Item
9.01 Financial Statements and Exhibits.
(d)
Exhibits.
Exhibit
No. Description
|
Exhibit No.
|
Description
|
|
99.1
|
Remote
Monitoring Services Agreement signed September 24, 2020
|
|
99.2
|
Press Release dated September 25, 2020
|
REMOTE
MONITORING SERVICES AGREEMENT
This
Remote Monitoring Services Agreement (“Agreement”) is made by and between NuGenHealth, LLC an Arizona Limited Liability
Company, with an address of 11209 N. Tatum Blvd., Suite 180, Phoenix, AZ 85028 (hereinafter “NGH”) and Paradise
Valley Family Medicine, P.C. an Arizona professional corporation, with an address of 11209 N. Tatum Blvd., Suite 180, Phoenix,
AZ, 85028. (hereinafter “Client”) and is effective as of undersigned date (“Effective Date”).
RECITALS
WHEREAS,
Client is an Arizona professional corporation who engages medical providers who are duly licenses in Arizona.
WHEREAS,
NGH is an Arizona Limited Liability Company, a subsidiary of Generex Biotechnology Corporation, a publicly traded company, and
is engaged to provide a software and services solution for physicians and medical practices for the purpose of providing the Connected
Care Solutions (“CCS”) for patient engagement and more specifically, Remote Patient Monitoring “RPM” and
Chronic Care Management “CCM” (where all such capitalized terms are defined and described in detail herein below).
WHEREAS,
Client desires to retain the suite of services described in the preceding Recital and herein below in more detail, and Client
desires to engage NGH to perform such services on the terms and conditions hereinafter set forth.
WHEREAS,
the parties hereto understand, acknowledge and agree that the scope of this Agreement and the subject matter herein relates solely
to NGH’s rendering the RPM and CCS services, and NGH shall not be engaged herein to provide any other services.
NOW,
THEREFORE, in consideration of the foregoing premises, and the mutual covenants hereinafter stated, NGH and Client agree as
follows:
The
Recitals provided herein above are incorporated herein by this reference as if restated herein again in full.
I.
SERVICES
A.
Services. During the Term of this Agreement, NGH will provide to Client, upon the terms and conditions of this Agreement
and in consideration for the Fees (as defined in Exhibit A), the services as set forth on Exhibit A
attached hereto and made a part hereof (the “Services”).
B.
Representations by Client. Client hereby warrants and represents as follows:
1.
Duly Licensed: Client’s providers are is duly licensed, as applicable, to practice medicine or as a physician assistant
or nurse practitioner, as the case may be, in the State of Arizona or in any state they intend to practice medicine.
2.
Compliance with Rules and Regulations, Policies and Procedures: Client shall comply with NGH’s rules, regulations, policies,
and procedures (the “Compliance Policies and Procedures”) during the Term for all periods of time such are in force.
3.
NGH Exclusive Provider of Services: During the Term of this Agreement, Client agrees to use NGH as the exclusive provider
of the Services.
II.
TERM. Client’s engagement hereunder shall commence as of the Effective Date, and shall continue for a term of
three (3) year, unless terminated earlier as set forth below (“Term”). This Agreement shall be extended to
additional term(s) upon mutual written agreement of the parties.
III. TERMINATION.
A. For
Cause Termination. Either party may terminate the Agreement at any time prior to the expiration of the Term of this Agreement
in the event of a breach of or failure to comply with any provision or covenant herein by the other party in this Agreement, which
breach or failure to comply is not cured to the reasonable satisfaction of the non-breaching party within ten (10) business days
after written notice thereof by the non-breaching party to the breaching party. Upon termination, NGH’s Fee shall be paid
out up until the Termination date, subject to offsets in the case where NGH is the breaching party.
B. Without
Cause Termination. Either party may terminate the Agreement at any time prior to the expiration of the Term of this Agreement
by providing the other party sixty (60) days’ written notice in advance. During such 60-day period, the for cause provisions
of the preceding section III.A shall not be waived. Upon termination, NGH’s Fee shall be paid out up until the Termination
date.
IV.
FEES. NGH shall be paid the Fees as set forth in Exhibit A.
V.
SERVICES, DUTIES AND OBLIGATIONS OF CLIENT
A.
Good Community Standing. At all times during the Term of the Agreement, both parties shall be of high repute and good
standing in the community served by NGH and Client.
B.
Credentialing. At all times during the Term of this Agreement, Client shall comply with all credentialing, quality,
and efficiency criteria as may be adopted from time to time by the State of Arizona and or the US Federal Government Agencies
with oversight to these types of health care programs.
C.
Insurability Requirements. Client shall satisfy all conditions for insurability under professional liability policies,
as described herein, and, upon request, shall promptly provide (or Consent to disclosure to the person requesting the information)
information requested by NGH.
D.
Billing Procedures. Client shall follow applicable state and/or federal policies and procedures for charting, coding,
and billing, along with those specific items outlined in Exhibit B (the “Billing Policies and Procedures”).
E.
Client Obligations. Client shall provide the duties as set forth in Exhibit A.
VI.
AUTHORITY OF NGH TO DISCLOSE INFORMATION
A. Disclosure
of information. As relates to any patient who has used the RPM or CCM services of NGH, Client agrees to inform NGH of any
claim of malpractice committed by Client and any investigation and/or disciplinary action involving Client.
B.
Health Insurance Portability and Accountability Act of 1996 and the Health Information Technology for Economic and Clinical
Health Act (“HIPAA”). NGH recognizes that the Client is a “covered entity” and NGH is a “business
associate” are such phrases are defined by HIPAA and that, in the performance of Services hereunder, NGH will have access
to the Client’s patients’ “protected health information,” as such phrase is defined by HIPAA. The parties,
therefore, agree to execute a Business Associate Agreement in the form set forth on Exhibit “C,” which
is attached hereto and incorporated by reference. NGH agrees to perform its Services involving any “protected health information”
in accordance with such Business Associate Agreement.
