The URL can be used to link to this page

Browse Search

Home My WebLink About20251379.tiffCtonfv(K+ IMetiko5 BOARD OF COUNTY COMMISSIONERS PASS -AROUND REVIEW PASS -AROUND TITLE: DEPARTMENT: PERSON REQUESTING: MSA for Contexture Health Information Exchange Services Information Technology Ryan Rose DATE: 4/16/25 Brief description of the problem/issue: Contexture is the software vendor that provides Health Information Exchange services. Contexture has been a Weld County vendor for several years. This agreement establishes an MSA, formalizes terms and conditions, and consolidates licensing to an enterprise model, saving Weld County money on licensing in the future. What options exist for the Board? 1) approve agreement 2) request work session Consequences: Impacts: Provides HIE Services to the Coroner and Health Departments Cost (Current Fiscal Year/Ongoing or Subsequent Fiscal Years: $1,760, budgeted for in FY25 department budgets. Recommendation: it is the recommendation of the IT department to approve this agreement. Perry L. Buck Scott K. James Jason S. Maxey Lynette Peppier Kevin D. Ross c OnVI* 5A /ZS Support Recommendation Schedule Place on BOCC Agenda Work Session Other/Comments: Cc 0ntl5eCl �) 5/11/z5 2025-1379 IT0014 Docusign Envelope ID: 3C41 AF8A-12BB-4F07-ABCD-C625B941220F contexture' Creating connections. Improving lives. CONTEXTURE HIE PARTICIPATION AGREEMENT Cover Sheet Description of this Agreement Contexture ("HIE') the and and is HIE a -related conditions nonprofit organization services. of this HIE Participant Participation that provides desires Agreement electronic to ("Agreement'). health in Contexture's information exchange HIE under participate terms Participant Information Legal Entity: Name of Participant County of Weld Trade Business Name/Doing As: County of Weld Corporate Address: 1150 O Street, Greeley, CO 80631 Tax ID Number (TIN): 84-6000813 Entity Type(s): Healthcare Health Public Medical Organ Health Procurement Plan Examiner Provider Organization Authority or Organization Coroner X X oValue-Based Contact Section the and HIE Conditions: for 13.2 General Notice (Notice) Terms under of Jacob jmundt@weld.>;ov Mundt Privacy Officer Contact: Jacob jmundt Mundt c@weld.uov Security Officer Contact: Jacob jrnundt@weldgov Mundt All changed Contexture Participant; Contacts any Help or and c) time the Desk; emailing and associated b) without emailing getconnected@contexture.orq. contact the the need information for a formal engagement provided contract in amendment team this Cover member Sheet by a) assigned may emailing be to the the at Contexture Contexture HIE Participation Agreement HIE PA Cover Sheet Page 1 of 3 Docusign Envelope ID: 3C41AF8A-12BB-4F07-ABCD-C625B941220F Ca contexture" Creating connections Improving lives. Contract Term & Renewals Effective Date: Agreements fully executed before January 1, 2026, have an Effective Date ofJanuary n ua ry 1, 2026. Agreements fully executed after January 1, 2026, have an Effective Date of the date of the last signature. Initial Term: The Initial Term of this Agreement shall run from the Effective Date until December 31 of that year. Renewals: This Agreement will automatically renew for additional one (1) year terms, beginning January 1 after the expiration of the Initial Term, until the termination of this Agreement as provided for in the HIE General Terms and Conditions or elsewhere in the Agreement. Documents that are Part of this Agreement The Parties to this Agreement are (1) Contexture, a Colorado nonprofit corporation, and (2) all individuals and entities listed as a Participant or Affiliate in any document that is part of the Agreement. Each Party acknowledges and agrees that this Agreement includes all the following documents, which are incorporated by reference and legally binding on all Parties: (1) This Cover Sheet. (2) HIE General Terms and Conditions. These are the general contract terms that govern the use of the HIE and Services by Participant and its Authorized Users. Contexture will notify Participant of material changes to the HIE General Terms and Conditions by giving notice in accordance with Section 1.4 (Changes to HIE General Terms and Conditions) of the HIE General Terms and Conditions. (3) Trusted Exchange Addendum. This Addendum applies if Participant participates, through Contexture, in the exchange of health information through External Networks. Contexture will notify Participant of material changes to this Addendum by giving notice in accordance with Section 13.2 (Notice) of the HIE General Terms and Conditions. (4) Business Associate Agreement ("BAA"). The BAA applies to Participant's access to and use of the HIE and Services. (5) Special Terms and Conditions, which provide specialized contract terms for certain entities, arrangements, and Participant Types: • Medical Examiners and Coroners • Organ Procurement Organizations • Public Health Authorities • Third -Party Interfaces • Value -Based Organizations Contexture HIE Participation Agreement HIE PA Cover Sheet Page 2 of 3 Docusign Envelope ID: 3C41AF8A.-12BB-4F07-ABCD-C625B941220F contexture' Creating connections. Improving lives. The applicable Special Terms and Conditions are any that are attached to this Agreement, as well as any that are subsequently executed by the Parties. (6) Statement(s) of Work: All statement(s) of work executed by the Parties for access to or use of the HIE or any Service. (7) HIE Support and Service Level Addendum, available on Contexture's website. This Addendum describes the support and service levels Contexture will provide for the HIE and Services. Contexture may, at its discretion, update this Addendum from time to time. Participant is responsible for checking the Addendum for the current support and service levels. (8) Contexture Policies, available on Contexture's website. These Policies govern the activities of Contexture and HIE Participants related to the Services and HIE Data, including the Permitted Purposes. Contexture will notify Participant of material changes to the Contexture Policies by giving notice in accordance with Section 2.7 (Contexture Policies; Changes) of the HIE General Terms and Conditions. All capitalized words and phrases that are not defined in this Cover Sheet have the meanings given to them in the HIE General Terms and Conditions and or elsewhere in the Agreement. Each of the individuals signing below represents and warrants that they are signing with full and complete authority to bind the Party to this Agreement. CONTEXTURE, a Colorado nonprofit corporation' Signature: DocuSigned by: PaCtriti 5AA200F_9g 19E41e holly Procopio Printed Name: Title: VP, Grants and Contracts ,'administration 5/20/2025 Date: County of Weld Signed by: . P �, btitdc 9 nature. SI -1—QSQ761 ECC/17E4aE Perry I, Buck Printed Name: Title: Weld County Commissioner - Chair 5/20/2025 Date: Contexture HIE Participation Agreement HIE PA Cover Sheet Page 3 of 3 Docusign Envelope ID: 3C41 AFBA-12BB-4F07-ABCD-C625B941220F Cal contexture.' Creating connections. Improving lives CONTEXTURE HIE PARTICIPATION AGREEMENT HIE General Terms and Conditions These HIE General Terms and Conditions are part of Contexture's HIE Participation Agreement. These HIE General Terms and Conditions govern participation in the HIE and access to and use of HIE -related Services by Participant and its Authorized Users. Table of Contents HIE General Terms and Conditions 1 1.0 Definitions; Other Agreements 3 1.1 Definitions and Acronyms 3 1.2 Term 9 1.3 Effect on Prior Agreements 9 1.4 Changes to HIE General Terms and Conditions 9 2.0 Contexture Services and Obligations. 9 2.1 Services 9 2.2 Configurations 10 2.3 Data Hosting and Retention 10 2.4 Maintenance, Support and Service Levels; Changes to the Services 10 2.5 Subcontractors 11 2.6 Third -Party Service Providers 11 2.7 Contexture Policies; Changes 11 2.8 Response to Court Orders, Subpoenas, or Government Requests for HIE Data 12 3.0 Participant Obligations and Prohibited Uses. 12 3.1 Onboarding and Implementation; Minimum System Requirements; Cooperation 12 3.2 Conditions on the Use of Services 13 3.3 Authorized Users 15 3.4 Prohibited Uses 15 3.5 Expansion of Services 16 4.0 Data Rights and Responsibilities. 16 4.1 Electronic Health Information . 16 4.2 Participant Data 16 4.3 Data Privacy, Security, Breach, and Interopera bi l ity 17 4.4 Prohibited Data Submissions 18 4.5 Part 2 Data 18 4.6 Offshori ng 20 5.0 Record Retention, Auditing and Monitoring 20 5.1 Business Record Retention 20 5.2 Audit and Monitoring 21 Contexture HIE Participation Agreement HIE General Terms and Conditions Page 1 of 32 Docusign Envelope ID: 3C41AF8A-12BB-4F07-ABCD-C625B941220F contexture Creating connections. Improving lives. 6.0 Fees and Payment 21 6.1 Payment 21 6.2 Invoices 21 6.3 Purchasing Documents 21 6.4 Taxes 21 6.5 Late Payments 22 6.6 Fee Increases 22 6.7 Other Expenses 22 7.0 Term and Termination; Suspension22 7.1 Agreement Termination 22 7.2 Termination of Special Terms and Conditions and SOWs 23 7.3 Suspension. 23 7.4 Effect of Termination 24 7.5 Survival 24 8.0 Intellectual Property 24 8.1 Contexture Intellectual Property 24 8.2 Infringement Notification 25 8.3 Publicity 25 9.0 Confidentiality 25 9.1 Ownership of Confidential Information25 9.2 Non -Disclosure Obligations. 25 9.3 Destruction and Return 26 9.4 Duration 26 10.0 Other Representations, Warranties and Disclaimers26 10.1 Mutual Representations and Warranties 26 10.2 Performance Warranty 26 11.0 DISCLAIMERS 27 11.1 Disclaimer of Warranties 27 11.2 Not a Medical Service 27 11.3 Internet Connections 27 11.4 Other Participants and Trusted Exchange Networks 27 12.0 Liability and Risk 28 12.1 Indemnification. 28 12.2 Limitation of Liabilities 28 12.3 Releases of Liability 29 12.4 Insurance 29 13.0 Miscellaneous 29 Contexture HIE Participation Agreement HIE General Terms and Conditions Page 2 of 32 Docusign Envelope ID: 3C41AF8A-12BB 4F07-ABCD-C625B941220F CIillCreating connections Improving lives contexture 13.1 No Exclusion 29 13.2 Notice 29 13.3 Assignment 30 13.4 Antitrust Compliance. 30 13.5 Governing Law and Venue. 