You can find our Term of Use, Privacy Policy, and standard BAA below.
Effective as of October 7 2024
Welcome. The following terms of use (the “Terms of Use”) apply when you (“you” or the “User”) view or use any of the DictateMD Inc. Dba Crosby Health (referred to herein as “DictateMD”, "Crosby Health", “our”, or “us”) websites, including www.crosbyhealth.com, app.crosbyhealth.com, demo.crosbyhealth.com or any of our web- or mobile applications (collectively, the “Services”). If a Master Subscription Agreement or similar Services Agreement is mutually signed by Subscriber and Crosby Health, that agreement shall govern your use of the Services. Please review the following Terms of Use carefully. By accessing or using the Service, you signify your agreement to these Terms of Use and our Privacy Policy, found below this Terms of Use document. If you do not agree to these Terms of Use, you must not access or use the Services.
About the Services
The Service allows you to 1)generate, write, and modify medical appeals and 2) utilize a web- and mobile-based platform to track information based on these appeals and 3) ask a limited amount of questions to our chat bot/LLM/AI. You may only use the Services in accordance with these Terms of Use, and may not use the Services to engage in any unlawful activity or fraudulent purpose or to infringe on the rights of Crosby Health or others.
Registration & Permitted Users
We reserve the right to withdraw or amend the Services, and any materials we provide through the Services, in our sole discretion without notice. We will not be liable if for any reason all or any part of the Services are unavailable at any time or for any period. From time to time, we may restrict access to some parts of the Services, or all of the Services, to users, including registered users.
If you want to access and use the Services, you must create an account (“Account”). It’s important that you provide us with accurate, complete, and up-to- date information for your Account. If you don’t, we might have to suspend or terminate your Account. You agree that you won’t disclose your Account password to anyone and you’ll notify us immediately of any unauthorized use of your Account. You’re responsible for all activities that occur under your Account, whether or not you know about them. You agree to notify us immediately of any unauthorized access to or use of your username or password or any other breach of security. You also agree to ensure that you exit from your account at the end of each session. You should use particular caution when accessing your account from a public or shared computer so that others are not able to view or record your password or other personal information. We have the right to disable any username, password, or other identifier, whether chosen by you or provided by us, at any time in our sole discretion for any or no reason, including if, in our opinion, you have violated any provision of these Terms of Use.
We are committed to protecting the privacy of children and have no intention of collecting personal information from individuals under the age of 18. If you are under the age of 18, do not submit personal information to the Services without the consent of your parent or guardian. Children under the age of 13 are not permitted to use the Services.
Online Content Disclaimer
Opinions, advice, statements, offers, or other information or content made available through the Services, but not directly by Crosby Health, are those of their respective authors, and should not necessarily be relied upon. Such authors are solely responsible for such content. Crosby Health does not guarantee the accuracy, completeness, or usefulness of any information on the Services and neither does Crosby Healthadopt nor endorse, nor is Crosby Health responsible for, the accuracy or reliability of any opinion, advice, or statement made by parties other than Crosby Health. Crosby Health takes no responsibility and assumes no liability for any User Content that you or any other User or third party posts or sends over the Services. Under no circumstances will Crosby Health be responsible for any loss or damage resulting from anyone’s reliance on information or other content posted on the Services, or transmitted to Users.
Though Crosby Health strives to enforce these Terms of Use, you may be exposed to User Content (defined below) that is inaccurate or objectionable. Crosby Health reserves the right, but has no obligation, to monitor the materials posted in the public areas of the service or to limit or deny a User’s access to the Services or take other appropriate action if a User violates these Terms of Use or engages in any activity that violates the rights of any person or entity or which we deem unlawful, offensive, abusive, harmful or malicious. Crosby Health shall have the right to remove any such material that in its sole opinion violates, or is alleged to violate, the law or this agreement or which might be offensive, or that might violate the rights, harm, or threaten the safety of Users or others. Unauthorized use may result in criminal and/or civil prosecution under Federal, State, and local law. If you become aware of misuse of our Services, please contact us at: info@crosbyhealth.com.
Not Medical Advice
Though Users may seek and access medical advice through the Services, the Services themselves, and all related content, do not consist of, nor provide, medical advice and are not a substitute for medical advice. Results, may vary. Always seek the advice of a licensed medical provider before undertaking any plan. Reliance on any information provided by or found on the Services is purely at your own risk. To the extent Users access medical advice through the Services, the medical provider is solely responsible for all advice, diagnosis, treatment, prescriptions, or other exchanges that may occur between such medical provider and User. Crosby Health is not liable for any action or inaction of such medical provider, regardless of whether a User accesses such medical provider through the Services.
Use Restrictions
Your permission to use the Services is conditioned upon the following. You agree that you will not, under any circumstances:
post any information that is abusive, threatening, obscene, defamatory, libelous,
use the Services for any unlawful purpose or in any way that violates any applicable federal, state, local, or international law or regulation (including, without limitation, any laws regarding the export of data or software to and from the US or other countries);
attempt to, or harass, abuse, or harm another person or group;
use another User’s Account without permission;
provide false or inaccurate information when registering an Account;
interfere or attempt to interfere with the proper functioning of the Services; or racially, sexually, religiously, or otherwise objectionable and offensive activities;
make any automated use of the Services, or take any action that we deem to impose or to potentially impose an unreasonable or disproportionately large load on our servers or network infrastructure; bypass any robot exclusion headers or other measures we take to restrict access to publish or link to malicious content intended to damage or disrupt another User’s the Services or use any software, technology, or device to scrape, spider, or crawl the Services or harvest or manipulate data; or browser or computer;
attempt to gain unauthorized access to, interfere with, damage, or disrupt any parts of the Services, the server on which the Services are stored or hosted, or any server, computer, or database connected to the Services; and
otherwise attempt to interfere with the proper working of the Services.