C. Authorized
Disclosure. Client, on the one hand, and NGH, on the other hand, hereby authorizes the other to obtain information related
to the Client or NGH from a regulatory, hospital peer review or quality assurance group, committee or agency of all reports, records
and other information pertaining to the applicable.
VII.
OWNERSHIP OF SOFTWARE AND RECORDS; AND OTHERS COVENANTS
A.
Records. Client shall own the medical and financial records as relates to its patients. NGH may obtain copies of such
records in order to comply with a court order or court issued subpoena directed to NGH or for any other legal compliance purpose.
B. Confidentiality.
1.
ACCESS TO CLIENT MATERIALS. CLIENT AGREES AND UNDERSTANDS THAT TO PERFORM THE SERVICES, CLIENT WILL NEED TO MAKE AVAILABLE
TO NGH ACCESS TO CERTAIN CLIENT MATERIALS upon request.
2. PATIENTS.
Client agrees and understands that, except as otherwise required by law, a patient’s account (defined below) with NGH will
only be available to such patient so long as (a) the individual remains a patient of Client; (b) Client approves the patient’s
enrollment in and ongoing use of the Services; (c) the patient signs (electronically or otherwise) that certain authorization
form made available to the patient through the application (defined below) for access to the Services; and (d) the patient complies
with the application terms as made available to such patient. Client agrees that Client will, to the extent able to, promptly
disable a patient’s account upon such patient’s request. For the purposes of this subsection 2 and this Agreement,
“patient’s account” means…… and “application” means….
3.
“Confidential Information“ means all information, subject to the exceptions mentioned herein, disclosed before
or after the date of this Agreement in written or oral format by the Disclosing Party, and, if disclosed orally, summarized in
written format within 7 days of disclosure. “Disclosing Party” is the party disclosing Confidential Information. “Receiving
Party” is the party receiving Confidential Information from the Disclosing Party. The Receiving Party shall only disclose
the Confidential Information to persons in the direct employ of the Receiving Party who have a need to have access to and knowledge
of the Confidential Information solely for the purposes of fulfilling the Receiving Party’s obligations in this Agreement,
and only so long as persons agree to abide by these confidentiality terms. Each party shall take appropriate measures by instruction
and agreement prior to disclosure to such employees to assure against unauthorized use or disclosure. The Receiving Party shall
have no obligation with respect to information which (i) was rightfully in possession of or known to the Receiving Party without
any obligation of confidentiality prior to receiving it from the Disclosing Party; (ii) is, or subsequently becomes, legally and
publicly available without breach of this Agreement; (iii) is rightfully obtained by the Receiving Party from a source other than
the Disclosing Party without any obligation of confidentiality; (iv) is disclosed by the Receiving Party under a valid order created
by a court or government agency, provided that the Receiving Party provides prior written notice to the Disclosing Party of such
obligation and the opportunity to oppose such disclosure. Upon written demand of the Disclosing Party, the Receiving Party shall
cease using the Confidential Information and return the Confidential Information and all copies, notes, summaries or extracts
thereof to the Disclosing Party within three (3) days of receipt of notice.
C. Non-Disparagement.
During the term of this Agreement, and at all times subsequent thereto, Client and NGH shall maintain a professional relationship
and shall conduct themselves with office staff, personnel and other third parties with whom they come into contact, whether directly
or indirectly, in a professional manner and specifically agree not to disparage one another or otherwise discuss internal matters
of any kind with any third party other than their attorneys or accountants. This is a material provision of this Agreement.
D.
NGH DOCUMENTATION, TRADEMARKS, AND COPYRIGHTS. CLIENT ACKNOWLEDGES AND AGREES THAT ALL CONTENT ON THE APPLICATION (INCLUDING,
WITHOUT LIMITATION, TEXT, IMAGES, USER INTERFACES, VISUAL INTERFACES, GRAPHICS, TRADEMARKS, LOGOS, SOUNDS, SOURCE CODE AND COMPUTER
CODE, INCLUDING BUT NOT LIMITED TO THE DESIGN, STRUCTURE, SELECTION, COORDINATION, EXPRESSION, ‘LOOK AND FEEL’ AND
ARRANGEMENT THEREOF) AND THE DOCUMENTATION IS THE EXCLUSIVE PROPERTY OF AND OWNED BY NGH OR ITS LICENSORS AND IS PROTECTED BY
INTELLECTUAL PROPERTY RIGHTS AND UNFAIR COMPETITION LAWS. THESE MARKS AND COPYRIGHTS MAY NOT BE COPIED, IMITATED, CHANGED OR USED,
IN WHOLE OR IN PART, WITHOUT THE EXPRESS PRIOR WRITTEN PERMISSION FROM THEIR RESPECTIVE OWNERS, AND THEN WITH THE PROPER ACKNOWLEDGMENTS.
NOTHING ON OR IN THE LICENSED MATERIALS WILL BE CONSTRUED AS GRANTING, BY IMPLICATION, ESTOPPEL, OR OTHERWISE, ANY LICENSE OR
RIGHT TO USE ANY TRADEMARK, LOGO, OR SERVICE MARK DISPLAYED ON THE LICENSED MATERIALS WITHOUT THE OWNER’S PRIOR WRITTEN
PERMISSION, EXCEPT AS OTHERWISE DESCRIBED IN THESE MASTER TERMS.
E.
NGH Third Party Software. Use of the Application may require a license to and use of third party products (“Third Party
Products”), including, for example, an electronic medical system or health information exchange. All such Third Party Products
are licensed to Client subject to the terms and conditions of an end user license agreement (“Third Party EULA”).
NGH does not control, endorse, or accept responsibility for Third Party Products. Any and all agreements, services, or transactions
between Client and such third party in connection with the Third Party Products, including but not limited to such third party’s
privacy policies, delivery of services, and any other terms, conditions, warranties, or representations associated with such agreements,
services, or transactions, are solely between Client and such third party. To the extent available to NGH and within NGH’s
control, Client will have the right to review the Third Party EULA for any Third Party Products upon request and prior to executing
the applicable Sales Order. Unless otherwise expressly provided in the Sales Order, Client will be solely responsible for all
costs and license fees associated with such Third Party Products.