30 13.6 Informal Dispute Resolution 30 13.7 Equitable Relief; Cumulative Relief 30 13.8 Force Majeure 30 13.9 Entire Agreement 31 13.10 Modification 31 13.11 No Waiver 31 13.12 Severability 31 13.13 No Third -Party Beneficiaries 31 13.14 Relationship of the Parties 31 13.15 Interpretation 31 13.16 Counterparts; Electronic Signatures; Electronic Documents 32 1.0 DEFINITIONS; OTHER AGREEMENTS. 1.1 Definitions and Acronyms. "Affiliate" means an entity that, directly or indirectly through one or more intermediaries, controls, is controlled by, or is under common control with, the Participant. Affiliates are considered HIE Participants and Parties under the entire Agreement. "Agreement" means the HIE Participation Agreement, which includes the Cover Sheet, these General Terms and Conditions, any Special Terms and Conditions, any SOWs, any Attachments, the HIE Support and Service Level Addendum, Contexture Policies, the Business Associate Agreement, and the Trusted Exchange Addendum. "API" means an application programming interface. "Applicable Law" means all federal, state, and local laws, regulations, and other legal rules that are applicable to a Party. "Arizona HIO Law" refers to the Arizona Health Information Organization Law, A.R.S. §§ 36-3801 through 36-3809. "Attachment" means any written addenda, appendices, schedules, or work orders that that the Parties agree, in writing, are subject to or part of this Agreement. "Authorized User" means (i) an employee or independent contractor of Participant authorized by Participant to access and use the HIE or Services for a Permitted Purpose, and (ii) any other person for whom Participant has obtained Contexture's prior written permission to access the HIE or Services. Participant is responsible for all acts and omissions of its Authorized Users. "Authorized Recipient" means a person or entity that has a HIPAA Authorization to access HIE Contexture HIE Participation Agreement HIE General Terms and Conditions Page 3 of 32 Docusign Envelope ID: 3C41 AFBA-12BB-4F07-ABCD-C625B941220F contexture Creating connections. Improving lives. Data of an individual. "Breach" has the meaning given to it under HIPAA at 45 C.F.R. § 164.402, regardless of whether the personal information involved is used or maintained by a HIPAA Regulated Entity. "Business Associate" has the meaning given to it under HIPAA at 45 C.F.R. § 160.103. "Business Associate Agreement" or "BAA" refers to a written agreement as described under HIPAA at 45 C.F.R. §§ 164.502, 164.504(e), and 164.308(b), that applies to Participant's access to and use of the HIE and Services. "Confidential Information" means all confidential and proprietary information provided in any medium or format, including but not limited to know-how, trade secrets, business processes, non-public business information (including, but not limited to, software, algorithms, technical specifications, software documentation and training materials, operational policies, processes, methods, practices, designs, results of an audit, systems architecture, technology, business plans, customer lists, vendor lists, financial or pricing information, strategic alliances, marketing strategies, acquisition plans, and planned new products and services) and other information which a Party reasonably considers to be proprietary and/or confidential. Confidential Information does not include information that: (1) is or becomes generally available to the public (other than as a result of disclosure or dissemination by the Receiving Party); (2) is or becomes available to the Receiving Party on a non -confidential basis from a source (other than the Disclosing Party) that is not bound by an obligation of confidentiality relating to the information; (3) has been independently acquired or developed by the Receiving Party without violating any obligation to the Disclosing Party; or (4) was rightfully in the possession of the Receiving Party prior to receipt from the Disclosing Party. For purposes of this Agreement, Confidential Information also does not include HIE Data. Contexture's Confidential Information includes, but is not limited to, pricing information, Documentation, Usage Data, User Documents, the non- public facing aspects of the Services, and Confidential Information of Contexture's licensors, Subcontractors, and Third -Party Service Providers, as well as Confidential Information provided by third parties in connection with the Trusted Exchange Networks. "Contexture Policies" refer to any written policy and/or procedure created or adopted by Contexture to provide detailed information or requirements related to the Services (including without limitation the HIE). "Contexture Policies" include the HIE Participant Policy Manual(s). "Coroner" means any person or entity that is licensed or authorized under Applicable Law to operate as a Coroner, identify a deceased person, determine a person's cause of death, conduct a death investigation, or perform other similar duties regarding a deceased person. "Covered Entity" has the meaning given to it under HIPAA at 45 C.F.R. § 160.103. "Data Recipient" means an individual or entity (other than Contexture) permitted to receive HIE Data for one or more of the Permitted Purposes. Not a I I Data Recipients are HIE Participants. For example, Trusted Exchange Networks are Data Recipients but not HIE Participants. "Data Supplier" or "Data Sender" means an individual or entity (other than Contexture) that makes data and information available to Contexture for use or disclosure through the HIE or in connection with the Services; provided, however, that HIE Participants that only provide Contexture HIE Participation Agreement HIE General Terms and Conditions Page 4 of 32 Docusign Envelope ID: 3C41AF8A-12BB-4F07-ABCD-C625B941220F C. contexture - Creating connections. Improving lives individual (e.g., patient or member) demographic or eligibility files/lists to Contexture for matching or record locator purposes and/or provide Part 2 Consent Forms in connection with the Part 2 Data Services, are not Data Suppliers within the meaning of this definition. Data Suppliers are a source of HIE Data but may not be HIE Participants. For example, Trusted Exchange Networks may be Data Suppliers but are not HIE Participants. "De -Identified" or "De -Identified Data" means data or information that meets the HIPAA de - identification standards at 45 C.F.R. § 164.514. "Documentation" means, collectively, any user guide (e.g., onboarding, technical and other participant procedures), specifications, and all other program descriptions, desk procedures, materials, documentation, training manuals, technical manuals, user manuals, flow diagrams, file descriptions and other written information that describes the functional, operational and/or performance capabilities of the Services (including, without limitation, the HIE and any Contexture APIs). "Effective Date" when referring to this Agreement, has the meaning given in the Cover Sheet. "Electronic Health Information" or "EHI" has the meaning given to it in the Information Blocking Rule at 45 C.F.R. § 171.102. "Feedback" means any suggestions, requests for enhancements or functionality, or other feedback to Contexture regarding the HIE or the Services. "Fees" means all fees and any other amounts due to Contexture under this Agreement, including but not limited to any fees specified in an executed SOW. "Health Care Operations" has the meaning given to it under HIPAA at 45 C.F.R. § 164.501. "Health Care Provider" has the meaning given to it under HIPAA at 45 C.F.R. § 160.103 and as may be further specified in Contexture Policies and the relevant SOW. "Health Plan" has the meaning given to it under HIPAA at 45 C.F.R. § 160.103 and as may be further specified in Contexture Policies. "HIE" means the health information exchange that is operated by Contexture and all software, hardware and other technology used by or on behalf of Contexture to provide the Services, including but not limited to the administrative, operational, and maintenance and support services required to operate the HIE. All references in this Agreement to the Services include the HIE. "HIE Data" means the data and information available through the HIE or in connection with the Services, including but not limited to EHI and PHI. "HIE Participant" or "Participant" means an individual or entity that has entered into a written agreement with Contexture to participate in the HIE and receive one or more Services. HIE Participants may include Data Suppliers, Data Recipients, or both; provided, however, that Trusted Exchange Networks are not HIE Participants and not all Data Suppliers and Data Recipients will be HIE Participants. Contexture HIE Participation Agreement HIE General Terms and Conditions Page 5 of 32 Docusign Envelope ID: 3C41AF8A-12BB-4F07-ABCD-C625B941220F contexture Creating connections. Improving lives. "HIE Portal" means a Service that is a web -based platform where Participants can access and query patients' comprehensive health records. "HIE Support and Service Level Addendum" means the document that sets forth the support and service levels applicable to the HIE, and which is available on Contexture's website. "HIPAA" collectively refers to Health Insurance Portability and Accountability Act of 1996, the Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH), and their implementing regulations (see 45 C.F.R. Parts 160, 162, and 164). "HIPAA Authorization" means an authorization that meets the requirements of 45 C.F.R. § 164.508. "HIPAA Business Associate Agreement" has the same meaning as "Business Associate Agreement." "HIPAA Regulated Entity" means any person or entity that is subject to HIPAA as either a covered entity (as defined by HIPAA) or a business associate (as defined by HIPAA). "Information Blocking Rule" or "IBR" refers, collectively, to 42 U.S.C. § 300jj-52 and its implementing regulations 45 C.F.R. Part 171. "Intellectual Property" includes patents, copyrights, trademarks, trade secrets and any other proprietary rights recognized under Applicable Law. "Limited Health Care Operations" means the activities listed in paragraphs (1) and (2) of the definition Health Care