask you specifically whether you have objections with respect to a certain kind of data use or sharing. If you opt-out under such circumstances, we will respect your decision. To opt out of receiving commercial communications, please click on the "opt-out" or "unsubscribe" link in the communication or please contact us at legal@2nd.MD. Your e-mail address will be removed from our marketing list. Please allow us a reasonable period of time in order to satisfy your request, as some promotions may already be in process.
Access
If personal information you have submitted through the website is no longer accurate, current, or complete, and you wish to update it, please send an e-mail to legal@2nd.MD. Upon appropriate request we will usually be glad to update or amend your information, but we reserve the right to use information obtained previously to verify your identity or take other actions that we believe are appropriate and lawful.
Links to other Websites
For your convenience we may provide links to other websites and web pages that we do not control. We cannot be responsible for the privacy practices of any websites or pages not under our control and we do not endorse any of these websites or pages, the services or products described or offered on such sites or pages, or any of the content contained on those sites or pages.
Visiting our Site from Outside of the United States
If you are visiting our site from outside the United States, please be aware that your information may be transferred to, stored or processed in the United States, where our central database is operated. The data protection and other laws of the United States and other countries might not be as comprehensive as those in your country, but please be assured that we take steps to protect your privacy.
Changes to Our Website Privacy Policy
We may change this Policy at any time and from time to time. The most recent version of the Policy is reflected by the version date located at the bottom of this Policy. This Policy is not intended to and does not create any contractual or other legal right in or on behalf of any party.
Customer Confidential | Page 35 of 38 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
EXHIBIT A-5
UHCGS
PREAMBLE
WHEREAS UnitedHealthcare Global Solutions provides certain network access and claims administrations services to foreign insurers and administrators around the world who provide insurance or administrative services to individuals who may receive medical treatment while they are in the U.S.;
WHEREAS UnitedHealthcare Global Solutions seeks to offer Vendor’s Services to its clients’ Members, who may be physically located in the U.S. or outside of the U.S. when accessing Vendor’s Services;
WHEREAS Vendor is willing to provide such Services in accordance with the terms set forth in the Agreement, this SOW and the additional terms and conditions set forth hereunder.
NOW, THEREFORE, in consideration of the mutual promises and covenants contained herein, Vendor and Customer agree as follows:
This Exhibit A-5 addresses key operational differences pertaining to Customer’s Client, UnitedHealthcare Global Solutions’ U.S. Networks and Administrative Services business (“UHCGS”), and the clients of UHCGS.
1. For the purposes of the Services provided to UHCGS, “Member” means an individual who has been pre- screened and pre-authorized by UHCGS and who may receive Services pursuant to the terms of a Client Contract. Prior to providing any Services for a UHCGS Member or Participant, Vendor must seek written confirmation from UHCGS that the Member or Participant has been pre-screened and pre-authorized by UHCGS to receive Services. If a Participant seeks to access the Services again after the initial or any subsequent Consultation, Vendor may not provide any Services to that Participant unless and until that Participant has been re-screened and re-authorized by UHCGS in each instance (screening of Members by UHCGS will include, but not be limited to screening to ensure compliance with U.S. Treasury Department Office of Foreign Assets Control (“OFAC”) requirements and approval of fees by UHCGS’s Client).
2. Notwithstanding Section 3.3 (Supplementary Services) of the SOW, Vendor will not provide any Supplementary Services except implementation of the Services and technical support for UHCGS and its clients.
3. Notwithstanding Section 4.1.5 (Use of Name) of the SOW, Vendor may not use UHCGS’s name or marks or the name or marks of UHCGS clients except as strictly necessary in order for Vendor to perform the Services set forth in the SOW or as otherwise agreed by UHCGS in writing. Vendor may not market or distribute sales or services material or to otherwise communicate with UHCGS clients or Members unless a Consultation has been initiated by UHCGS.
4. Notwithstanding Section 4.3.2 (Data) of the SOW, UHCGS will not send eligibility data to Vendor. Instead, UHCGS will nominate pre-screened and pre-authorized individuals to receive Services from Vendor on a case-by- case basis.
5. Notwithstanding Section 4.3.3 (Consultation) of the SOW, UHCGS will initiate all Consultations by nominating eligible UHCGS Members and providing the Member information directly to Vendor. Vendor will not direct UHCGS Members to a local, in-network provider. Instead, Vendor will transfer the UHCGS Member back to UHCGS for assistance in finding an appropriate provider. Prior to providing any Services for a UHCGS Member or Participant, Vendor must seek written confirmation from UHCGS that the Member or Participant has been pre- screened and pre-authorized to receive Services. If a Participant seeks to access the Services again after the initial or any subsequent Consultation, Vendor may not provide any Services to that Participant unless and until that Participant has been re-screened and re-authorized by UHCGS in each instance.