F.
NGH USAGE DATA. THE APPLICATION MAY, FROM TIME TO TIME, AUTOMATICALLY REPORT BACK INFORMATION TO NGH’S SERVERS RELATED
TO USAGE OF THE APPLICATION AND OTHER LICENSED MATERIALS, WITHOUT NOTICE TO CLIENT (“USAGE DATA”). USAGE DATA MAY
BE USED BY NGH SOLELY TO ACCOMPLISH ITS SERVICES HEREUNDER AND FOR NO OTHER REASON.
H.
LIMITATION OF LIABILITY. THE PARTIES AGREE AS FOLLOWS: UNDER NO CIRCUMSTANCES SHALL EITHER PARTY BE LIABLE TO THE OTHER PARTY
FOR INDIRECT, INCIDENTAL, CONSEQUENTIAL, SPECIAL OR EXEMPLARY DAMAGES (EVEN IF SUCH DAMAGES ARE FORESEEABLE AND WHETHER OR NOT
PARTICIPANT HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES) ARISING FROM ANY ASPECT OF THIS AGREEMENT AND CONTRACTUAL RELATIONSHIP
ESTABLISHED HEREIN.
VIII.
SEVERABLE PROVISIONS. The provisions of this Agreement are severable, and if any one or more provisions may be determined
to be illegal or otherwise unenforceable, in whole or in part, the remaining provisions and any partially unenforceable provisions
to the extent enforceable shall nevertheless be binding and enforceable.
IX. INDEMNIFICATION.
Each Party hereby indemnifies, defends, and holds the other Party, its affiliates and any shareholders, officers, Clients, agents
and legal representatives harmless from and against any and all loss, cost, damage, expense or liability (including legal fees)
incurred by any of them arising from or connected to any and all claims, demands, actions, or causes of action arising from or
connected to (i) its own violation of any federal, state or local healthcare fraud and abuse laws, regulations or rules; (ii)
its own violation of any federal, state or local laws and regulations; and, (iii) any of its own breaches of any agreement, including
this Agreement.
X.
PROFESSIONAL LIABILITY INSURANCE. During the Term of this Agreement, Malpractice coverage must be maintained the Client in
accordance with all applicable state laws.
XI.
WAIVER: No modification of or amendment to this Agreement shall be effective unless in writing and signed by the parties.
No waiver shall be effective unless in writing and executed by the party against whom enforcement of the waiver is sought.
XII.
ATTORNEY'S FEES: In any action at law or in equity to enforce any of the provisions or rights under this Agreement, the unsuccessful
party to such litigation, as determined by the Court in a final judgment or decree, shall pay the successful party all costs,
expenses and reasonable attorney's fees, as set by the Court and not by a jury, incurred by the Successful party (including, without
limitation, costs, expenses and fees on any appeal).
XIII.
REGULATORY COMPLIANCE: it is the intent of the parties that this Agreement comply in all respects with all applicable federal,
state and local laws, regulations, rules and interpretive case decisions, and the parties have structured their relationship with
that specific intent. However, each party understands that such laws, regulations and case decisions are Complicated and a state
of flux. Therefore, in the event that any provision of this Agreement is rendered invalid or unenforceable by a court of competent
jurisdiction, or the applicable laws and regulations are altered by any legislative or regulatory body, or either party notifies
the other party in Writing of its reasonable belief that this Agreement or any of its provisions may be declared null, void, unenforceable,
or in violation of applicable laws or regulations, the remaining provisions, if any, of this Agreement shall nevertheless continue
in full force and effect.
XIV. OTHER
UNDERSTANDINGS. This Agreement contains the entire agreement between the parties with respect to the subject matter of this
Agreement. The Agreement supersedes all prior understanding, agreements, or representations. Further, this Agreement may be modified
only by a writing executed by both Client and NGH.
XV. JURISDICTION
AND VENUE. This Agreement is to be construed pursuant to the laws of the State of Arizona. Client agrees to submit to the
jurisdiction and venue of any court of competent jurisdiction in Maricopa County, Arizona without regard to conflict of laws provisions,
for any claim arising out of this Agreement.
XVI. ASSUMPTION
OF OBLIGATIONS. Generex Biotechnology Corporation, a publicly traded company, by its signature hereto, agrees to be bound to the
provisions of this Agreement that require indemnification and legal compliance of NGH.
IN
WITNESS WHEREOF, the undersigned have executed this Agreement as of the date set forth below.
|
NuGenHealth, LLC
|
Paradise Valley Family
Medicine, P.C.
|
|
NGH
|
Client
|
|
|
|
|
Signed: /s/ Joseph Moscato
|
Signed: /s/ Warren Johnson
|
|
Print: Joseph Moscato
|
Print Warren Johnson MD, Ph.D.
|
|
Title: President/CEO
|
Title: Vice President
|
|
Date: September 24, 2020
|
Date:
September 24, 2020
|
Generex
Biotechnology Corporation, a Delaware corporation
Signed:
/s/ Joseph Moscato
Print:
Joseph Moscato
Title:
President/CEO
Date:
September 24, 2020
EXHIBIT
A
FEES
AND SERVICES; AND CLIENT DUTIES
|
|
1.
|
For
the 1st year Term, NGH will provide an Invoice to Client every month with
Patients processed and eligible for reimbursement. The invoiced amounts are to be as
laid out in Exhibit B. per month for each complete Remote Patient Monitoring
patient; and CCM patient. Thereafter, the pricing might be adjusted annually to reflect
changes in policy.
|
|
|
1.
|
Provide
Client with a software suite, Bluetooth medical devices and associated services for CCS.
|
|
|
2.
|
In
collaboration with and assistance from NGH, Client will implement the NuGen SaaS suite
on site at the Client’s clinic(s).
|
|
|
3.
|
Provide
necessary staff to perform the CCS services for Client’s patients.
|
|
|
4.