Further, when transmitting and submitting any User Content (as defined below) while using the Services, you agree as follows:
You are solely responsible for your account and the activity that occurs while signed in to or while using your account;
You will not post information that is malicious, false or inaccurate;
You will not submit content that is copyrighted or subject to third party proprietary rights, including privacy, publicity, trade secret, etc., unless you are the owner of such rights or have the appropriate permission from their rightful owner to specifically submit such content; and
You hereby affirm we have the right to determine whether any of your User Content submissions are appropriate and comply with these Terms of Use, remove any and/or all of your submissions, and terminate your Account with or without prior notice. You understand and agree that any liability, loss or damage that occurs as a result of the use of any User Content that you make available or access through your use of the Services is solely your responsibility. Crosby Health is not responsible for any public display or misuse of your User Content. Crosby Health does not, and cannot, pre-screen or monitor all User Content. However, at our discretion, we, or technology we employ, may monitor and/or record your interactions with the Services.
Monitoring and Enforcement; Termination
We have the right to:
Take any action with respect to any User Content (as defined herein) that we deem necessary or appropriate in our sole discretion, including if we believe that such User Content violates the Terms of Use, infringes any intellectual property right or other right of any person or entity, threatens the personal safety of users of the Services or the public, or could create liability for the Crosby Health.
Take appropriate legal action, including without limitation, referral to law enforcement, for any illegal or unauthorized use of the Services.
Terminate or suspend your access to all or part of the Services for any or no reason, including without limitation, any violation of these Terms of Use.
Without limiting the foregoing, we have the right to cooperate fully with any law enforcement authorities or court order requesting or directing us to disclose the identity or other information of anyone posting any materials on or through the Services. YOU WAIVE AND HOLD HARMLESS CROSBY HEALTH AND ITS AFFILIATES, LICENSEES, AND SERVICE PROVIDERS FROM ANY CLAIMS RESULTING FROM ANY ACTION TAKEN BY ANY OF THE FOREGOING PARTIES DURING, OR TAKEN AS A CONSEQUENCE OF, INVESTIGATIONS BY EITHER SUCH PARTIES OR LAW ENFORCEMENT AUTHORITIES.
We have no liability or responsibility to anyone for performance or nonperformance of the activities described in this section.
Intellectual Property
As between you and Crosby Health, all content on the Services, including its appearance and look and feel, is owned by Crosby Health unless otherwise expressly indicated through the Services. You acknowledge and agree that we and our licensors retain ownership of all intellectual property rights of any kind related to the Services, including applicable copyrights, trademarks and other proprietary rights, and are protected by United States and international copyright, trademark, patent, trade secret, and other intellectual property or proprietary rights laws. You may not modify, copy, distribute, transmit, display, perform or create derivative works from the content, information or material on the Services. Other product and company names that are mentioned on the Services may be trademarks of their respective owners. We reserve all rights that are not expressly granted to you under these Terms of Use. Any Crosby Health trademarks, trade dress, service marks or trade names that appear on the Services or are referenced through the Services are the property of Crosby Health and no license or other right to use such marks, names or dress shall be deemed granted to any User without the express written permission of Crosby Health.
User Content & License
You understand and acknowledge that you are solely responsible for all information, data, text or other materials or content that you post, transmit privately or make public via the Services (“User Content”) and that Crosby Health is not responsible or liable for this information. When you post, transmit or make information public through the Services, you grant Crosby Health a royalty-free, sublicensable, transferable, perpetual, irrevocable, non-exclusive, worldwide license to use, reproduce, modify, publish, list information regarding, for the express purpose of providing the Services to you. You agree that we are only acting as a passive conduit for your online distribution and publication of your User Content. Crosby Health, however, reserves the right to remove any User Content from the Services at its discretion.
Subscription Fees and Charges
User agrees to pay the fees for the Services in accordance with the applicable fee schedules and User authorizes Crosby Health to charge the User's designated card on file, as specified by User through the Services, for all fees in USD as they become payable. Unless otherwise explicitly stated in a mutually signed Organization Master Subscription or Service Agreement under Crosby Health’s plans, fees for the Services are typically based on month-to-month or annual basis starting from the date when the User commences Services (so, for example, if User is on a monthly plan and activates Crosby Health subscription January 2nd, he/she is paying for the next month, and will be billed again February 2nd via credit card on file. If User is on an annual plan and activates subscription March 4th 2010, the next subscription payment will process March 4, 2011). User is required to pay fees in full independent of any log ins or utilization of the Service. When a User upgrades their account mid-payment cycle, "already-paid fees" will be applied on a pro-rated basis towards new subscription. When a User downgrades their subscription mid-cycle, changes will go into effect at the next payment period. All fees are non-refundable and non-transferrable, including annual contracts. In the case of canceling an annual contract, subscription will end at the 365th day from payment.
Sales Tax: The customer/subscriber acknowledges that it is responsible for any sales, value-added, use or other taxes, tariffs, and governmental charges that are due in connection with the sale and provision of the Services, access to the Crosby Health System hereunder (except taxes based on Crosby Health's net income for which Crosby Health shall be solely responsible) and that if Crosby Health is required to pay any such taxes or charges based on the Crosby Health System, the Services or other items provided to Subscriber, then such charges shall be billed to and paid by Subscriber. Subscriber shall obtain and provide to Crosby Health any certificate of exemption or similar document required to exempt any transaction under this Agreement from sales tax, use tax, or other tax liability.