Operations in HIPAA at 45 C.F.R. § 164.501, and health care fraud and abuse detection and compliance activities as described at 45 C.F.R. § 164.506(c)(4). "Medical Examiner" means any person or entity that is licensed or authorized under Applicable Law to operate as a Medical Examiner, identify a deceased person, determine a person's cause of death, conduct a death investigation, or perform other similar duties regarding a deceased person. "Medical Examiner Activities" refers to identifying a deceased person, determining a cause of death, conducting a death investigation, or performing other duties of a Medical Examiner or Coroner as authorized by Applicable Law, and as may be further specified in Contexture Policies. "Member" means a patient, member, or other individual assigned or attributed to a Participant for use in connection with a Service. "Member File" means a list of Members. "Mixed Use Facility" refers to a general medical facility that operates a Part 2 Program in addition to other services, such as medical or behavioral health services. For example, a general hospital with a chemical dependency unit is a Mixed Use Facility. Contexture HIE Participation Agreement HIE General Terms and Conditions Page 6 of 32 Docusign Envelope ID: 3C41AF8A-12BB-4F07-ABCD-C625B941220F contexture Creating connections. Improving lives. "Part 2" refers to 42 U.S.C. § 290dd-2 and its implementing regulations located at 42 C.F.R. Part 2. "Part 2 Consent Form" means the form required by Contexture for accessing Part 2 Data through the HIE or in connection with the Services. "Part 2 Data" means data or information protected under Part 2. Part 2 Data includes Participant Data from (i) a facility that exclusively operates a Part 2 Program, or (ii) a general medical facility that operates a Part 2 Program and provides non -Part 2 services, such as physical or behavioral health services (commonly referred to as "Mixed Use Facilities". For clarity, Part 2 Data may originate from (a) a facility unable to separate data from Part 2 Programs from other data types, or (b) a facility operating a Part 2 Program that is capable of segmenting the data. "Part 2 Data Services" means the Services provided by Contexture that support the access to and exchange of Part 2 Data through the Services. Part 2 Data Services are not designed to support compliance with any Applicable Law other than Part 2. "Part 2 Data Source" refers to a HIE Participant that is or operates a Part 2 Program. "Part 2 Program" has the meaning given in Part 2 at 42 C.F.R. § 2.11. "Participant Data" means data and information provided by Participant to Contexture in connection with the Services. Participant Data does not include Usage Data. "Participant Type" means the specific types of entity which may access the HIE, as defined in Contexture Policies. A Participant may meet the definition of, and access the HIE as, multiple Participant Types. "Party" or "Parties" means Contexture and all individuals and entities listed as a Participant or Affiliate in the Cover Sheet, in any SOW, or in any other document that is part of the Agreement. "Payment" has the meaning given in HIPAA at 45 C.F.R. § 164.501, and as may be further specified in Contexture Policies. "Permitted Purpose(s)" refers to the specific reasons outlined in Contexture Policies for accessing, transmitting, using, and disclosing HIE Data, currently including: 1. For Health Care Providers: Treatment, Payment, and Limited Health Care Operations. 2. For Health Plans: Payment and Limited Health Care Operations. 3. For Public Health Authorities: Limited Public Health Activities. 4. For Medical Examiners and Coroners: Medical Examiner Activities. 5. For Organ Procurement Organizations: Facilitating organ, eye, or tissue donation and transplantation as permitted by Applicable Law. 6. For Contexture: Any purposes listed in Contexture Policies. 7. Or any other purpose authorized by Contexture Policies. Contexture HIE Participation Agreement HIE General Terms and Conditions Page 7 of 32 Docusign Envelope ID: 3C41 AFBA-12BB-4F07-ABCD-C625B941220F contexture Creating connections. Improving lives. "Protected Health Information" or "PHI" has the meaning given to it under HIPAA, at 45 C.F.R. § 160.103, regardless of whether it is maintained by or for a HIPAA Regulated Entity. "Psychotherapy Notes" has the meaning given under HIPAA at 45 C.F.R. § 164.501. "Qualified Service Organization" or "QSO" has the meaning given under Part 2 at 42 C.F.R. § 2.11. "Qualified Service Organization Agreement" or "QSOA" has the meaning given to it under Part 2 at 45 C.F.R. § 2.11 (definition of QSO). "Research" has the meaning given under HIPAA at 45 C.F.R. § 164.501. "Security Incident" has the meaning given to it under HIPAA at 45 C.F.R. § 164.304. "Service" refers to services and deliverables provided by Contexture to Participant, pursuant to this Agreement, including any Attachments and Statements of Work. A "Service" may also be referred to as a "Solution." "Solution" has the same meaning as "Service." "Statement of Work" or "SOW" means a statement of work executed by the Parties for access to or use of one or more Services. "Subcontractor" has the meaning given to it under HIPAA at 45 C.F.R. § 160.103. "Third -Party Service Provider" means a third party (and its vendors) that provides services (including without limitation software) or products but is not a Subcontractor. "Treating Provider Relationship" has the meaning given to it under Part 2 at 42 C.F.R. § 2.11. "Treatment" has the meaning given to it under HIPAA at 45 C.F.R. § 164.501, and as may be further specified in Contexture Policies. "Trusted Exchange Networks" mean statewide, nationwide, or other health information exchanges or networks that are owned or operated by third parties, and that enable the exchange of health information. Examples of Trusted Exchange Networks are the eHea lth Exchange Network and the exchange network created under the Trusted Exchange Framework and Common Agreement. "Unsuccessful Security Incident" means a Security Incident that is an unsuccessful attempt to penetrate computer networks or servers or immaterial incidents that occur on a routine basis, such as general pings and other broadcast attacks on a firewall, port scans, unsuccessful log -on attempts, denials of service attacks, so long as such incidents do not result in unauthorized access, use or disclosure of electronic PHI. "Usage Data" means the statistical, technical, analytical, or administrative data regarding the use of the Services. To the extent such Usage Data contains PHI, Contexture shall De -Identify the PHI. Contexture HIE Participation Agreement HIE General Terms and Conditions Page 8 of 32 Docusign Envelope ID: 3C41 AFBA-12BB-4F07-ABCD-C625B941220F Ciill Creating connections. Improving lives contexture "User Document(s)" means any document or terms agreed to by any Authorized User as a condition of using the HIE or Services. "Workforce" has the meaning given to it under HIPAA at 45 C.F.R. § 160.103. 1.2 Sheet. Term. The Initial Term and renewals of this Agreement are as set out in the Cover 1.3 Effect on Prior Agreements. As of the Effective Date: (i) this Agreement terminates and supersedes any previously executed HIE participation agreement or HIE participant agreement between Contexture (or its affiliates Health Current and CORHIO) and any Participant or Affiliate identified in any document that is part of the Agreement; (ii) this Agreement terminates and supersedes any statement of work, addendum, order, or similar document executed in connection with any previously executed HIE participation agreement or HIE participant agreement that directly relates to a Service offered as part of the HIE, unless that document says that it survives the execution of this Agreement; (iii) the provisions of the Quality Health Network CQHN") Electronic Commerce Agreement that relate solely to the use and access to Protected Health Information through the use of the QHN system health information exchange including any statement of work, addendum, order, or similar document executed in connection with Participant's use and access to Protected Health Information through use of the QHN system health information exchange shall be terminated and superseded by this agreement; and (iv) Participant's access to and use of Community Services Information ("CSI'), as that term is defined in the QHN Electronic Commerce Agreement, including any statement of work, addendum, order, or similar document executed in connection with use and access to CSI through the use of the QHN system shall continue under all applicable terms and conditions of the QHN Electronic Commerce Agreement. 1.4 Changes to HIE General Terms and Conditions. Contexture will give Participant notice of material changes to these HIE General Terms and Conditions by giving notice in accordance with Section 13.2 (Notice). Contexture will give notice of material changes to these HIE General Terms and Conditions thirty (30) calendar days before the changes go into effect, unless Contexture determines that an earlier effective date is required to: (i) comply with Applicable Law; (ii) address a concern relating to the privacy or security of HIE Data; or (iii) deal with an emergency situation. 2.0 CONTEXTURE SERVICES AND OBLIGATIONS. 