|
Provide
necessary training to Clients’ staff to ensure proper use of NGH’s products
and services.
|
|
|
5.
|
NGH
will be responsible for providing FDA-cleared, CMS approved medical devices for Remote
Patient Monitoring, technical assistance, device connection, and data reporting.
|
|
|
6.
|
NGH
will identify any patient threshold breeches so action can be taken in real time to avoid
hospitalizations and gives the ability to direct care as appropriate.
|
|
|
7.
|
NGH
will seek improvement in patient medication compliance with the direct reminders (voice/text)
for the patients to take their medications.
|
|
|
8.
|
NGH
will perform outbound calls and reviews of the patient’s health plan/care plan
to direct, train and encourage compliance on medication, pain levels, and ensuring frequency
of uploads of prescribed data such as glucose, blood pressure, weight, temperature, oxygen
level, etc.
|
|
|
9.
|
NGH
will provide a dashboard provides the MA and the Physician with an easy to view, patient
by patient, status as well as end of the month billing documentation.
|
|
|
10.
|
NGH
will provide a 24 hour call in number for emergencies.
|
|
|
11.
|
NGH
will provide manage oversight and continued software, hardware updates and improvements
training and retraining of staff.
|
|
|
12.
|
NGH
will provide at the end of each billing period the documentation for Client to bill for
the patients conforming to the set of standards required by CMS for reimbursement.
|
|
|
13.
|
The
parties agree to act in good faith to ensure success and will evaluate the reimbursements
on a quarterly basis to assess any changes in reimbursement.
|
|
|
14.
|
If
PVFM requests customized or enhanced system designs or additional equipment, then NGH
will bill at the scheduled rates in the IT support section below.
|
|
|
1.
|
Provide
NGH’s Medical Assistants (MA’s) with desk space and computers to engage and
register patients, coordinate connected patient care, and conduct the RPM and CCM patient
service.
|
|
|
2.
|
Client
will be responsible for managing NGH medical device inventory located on site and will
not allow devices to be given to non enrolled patients as well as replace any shortage
at their expense.
|
|
|
3.
|
Client
agrees to sign a Business Associates Agreement (BAA) with NGH to comply with all HIPAA
regulations.
|
|
|
4.
|
Upon
proof of concept and both parties agreement, Client shall integrate the eClinicalworks
Electronic Health Record (EHR) with the NuGenHealth system for billing, data exchange,
analytic analysis, and population health management to be conducted by NGH and shared
with Client.
|
|
|
5.
|
At
the end of the collection period which shall be 30 days from the invoice received from
NGH the Client will pay NGH in full for the invoice for the processed patients.
|
|
|
6.
|
Client
agrees to cooperate and comply with any and all audit requests by NGH’s auditors
or other audits by any governmental agency as may be requested and/or required.
|
EXHIBIT
B
BILLING
POLICIES AND PROCEDURES
|
Confidential
and Protected Information
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
NGH
will provide the specific data on each Patient that meets the eligibility requirements for the reimbursement of services. NGH
will provide an invoice to the Client on at least a thirty day (30) basis and Client agrees to pay NGH the Charges above within
thirty (30 days) of receipt of invoice.
EXHIBIT
C
BUSINESS
ASSOCIATE AGREEMENT
This
Business Associate Agreement (the “Agreement”) is entered into this __ day of _______, 2020, by and between,
Paradise Valley Family Medicine, P.C. an Arizona professional corporation, with an address of 11209 N. Tatum Blvd., Suite 180,
Phoenix, AZ, 85028 (“Covered Entity”) and NuGenHealth, LLC an Arizona Limited Liability Company, with an address
of 11209 N. Tatum Blvd., Suite 180, Phoenix, AZ 85028 (“Business Associate”) (each a “Party”
or collectively the “Parties”).
Recitals
Whereas,
Covered Entity is a “covered entity” under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”),
as may be amended or supplemented; the regulations promulgated thereunder including the Standards for Privacy of Individually
Identifiable Health Information (the “Privacy Rule”), 45 C.F.R. Parts 160 and 164, Subparts A and E, the Standards
for the Security of Electronic Protected Health Information (the “Security Rule”), 45 C.F.R. Parts 160 and
164, Subpart C, the Breach Notification for Unsecured Protected Health Information (the “Breach Notification Rule”),
45 C.F.R. Parts 160 and 164, as may be amended or supplemented (collectively the “HIPAA Rules”); and the Health
Information Technology for Economic and Officeal Health Act, Title VIII of the American Recovery and Reinvestment Act of 2009,
as may be amended or supplemented, and the regulations promulgated thereunder, as may be amended or supplemented (the “HITECH
Act”);
Whereas,
Business Associate may receive, create, maintain, and transmit protected health information (“PHI”) on Covered
Entity’s behalf in connection with the Services (defined below) below that Business Associate furnishes to Covered Entity,
Business Associate is a “business associate” under HIPAA, the HIPAA Rules, and the HITECH Act;
Whereas,
HIPAA, the HIPAA Rules, and the HITECH Act require that Covered Entity contract with Business Associate to mandate certain protections
for the privacy and security of PHI that Business Associate may receive, create, maintain, or transmit on Covered Entity’s
behalf; and
Whereas,
Covered Entity and Business Associate intend for this Agreement to satisfy their obligations under HIPAA, the HITECH Act, and
any implementing regulations.
Now,
therefore, in consideration of the foregoing, and for other good and valuable consideration, the receipt and adequacy of which
is hereby acknowledged, the Parties agree as follows:
1.
Definitions
a.
Defined Terms Generally. Terms used in this Agreement but not otherwise defined in this Agreement shall have the same meaning
as those terms in the Privacy Rule, the Security Rule, and the HITECH Act.
b.
Specific Defined Terms.
i.
Individual. “Individual” shall have the meaning set forth in 45 CFR § 160.103 and shall include a
person who qualifies as a “personal representative” pursuant to 45 CFR § 164.502(g).
ii.