Links to Other Sites
As part of the Services, Crosby Health may provide you with convenient links to third party website(s) (“Third Party Sites”), as well as content or items belonging to or originating from third parties (the “Third Party Applications, Software or Content”). These links are provided as a courtesy to our Users. The Company has no control over Third Party Sites and Third Party Applications, Software or Content or the promotions, materials, information, goods or services available on these Third Party Sites or Third Party Applications, Software or Content. Such Third Party Sites and Third Party Applications, Software or Content are not investigated, monitored or checked for accuracy, appropriateness, or completeness by Crosby Health, and Crosby Health is not responsible for any Third Party Sites accessed through the Services or any Third Party Applications, Software or Content posted on, available through or installed from the Services, including the content, accuracy, offensiveness, opinions, reliability, privacy practices or other policies of or contained in the Third Party Sites or the Third Party Content. Inclusion of, linking to or permitting the use or installation of any Third Party Services or any Third Party Applications, Software or Content does not imply approval or endorsement thereof by Crosby Health. If you decide to leave the Services and access the Third Party Sites or to use or install any Third Party Applications, Software or Content, you do so at your own risk and you should be aware that our terms and policies no longer govern. You should review the applicable terms and policies, including privacy and data gathering practices, of any site to which you navigate from our Services or relating to any applications you use or install from our Services.
Copyright Complaints
(a) Termination of Repeat Infringer Accounts. Crosby Health respects the intellectual property rights of others and requests that the Users do the same. Pursuant to 17 U.S.C. 512(i) of the United States Copyright Act, Crosby Health has adopted and implemented a policy that provides for the termination in appropriate circumstances of Users of the Services who are repeat infringers. Crosby Health may terminate access for participants or users who are found repeatedly to provide or post protected third party content without necessary rights and permissions.
(b) DMCA Take-Down Notices. If you are a copyright owner or an agent thereof and believe, in good faith, that any materials provided on the Services infringe upon your copyrights, you may submit a notification pursuant to the Digital Millennium Copyright Act (see 17 U.S.C. 512) (“DMCA”) by sending the following information via electronic mail to Crosby Health’s designated copyright agent at: info@crosbyhealth.com.
The date of your notification;
A physical or electronic signature of a person authorized to act on behalf of the copyright owner.
A description of the copyrighted work claimed to have been infringed, or, if owner of an exclusive right that is allegedly infringed; multiple copyrighted works at a single online site are covered by a single notification, a representative list of such works at that site;
A description of the material that is claimed to be infringing or to be the subject of
Information reasonably sufficient to permit the service provider to contact you, infringing activity and information sufficient to enable us to locate such work; such as an address, telephone number, and/or email address;
A statement that you have a good faith belief that use of the material in the
A statement that the information in the notification is accurate, and under penalty manner complained of is not authorized by the copyright owner, its agent, or the law; and of perjury, that you are authorized to act on behalf of the owner of an exclusive right that is allegedly infringed.
(c) Counter-Notices. If you believe that your User Content that has been removed from the Services is not infringing, or that you have the authorization from the copyright owner, the copyright owner’s agent, or pursuant to the law, to post and use the content in your User Content, you may send a counter-notice containing the following information to our copyright agent using the contact information set forth above:
Your physical or electronic signature;
A description of the content that has been removed and the location at which the content appeared before it was removed;
A statement that you have a good faith belief that the content was removed as a
Your name, address, telephone number, and email address, a statement that you result of a mistake or a misidentification of the content; and consent to the jurisdiction of the federal court in Delaware and a statement that you will accept service of process from the person who provided notification of the alleged infringement. If a counter-notice is received by Crosby Health copyright agent, Crosby Health may send a copy of the counter-notice to the original complaining party informing such person that it may reinstate the removed content in 10 business days. Unless the copyright owner files an action seeking a court order against the content provider, member or User, the removed content may (in Crosby Health's discretion) be reinstated to the Services in ten (10) to fourteen (14) business days or more after receipt of the counter-notice
Electronic Communications
For contractual purposes, you (a) consent to receive communications from Crosby Health in an electronic form via the email address you have submitted; and (b) agree that all Terms of Use, agreements, notices, disclosures, and other communications that Crosby Health provides to you electronically satisfy any legal requirement that such communications would satisfy if it were in writing. The foregoing does not affect your non-waivable rights.We may also use your email address, to send you other messages, including information about Crosby Health and special offers. You may opt out of such email by changing your account settings or sending an email to info@crosbyhealth.com. Opting out may prevent you from receiving messages regarding Crosby Health or special offers. Communications made by you through the Services’ e-mail and messaging system shall not constitute legal notice to Crosby Health or any of its officers, employees, agents or representatives in any situation where notice to Crosby Health is required by contract or any law or regulation to be in writing.
Warranty Disclaimer
You understand that we cannot and do not guarantee or warrant that files available for downloading from the internet or the Services will be free of viruses or other destructive code. You are responsible for implementing sufficient procedures and checkpoints to satisfy your particular requirements for anti-virus protection and accuracy of data input and output, and for maintaining a means external to our site for any reconstruction of any lost data. TO THE FULLEST EXTENT PROVIDED BY LAW, WE WILL NOT BE LIABLE FOR ANY LOSS OR DAMAGE CAUSED BY A DISTRIBUTED DENIAL-OF-SERVICE ATTACK, VIRUSES, OR OTHER TECHNOLOGICALLY HARMFUL MATERIAL THAT MAY INFECT YOUR COMPUTER EQUIPMENT, COMPUTER PROGRAMS, DATA, OR OTHER PROPRIETARY MATERIAL DUE TO YOUR USE OF THE SERVICES OR PRODUCTS OBTAINED THROUGH THE SERVICES OR TO YOUR DOWNLOADING OF ANY MATERIAL THROUGH THE SERVICES, OR ON ANY SITE LINKED TO THE SERVICES.
