This Terms of Service (ToS) offered by TeleHealth IT provides the Customer certain rights and remedies regarding service offerings for the dedicated hosting environment (as defined below).
1. ADMINISTRATIVE ACCESS
Administrative or “root” access, known as Super User Privileges, to the server is limited to employees of TeleHealth IT and/or their authorized agents. Customer who require Super User Privileges are required to sign a security document before Super User Privileges are granted. For managed servers, TeleHealth IT reserves the right to require, at their discretion, software and/or hardware upgrades for the purposes of maintaining security and stability of the services provided. The cost of such upgrades shall be set by TeleHealth IT and paid by the Customer.
2. HARDWARE AND SOFTWARE CONFIGURATIONS
All managed servers must use hardware and software configurations that conform to TeleHealth IT requirements. Use of any particular hardware or software configuration may be declined at the sole discretion of TeleHealth IT.
3. USER CONDUCT
The Customer agrees to use the services and servers furnished by TeleHealth IT as allowed by applicable Local, State, Federal, and International laws. Transmission of any material in violation of any International, Federal, State or Local regulation is strictly prohibited. This includes, but is not limited to, materials covered in TeleHealth IT Acceptable Use Policy (AUP).
4. ECPA NOTICE
TeleHealth IT reserves the right to monitor any and all communications through or with our facilities. Customer agrees that TeleHealth IT is not considered a “secure communications medium” for the purposes of the ECPA (Electronic Communications Privacy Act of 1986) and no expectation of privacy is afforded.
5. NO INTERFERENCE WITH OPERATION OF SYSTEM
Customer agrees not to maliciously or intentionally interfere with the proper operation of the server and network, including but not limited to defeating identification procedures, obtaining access beyond that which Customer is authorized for, and impairing the availability, reliability, or quality of service for other Customers. Customer further agrees not to interfere with the proper operation of other systems reachable through the Internet, including any attempt at unauthorized access. Customer agrees to follow the Acceptable Use Policy of any network or service to which Customer connects.
Customer agrees to adhere to system policies as published online or otherwise made available by TeleHealth IT, including restrictions on services available, restrictions on certain features, and all other policies designed to protect and enhance the quality and reliability of service at TeleHealth IT. Customer agrees to abide by any and all future policy decisions by TeleHealth IT.
TeleHealth IT warrants that in providing services to Customer, TeleHealth IT complies fully with all local, state and federal requirements regarding the security and protection of Customer’s data and information, and consistently uses its best efforts to maintain the security of its servers. Notwithstanding such best efforts, no provider of such services, including TeleHealth IT, can guarantee that a Customer’s given server cannot be misused, or wrongfully accessed by Customer’s employees or others. This is true whether Customer chooses to retain the services offered by TeleHealth IT, or elects to use such services through another provider.
Further, TeleHealth IT cannot and does not guarantee that no acts of theft, sabotage or unlawful access can occur by Customer’s employees or third parties. Customer understands and acknowledges that, other than as stated herein, TeleHealth IT makes no warranties or guarantees regarding the security of its services, nor regarding any damages that may allegedly be caused by such breach of security or other wrongdoing by Customer, its employees and related third parties. Customer is fully responsible for the misuse or unlawful use of the services being provided by TeleHealth IT to the extent that such unlawful or misuse of TeleHealth IT servers is undertaken by the Customer, its employees and/or related third parties.
Customer agrees to immediately notify TeleHealth IT in writing if Customer becomes aware of any breaches or misuses of a TeleHealth IT’ server. Customer further agrees that if any security breach or misuse occurs, TeleHealth IT has the right to suspend Customer’s access to the server pending an investigation and resolution. In addition, Customer acknowledges that TeleHealth IT has the right and obligation to cooperate in any government or other legal investigation regarding Customer’s use of TeleHealth IT’ servers, including any of the managed servers used by Customer. Any use of TeleHealth IT’ system to engage in software piracy, or in any other violations of law, will result in the immediate suspension of services by TeleHealth IT, and notification to appropriate law authorities.
7. SENSITIVE DATA
If sensitive data will reside on the server either temporarily or permanently, the Customer agrees to notify TeleHealth IT in writing as soon as the Customer is aware of the sensitive data residing on their server. Sensitive data includes, but is not limited to, data which requires regulatory compliance such as HIPAA, PCI DSS, SOX, GLBA, and FISMA. Examples of sensitive data include electronic Protected Health Information (ePHI), credit card numbers, social security numbers, and financial records.
If TeleHealth IT is providing managed services for the Customer and if the Customer’s server(s) will contain any sensitive data, TeleHealth IT and Customer may have to enter into an additional agreement, which defines accountability for properly protecting the Customer’s server according to industry standards for information security.
8. HOSTING OF DATA
TeleHealth IT will charge the customer for disk space, as needed. The customer pre-approves the addition of disk space charges by TeleHealth IT. The customer will be notified upon these changes.
9. BACKUP OF DATA
Self-Managed Backups: If Customer opts to manage their own backups instead of using TeleHealth IT managed backup services, then Customer’s use of the backup server and service is at Customer’s sole risk. TeleHealth IT is not responsible for files and data residing on Customer’s server. Customer agrees to take full responsibility for files and data transferred and to maintain all appropriate backup of files and data stored on server.
Managed Backups: If the Customer opts for managed backup services, then TeleHealth IT is responsible for managing the backups on the Customer’s behalf; however, it is the Customer’s responsibility to ensure ePHI data is preserved for a minimum of seven years. If the Customer is deleting the ePHI data instead of preserving it, then they shall inform TeleHealth IT in writing at which point TeleHealth IT will then archive backups to preserve the data. The archives will consume more disk space, and TeleHealth IT will charge the customer for the disk space as needed. The customer pre-approves the addition of disk space charges by TeleHealth IT.
10. TRANSMISSION OF MATERIALS
Customer agrees not to transmit unsolicited or prohibited advertising or other harassing or illegal materials through electronic mail or Internet media. The use of TeleHealth IT or any other service with reference to services obtained through TeleHealth IT, for unsolicited mass mailings, postings, or other activities considered an annoyance to others, commonly referred to as “spamming,” is strictly prohibited and may cause Customer’s services to be terminated immediately and without warning. Customer will be held fully responsible for any damages to Customer, TeleHealth IT, or any other party or parties resulting from any such conduct.
11. CLIENT SUPPORT
For service-level impacting issues support is available 24/7. For non-service-level impacting issues and requests, 12 hours of standard, working-hours support is available per month. Additional support past the 12 hours per month requires management review and extra fees may apply (customer will be advised prior to imposing these such fees).