2.1 Services. To obtain any Service from Contexture, Participant must execute a SOW for that Service, pay all required Fees, and comply with all terms of this Agreement and of that SOW. Participant acknowledges that it might not be eligible for all Services offered by Contexture. Subject to the terms and conditions of this Agreement, Contexture grants to Participant a non-exclusive, non -transferable (except as permitted in accordance with Section 13.3 (Assignment) of these General Terms and Conditions), non-sublicensable, royalty -free, revocable, limited right to access and use for the Permitted Purposes applicable to Participant the Services set forth in an executed SOW and any necessary Documentation during the Term of this Agreement (or the duration of the relevant SOW, as applicable). Contexture may further restrict this use right depending on the nature of the Service and Attachments that may apply to certain Participant Types, Services, or HIE Data. Contexture HIE Participation Agreement HIE General Terms and Conditions Page 9 of 32 Docusign Envelope ID: 3C41 AFBA-12BB-4F07-ABCD-C625B941220F _. contexture- Creating connections Im rovin lives. Improving 2.2 Configurations. Contexture may reasonably configure its technology that supports the Services to be interoperable with Participant's systems if set forth in a SOW; provided, however, Participant acknowledges and agrees that Contexture is not performing a work -for -hire or otherwise custom building a software solution for Participant. Participant will reasonably cooperate and assist Contexture with any configuration. Notwithstanding the foregoing, Participant remains solely responsible for its own hardware, operating system(s), networks and other applications and interfaces and other minimum system requirements set forth in Section 3.1(b) (Minimum System Requirements) of these General Terms and Conditions. The Parties may also mutually agree in writing to make Participant -specific enhancements to the Services used by Participant; provided, however, Participant shall have no ownership right, title or interest in such enhancements. 2.3 Data Hosting and Retention. Other than hosting and retention of HIE Data for the purposes of operating the Services according to Contexture's internal retention schedule, Contexture does not provide data hosting for Participant, unless expressly stated in a SOW. Notwithstanding any other provision of this Agreement, Participant acknowledges and agrees that Contexture is not responsible for, and Contexture expressly disclaims any responsibility for: (a) hosting Participant's other health IT systems, medical records, billing records, scheduling records, or any designated record sets of Participant; or (b) monitoring or reviewing Participant Data for any purpose including, without limitation, for accuracy or completeness before or after making Participant Data available through the HIE or in connection with the Services. Further, Participant agrees that it will be solely responsible for the confidentiality, integrity, accessibility, and security of a I I data and information maintained by Participant on its own or other licensed systems, including without limitation backup and disaster recovery. 2.4 Maintenance, Support and Service Levels; Changes to the Services. a. Service Levels and Support. Contexture will use commercially reasonable efforts to provide availability of the Services and technical support as set forth in the HIE Support and Service Level Addendum. Participant acknowledges and agrees that: (i) Contexture may take down the Services, suspend access, or degrade performance temporarily for planned and unplanned maintenance, upgrades, improvements, or other reasons; (ii) Contexture may act against any third -party application that is negatively impacting the Services, including suspending the application's access to the Services or degrading performance for the period of time necessary to resolve any negative impacts; (iii) the Services may be temporarily unavailable, degraded, or otherwise interrupted for other reasons, including without limitation if Contexture has reasonable belief that taking such action will substantially reduce a risk of harm to a person or is necessary to mitigate a security risk; and (iv) during any period of suspension, unavailability, interruption, or performance degradation, Participant is responsible for conducting normal operations without such access to or full use of the Services. b. Feedback. Participant may provide Feedback to Contexture regarding the Services. Contexture will have full discretion over whether to utilize any Feedback, including without limitation using such Feedback to make upgrades to the Services. The ownership of Feedback is set forth in Section 8.1(b) (Suggestions and Feedback). c. Upgrades. Participant understands and agrees that Authorized Users will use the most recent version of the Services. Nothing in this Section may be construed to give Participant or its Authorized Users access to new modules, different software platforms, or Contexture HIE Participation Agreement HIE General Terms and Conditions Page 10 of 32 Docusign Envelope ID: 3C41AF8A-12BB-4F07-ABCD-C625B941220F contexture Creating connections. Improving lives. upgrades that provide new functions or features or beyond the Services described in an executed SOW. Should Contexture sell, or offer for sale, new functions or features that Participant desires to use, the Parties may negotiate in good faith a SOW or an amendment to an existing SOW that will give Participant access to these new functions or features subject to the payment of any additional Fees. d. Required Changes; Sunsetting of Technology. During the Term of this Agreement, Contexture may, in its sole discretion, make any modification to the Services to comply with: (i) Applicable Law; or (ii) changes required by its Subcontractors or Third -Party Service Providers. Contexture may further modify, upgrade, change or sunset certain technology that may affect the Services at any time. With respect to any material modifications or Service terminations, Contexture will give (to the extent reasonably practicable) advance notice to Participant in accordance with Section 13.2 (Notice). Participant may elect to terminate this Agreement or the applicable SOW in the event of such material modification or Service termination by giving notice to Contexture within thirty (30) calendar days of receiving notice from Contexture. 2.5 Subcontractors. Contexture may contract with Subcontractors to maintain, operate, or provide the Services. Contexture will require that its Subcontractors comply with the applicable terms and conditions of this Agreement. Contexture will be responsible for the performance of its Subcontractors when performing any Services under this Agreement, as if Contexture had directly performed such Services. 2.6 Third -Party Service Providers. Participant acknowledges that Contexture may from time to time provide Participant with the opportunity to access or use services or products provided by Third -Party Service Providers that are not Contexture Subcontractors in connection with the Services. Participant understands that Participant or its Authorized Users may be required by such Third -Party Service Providers to accept and agree to the terms and conditions for the use and access of such Third -Party Service Providers' products and services, including without limitation any applicable User Documents. Participant acknowledges and agrees that its use and access of services or products provided by Third -Party Service Providers must be done in accordance with Applicable Law and applicable Contexture Policies. Participant further acknowledges and agrees that Contexture is not responsible or liable for any products or services of Third -Party Service Providers (including without limitation any defects, flaws, inefficiencies, malfunctions, or programming errors in their third -party software); the acts or omissions of any Third -Party Service Providers; or for the privacy practices or security standards used by Third - Party Service Providers. 2.7 Contexture Policies; Changes. Contexture has established Contexture Policies that govern the activities of Contexture and HIE Participants related to the Services and HIE Data, including without limitation the Permitted Purposes. The Contexture Policies are accessible on Contextu re's website. The Contexture Policies are part of the Agreement. Contexture will give Participant notice of material changes to the Contexture Policies by giving notice in accordance with Section 13.2 (Notice). Contexture will give notice of material changes to the Contexture Policies thirty (30) calendar days before the changes go into effect, unless Contexture determines that an earlier effective date is required to: (i) comply with Applicable Law; (ii) address a concern relating to the privacy or security of HIE Data; or (iii) deal with an emergency situation. Participant acknowledges and agrees that any Retained Participant Data (as defined in Section 4.2(d) (Return and Destruction Limitations) shall be subject to any amendments to the Permitted Contexture HIE Participation Agreement HIE General Terms and Conditions Page 11 of 32 Docusign Envelope ID: 3C41AF8A-12BB-4F07-ABCD-C625B941220F contexture Creating connections. Improving lives. Purposes in the Contexture Policies. 2.8 Response to Court Orders, Subpoenas, or Government Requests for HIE Data. If Contexture receives a court order, subpoena, or government request for HIE Data in accordance with Applicable Law, Contexture must promptly notify the Participant that provided the HIE Data (to the extent permitted by Applicable Law) and give the Participant an opportunity to object to the court order, subpoena, or governmental request (to the extent feasible based upon the required timeframe for responding to the request). Contexture will not be responsible for contesting or objecting to any such court order, subpoena, or government request, but will reasonably assist the Participant in its efforts to do so at no cost to Contexture. In any event, Contexture will comply with Applicable Law, including any applicable laws or court rules, in responding to such requests. 