YOUR USE OF THE SERVICES, ITS CONTENT, AND ANY SERVICES OR PRODUCTS OBTAINED THROUGH THE SERVICES IS AT YOUR OWN RISK. THE SERVICES, ITS CONTENT, AND ANY SERVICES OR PRODUCTS OBTAINED THROUGH THE SERVICES ARE PROVIDED “AS IS” AND ON AN “AS AVAILABLE” BASIS, WITHOUT WARRANTY OF ANY KIND, WHETHER EXPRESS OR IMPLIED. NEITHER CROSBY HEALTH NOR ANY PERSON ASSOCIATED WITH CROSBY HEALTH MAKES ANY WARRANTY OR REPRESENTATION WITH RESPECT TO THE COMPLETENESS, SECURITY, RELIABILITY, QUALITY, ACCURACY, OR AVAILABILITY OF THE SITE. WITHOUT LIMITING THE FOREGOING, NEITHER CROSBY HEALTH NOR ANYONE ASSOCIATED WITH CROSBY HEALTH REPRESENTS OR WARRANTS THAT THE SITE, ITS CONTENT, OR ANY SERVICES OR PRODUCTS OBTAINED THROUGH THE SITE WILL BE ACCURATE, RELIABLE, ERROR-FREE, OR UNINTERRUPTED, THAT DEFECTS WILL BE CORRECTED, THAT OUR SITE OR THE SERVER THAT MAKES IT AVAILABLE ARE FREE OF VIRUSES OR OTHER HARMFUL COMPONENTS, OR THAT THE SITE OR ANY SERVICES OR PRODUCTS OBTAINED THROUGH THE SITE WILL OTHERWISE MEET YOUR NEEDS OR EXPECTATIONS
WITHOUT LIMITING THE FOREGOING, CROSBY HEALTH EXPRESSLY DISCLAIMS ALL WARRANTIES, WHETHER EXPRESS, IMPLIED OR STATUTORY, REGARDING THE SERVICES INCLUDING WITHOUT LIMITATION ANY WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, SECURITY, ACCURACY AND NON-INFRINGEMENT. YOU ASSUME FULL RESPONSIBILITY AND RISK OF LOSS RESULTING FROM YOUR DOWNLOADING AND/OR USE OF FILES, INFORMATION, CONTENT OR OTHER MATERIAL OBTAINED FROM THE SERVICES. SOME JURISDICTIONS LIMIT OR DO NOT PERMIT DISCLAIMERS OF WARRANTY, SO THIS PROVISION MAY NOT APPLY TO YOU.
Limitation of Damages
TO THE EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL CROSBY HEALTH ITS AFFILIATES, DIRECTORS, OR EMPLOYEES, OR ITS LICENSORS OR PARTNERS, BE LIABLE TO YOU FOR ANY DAMAGES OF ANY KIND, UNDER ANY LEGAL THEORY, INCLUDING WITHOUT LIMITATION LOSS OF PROFITS, USE, OR DATA, OR FOR ANY INCIDENTAL, INDIRECT, SPECIAL, CONSEQUENTIAL, PUNITIVE, OR EXEMPLARY DAMAGES, HOWEVER ARISING, THAT RESULT FROM, OR IN CONNECTION WITH (A) THE USE, DISCLOSURE, OR DISPLAY OF YOUR USER CONTENT; (B) YOUR USE OR INABILITY TO USE THE SERVICES; (C) THE SERVICES GENERALLY OR THE SOFTWARE OR SYSTEMS THAT MAKE THE SERVICES AVAILABLE; OR (D) ANY OTHER INTERACTIONS WITH CROSBY HEALTH OR ANY OTHER USER OF THE SERVICES, WHETHER BASED ON WARRANTY, CONTRACT, TORT (INCLUDING NEGLIGENCE) OR ANY OTHER LEGAL THEORY, AND WHETHER OR NOT CROSBY HEALTH HAS BEEN INFORMED OF THE POSSIBILITY OF SUCH DAMAGE, AND EVEN IF A REMEDY SET FORTH HEREIN IS FOUND TO HAVE FAILED OF ITS ESSENTIAL PURPOSE. SOME JURISDICTIONS LIMIT OR DO NOT PERMIT DISCLAIMERS OF LIABILITY, SO THIS PROVISION MAY NOT APPLY TO YOU. THE FOREGOING DOES NOT AFFECT ANY LIABILITY THAT CANNOT BE EXCLUDED OR LIMITED UNDER APPLICABLE LAW.
If you have a dispute with one or more Users, a third-party provider of a product or service (including health and wellness providers, software tools, an organization that has purchased or utilizes the Services, and/or other health care providers), that you interact with using the Services, you release us (and our officers, directors, agents, subsidiaries, joint ventures and employees) from claims, demands and damages (actual and consequential) of every kind and nature, known and unknown, arising out of or in any way connected with such disputes. If you are a California resident, you waive California Civil Code §1542, which says: “A general release does not extend to claims which the creditor does not know or suspect to exist in his favor at the time of executing the release, which if known by him must have materially affected his settlement with the debtor.”
Indemnification
You agree to defend, indemnify, and hold harmless Crosby Health , its affiliates, licensors, and service providers, and its and their respective officers, directors, employees, contractors, agents, licensors, suppliers, successors, and assigns from and against any claims, liabilities, damages, judgments, awards, losses, costs, expenses, or fees (including reasonable attorneys' fees, and claims between you and Crosby Health) arising out of or relating to your violation of these Terms of Use or your use of the Services, including, but not limited to, your User Content, any use of the Content, Services, and products other than as expressly authorized in these Terms of Use, or your use of any information obtained through the Services.
Modification of Terms
We can amend these Terms of Use at any time and in our sole discretion and will update these Terms of Use in the event of any such amendments. All changes are effective immediately when we post them, and apply to all access to and use of the Services thereafter. It is your sole responsibility to check the Services from time to time to view any such changes in the Agreement. If you continue to use the Services, you signify your agreement to our revisions to these Terms of Use. However, we will notify you of material chances to the terms by posting a notice on our homepage and/or sending an email to the email address you provided to us upon registration. For this additional reason, you should keep your contact and profile information current. Any changes to these Terms (other than as set forth in this paragraph) or waiver of Crosby Health’s rights hereunder shall not be valid or effective except in a written agreement bearing the physical signature of an officer of Crosby Health. No purported waiver or modification of this Agreement by Crosby Health via telephonic or email communications shall be valid.
