Laserfiche WebLink
�VUILy251'� �PJ%1P1(igl <br />INFORMATION EXCHANGE AGREEMENT <br />DATFA To the extent that either party receives Information Assets in the possession of the other party, the <br />provisions set forth below apply. <br />DEFINITIONS <br />Disclosingparty means the party who transfers their Information Assets to the other party for the <br />purposes outlined in this Agreement. The Disclosing party is the owner of the Information Assets <br />being transferred, unless such ownership is contractually released. <br />25 <br />Receiving party means the party who receives the Information Assets needed in order to perform this <br />Agreement. The party receiving and/or storing the transferred Information Assets is the custodian of <br />the Information Assets while in the possession of the Information Assets. <br />Information Assets means any hardware, software or network components that contain or are <br />used to process, manage or store information necessary to the operation of either party. in <br />addition all data, including electronic files and records, and that found on paper or other <br />storage media. <br />PROVISIONS <br />Use Limitations. Any Information Assets of the Disclosing party will not be used by the Receiving <br />party for any purpose, except as set forth in this Agreement or otherwise required by law. <br />Non -Disclosure. Each party agrees not to disclose Information Assets to any of its employees except <br />employees who need the Information Assets for the purposes described in this Agreement. Each <br />party further agrees not to disclose Information Assets to any third party unless such third party has a <br />signed non -disclosure agreement regarding the Information Assets whose terms are equivalent to, or <br />stricter than, the terms of this section. Each party shall take all reasonable and necessary steps to <br />prevent unauthorized disclosure of the Information Assets. <br />Protection. Each party agrees that it shall, as a minimum, use the same degree of care to protect the <br />confidentiality of the Information Assets that it uses to protect its own information assets. <br />Electronic Protected Health Information. Each party agrees to implement administrative, physical, <br />and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and <br />availability of the electronic protected health information (EPHI) that it creates, receives, maintains, <br />or transmits on behalf of the other party as required by federal HIPAA regulations. Each party <br />further agrees to ensure that any agent, including a subcontractor, to whom it provides such <br />information, agrees to implement reasonable and appropriate safeguards to protect EPHI; <br />Notification &Remedy. The Receiving party agrees to notify the Disclosing party in writing when <br />it becomes aware of any unauthorized disclosure, modification or destruction of Information Assets <br />by the Receiving party, its officers, directors, employees, contractors, agents or third parties. The <br />Receiving party shall make this notification promptly upon becoming aware of such disclosure, <br />modification or destruction, but in any event, not later than four working days after becoming aware <br />of the unauthorized disclosure, modification or destruction. After such notification, the Receiving <br />party agrees to cooperate reasonably (at the Receiving party's expense) with the Disclosing party to <br />PERSOlA0041 (08-2008) Page 1 of 3 Effective 8/27/2008 <br />