1. Acceptance
These Terms of Service ("Terms") govern access to and use of MRM — Medical Record Management ("MRM"), operated by NXiOne ([NXiONE LEGAL ENTITY, INC.]). By accessing or using MRM, you agree to these Terms on behalf of yourself and the organization you represent. If you do not agree, do not use MRM.
Where a signed master agreement or order form exists between NXiOne and your organization, that agreement controls over any conflicting term here.
2. Accounts & eligibility
- Accounts are for covered entities, business associates, and their authorized workforce members. You must provide accurate information and keep your credentials confidential.
- Access uses multi-factor (TOTP) authentication; you are responsible for activity under your account.
- Notify us promptly of any unauthorized use.
3. Acceptable use
You agree not to: (a) access data you are not authorized to access; (b) upload unlawful content or content you lack the right to provide; (c) attempt to breach, probe, or disrupt the service or its security; (d) reverse engineer or copy the software except as permitted by law; (e) use the service to violate any law or third party's rights; or (f) use MRM to build a competing product.
4. Customer data & responsibilities
As between the parties, your organization owns the data it submits ("Customer Data") and grants us the rights needed to process it to provide the service. You are responsible for the accuracy and lawfulness of Customer Data and for having the authority and legal basis to submit it — including any notices, consents, subpoenas, authorizations, or agreements required by law.
MRM is designed to support your compliance with the HIPAA Privacy, Security, and Breach Notification Rules (45 CFR Parts 160 and 164) and the HITECH Act. A Business Associate Agreement governs our handling of PHI and takes precedence over any conflicting term in these documents.
Where California patients are involved, PHI is also handled consistent with the Confidentiality of Medical Information Act (Civil Code §56 et seq.). MRM does not use or disclose PHI except as permitted by the BAA, required by law, or directed by your organization.
5. Intellectual property
MRM, including its software, design, and content (excluding Customer Data), is owned by NXiOne and its licensors and is protected by law. We grant you a limited, non-exclusive, non-transferable, revocable right to use MRM per these Terms. No other rights are granted.
6. Third-party services
MRM integrates third-party services (see the Privacy Policy for the current list). Your use of those integrations may be subject to the third party's own terms, and we are not responsible for third-party services.
7. Disclaimers
MRM IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT.
Compliance responsibility. MRM is a tool that supports HIPAA compliance under a Business Associate Agreement; it does not, by itself, make your organization compliant. You remain responsible for your own policies, workforce training, and lawful use of PHI.
8. Limitation of liability
TO THE MAXIMUM EXTENT PERMITTED BY LAW, NXIONE WILL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, OR LOST PROFITS OR DATA. OUR TOTAL LIABILITY FOR ANY CLAIM ARISING FROM MRM WILL NOT EXCEED THE AMOUNTS PAID FOR MRM IN THE 12 MONTHS BEFORE THE CLAIM (OR, WHERE NO FEES WERE PAID, [US$100]). Some jurisdictions do not allow certain limitations, so some of the above may not apply to you.
9. Indemnification
You will defend and indemnify NXiOne against claims arising from your Customer Data, your use of MRM in violation of these Terms or law, or your infringement of a third party's rights, except to the extent caused by NXiOne.
10. Term & termination
These Terms apply while you use MRM. We may suspend or terminate access for violation of these Terms, to comply with law, or to protect the service. On termination, your right to use MRM ends; data handling on termination follows the Privacy Policy and any applicable data-processing terms.
11. Governing law
These Terms are governed by the laws of the State of California, without regard to conflict-of-laws rules, and the state and federal courts located in [County], California have exclusive jurisdiction, except where a signed master agreement provides otherwise.
12. Changes & contact
We may update these Terms; material changes will be dated and, where appropriate, notified. Continued use after changes take effect means you accept them. Questions: legal@nxione.com.