Privacy Policy
Crosby Health respects the privacy of our Users. Please refer to Crosby Health's Privacy Policy below which explains how we collect, use, and disclose information that pertains to your privacy. When you access or use the Services, you signify your agreement to this Privacy Policy.
General Terms
If any part of these Terms of Use is held invalid or unenforceable, that portion of the Terms of Use will be construed consistent with applicable law. The remaining portions will remain in full force and effect. Any failure on the part of Crosby Health to enforce any provision of these Terms of Use will not be considered a waiver of our right to enforce such provision. Our rights under the Terms of Use will survive any termination of the Terms of Use. You agree that any cause of action related to or arising out of your relationship with Crosby Health must commence within one year after the cause of action accrues. Otherwise, such cause of action is permanently barred. These Terms of Use and your use of the Services are governed by the federal laws of the United States of America and the laws of the State of Delaware without regard to conflict of law provisions.
Crosby Health may assign or delegate these Terms of Use and/or Crosby Health's Privacy Policy, in whole or in part, to any person or entity at any time with or without your consent. You may not assign or delegate any rights or obligations under the Terms of Use or Privacy Policy without Crosby Health's prior written consent, and any unauthorized assignment and delegation by you is void.
YOU ACKNOWLEDGE THAT YOU HAVE READ THESE TERMS OF USE, UNDERSTAND THE TERMS OF USE, AND WILL BE BOUND BY THESE TERMS AND CONDITIONS. YOU FURTHER ACKNOWLEDGE THAT THESE TERMS OF USE TOGETHER WITH THE PRIVACY POLICY BELOW, REPRESENT THE COMPLETE AND EXCLUSIVE STATEMENT OF THE AGREEMENT BETWEEN US AND THAT IT SUPERSEDES ANY PROPOSAL OR PRIOR AGREEMENT ORAL OR WRITTEN, AND ANY OTHER COMMUNICATIONS BETWEEN US RELATING TO THE SUBJECT MATTER OF THIS AGREEMENT.
Contact Information: If you have any questions about these Terms of Use or the Services, please contact Crosby Health at info@crosbyhealth.com
Effective as of June 1, 2022.
This Privacy Policy describes how DictateMD, Inc dba Crosby Health. and our subsidiaries and affiliates (collectively "Crosby Health," "DictateMD", "we", “us” or "our") handle personal information that we collect through our digital properties that link to this Privacy Policy, including our website (collectively, the “Service”), and other activities described in this Privacy Policy.
Information you provide to us. Personal information you provide to us through the Service or otherwise may include:
Third party sources. We may combine personal information we receive from you with personal information we obtain from other sources, such as:
Automatic data collection. We, our service providers, and our business partners may automatically log information about you, your computer or mobile device, your activity over time on our sites and other online services, and your interactions with our marketing communications such as:
Cookies and similar technologies. Like many online services, we may use the following technologies:
Web beacons, also known as pixel tags or clear GIFs, which are used to demonstrate that a webpage or email was accessed or opened, or that certain content was viewed or clicked.
We may use your personal information for the following purposes or as otherwise described at the time we collect it:
Service delivery. We may use your personal information to:
Research and development. We may use your personal information for research and development purposes, including to analyze and improve the Service and our business. As part of these activities, we may create aggregated, de-identified or other anonymous data from personal information we collect. We make personal information into anonymous data by removing information that makes the data personally identifiable to you. We may use this anonymous data and share it with third parties for our lawful business purposes, including to analyze and improve the Service and promote our business.
Marketing and advertising. We and our third-party advertising partners may collect and use your personal information for marketing and advertising purposes:
Compliance and protection. We may use your personal information to:
We may share your personal information with the following parties and as otherwise described in this Privacy Policy or at the time of collection:
Affiliates. Our corporate parent, subsidiaries, and affiliates, for purposes consistent with this Privacy Policy.
Business partners. Companies that have entered into joint marketing relationships or other joint ventures with us.
Service providers. Companies and individuals that provide services on our behalf or help us operate the Service or our business (such as information technology, hosting, customer relationship management and support, email delivery, advertising, marketing, and website analytics).
Advertising partners. Third party advertising companies that collect information about your activity on the Service and other online services to help us advertise our services, and/or use customer lists that we share with them to deliver ads on their platforms on our behalf to those customers and similar users.
Professional advisors. Professional advisors, such as lawyers, auditors, bankers and insurers, where necessary in the course of the professional services that they render to us.
Authorities and others. Law enforcement, government authorities, and private parties, as we believe in good faith to be necessary or appropriate for the compliance and protection purposes described above.
Business transferees. Acquiring and other relevant parties to business transactions (or potential transactions) involving a corporate divestiture, merger, consolidation, acquisition, reorganization, sale or other disposition of all or any portion of the business or assets of, or equity interests in, Crosby Health or our affiliates (including, in connection with a bankruptcy or similar proceedings).
You have the following choices with respect to your personal information.
Access or update your information. If you have registered for an online account with us, you may review and update certain account information from your account.
Opt-out of marketing communications. You may opt-out of marketing-related emails by following the opt-out or unsubscribe instructions at the bottom of the email, or by contacting us. You may continue to receive service-related and other non-marketing emails.
Cookies. Most browsers let you remove and/or stop accepting cookies from the websites you visit. To do this, follow the instructions in your browser’s settings. Many browsers accept cookies by default until you change your settings. If you do not accept cookies, however, you may not be able to use all functionality of the Service and it may not work properly. For more information about cookies, including how to see what cookies have been set on your browser and how to manage and delete them, visit www.allaboutcookies.org. We may use Google Analytics to help us understand user activity on the Sites. You can learn more about Google Analytics cookies at https://developers.google.com/analytics/resources/concepts/gaConceptsCookies and about how Google protects your data at http://www.google.com/analytics/learn/privacy.html. You can prevent the use of Google Analytics relating to your use of our Sites by downloading and installing a browser plugin available at https://tools.google.com/dlpage/gaoptout?hl=en.