3.0 PARTICIPANT OBLIGATIONS AND PROHIBITED USES. 3.1 Onboarding and Implementation; Minimum System Requirements; Cooperation. a. Onboarding. Participant agrees to comply with and participate in the requirements of Contexture's onboarding process. Participant will promptly and accurately complete any applications or other forms, and provide any technical information, reasonably requested by Contexture. Participant is responsible for scheduling the implementation with its health IT vendor(s) (such as its electronic health record vendor). Participant is also responsible for paying any fees or costs associated with Participant's onboarding or use of the HIE or Services that are charged by a vendor of Participant or any other third party. Participant will ensure that all of its personnel who may be necessary or appropriate for the successful implementation of the Services will, on reasonable notice: (i) be available to assist Contexture's personnel by answering business, technical, and operational questions and providing requested documents, guidelines, and procedures in a timely manner; (ii) participate in progress and other Service -related meetings; and (iii) contribute to system testing and data integrity testing. Contexture reserves the right to place onboarding on hold if delays caused by Participant or Participant's vendor impact the ability of Contexture to deploy Services. Contexture will re-engage in the onboarding process based on availability of its personnel. b. Minimum System Requirements. Participant will be solely responsible, at Participant's own expense, for acquiring, installing and maintaining all hardware, software, Internet access, browser versions and other equipment necessary for Participant and each Authorized User to connect to, access, or use the Services. Participant will ensure that its systems are current with anti-virus/anti-malware definitions, its operating systems and installed applications are patched, and its system is configured consistent with the federal Cybersecurity & Infrastructure Security Agency's cybersecurity best practices. Contexture will not be responsible for any delay in performing or failure to perform any Services or other obligations due to any failure by Participant to provide the resources to facilitate connectivity to the Services. c. Third -Party Accounts. To the extent that a Participant's account with a third party is required for a particular Service, Participant will be responsible for obtaining and managing such account(s). Participant acknowledges and agrees that Contexture is not responsible for the management of any such Participant account(s) and that Participant is fully responsible for all fees from the third parry, and all liabilities and damages through or from the use of or access to such account(s). Contexture HIE Participation Agreement HIE General Terms and Conditions Page 12 of 32 Docusign Envelope ID: 3C41AF8A-12BB-4F07-ABCD-C625B941220F Lacontexture Creating connections. Improving lives. d. Cooperation. Participant acknowledges and agrees that implementation of the Services requires Participant's and its applicable health IT vendor's involvement and cooperation with Contexture. Participant will reasonably cooperate (and cause its other health IT vendors to reasonably cooperate) with Contexture in the implementation, maintenance, and other aspects of the Services, and in the fulfillment of Contexture's performance and other obligations under this Agreement, including without limitation coordinating Participant's internal resources and Participant's vendor resources (if applicable) that may be required for any implementation work to proceed in a timely manner. Participant will promptly report, in writing, to Contexture, any problems or issues that arise that threaten to delay or otherwise adversely impact Contexture's ability to fulfill its responsibil ties under this Agreement. 3.2 Conditions on the Use of Services. a. Qualified for the Permitted Purpose. Participant represents, warrants, and covenants that it (and its Authorized Users) will access and use the Services and HIE Data for only the Permitted Purposes applicable to Participant based on the Participant Type(s) designated in this Agreement and only to the extent permitted by Applicable Law. Participant will only access the minimum amount of HIE Data necessary to fulfill the Permitted Purpose(s). b. Trusted Exchange Networks. If Participant accesses or uses the Services to connect with or otherwise use Trusted Exchange Networks, Participant acknowledges that as a condition to Participant's use of a Trusted Exchange Network, Participant agrees to comply with the terms and conditions applicable to that Trusted Exchange Network as set forth in the Trusted Exchange Addendum. Participant acknowledges and agrees that Contexture may update and revise the Trusted Exchange Addendum. Contexture will notify Participant of material changes to the Trusted Exchange Addendum in accordance with Section 13.2 (Notice). c. Compliance. Participant represents, warrants, and covenants that the use of the Services by it and its Authorized Users will comply with the terms of this Agreement and Applicable Law. Participant acknowledges that, by entering into this Agreement, it is expressly agreeing to be bound by those Contexture Policies and Documentation that are applicable to Participant, including without limitation any technical specifications, Permitted Purpose requirements, and policies related to individual rights (such as the HIE notice and opt -out rights). d. Identity and Authority Verification. Participant acknowledges and agrees that, unless expressly stated in a SOW: (i) Contexture does not perform or provide any individual identity or authority verification services, other than the record matching and record locator functions that are foundational to HIE operations; and (ii) Participant will conduct identity proofing and authentication of its Authorized Users to meet regulatory requirements and industry standards to ensure that any use of the Services originates from its Authorized Users who are authorized to use the Services under the terms of this Agreement; and (iii) Contexture may rely on Participant's identity and authority verification for: (1) its Authorized Users; (2) individual HIE opt -outs provided by Participant; (3) individual HIE opt -back -ins provided by Participant; (4) individual access, amendment and accounting requests in connection with Participant Data; and (5) individual consent/authorization management, if applicable. e. Participant Data Requirements. To the extent applicable to the Services, Participant will make Participant Data available to Contexture in accordance with the scope, format, and specifications set forth in the Documentation, Contexture Policies and otherwise in Contexture HIE Participation Agreement HIE General Terms and Conditions Page 13 of 32 Docusign Envelope ID: 3C41AF8A-12BB-4F07-ABCD-C625B941220F contexture Creating connections. Improving lives. this Agreement. Participant represents, warrants, and covenants the following: i. Participant Data Matching. All Participant Data can be related to and identified with source records, maintained by Participant, of each individual who is the subject of the Participant Data. Participant will provide sufficient individual identifiers, as defined by Contexture, to permit Contexture to match Participant Data with other existing HIE Data (if any). Participants shall maintain a HIPAA-compliant relationship with individuals included on a Member File, to satisfy any applicable legal preconditions for the Permitted Purpose under which Participant is using the Services. If Participant ceases to maintain such a relationship with an individual, Participant shall immediately remove that individual from its Member File and send an updated Member File to Contexture. Participant shall provide Member Files (and updates thereto) in the form and manner requested by Contexture and at the time interval set forth in the applicable SOW, Documentation, or Contexture Policies. If there is no time interval otherwise specified, Participant shall provide Member Files at least every thirty (30) calendar days. ii. Participant Data Accuracy and Completeness. Participant will use reasonable and appropriate efforts to: (1) ensure Participant Data is accurate, complete, true and current; (2) promptly correct discovered inaccuracies or errors in the Participant Data (such as Participant Data attributed to an incorrect individual or an error in laboratory value results); and (3) provide accurate d i rectory and record locator information, including without limitation accurate API endpoints and facility and provider information. Participant acknowledges and agrees that it is solely responsible for using due care and exercising independent professional judgment in providing true, accurate and complete Participant Data in connection with the Services. Participant Records of Data Received. Participant is solely responsible for determining whether and what HIE Data is integrated into Participant's systems, medical records, and designated record set(s). Participant acknowledges and agrees that it is solely responsible for following Applicable Law and professional standards for the creation, modification, maintenance, preservation, backup, and storage of any records maintained by or for Participant. f. Required Changes. During the Term of this Agreement, if Contexture makes any modification to the Services as described in Section 2.4(d) (Required Changes; Sunsetting of Technology) of these General Terms and Conditions, Participant will complete any corresponding modifications required as a result of the change to the Services within the earlier of thirty (30) calendar days from the date of notice or the time period specified in the notice. g. Professional Judgment. Given the nature of the Services, Participant acknowledges that false matches may occur and that there might be errors or omissions in the HIE Data provided pursuant to the Service. Participant and its Authorized Users are solely responsible for using due care and exercising their professional judgment in using HIE Data, including without limitation verification of the validity, accuracy, completeness, and timeliness of any HIE Data and for any clinical, medical, legal, professional, or other purposes. h. No Conflict. Participant shall not contract with any third parties that may impair, limit or delay Contexture's ability in connection with this Agreement to: (i) comply with Applicable Law; (ii) provide the Services; or (iii) comply with generally accepted certification or accreditation criteria applicable to Contexture, Contexture's Subcontractors or Third -Party Contexture HIE Participation Agreement HIE General Terms and Conditions Page 14 of 32 Docusign Envelope ID: 3C41 AFBA-12BB-4F07-ABCD-C625B941220F Di Creating connections. Improving lives. Service Providers. 