Protected Health Information. “Protected Health Information” shall have the meaning set forth in 45 CFR §
160.103, limited to the information that Business Associate creates, receives, maintains, or transmits on behalf of Covered Entity.
All references to PHI shall also include electronic protected health information.
iii.
Secretary. “Secretary” shall mean the Secretary of the Department of Health and Human Services or his or her
designee.
2.
Business Associate’s Obligations and Scope of Activities
a.
Use and Disclosure of PHI. Business Associate agrees not to use or disclose PHI other than as permitted or required by
this Agreement or as Required by Law. Business Associate further agrees to comply with this Agreement’s provisions and all
present and future provisions of HIPAA, the HIPAA Rules, the HITECH Act, and Arizona law that relate to the privacy and security
of PHI and apply to Business Associate. Business Associate agrees not to use or disclose PHI in any manner that would constitute
a violation of HIPAA, the HIPAA Rules, the HITECH Act of Arizona law if so used or disclosed by Covered Entity. Business Associate
agrees to use PHI solely for the purpose of and as necessary for performing Services for Covered Entity. Business Associate further
agrees that Covered Entity shall retain all rights in PHI not granted herein.
b.
Reasonable and Appropriate Safeguards. Business Associate has implemented and will continue to maintain administrative,
physical, and technical safeguards (including written policies and procedures) to protect the confidentiality, integrity, and
availability of PHI that it creates, receives, maintains, or transmits on Covered Entity’s behalf against reasonably anticipated
threats or hazards to the security and integrity of the PHI as required by the Security Rule. Business Associate shall ensure
that any agent or subcontractor to whom Business Associate provides PHI has implemented and will continue to maintain administrative,
physical, and technical safeguards (including written policies and procedures) to protect the confidentiality, integrity, and
availability of PHI as required by the Security Rule.
c.
Reporting of Violations. Business Associate agrees to report in writing to Covered Entity, without unreasonable delay,
and in no case later than ten (10) calendar days after discovery, the following: (1) any known access, use, or disclosure of PHI
that is not authorized by this Agreement; (2) any Security Incident of which the Business Associate becomes aware, and (3) is
any Breach of Unsecured PHI of which it becomes aware, without unreasonable delay, and in no case later than ten (10) calendar
days after discovery. Business Associate further agrees to notify Covered Entity of any suspected access, use, or disclosure of
data in violation of any applicable federal or state laws or regulations without unreasonable delay, and in no case later than
thirty (30) calendar days after discovery. In the event of a Breach, Business Associate may delay notifying Covered Entity upon
a request from law enforcement. At Covered Entity’s request, Business Associate agrees, to the extent possible, to identify
each Individual whose PHI has been or is reasonably believed by Business Associate to have been accessed, acquired or disclosed
during the Security Incident and/or Breach; the date and scope of the Security Incident and/or Breach; Business Associate’s
response to the Security Incident and/or Breach,; and the identity of the party responsible for causing the Security Incident
and/or Breach, if known. Business Associate also agrees to provide Covered Entity with sufficient information to permit Covered
Entity to comply with Breach Notification Rule’s requirements or applicable state law requirements. Business Associate shall
cooperate reasonably and coordinate with Covered Entity in the investigation of any violation of this Agreement’s requirements
and/or any Security Incident or Breach. Business Associate shall cooperate reasonably and coordinate with Covered Entity in the
preparation of any reports or notices to the Individual, a regulatory body, or any third party required to be made under HIPAA,
the HIPAA Rules, the HITECH Act, or any other federal or state laws, rules, or regulations.
d.
Breach Pattern or Practice by Business Associate. Business Associate agrees that if Business Associate knows of a pattern
of activity or practice of Business Associate that constitutes a material breach of Business Associate’s obligations under
this Agreement, Business Associate shall take reasonable steps to cure the breach or end the violation. Business Associate agrees
that if the steps are unsuccessful, Business Associate shall terminate this Agreement, or if termination is not feasible, report
the problem to the Secretary.
e.
Mitigation of Harmful Effects. Business Associate agrees to mitigate, to the extent practicable, any harmful effect that
is known to Business Associate of a use or disclosure of PHI by Business Associate in violation of this Agreement.
f.
Third-Party Agreements. Pursuant to 45 CFR §§ 164.308(b) and 164.502(e), Business Associate agrees to ensure
that any agent and/or subcontractor, to whom it provides PHI that is created, received, transmitted, or maintained by Business
Associate on behalf of Covered Entity agrees in a written business associate agreement to the same restrictions and conditions
that apply through this Agreement to Business Associate with respect to such information. If Business Associate is aware of a
pattern or practice of an agent and/or subcontractor that constitutes a material breach or violation by the agent and/or subcontractor
of any such restrictions or conditions, Business Associate shall take reasonable steps to cure the breach or end the violation,
as applicable, and if such steps are unsuccessful, to terminate the contract or arrangement with such agent and/or subagent.
g.
Availability of Books and Records. Business Associate agrees to make available to Covered Entity or Secretary, within twenty
(20) calendar days or such time as reasonably designated by the Secretary, any PHI and internal practices, books, records, accounts,
and other sources of information, including policies and procedures, relating to the use and disclosure of PHI created, received,
maintained, or transmitted by Business Associate on Covered Entity’s behalf for purposes of the Secretary determining Covered
Entity’s compliance with the Privacy Rule.
h.
Access. To the extent that Business Associates possesses or maintains a Designated Record Set, Business Associate agrees
to provide access, at the request of Covered Entity, to PHI in a Designated Record Set to the Covered Entity or, as directed by
Covered Entity, to the Individual or an Individual’s designee, within twenty (20) calendar days of such request order to
meet the requirements under 45 CFR § 164.524. If an Individual makes a request for access to PHI directly to Business Associate,
Business Associate shall notify Covered Entity of the request within three (3) business days of such request and will cooperate
with and allow Covered Entity to respond to the Individual or Individual’s designee.
i.