Advertising choices. You can limit use of your information for interest-based advertising by:
You will need to apply these opt-out settings on each device from which you wish to opt-out.
Do Not Track. Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to “Do Not Track” or similar signals. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.
Declining to provide information. We need to collect personal information to provide certain services. If you do not provide the information we identify as mandatory, we may not be able to provide those services.
The Service may contain links to websites, mobile applications, and other online services operated by third parties. These links are not an endorsement of, or representation that we are affiliated with, any third party. In addition, our content may be included on web pages or in mobile applications or other online services that are not associated with us. We do not control websites, mobile applications or online services operated by third parties, and we are not responsible for their actions.
We employ a number of technical, organizational and physical safeguards designed to protect the personal information we collect. However, security risk is inherent in all internet and information technologies and we cannot guarantee the security of your personal information.
We are headquartered in the United States and may use service providers that operate in other countries. Your personal information may be transferred to the United States or other locations where privacy laws may not be as protective as those in your state, province, or country.
The Service is not intended for use by children under 18 years of age. If we learn that we have collected personal information through the Service from a child under 18 without the consent of the child’s parent or guardian as required by law, we will delete it.
We reserve the right to modify this Privacy Policy at any time. If we make changes to this Privacy Policy, we will notify you by updating the date of this Privacy Policy and posting it on the Service. If required by law we will also provide notification of changes in another way that we believe is reasonably likely to reach you, such as via email or another manner through the Service. Any modifications to this Privacy Policy will be effective upon our posting the modified version (or as otherwise indicated at the time of posting). In all cases, your use of the Service after the effective date of any modified Privacy Policy indicates your acceptance of the modified Privacy Policy.
DictateMD, Inc. Dba Crosby Health
Effective as of May 25, 2018
This Agreement “Agreement” is made and entered into at the date and time your Crosby Health account is created as in between you (“Covered Entity”) and DictateMD, Inc. Dba Crosby Health (“Business Associate”), (individually a “Party,” and collectively the “Parties”), to define their respective rights and responsibilities with respect to the privacy and security of certain health information in connection with certain federal laws.
Background
The Covered Entity desires, and the Business Associate agrees to perform certain covered business functions that involve the disclosure of Protected Health Information from the Covered Entity to the Business Associate. In signing this Agreement, all Business Associates intend to protect the privacy and provide for the security of Protected Health Information disclosed to Business Associate in compliance with the HIPAA Statute and the HITECH Act. NOW THEREFORE, in consideration of the mutual promises and covenants, herein, and for other good and valuable consideration, the receipt and sufficiency of which is hereby acknowledged, the Parties agree as follows:
1. Definitions
For purposes of this Agreement, each of the following capitalized terms shall have the meaning set forth in this Section. Except as the context of a provision dictates otherwise, a term used in this Agreement that is not defined in this Section shall have the meaning accorded to it under HIPAA or HITECH, as applicable.
(a) Breach. “Breach” shall have the same meaning as the term “breach” in 45 CFR § 164.402.
(b) Business Associate. “Business Associate” shall have the same meaning as the term “business associate” in 45 CFR § 160.103.
(c) Covered Entity. “Covered Entity” shall have the same meaning as the term “Covered Entity” in 45 CFR § 160.103.
(d) Data Aggregation. “Data Aggregation” shall have the same meaning as the term “data aggregation” in 45 CFR § 164.501.
(e) Designated Record Set. “Designated Record Set” shall mean a group of records maintained by or for a Covered Entity that is (i) the medical records and billing records about individuals maintained by or for a covered health care Covered Entity; (ii) the enrollment, payment, claims adjudication, and case or medical management record systems maintained by or for a health plan; or (iii) used, in whole or in part, by or for the Covered Entity to make decisions about individuals. As used herein, the term “Record” means any item, collection or grouping of information that includes PHI and is maintained, collected, used, or disseminated by or for a Covered Entity as defined in 45 CFR § 164.501.
(f) HIPAA. “HIPAA” shall mean the Health Insurance Portability and Accountability Act of 1996 and the regulations promulgated thereunder relating to the privacy and security of Protected Health Information, as such statute and regulations may be amended from time to time.
(g) HIPAA Rules. “HIPAA Rules” shall mean the Privacy, Security, Breach Notification, and Enforcement Rules at 45 CFR Part 160 and Part 164.
(h) HITECH. “HITECH” shall mean the Health Information Technology for Economic and Clinical Health Act, enacted as part of the American Recovery and Reinvestment Act of 2009, and the regulations promulgated thereunder relating to the privacy and security of Protected Health Information, as such statute and regulations may be amended from time to time.
(i) Individual. “Individual” shall have the same meaning as the term “individual” in 45 CFR § 160.103 and shall include a person who qualifies as a personal representative in accordance with 45 CFR § 164.502(g).
(j) Protected Health Information/Electronic Protected Health Information. “Protected Health Information” (or “PHI”) and “Electronic Protected Health Information” (or “Electronic PHI”) shall have the same meaning as the terms “protected health information” and “electronic protected health information,” respectively, in 45 CFR § 160.103, limited to the information created or received by Business Associate from or on behalf of Covered Entity.
(k) Public Health Activity. “Public Health Activity” shall mean the activities described in 45 CFR § 164.512(b).
(l) Public Health Authority. “Public Health Authority” shall have the same meaning as the term “public health authority” in 45 CFR § 164.103.
(m) Required By Law. “Required By Law” shall have the same meaning as the term “required by law” in 45 CFR § 164.103.
(n) Secretary. “Secretary” shall mean the Secretary of the Department of Health and Human Services or his or her designee.
(o) Subcontractor. “Subcontractor” shall have the same meaning as the term “subcontractor” in 45 CFR § 164.103.
2. Obligations And Activities Of Business Associate
(a) Business Associate will not use or disclose Protected Health Information other than as permitted or required by this Agreement or as Required By Law.