3.3 Authorized Users. contexture a. Designation. Participant is responsible for identifying, registering, approving, and designating each of its Authorized Users, and notifying Contexture as required in the Contexture Policies. Participant wilt not permit the sharing of any Authorized User's credentials, logins, or passwords, as each Authorized User must be individually credentialed for access to the Services. Participant expressly represents, warrants, and covenants that it will designate an Authorized User only after confirming that the Authorized User meets the definition of an Authorized User in Section 1.1 (Definitions and Acronyms) of these General Terms and Conditions and subject to the ongoing satisfaction of the identity -proofing and other compliance requirements set forth in this Agreement. Participant will engage in ongoing review of its designated user accounts to ensure accuracy and will promptly notify Contexture of changes to its Authorized Users. Participant will not permit any third party (other than Participant's Authorized Users) to have access to or use the Services without Contexture's prior written agreement. b. Attribution; Responsibility for Conduct. Participant acknowledges and agrees that it is responsible for all acts and omissions of its Authorized Users and all others who access or use the Services either through the Participant or by use, lawfully or unlawfully, of any credential, login, password, or other security token of any of its Authorized Users to the Services. All such acts and omissions shall be deemed to be the acts and omissions of the Participant. Participant further acknowledges and agrees that the unique credentials associated with each Authorized User is sufficient to verify that a particular Authorized User took the action associated with the use of those credentials. Participant and its Authorized Users shall not contest the validity or enforceability of any data accessed leveraging the assigned user credentials. c. Training. Participant will conduct, and provide confirmation of such, training of its Authorized Users, as appropriate, to ensure that access to and use of the Services and any HIE Data by such Authorized Users complies with this Agreement and Applicable Law. d. User Documents. Access by Authorized Users to the Services and HIE Data under this Agreement is subject to the User Documents. Participant acknowledges and agrees that: (i) Contexture may condition an Authorized User's access to and use of the Services on acceptance of User Documents; and (ii) Contexture may, in its sole discretion, make changes to or add new User Documents. 3.4 Prohibited Uses. Participant will not engage, and will not permit any third party or any of its Authorized Users to: (a) attempt to alter the configuration of the Services or attempt to interfere with or disrupt normal operations of the Services, or systems used to host the Services, or other equipment or networks connected to the Services, without the prior written consent of Contexture; (b) modify, translate, reconfigure, or create any derivative works based on the Services; (c) remove or alter any copyright notices, trademarks or other proprietary rights notices affixed to or contained within the Services, or otherwise use the Services to infringe on the Intellectual Property rights or other proprietary rights of Contexture, its licensors or other third parties; (d) encumber, sublicense, transfer, sell, loan, export, re-export, distribute or otherwise commercially exploit any portion of the Services for the benefit of any third party (e.g., including without limitation using the Services to provide hosting, service bureau, outsourcing or other Contexture HIE Participation Agreement HIE General Terms and Conditions Page 15 of 32 Docusign Envelope ID: 3C41 AFBA-12BB-4F07-ABCD-C625B941220F contexture Creating connections. Improving fives. services on behalf of any person or entity); (e) disable, decompile, disassemble, reverse engineer or otherwise attempt to derive the method of operation of the Services or any portion thereof; (f) use the production environment of the Services for testing; (g) use the Services in any manner which would allow the general public access thereto; (h) hack, manipulate, intentionally interfere with or disrupt the integrity or performance of, or otherwise attempt to gain unauthorized access to the Services; (i) use the Services in a manner that unreasonably interferes with its use by others; (j) authorize any use of the Services by any person or entity other than Participant or its Authorized Users; (k) use or authorize any use of the Services or the HIE Data for any purpose other than a Permitted Purpose consistent with the terms of this Agreement; (I) use an API or any other technical means or methods (including without limitation any web scrapers, web crawlers, bots, etc.) to connect to or access the Services other than those made available by Contexture, unless approved in advance by Contexture in writing; (m) combine the Services with any other software or services not provided or approved in writing by Contexture; (n) circumvent the security of the Services; (o) introduce computer viruses or other acts intended to damaged, delete, or surreptitiously intercept, or expropriate the Services or any other system, data, or information; (p) use the Services for any purpose that is illegal in any way, or that advocates illegal activity; or (q) any other use that is prohibited by Contexture Policies. Participant will give prompt notice to Contexture of any violation of this Section or any other unauthorized use, reproduction or distribution of the Services, of which it becomes aware. Any violation of this Section shall be deemed a material breach of this Agreement and entitle Contexture to terminate this Agreement pursuant to Section 7 (Term and Termination; Suspension). 3.5 Expansion of Services. If, at any time, Participant (a) has a change in control or assignment (subject to Section 13.3 (Assignment)); (b) adds, acquires, divests or otherwise obtains a majority interest in additional facilities, locations or entities, which modifies the number of Authorized Users; (c) modifies Authorized Users beyond the number permitted for the Service as specified in one or more SOWs; or (d) changes or experiences changes that impact the assumptions for the calculation of Fees in a SOW (collectively, a "Change Event"), then Participant must give immediate notice to Contexture of the Change Event. Participant acknowledges and agrees that if there is a Change Event, Contexture shall have the right to either: (i) adjust the Fees to account for the Change Event; or (ii) refuse to provide the Services beyond the scope of the original Agreement. 4.0 DATA RIGHTS AND RESPONSIBILITIES. 4.1 Electronic Health Information. Notwithstanding anything to the contrary in this Agreement, the Parties acknowledge and agree that EHI disclosed through the HIE or in connection with the Services for Permitted Purposes conveys to the Data Recipient full rights to use and disclose such EHI subject to the Applicable Laws, policies or agreements that may apply to the Data Recipient's use and disclosure of EHI. Nothing in this Agreement shall be construed to interfere with the lawful access, exchange, or use of EHI in violation of the IBR. 4.2 Participant Data. a. Integration into HIE. Upon disclosure to the HIE or in connection with the Services, Participant Data becomes part of HIE Data ("Disclosed HIE Data"). Participant acknowledges that it may not restrict the use or disclosure of Disclosed HIE Data, and EHI within Participant Data, by other HIE Participants, Data Recipients, Authorized Recipients, or participants of Trusted Exchange Networks. Contexture HIE Participation Agreement HIE General Terms and Conditions Page 16 of 32 Docusign Envelope ID: 3C41AF8A-12BB-4F07-ABCD-C625B941220F contexture' Creating connections. Improving lives. b. Participant Data Use Rights. Subject to Applicable Law and this Agreement, Participant grants to Contexture during the Term of this Agreement a royalty -free, fully paid -up, non-exclusive, non -transferable (except as permitted by Section 13.3 (Assignment)) right to request, access, receive, use, copy, store, process, send, transmit, aggregate, display, disclose, create derivative works and any other substantially similar activity to the foregoing, Participant Data: (i) for the proper management, operation and administration of the Services; (ii) for Contexture's provision of Services to HIE Participants; (iii) for evaluating, auditing, and improving the Services, and developing new functionality for the HIE or new Services; and (iv) as otherwise permitted by Participant in writing (collectively, the "Participant Data Use Rights"). Participant represents, warrants, and covenants that it has all necessary consents, authorizations, acknowledgments, or other permissions (collectively, "Consents") that are required by Applicable Law for Participant to grant the Participant Data Use Rights. Participant is solely responsible for maintaining such Consents for at least six (6) years after their last use or expiration date, whichever occurs last. Participant must give notice to Contexture immediately if Applicable Law prohibits, limits, or otherwise restricts the Participant Data Use Rights. c. Authority for Provision of Participant Data to Contexture. Participant represents, warrants, and covenants that it will provide Participant Data to Contexture only: (i) if Participant has the right and legal authority to do so under Applicable Law; (ii) in a manner that complies with the terms of this Agreement; and (iii) only if the uses and disclosures contemplated in this Agreement would not violate the rights of any individuals. d. Return and Destruction Limitations. General Obligation. Due to the integration of Participant Data with HIE Data and related legal requirements, Contexture cannot return or destroy certain Participant Data. This includes HIE Data, and any integrated records maintained by Contexture or Data Recipients ("Retained Participant Data'). For such Retained Participant