Customer Confidential | Page 36 of 38 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
6. Notwithstanding Section 4.4.1 (Member Education) of the SOW, Vendor will not perform any outreach whatsoever to UHCGS Clients or their Members or Participants unless a Consultation has been initiated by UHCGS.
7. Notwithstanding Section 7.1 (Protocols for Business Development) and Section 7.3.3 (Pipeline Management) of the SOW, UHCGS will not exchange UHCGS client or prospect information with Vendor, nor will UHCGS modify any sales or marketing activities pursuant to the terms of this SOW.
8. Notwithstanding Section 7.3.2 (Meetings with Clients, Meeting with Potential Clients) of the SOW, Vendor will participate in meetings with UHCGS and UHCGS’s proposed clients only at the request of UHCGS.
9. Notwithstanding the various pricing options set forth in Exhibit A-1 (Pricing) of the SOW, Vendor will charge Customer a Case Rate per Consultation plus any charges for translation services for UHCGS client Consultations. Pricing for Services for UHCGS will not be contingent upon UHCGS’s participation in any targeted outreach programs, minimum utilization or volume targets or monthly pricing. Pricing shall be as follows:
Item | Cost | Notes |
Consultation Case Rate | [***] |
· Case rate does not include Text-A-Specialist. · If translation services are needed during the Consultation, additional fees may apply. · UHCGS, Customer and Vendor have agreed to revisit Case Rate if translation services are needed for majority of cases. · If Participant fails to provide notice of cancellation or change [***] of the scheduled Consultation time, Vendor may bill UHCGS the case rate for the missed Consultation. |
Implementation fee (one time fee) | [***] |
· Includes: ○ Configuration of Vendor's platform to accept UHCGS cases. ○ Development and configuration of UHCGS client reports. ○ Training support for UHCGS account teams and other teams as necessary to explain value of Vendor services to clients. ○ Development of customer-facing materials including a one-page flyer and delivery of client webinars. |
Translation Services | [***] | · If translation services are needed for medical records collection or written consultation summary, UHCGS will be billed at [***]. |
Development of an Eligibility Feed | [***] | · UHCGS does not currently need any eligibility feed. If, in the future, Vendor will develop an eligibility feed with a higher frequency than monthly, there will be a fee for development. |
10. Vendor agrees to perform Services in accordance with all applicable laws, which may include U.S. and non-U.S. laws and may vary depending upon the physical location of the Member or Participant when the Services are performed. Applicable laws may include, but are not limited to, all applicable sanctions laws, export control laws and laws governing the Services in the jurisdiction in which the Member or Participant is physically located.
Customer Confidential | Page 37 of 38 | Rev 3.16.16 |
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENTS, MARKED BY [***], HAS BEEN OMITTED BECAUSE ACCOLADE, INC. HAS DETERMINED THE INFORMATION IS NOT MATERIAL.
11. Vendor represents and warrants that: (a) it is a duly organized and validly existing legal entity in good standing under the laws of its jurisdiction of organization; (b) it has all requisite corporate power and authority to conduct its business as presently conducted, and to execute, deliver and perform its obligations under this Agreement; and (c) it shall comply with all applicable laws and regulations, including without limitation obtaining and holding all registrations, permits, licenses, and other approvals and consents and making all filings required to conduct its business as presently conducted and to enter into and perform its obligations under this Agreement.
12. Vendor agrees that it shall not cause through its actions or omissions, in whole or in part, UHCGS to be in violation of applicable laws and regulations, including without limitation the U.S. Foreign Corrupt Practices Act (15 U.S.C. Sections 78dd-1 et seq.), U.S. Anti-boycott laws (15 CFR Part 760 et seq.) and Office of Foreign Asset Control statutes and regulations (31 C.F.R. Chapter V).
Customer Confidential | Page 38 of 38 | Rev 3.16.16 |
Exhibit 23.1
Consent of Independent Registered Public Accounting Firm
The Board of Directors
Accolade, Inc.:
We consent to the use of our report dated June 16, 2020, with respect to the consolidated balance sheets of Accolade, Inc. as of February 28, 2019 and February 29, 2020, and the related consolidated statements of operations, convertible preferred stock and stockholders’ deficit, and cash flows for the years then ended, and the related notes included herein and to the reference to our firm under the heading “Experts” in the prospectus.
/s/ KPMG LLP
Philadelphia, Pennsylvania
April 1, 2021