(b) Business Associate will develop, implement, maintain and use appropriate safeguards to prevent the use or disclosure of PHI other than as permitted or required by this Agreement or as Required by Law. Business Associate will develop, implement, maintain and use appropriate administrative, physical, and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability of the Electronic PHI that it creates, receives, maintains, or transmits on behalf of Covered Entity as required by the HIPAA Security Standards, the HITECH Act, and all other applicable laws, regulations and requirements published by a federal agency authorized to issue guidance under HIPAA or HITECH applicable to Business Associate.
(c) Business Associate agrees to ensure, through written agreements, that any Subcontractor to whom it provides PHI agrees to substantially the same restrictions and conditions that apply through this Agreement to Business Associate with respect to such information.
(d) Business Associate agrees to make any amendment(s) to PHI in a Designated Record Set as directed or agreed to by Covered Entity pursuant to 45 CFR § 164.526 or take other measures as necessary to satisfy Covered Entity’s obligations under 45 CFR § 164.526.
(e) Business Associate agrees to make internal practices, books and records relating to the use and disclosure of PHI available to the Secretary for purposes of determining Covered Entity’s compliance with the Privacy Rule.
(f) Business Associate agrees to maintain and make available the information required to provide an accounting of disclosures to Covered Entity as necessary to satisfy Covered Entity’s obligations under 45 CFR § 164.528.
(g) Business Associate shall not receive any remuneration in exchange for any PHI unless such remuneration is both: (i) permitted under HIPAA and HITECH; and (ii) authorized by Covered Entity in writing.
(h) Business Associate shall provide training to members of its workforce regarding the requirements in the Privacy and Security Standards. The training shall be updated periodically, as the laws and regulations evolve.
(i) Business Associate shall provide written notice to Covered Entity of any HIPAA Breach of unsecured PHI without unreasonable delay, but in any event, no more than five (5) business days after the discovery of such breach. Covered Entity, in its sole discretion, will determine which party shall be responsible for providing any notification to the patient, Secretary, or media that may be required under the HITECH Act. Business Associate shall be solely responsible for any costs and expenses incurred by Covered Entity and Business Associate related to a use or disclosure of PHI by Business Associate in violation of the requirements of this BAA. Business Associate shall mitigate, to the extent practicable, any harmful effect that is known to Business Associate of a use or disclosure of PHI by Business Associate in violation of the requirements of this BAA. To the extent known, Business Associate shall provide Covered Entity with the following information:
The identification of each individual whose PHI has been, or is reasonably believed by the Business Associate to have been, accessed, acquired or disclosed;
What happened, including the date of the breach and the date of discovery of the breach, if known;
the type of information involved;
any steps the affected individuals should take to protect themselves;
what the Business Associate is doing to investigate and mitigate the breach and protect against further breaches; and
information on how the Covered Entity can contact the Business Associate for more information or questions.
3. Permitted Uses And Disclosures By Business Associate
Except as otherwise limited in this Agreement, Business Associate may use or disclose Protected Health Information consistent with Covered Entity’s minimum necessary policies and procedures to:
(a) Perform services for, or on behalf of, the Individual, as specified in the services agreement between Covered Entity and Business Associate, except to the extent that such use or disclosure would violate the Privacy Rule if performed by Covered Entity;
(b) Perform its obligations under this Agreement, except to the extent that such use or disclosure would violate the Privacy Rule if performed by Covered Entity;
(c) Conduct activities for its own proper management and administration or carry out its own legal responsibilities, provided that any disclosure of PHI for such purpose shall be either: (i) Required By Law; or (ii) made after Business Associate obtains reasonable assurances from the recipient of the PHI that the PHI will be held confidentially and used and disclosed further only for the purpose for which it was disclosed to the recipient, and that the recipient will notify Business Associate of any instances of which it becomes aware that the confidentiality of the PHI has been breached. With regard to any such disclosure to a Subcontractor, Business Associate shall first enter into an agreement with the Subcontractor as described in Section 2(d) and, for a disclosure of Electronic PHI, require the a Subcontractor, to whom it provides the Electronic PHI to agree to implement reasonable and appropriate safeguards to protect such information;
(d) Provide data aggregation services, but only in order to analyze data for Covered Entity’s permitted health care operations, as permitted by 45 CFR § 164.504(e)(2)(i)(B); and
(e) Report violations of law in accordance with 45 CFR § 164.502(j)(1).
4. De Identified Information
Business Associate may create, use and disclose de-identified PHI if the de-identification is in compliance with 45 CFR §164.502(d), and any such de-identified PHI meets the standard and implementation specifications for de-identification under 45 CFR §164.514(a) and (b), as they may be amended from time to time.
5. Obligations Of Covered Entity
As between you and DictateMD, inc. Dba Crosby Health, all content on the Services, including its appearance and look and feel, is owned by DictateMD, inc. Dba Crosby Health unless otherwise expressly indicated through the Services. You acknowledge and agree that we and our licensors retain ownership of all intellectual property rights of any kind related to the Services, including applicable copyrights, trademarks and other proprietary rights. You may not modify, copy, distribute, transmit, display, perform or create derivative works from the content, information or material on the Services. Other product and company names that are mentioned on the Services may be trademarks of their respective owners. We reserve all rights that are not expressly granted to you under these Terms of Use. Any Crosby Health trademarks, trade dress, service marks or trade names that appear on the Services or are referenced through the Services are the property of Crosby Health and no license or other right to use such marks, names or dress shall be deemed granted to any User without the express written permission of Crosby Health.
(a) Provisions for Covered Entity to Inform Business Associate of Privacy Practices and Restrictions.
Covered Entity shall furnish Business Associate with its notice of privacy practices prepared in accordance with 45 CFR § 164.520 and of any modifications thereto that affect Business Associate’s obligations.
Covered Entity shall notify Business Associate of any changes in, or revocation of, permission by an Individual to use or disclose Protected Health Information, to the extent that such changes may affect Business Associate’s use or disclosure of PHI.
