Hold Harmless Agreement
Customer has requested MXR Imaging, Inc. (“MXR”) provide service on medical imaging equipment that may contain Protected Health Information (PHI) which may include but not be limited to patient demographic data, medical images, or clinical interpretations of patient exams. Additionally, equipment may be networked to software such as PACS which may contain such data. By allowing MXR to provide services, Customer agrees to the following conditions:
- Customer attests that equipment being serviced by MXR does not contain any PHI that has not been archived or backed up through a PACS or other solution.
- Customer attests that equipment being serviced by MXR is not being utilized as an archive for PHI, or hosts any other software/services critical to operating a PACS, or other business critical software.
- Customer understands any data stored on the equipment may already be lost or corrupted prior to MXR provided service, or could become lost or corrupted through the course of diagnosing and addressing issues with the Equipment.
- Customer understands and agrees MXR does not provide any services related to a PACS system other than setting up medical imaging equipment to communicate with a PACS, therefore MXR may not be held liable for any PACS related issues.
- Customer is responsible for ensuring virus protection software is installed throughout Customer’s organization computers to prevent malicious software from being installed directly on medical imaging equipment, or installed on other computers residing on Customer network which could spread and infect medical imaging equipment computers. Customer is also responsible for keeping virus protection software and definition files current. Additionally, Customer is responsible for making sure Computer operating systems have been updated with the latest security patches. Customer agrees MXR is not responsible for validating if these preventative measures have not been taken.
- Customer acknowledges Customer’s responsibility to ensure all data storage meets the Health Insurance Portability and Accountability Act (HIPAA) requirements for protected health information (PHI) and subsequently acknowledges this product does not contain a Data Backup or Disaster Recovery solution as defined by HIPAA – Security Standards for the Protection of Electronic PHI. (see - https://www.hhs.gov/hipaa/for-professionals/index.html).
MXR is willing to provide the requested services under these conditions. However, Customer assumes liability and shall indemnify and hold harmless MXR for any damages, whether direct, indirect, consequential, special, or incidental, including any costs of litigation (e.g., attorney’s fees, discovery costs, etc.), resulting from any occurrence arising in connection with the requested services performed under these conditions, except for damages resulting from MXR’s sole negligence. At the request of MXR, Customer shall provide MXR , at Customer’s cost, with a legal defense for any third-party claim against MXR for damages that Customer is liable for under the previous sentence.
F722-07 | Hold Harmless Agreement | Rev. A | Remit to: OPS | Effective: 10-30-2023
Customer has requested MXR Imaging, Inc. (“MXR”) provide service on medical imaging equipment that may contain Protected Health Information (PHI) which may include but not be limited to patient demographic data, medical images, or clinical interpretations of patient exams. Additionally, equipment may be networked to software such as PACS which may contain such data. By allowing MXR to provide services, Customer agrees to the following conditions:
- Customer attests that equipment being serviced by MXR does not contain any PHI that has not been archived or backed up through a PACS or other solution.
- Customer attests that equipment being serviced by MXR is not being utilized as an archive for PHI, or hosts any other software/services critical to operating a PACS, or other business critical software.
- Customer understands any data stored on the equipment may already be lost or corrupted prior to MXR provided service, or could become lost or corrupted through the course of diagnosing and addressing issues with the Equipment.
- Customer understands and agrees MXR does not provide any services related to a PACS system other than setting up medical imaging equipment to communicate with a PACS, therefore MXR may not be held liable for any PACS related issues.
- Customer is responsible for ensuring virus protection software is installed throughout Customer’s organization computers to prevent malicious software from being installed directly on medical imaging equipment, or installed on other computers residing on Customer network which could spread and infect medical imaging equipment computers. Customer is also responsible for keeping virus protection software and definition files current. Additionally, Customer is responsible for making sure Computer operating systems have been updated with the latest security patches. Customer agrees MXR is not responsible for validating if these preventative measures have not been taken.
- Customer acknowledges Customer’s responsibility to ensure all data storage meets the Health Insurance Portability and Accountability Act (HIPAA) requirements for protected health information (PHI) and subsequently acknowledges this product does not contain a Data Backup or Disaster Recovery solution as defined by HIPAA – Security Standards for the Protection of Electronic PHI. (see - https://www.hhs.gov/hipaa/for-professionals/index.html).
MXR is willing to provide the requested services under these conditions. However, Customer assumes liability and shall indemnify and hold harmless MXR for any damages, whether direct, indirect, consequential, special, or incidental, including any costs of litigation (e.g., attorney’s fees, discovery costs, etc.), resulting from any occurrence arising in connection with the requested services performed under these conditions, except for damages resulting from MXR’s sole negligence. At the request of MXR, Customer shall provide MXR , at Customer’s cost, with a legal defense for any third-party claim against MXR for damages that Customer is liable for under the previous sentence.
F722-07 | Hold Harmless Agreement | Rev. A | Remit to: OPS | Effective: 10-30-2023