Data, Participant grants to Contexture a royalty -free, fully paid -up, non-exclusive, irrevocable, non -transferable (except as permitted by Section 13.3 (Assignment)), perpetual right to continue to access, use, copy, store, process, send, transmit, aggregate, display, disclose, create derivative works and any other substantially similar activity to the foregoing, Retained Participant Data for the purposes set forth in Section 4.2(b) (Participant Data Use Rights); provided, however, that the period for retaining PHI is limited to the time period that makes the return or destruction of PHI infeasible. Post -termination, Contexture will continue to follow the provisions of this Agreement, including the Business Associate Agreement, with respect to the treatment of such Participant Data. 4.3 Data Privacy, Security, Breach, and Interoperability. a. Legal Compliance Obligations. Each Party will comply with the relevant provisions of HIPAA and the Business Associate Agreement that are applicable to such Party. Contexture further agrees that, in operating the HIE and performing the Services, it will comply with the Arizona HIO Law, as applicable. The Parties will not engage in practices that violate the IBR in connection with the Services or EHI. Each Party is responsible for identifying, assessing, and determining its own compliance with the IBR. b. Breach Reporting. Contexture will follow the Breach reporting obligations in the Business Associate Agreement. Participant and its Affiliates will report any of the following to Contexture as soon as reasonably practicable, but in no event more than five (5) business days after discovery: (1) a suspected or actual Breach; (2) suspected or actual unauthorized use of or Contexture HIE Participation Agreement HIE General Terms and Conditions Page 17 of 32 Docusign Envelope ID: 3C41AFSA-12BB-4F07-ABCD-C625B941220F contexture Creating connections. Improving lives. access to the Services or HIE Data; (3) a successful Security Incident; or (4) an Unsuccessful Security Incident that involves a concentrated effort or an unusually high number of attempted but Unsuccessful Security Incidents due to the repeated acts of a single person or organization. Information exchanged between the Parties pursuant to this Section is Confidential Information whether identified as such or not. No attorney -client, accountant -client, or other legal privilege will be deemed to have been waived by either Party by virtue of this Section. Where Participant caused one of the preceding events to occur, Participant will pay: (i) the costs of notification to individuals; and (ii) the costs of one year of credit monitoring offered to individuals. c. Security Requirements. Contexture will: (i) comply with industry standard security requirements, including without limitation the security obligations set forth in the Business Associate Agreement and any security requirements set forth in the Attachments, Documentation, or Contexture Policies; and (ii) maintain industry standard security certificates. Participant will use appropriate administrative, physical, and technical safeguards in connection with the Services that protect the confidentiality, integrity, and availability of Participant Data and HIE Data, as well as comply with Participant's security obligations required in this Agreement, including without limitation the security obligations of Participant set forth in the Attachments, Documentation, or Contexture Policies. d. Interoperability Acknowledgment. Participant acknowledges and agrees that: (i) Participant is requesting to access, exchange and use EHI in the manner provided through the Services and that, unless otherwise specified in a SOW, Documentation, or Contexture Policies, the EHI provided through the Services is generally up to one (1) year of EHI, if available, for successfully matched Member Files and queries; (ii) Contexture is at all relevant times providing Participant with the access, exchange and use of EHI requested in the manner requested; and (iii) this Agreement supersedes and revokes all prior requests for EHI pending prior to execution of this Agreement. Participant further acknowledges receipt of Contexture's notice that, unless specified in a SOW, Documentation, or Contexture Policies, it is infeasible under current circumstances for Contexture to respond with more than one (1) year of EHI, if available, for successfully matched Member Files and queries. 4.4 Prohibited Data Submissions. Participant shall not submit Part 2 Data (including, without limitation, counseling notes), Psychotherapy Notes or other data prohibited by Contexture Policies ("Prohibited Data') to the HIE or in connection with the Services without Contexture's prior written consent, except as expressly permitted by this Agreement. Participant is solely responsible for determining whether any of its data or other information is Prohibited Data and for having the appropriate mechanisms within its health IT systems to identify, segregate and suppress Prohibited Data from unauthorized use or disclosure through the HIE or in connection with the Services. Participant acknowledges that due to legal, technical, or administrative limitations, it is infeasible for Contexture to support the access, exchange, and use of Prohibited Data in connection with the Services, except as expressly permitted by this Agreement. 4.5 Part 2 Data. a. Part 2 Data Identification, Segregation and Submission. Participant acknowledges and agrees that: (i) with respect to the Services, Part 2 Data must be segregated from other HIE Data to support compliance with Part 2's disclosure restrictions; and (ii) Participant is solely responsible for determining whether it is, or operates, a Part 2 Program and, Contexture HIE Participation Agreement HIE General Terms and Conditions Page 18 of 32 Docusign Envelope ID: 3C41AF8A-12BB-4F07-ABCD-C625B941220F DICreating connections Improving lives. contexture if so, whether it is considered a Mixed Use Facility under Part 2. Participant will immediately notify Contexture, in accordance with the Contexture Policies, if Participant is, plans to become, or operates a Part 2 Program. Participant will likewise immediately notify Contexture, in accordance with the Contexture Policies, if Participant is, or plans to become, a Mixed Use Facility. Participant further represents, warrants and covenants that: (1) it will not send Part 2 Data to Contexture unless and until it has been approved to do so by Contexture as a Part 2 Data Source and has selected and purchased the Part 2 Data Service in a SOW; (2) it will not submit to Contexture any Part 2 Data that it holds or possesses as an "other lawful holder" (as that term is u sed in Part 2) without Contexture's prior written consent signed by a representative of Contextu re's compliance or legal department; and (3) it will not send Part 2 Data to Contexture u nless such Participant Data is clearly designated as such and otherwise complies with Contexture Policies, Attachments, Documentation, and any other directions by Contexture for submission of Part 2 Data. b. Qualified Service Organization Role. This Section applies only if Participant is a Part 2 Data Source and is in full compliance with Section 4.5(a) (Part 2 Data Identification, Segregation and Submission). If those conditions are met, and only to the extent the Participant Data received by Contexture is Part 2 Data, Contexture acknowledges that in receiving, storing, processing or otherwise dealing with Part 2 Data, Contexture is fully bound by Part 2. If n ecessary, Contexture will resist in judicial proceedings any efforts to obtain access to Part 2 Data except as permitted by Part 2. c. Part 2 Data Recipients: Part 2 Consent -Based Access Functionality. i. Reliance and Responsibility. Participant acknowledges and agrees that Contexture is not responsible for obtaining, documenting, uploading, verifying, storing, managing, monitoring, or auditing Part 2 Consent Forms and consent -based access to Part 2 Data. Participant further acknowledges that Contexture relies on the assurances of HIE Participants that any document provided in connection with the consent functionality meets all of the following requirements: (1) the document is a Part 2 Consent Form signed and dated by the appropriate individual(s); (2) the Part 2 Consent Form has not expired; (3) the Part 2 Consent Form is not known to have been revoked; (4) the Part 2 Consent Form substantially conforms to Part 2 consent requirements; and (5) the Part 2 Consent Form is not known to, or through reasonable diligence could not be known by, HIE Participants to be materially false. ii. Participant Requirements for Part 2 Consent Forms. To the extent Participant or an Authorized User of Participant has provided a document pursuant to the Services to apply consent -based access to Part 2 Data, Participant represents, warrants, and covenants that: (1) the document provided meets all of the requirements listed in Section 4.5(c)(i) (Reliance and Responsibility); (2) Participant has verified the identity and authority of the individuals) who signed the Part 2 Consent Form using health care industry standard security measures; (3) Participant has not modified the terms of the Part 2 Consent Form, except to complete the Part 2 Consent Form as indicated; (4) Participant has entered the correct expiration date into the Service; and (5) Participant shall maintain copies of such Part 2 Consent Forms for at least six (6) years after expiration of the Part 2 Consent Form. To the extent Participant or any of its Authorized Users knows or reasonably should have known that an individual has revoked the Part 2 Consent Form, Participant shall immediately revoke the Part 2 Consent Form in the Service in accordance with Contexture Policies. Contexture HIE Participation Agreement HIE General Terms and Conditions Page 19 of 32 Docusign Envelope ID: 3C41AF8A-12BB-4F07-ABCD-C625B941220F contexture Creating connections. Improving lives. Additional Participant Requirements for Part 2 Consent -Based Access. To the extent Participant or any of its Authorized Users access Part 2 Data