Amendment. To the extent that Business Associates possesses or maintains a Designated Record Set, Business Associate agrees
to make any amendment(s) to PHI in a Designated Record Set that Covered Entity directs or agrees to pursuant to 45 CFR §
164.526 in a manner reasonably requested by Covered Entity within forty (40) calendar days of the request. If an Individual requests
that Business Associate make an amendment to PHI, Business Associate shall notify Covered Entity of the request within three (3)
business days of such request and will cooperate with and allow Covered Entity to respond to the Individual or Individual’s
designee.
j.
Documentation of Disclosures. Business Associate agrees to document such disclosures of PHI that it has made and information
related to such disclosures as would be required for Covered Entity to respond to an Individual’s request for an accounting
of disclosures of PHI in accordance with 45 CFR § 164.528. Business Associate further agrees to implement a process that
allows for an accounting to be collected and maintained by Business Associate and its agents and/or subcontractors for at least
six (6) years prior to the request. At a minimum, the information collected and maintained shall include:
i.
The date of the disclosure;
ii.
The name of the entity or person who received PHI and, if known, the address of the entity or person;
iii.
A brief description of PHI disclosed; and
iv.
A brief statement of purpose of the disclosure that reasonably informs the Individual of the basis for the disclosure, or a copy
of the written request for disclosure by the Secretary or under 45 C.F.R. § 164.512, if any.
k.
Accounting of Disclosures. Business Associate agrees to provide to Covered Entity or an Individual, within forty (40) days,
information collected in accordance with Section j of this Agreement in order that Covered Entity may respond to an Individual’s
request for an accounting of disclosures of PHI in accordance with 45 CFR § 164.528 and the HITECH Act. Business Associate
agrees that such accounting obligations shall survive termination of this Agreement and shall continue as long as Business Associate
maintains PHI created, received, maintained, or transmitted pursuant to this Agreement. If multiple disclosures of PHI have been
made to the Secretary or the same person or entity under 45 C.F.R. § 164.512, Business Associate shall also include in its
disclosures the frequency, periodicity, or number of disclosures made during the accounting periods as well as the date of the
last disclosure during the accounting period. If an Individual makes a request for an accounting of disclosure to Business Associate,
Business Associate shall notify Covered Entity of the request within three (3) business days of such request and will cooperate
with and allow Covered Entity to respond to the Individual or Individual’s designee.
l.
Minimum Necessary. Business Associate agrees to request, use, and disclose only the minimum amount of PHI necessary to
accomplish the purpose of the request, use, or disclosure.
m.
Compliance with Administrative Obligations. Business Associate agrees to comply with any administrative requirements imposed
on it in its capacity as a business associate by HIPAA, the HIPAA Rules, and the HITECH Act.
n.
Compliance with Electronic Transmission Standards. Business Associate agrees to comply with all applicable standards and
requirements of HIPAA, HIPAA Rules, and the HITECH Act regarding the transmission of PHI in an electronic format in connection
with any transaction for which the Secretary has adopted a standard (“Covered Transaction”) no less than thirty
(30) days before prior to the applicable compliance dates established by the Secretary. Business Associate shall require all of
its agents and/or subcontractors, if any, to comply with this Section 2.14.
3.
Permitted Uses and Disclosures by Business Associate
a.
General Use and Disclosure. Except as otherwise limited by this Agreement, Business Associate may use or disclose PHI on
behalf of, or to provide the following services to, Covered Entity: the lien-related services as described in that certain Remote
Monitoring Services Agreement dated the __ day of ____, 2020 (“Services”), if such use or disclosure of PHI
would not violate:
i.
The Privacy Rule, the Security Rule, and the HITECH Act if done by Covered Entity; or
ii.
Business Associate’s minimum necessary policies and procedures.
b.
Specific Uses and Disclosures.
i.
Except as otherwise limited in this Agreement, Business Associate may use PHI for Business Associate’s proper management
and administration or to carry out Business Associate’s legal responsibilities.
ii.
Except as otherwise limited in this Agreement, Business Associate may disclose PHI for the proper management and administration
of Business Associate and to carry out its legal responsibilities, provided that disclosures are:
(i)
Required by Law; or
(ii)
Business Associate obtains reasonable assurances from the person to whom the information is disclosed that:
(a)
PHI will remain confidential and used or further disclosed only as Required by Law or for the purpose for which it was disclosed
to the person; and
(b)
The person notifies Business Associate of any instances of which it is aware in which confidentiality of PHI has been breached.
iii.
Except as otherwise limited in this Agreement, Business Associate may use PHI to provide data aggregation services to Covered
Entity as permitted by 45 CFR § 164.504(e)(2)(i)(B).
iv.
Business Associate may use PHI to report violations of law to appropriate federal and state authorities, consistent with 45 CFR
§ 164.502(j)(1).
4.
Obligations of Covered Entity
a.
Notice of Privacy Practices. Covered Entity shall provide Business Associate with a copy of Covered Entity’s Notice
of Privacy Practices (“NPP”) and notify Business Associate of any limitation(s) therein to the extent that
such limitation(s) may affect Business Associate’s use or disclosure of PHI in accordance with 45 CFR § 164.520.
b.
Notification of Individual Authorization Revocations. Covered Entity shall notify Business Associate of any changes in,
or revocations of, an Individual’s authorization to use and/or disclose PHI, to the extent that such changes may affect
Business Associate’s use or disclosure of PHI.
c.
Notification of Restrictions. Covered Entity shall notify Business Associate of any restriction to the use or disclosure
of PHI to which Covered Entity has agreed, in accordance with 45 CFR § 164.522, to the extent that such restriction may affect
Business Associate’s use or disclosure of PHI.
d.
Notification of Amendments. Covered Entity shall notify Business Associate of any amendment to PHI to which Covered Entity
has agreed that affects a Designated Record Set maintained by Business Associate.
e.
Permissible PHI Disclosures. Covered Entity will not request Business Associate to use or disclose PHI in any manner that
would not be permissible under the Privacy Rule if done by Covered Entity.
5.
Term and Termination
a.