Covered Entity shall notify Business Associate of all types of accountings of disclosures that it may require Business Associate to provide under 45 CFR § 164.528 or Section 13405(c) of HITECH.
Covered Entity shall notify Business Associate of any restriction to the use or disclosure of PHI that Covered Entity has agreed to in accordance with 45 CFR § 164.522 or Section 13405(a) of HITECH to the extent that such restriction may affect Business Associate’s use or disclosure of PHI.
(b) Permissible Requests by Covered Entity. Covered Entity shall not request Business Associate to use or disclose PHI in any manner that would not be permissible under HIPAA or HITECH if done by Covered Entity. Covered Entity shall not request Business Associate to use or disclose more than the minimum PHI necessary.
6. Term And Termination
(a) Term. The term of this Agreement shall begin on the Effective Date above and shall terminate as provided elsewhere in this Agreement or when all of the Protected Health Information is destroyed or returned to Covered Entity or its designee, or, if it is infeasible to return or destroy PHI, when protections are extended to such information, in accordance with the termination provisions in this Section.
(b) Termination for Cause.
Business Associate authorizes termination of this Agreement by Covered Entity, if Covered Entity determines Business Associate has violated a material term of the Agreement and Business Associate has not cured the breach or ended the violation within the time specified by Covered Entity.
If Covered Entity knows of a pattern of activity or practice by Business Associate that constitutes a material breach or violation of Business Associate’s obligations under the Agreement, Covered Entity shall notify Business Associate of the breach and of the period during which Business Associate may take reasonable measures to cure the breach or end the violation. If Business Associate does not cure the breach or end the violation within that period, Covered Entity shall terminate this Agreement as soon as feasible.
(c) Obligations of Business Associate Upon Termination. Notwithstanding anything to the contrary contained herein, except as provided elsewhere in this Section 6(c), upon termination of this Agreement, for any reason, Business Associate will return or destroy all PHI received from Covered Entity or created or received by Business Associate on behalf of Covered Entity and will retain no copies of the PHI. This provision will apply to PHI that is in the possession of Subcontractors of Business Associate. If Business Associate determines that the return or destruction of PHI is not feasible, Business Associate shall so inform Covered Entity and Business Associate will extend the protections of this Agreement to the information and limit further uses and disclosures of the PHI to those purposes that make the return or destruction of the PHI infeasible, for so long as Business Associate maintains the PHI.
7. Indemnification
Each party (the “Indemnifying Party”) shall indemnify and hold the other party and its officers, directors, employees and agents (each an “Indemnified Party”) harmless from and against any claim, cause of action, liability, damage, cost or expense (“Liabilities”) to which the Indemnified Party becomes subject to as a result of third party claims (including reasonable attorneys’ fees and court or proceeding costs) brought against the Indemnified Party, and any costs or expenses (including reasonable attorneys’ and consulting fees) and penalties incurred by Indemnified Party in connection with any governmental investigation, audit, breach notification and remediation required by federal, state or local law, which arise as a result of: (i) the material breach of this Business Associate Agreement by the Indemnifying Party or its Subcontractors; or (ii) the gross negligence or willful misconduct of the Indemnifying Party, except to the extent such Liabilities were caused by the Indemnified Party. A party entitled to indemnification under this Section shall give prompt written notification to the Indemnifying Party of the commencement of any action, suit or proceeding relating to a third party claim or governmental investigation or audit for which Indemnification is sought, subject to applicable confidentiality constraints. This Section 7 shall survive termination of this Agreement.
8. Miscellaneous
(a) Regulatory References. A reference in this Agreement to a section in HIPAA or HITECH, as applicable, means the section as in effect or, as applicable, as it has been redesignated after execution of this Agreement.
(b) Amendment. The Parties agree to take such action as is necessary to amend this Agreement from time to time as is necessary for Covered Entity and Business Associate to comply with the requirements of HIPAA or HITECH, as each may be amended or construed by courts of applicable jurisdiction or the Secretary from time to time. All amendments to this Agreement, except those occurring by operation of law, shall be in writing and signed by both Parties.
(c) Survival. Any provision of this Agreement which contemplates performance or observance subsequent to any termination or expiration hereof or by its sense or context is intended to survive the termination or expiration hereof, including without limitation, Sections 2, 6(c) and 7, and shall survive any such termination or expiration and shall continue in full force and effect.
(d) Governing Law. This Agreement shall be governed and construed in accordance with the laws of the __State of Delaware___________________, without regard to conflict of law principles. Any legal action, suit or proceeding arising out of or relating to this Agreement or the breach thereof will be instituted in a federal or state court of competent jurisdiction in the __State of Delaware_________ and each Party hereby consents and submits to the personal jurisdiction of such court, waives any objection to venue in such court including any defense of forum non conveniens
(e) Interpretation. Any ambiguity in this Agreement shall be resolved to permit Covered Entity and Business Associate to comply with HIPAA and HITECH
(f) No Third Party Beneficiaries. Nothing express or implied in this Agreement is intended to confer, nor shall anything herein confer upon any person or Individual, other than Covered Entity, Business Associate and their respective successors or assigns, any rights, remedies, obligations or liabilities whatsoever.
(g) Assignment. No assignment of rights or obligations under this Agreement shall be made by either Party without the prior written consent of the other Party; provided however, that Business Associate may assign this Agreement to an affiliate.
(h) Effect on Agreement. Except as specifically required to implement the purposes of this Agreement, or to the extent inconsistent with this Agreement, all other terms of the underlying Services Agreement shall remain in force and effect.
(i) Headings/Counterparts. The descriptive headings of the sections of this Agreement are for convenience only and do not constitute a part of this Agreement. This Agreement may be executed in any number of counterparts, including facsimile or electronic copies, each of which shall be deemed to be an original and all such counterparts shall together constitute one and the same document.