The CPP is incorporated into Agreement between Customer and GeoAudit Inc..
This CPP is applicable as of September 22, 2021, and is applicable until a new version of the CPP is published by GeoAudit Inc. and Customer is provided with notice in accordance with Agreement between Customer and GeoAudit Inc..
This CPP is version CPP:1.0.0, for reference.
Private Health Information Confidentiality.
GeoAudit Inc. covenants and agrees not to use or further disclose the Customer Information other than as permitted or required to carry out its obligations pursuant to this Agreement or as required by law;
To use reasonable safeguards to prevent use or disclosure of the Customer’s information other than as provided in this Agreement; To report to the Customer any use or disclosure of the Customer’s information not provided by this Agreement of which it becomes aware;
To ensure that any agents, including subcontractors, to whom GeoAudit Inc. provides private health information (PHI) received from, or created or received by GeoAudit Inc. on behalf of the Customer, agrees to the same restrictions and conditions that apply to GeoAudit Inc. with respect to such information;
To make available PHI in accordance with legislative requirements for access of individuals to PHI;
To comply with all applicable legislation governing the confidentiality of Customer’s data;
To make available the information required to provide an accounting of disclosures in accordance with legislative requirements for accounting of disclosures of PHI;
To make its internal practices, books and records relating to the use and disclosure of PHI received from or created or received by GeoAudit Inc. on behalf of the Customer, available for purposes of determining GeoAudit Inc.’s compliance with its obligations pursuant to this section.
On termination of this Agreement, to destroy PHI received from, or created or received by GeoAudit Inc. on behalf of the Customer that GeoAudit Inc. still maintains in any form and GeoAudit Inc. covenants that it shall retain no copies of such information, or, if such destruction is not feasible, to extend the protections of this Agreement to the information and limit further uses and disclosure to those purposes that make the destruction of the information unfeasible.
GeoAudit Inc. agrees not to disclose to any third party any information concerning the Customer’s specific operations, Customers, or patients except as expressly authorized in CPP and Agreement.
Personally identifiable data is governed by the BAA, IMA or other similar agreement with Customer.
No rights or licenses are granted except as expressly set forth in Agreement.
Aggregate Usage Data.
GeoAudit Inc. may use aggregate data, including deidentified, anonymized or pseudo-anonymized information, collected by GeoAudit Inc. with respect to Customer’s and Users’ access to and use of the Services and derivative data, without the prior written consent of Customer or Users including: (i) use such information and data to improve and enhance the Services and for other development, diagnostic and corrective purposes in connection with the Services and other GeoAudit Inc. offerings and other legitimate business purposes; and (ii) disclose such data solely in aggregate or other de-identified form in connection with its business.
Industry Related Data
GeoAudit Inc. may use industry related data, including deidentified, anonymized or pseudo-anonymized information, collected by GeoAudit Inc. with respect to Customer’s and Users’ access to and use of the Services and derivative data, without the prior written consent of Customer or Users including: the use and disclosure to optimize supply chain availability, demand forecasting, trend insights, market data, and product usage statistic. GeoAudit Inc. will not disclose or supply Customer’s user or contact lists, product costs or proprietary financial information to any partner or third-party.