Term. This Agreement shall be effective as of date this Agreement is executed by both Parties and shall continue until
Business Associate returns or destroys all PHI created or received by Business Associate on Covered Entity’s behalf, including
any copies of PHI, or until Business Associate determines that such return or destruction is infeasible.
b.
Termination for Cause. Upon Covered Entity’s knowledge of a material breach by Business Associate, Covered Entity
shall either:
i.
Provide an opportunity for Business Associate to cure the breach or end the violation within a specified period of time and terminate
the Agreement if Business Associate does not cure the breach or end the violation within the time specified by Covered Entity;
or
ii.
Immediately terminate the Agreement if Business Associate has breached a material term of this Agreement and cure is not possible.
If
neither termination nor cure is feasible, Covered Entity shall report the violation to the Secretary. In no event will a disclosure
by Business Associate that was authorized by Covered Entity be treated as a material breach.
c.
Effect of Termination.
i.
Except as provided in paragraphs (b) and (c) of this Section c, upon termination of this Agreement, for any reason, Business Associate
shall return or destroy all PHI created, received, maintained, or transmitted by Business Associate on behalf of Covered Entity.
This provision shall apply to PHI that is in the possession of Business Associate’s agents and/or subcontractors. Business
Associate and its agents and/or subcontractors shall retain no copies of PHI.
ii.
If Business Associate determines that it is infeasible to return or destroy the PHI, Business Associate shall notify Covered Entity
of the conditions that make the PHI’s return or destruction infeasible. Thereafter, Business Associate shall extend this
Agreement’s protection to such PHI and limit such PHI’s further use and disclosure to those purposes that make the
return or destruction infeasible, for so long as Business Associate maintains such PHI.
iii.
The preceding provisions of this Section c shall not apply to the extent that PHI is maintained in Business Associate’s
possession pursuant to its record retention procedures. Nevertheless, this Agreement’s protections shall remain in effect
as to that PHI as long as Business Associate retains such PHI.
6.
General Provisions
a.
Intent. The Parties expressly acknowledge that it is, and shall continue to be, their intent to comply fully with all relevant
federal, state, and local laws, regulations, and rules. If a Party believes in good faith that any provision of this Agreement
fails to comply with the then-current requirements under HIPAA, the HIPAA Rules, and/or the HITECH Act, such Party shall notify
the other Party in writing. The Parties agree to take such action as is necessary to amend this Agreement from time to time as
is necessary for Covered Entity to comply with the requirements of HIPAA, the HIPAA Rules, the HITECH Act, or Arizona law. The
Parties will have thirty (30) calendar days to negotiate in good faith to amend this Agreement’s provisions such that is
complies with the then-current legal requirements. If after thirty (30) days, this Agreement is still not in compliance with the
then-current law, either Party may terminate this Agreement upon written notice to the other Party.
b.
Construction. Any ambiguity in this Agreement shall be resolved to permit Business Associate to comply with HIPAA, the
HIPAA Rules, the HITECH Act, or Arizona law.
c.
Governing Law. This Agreement shall be governed by and interpreted in accordance with the laws of the State of Arizona
without regard to its conflicts-of-law provisions. Jurisdiction and venue for any dispute relating to this Agreement shall exclusively
rest with the state and federal courts in the county in which Covered Entity is located.
d.
Cross-References. A reference in this Agreement to a section in HIPAA, the HIPAA Rules, or the HITECH Act means the section
as in effect or as amended.
e.
No Agency Relationship. The Parties do not intend to establish expressly or by implication an agency relationship (as defined
under federal common law of agency) between Covered Entity and Business Associate for the purposes of liability under HIPAA, the
HIPAA Rules, or the HITECH Act. No terms or provisions contained in this Agreement shall be construed to make or render Business
Associate an agent of Covered Entity.
f.
Survival of Certain Rights and Obligations. Business Associate’s rights and obligations under Sections 2.11 and 5.c
shall survive this Agreement’s termination.
g.
Waiver. No provision of this Agreement or any breach thereof shall be deemed a waiver unless such waiver is in writing
and signed by the Party against whom such waiver it sought to be enforced. No waiver of a breach shall constitute a waiver of
or excuse for any different or subsequent breach.
h.
Assignment. Neither Party may assign any of its rights or delegate or subcontract any of its obligations under this Agreement
without the other Party’s prior written consent. Notwithstanding the foregoing, Covered Entity shall have the right to assign
its rights and obligations hereunder to any entity that is an affiliate or successor of Covered Entity without Business Associate’s
prior approval.
i.
Notice. All notices, requests, demands, and other communications required or permitted to be given or made under this Agreement
(“Notices”) shall be in writing and sent by personal delivery; certified or registered United States mail with
return receipt requested, overnight delivery service with proof of delivery; or facsimile with return facsimile acknowledging
receipt. Notices shall be effective upon receipt. Notices shall be sent to the addresses below in the opening paragraph of this
Agreement.
j.
Invalidity or Unenforceability. If any provision of this Agreement shall be held invalid or unenforceable, such invalidity
or unenforceability shall attach only to such provision and shall not in any way affect or render invalid or unenforceable any
other provision of this Agreement.
k.
Rights. Nothing in this Agreement shall be deemed to:
i.
Create any rights in third parties; or
ii.
Waive the attorney-client, work product, or other privilege between Covered Entity and Business Associate arising under applicable
law, except to the limited extent necessary to comply with the requirements of Section 2.g or applicable law.
l.
Entire Agreement. This Agreement constitutes the complete agreement between Business Associate and Covered Entity relating
to the matters specified in this Agreement, and supersedes all prior representations or agreements, whether oral or written, with
respect to such matters. No oral modification or waiver of any of the provisions of this Agreement shall be binding on either
Business Associate or Covered Entity.
m. Indemnification.
Business Associate will indemnify Covered Entity and its owners from any and all damages, fees, fines, costs and expenses associated
with a breach by Business Associate of this Business Associate Agreement.
In
Witness Whereof, the parties hereto have executed this Agreement as of its effective date.
|
COVERED
ENTITY:
Paradise
Valley Family Medicine, P.C. an Arizona professional corporation
By:
/s/ Warren Johnson
Its:
Vice President
|
BUSINESS
ASSOCIATE:
NuGenHealth,
LLC an Arizona Limited Liability Company
By:/s/
Joseph Moscato
Its:
President/CEO
|
Exhibit
99.2
Generex
Biotechnology Subsidiary NuGenHealth Contracts with Paradise Valley Family Medicine to Provide Chronic Care Management (CCM) and
Remote Patient Monitoring (RPM) Services
•
NuGenHealth Software as a Service (SaaS) platform launch
•
PVFM responds to COVID-19 with connected care solutions to serve their Medicare patient population
MIRAMAR,
Fla., Sept. 25, 2020 (GLOBE NEWSWIRE) -- Generex Biotechnology Corporation (OTCQB:GNBT) announces that its newly formed subsidiary
NuGenHealth has signed a contract with Paradise Valley Family Medicine (PVFM) to provide connected care solutions for patient
engagement, Remote Patient Monitoring (RPM) and Chronic Care Management (CCM) services. NuGenHealth, a joint venture between Generex
subsidiary NuGenerex Health and Worldwide Digitech, LLC (WWDT) will provide the software, data framework, and back-end support
for the NuGenHealth SaaS system to advance collaborative, connected care in order to improve patient health outcomes for patients
under the care of PVFM.
The
NuGenHealth system offers direct savings to physicians and healthcare organizations both in time and money, allowing the healthcare
team to monitor patient progress outside the practice office, leading to timely interventions and early identification of disease
progression that may prevent unnecessary hospitalizations. The SaaS system utilizes automated algorithms, real-time data, and
quality metrics to involve patients in their own care, while keeping healthcare providers and family constantly informed.
RPM
is the use of digital technologies to monitor and capture medical/health data from patients and electronically transmit the information
to their providers for assessment, recommendations, and instructions. Providers use RPM to collect a wide range of patient
data, including blood pressure, weight, heart rate, and blood sugar levels.
The
CCM benefit allows eligible providers to offer services outside of doctor’s office visits to help individuals with two or
more chronic conditions follow their medical care plan, practice preventive health care, and more effectively manage their health.
CCM services are designed to keep Medicare beneficiaries healthier and to prevent unnecessary hospitalizations. Services include
communication with Medicare beneficiaries and health professionals to provide chronic care management and coordination in-person,
over the phone, and electronically.
NuGenHealth
provides Bluetooth connected blood pressure monitors, electronic scales, glucose monitors, and oxygen sensors, and the NuGenHealth
software optimizes workflows for RPM and CCM to collect, analyze, and report real-time patient data.
New
CPT Codes released by CMS in 2019 provide an incentive for physicians to offer better management of chronic conditions using RPM
and CCM services. The new rules make it easier for physicians and healthcare organizations to partner with health-tech companies
to provide the software systems and monitoring devices required to launch a successful RPM program, and with the launch of NuGenHealth,
the Generex family of companies is positioned to be a leader in this rapidly growing space.
Joe
Moscato, President & Chief Executive Officer of Generex said, “We are very excited to launch NuGenHealth with our physician
partners at Paradise Valley Family Medicine, with whom we have been working for the last year to implement our plans and start
this collaboration. The NuGenHealth SaaS system has been beautifully designed by our development partners at WWDT, and their simple
implementation process will enable us to begin enrolling patients and generating reimbursements for the physicians at PVFM. Remote
patient monitoring is a service that was positioned for significant growth leading into 2020, and the pandemic has only accelerated
its adoption by physicians and reimbursements by CMS. Our contract with PVFM is the first of several that we plan to sign with
other physician practices in the Phoenix area. And once NuGenHealth is established in the practices, we plan to launch our long-awaited
ophthalmology and podiatry businesses to serve the large numbers of patients with diabetes and vascular conditions that are prevalent
in the chronic care population. We will keep our shareholders apprised of our progress as we build our end-to-end model for physicians
and patients with our partners in Arizona.”
About
Generex Biotechnology Corp.
Generex Biotechnology is an integrated healthcare holding company with end-to-end solutions for patient centric care from rapid
diagnosis through delivery of personalized therapies. Generex is building a new kind of healthcare company that extends beyond
traditional models providing support to physicians in a GPO network, and ongoing relationships with patients to improve the patient
experience and access to optimal care.
In
addition to advancing a legacy portfolio of immune-oncology assets, medical devices, and diagnostics, the Company is focused on
an acquisition strategy of strategic businesses that complement existing assets and provide immediate sources of revenue and working
capital.
Cautionary
Note Regarding Forward-Looking Statements
This
release and oral statements made from time to time by Generex representatives in respect of the same subject matter may contain
"forward-looking statements" within the meaning of the Private Securities Litigation Reform Act of 1995. These statements can
be identified by introductory words such as "expects," "plan," "believes," "will," "achieve," "anticipate," "would," "should,"
"subject to" or words of similar meaning, and by the fact that they do not relate strictly to historical or current facts. Forward-looking
statements frequently are used in discussing potential product applications, potential collaborations, product development activities,
clinical studies, regulatory submissions and approvals, and similar operating matters. Many factors may cause actual results to
differ from forward-looking statements, including inaccurate assumptions and a broad variety of risks and uncertainties, some
of which are known and others of which are not. Known risks and uncertainties include those identified from time to time in the
reports filed by Generex with the Securities and Exchange Commission, which should be considered together with any forward-looking
statement. No forward-looking statement is a guarantee of future results or events, and one should avoid placing undue reliance
on such statements. Generex undertakes no obligation to update publicly any forward-looking statements, whether as a result of
new information, future events or otherwise. Generex claims the protection of the safe harbor for forward-looking statements that
is contained in the Private Securities Litigation Reform Act.
Generex
Contact:
Generex
Biotechnology Corporation
Joseph
Moscato
646-599-6222
Todd
Falls
1-800-391-6755 Extension 222
investor@generex.com