based on an active Part 2 Consent Form, Participant represents, warrants and covenants that: (1) only those Authorized Users with appropriate roles within its organization who are legally eligible to access Part 2 Data pursuant to the individual's Part 2 Consent Form may have access to the Part 2 Data; and (2) Participant shall not use or redisclose Part 2 Data for civil, criminal, administrative, or legislative proceedings against the patient, unless otherwise permitted by Part 2. d. Part 2 Medical Emergency Access Functionality. i. Medical Emergency Access Requirements. Participant shall ensure that: (1) only Authorized Users who are medical personnel may request and access Part 2 Data using the medical emergency functionality of the Part 2 Data Services; and (2) Authorized Users only use the medical emergency functionality if they have determined in good faith and using their professional judgment that such access is necessary to meet a bona fide medical emergency in which the individual's Part 2 Consent Form cannot be obtained. For clarity, if an individual has legal capacity to consent and chooses not to give consent (for example, choosing not to sign the Part 2 Consent Form), Participant and its Authorized Users cannot use the medical emergency functionality to access the individual's Part 2 Data. Authorized Users must document the nature of the medical emergency in the individual's medical record and in the Part 2 Data Services. ii. Access Procedure. Participant's Authorized Users who request medical emergency access to Part 2 Data shall provide all the information required by the Part 2 Data Services or requested from Contexture to support documentation of the medical emergency access. Participant acknowledges and understands that its Authorized Users may be denied access to the Part 2 Data if they fail to provide the requested information. Part 2 Data Source Documentation. This Section applies to Participant only if Participant is a Part 2 Data Source. In the event of medical emergency access, Contexture will provide Participant with a report containing the information required by Part 2 to be documented in the individual's medical record with respect to the medical emergency access. Participant is solely responsible for complying with Part 2 and other Applicable Law in documenting the emergency in the individual's record. 4.6 Offshoring. Contexture will not access, transmit or store PHI outside the jurisdiction of the United States or its territories. This Section does not prohibit Contexture from releasing De -Identified Data outside of the United States for purposes of software development, testing, and support on behalf of Contexture. Participant will not access or the use the Services or transmit HIE Data that is PHI outside the jurisdiction of the United States or its territories without Contextu re's prior written and signed consent. 5.0 RECORD RETENTION, AUDITING AND MONITORING. 5.1 Business Record Retention. Except as otherwise provided for in this Agreement, Contexture agrees to make, keep, and maintain such books, documents, and records relating to HIE operations as Contexture determines, in its sole discretion, are appropriate under this Agreement and Applicable Law (collectively, "Business Records'). Participant acknowledges and agrees that Contexture is not obligated to maintain records of PHI or any other HIE Data. Contexture will provide access to Business Records that it maintains as required by Applicable Contexture HIE Participation Agreement HIE General Terms and Conditions Page 20 of 32 Docusign Envelope ID: 3C41AF8A-12BB-4F07-ABCD-C625B941220F tillCreating connections. Improving lives contexture Law. If Participant determines that the costs of Services furnished under this Agreement can be included for Medicare reimbursement purposes, then during the Term of this Agreement and for four (4) years after expiration or termination of the Agreement, Contexture will make available to the Secretary of HHS and the Comptroller General of the United States, upon written request, access to such Business Records necessary to verify the nature and extent of the costs of the Services provided by Contexture. No attorney -client, accountant -client, or other legal privilege will be deemed to have been waived by either Party by virtue of this Section. 5.2 Audit and Monitoring. Contexture has the right to conduct audits to ensure compliance with the terms and conditions of this Agreement. These audits may include examining, inspecting, and making copies of Participant's accounting and other records, books, documents, files, systems, and facilities as reasonably necessary. Participant agrees to cooperate with Contexture during these audits, which will be conducted with minimal disruption to Participant's operations, and to provide reasonable access to the necessary information, unless prohibited by Applicable Law. Participant retains the right to set reasonable restrictions on the timing and scope of Contextu re's access to safeguard its operational integrity and data security. 6.0 FEES AND PAYMENT. 6.1 Payment. Participant will pay Contexture all Fees in the amounts and on the dates specified in an executed SOW or other applicable Attachment. If no due date is specified, payment will be due within thirty (30) calendar days of the date of the invoice. Participant will pay all Fees in U.S. currency. Participant will pay all fees by electronic means (such as e -check, ACH transfer, or credit card), unless Contexture determines that is not feasible. Fees are nonrefundable. Participant has no right to withhold or reduce Fees under this Agreement, or to set off any amount against Fees owed, based on alleged defects in the Services. Participant further acknowledges and agrees that Participant's failure to provide timely Member Files (and any updates thereto), as required by Section 3.2(f)(i) (Participant Data Matching), shall not excuse Participant's payment obligations. Participant acknowledges that any remaining Fees owed at the time of termination of this Agreement shall be paid to Contexture. 6.2 Invoices. Contexture will send electronic invoices for Fees to the email address designated by Participant in the applicable SOW, unless Participant provides Contexture a different email address for invoices relating to a particular SOW. 6.3 Purchasing Documents. PARTICIPANT AGREES THAT ANY TERMS AND CONDITIONS CONTAINED IN ANY PURCHASE ORDER OR OTHER ORDERING DOCUMENT ISSUED BY PARTICIPANT WILL HAVE NO BINDING EFFECT ON CONTEXTURE AND WILL NOT MODIFY THIS AGREEMENT IN ANY WAY. Participant's failure to issue a purchase order or Contextu re's failure to accept a purchase order does not excuse Participant's obligation to remit payment in full for the Services in accordance with this Agreement. Contexture's acceptance of a purchase order is done merely for the convenience of the Parties. 6.4 Taxes. Except as expressly provided for in a SOW, Fees are exclusive of all federal, state, local, municipal, or other government taxes, duties, tariffs, levies, withholdings, and similar assessments (including without limitation, excise taxes, sales taxes, transaction privilege taxes, use taxes, occupational taxes, and value added taxes), now in force or enacted in the future (collectively, "Taxes'). Participant agrees to pay any Taxes that Contexture is required to collect or pay now or at any time in the future and that are imposed upon the Services provided pursuant Contexture HIE Participation Agreement HIE General Terms and Conditions Page 21 of 32 Docusign Envelope ID: 3C41AF8A-12BB-4F07-ABCD-C625B941220F contexture Creating connections. Improving lives. to this Agreement, unless otherwise expressly stated in a SOW. If Participant believes it is exempt from any Tax imposed on any Service pursuant to this Agreement, Participant must, prior to the invoice due date, provide to Contexture any documentation or information that Contexture reasonably believes is necessary to assess whether Participant is exempt from the Tax. If a Participant's tax-exempt status changes, Participant will promptly advise Contexture in writing of the change. Participant acknowledges that any Taxes owed by Participant incurred during the Term of this Agreement discovered after termination of this Agreement shall be paid by Participant. 6.5 Late Payments. Contexture may charge interest on any late payment at the higher of 1.5% per month or the maximum permitted by Applicable Law. The accrual of such interest will not affect any of the rights or remedies of Contexture under this Agreement. Participant acknowledges that any remaining Fees owed at the time of termination of this Agreement shall be paid to Contexture. Contexture may charge its then -current implementation Fee to cover its costs and overhead associated with restoring a suspended Service after suspension due to nonpayment. Participant agrees to pay all of Contexture's costs associated with collection of all amounts due under this Agreement, including without limitation all court costs and reasonable attorneys' fees. 6.6 Fee Increases. Contexture may increase the Fees due under this Agreement, or under any executed SOW, by giving sixty (60) calendar days' advance notice to Participant in accordance with Section 13.2 (Notice). Participant may terminate any SOW that is subject to the Fee increase without penalty by giving written notice to Contexture before the Fee increase goes into effect. Nothing in this Section will limit or prohibit Contexture from offering new Services or optional upgrades for an additional Fee(s). 6.7 Other Expenses. Participant will be solely responsible for any other fees, charges, or expenses that Participant incurs in connection with Participant's access or use of the Services, including, without limitation, Internet access charges, carrier line and equipment charges, and any other fees charged by Participant's health IT vendor(s) (e.g., electronic health record connection, integration, configuration, or maintenance fees). 7.0 TERM AND TERMINATION; SUSPENSION. 7.1 Agreement Termination. In addition to all other termination rights set forth in other provisions of the Agreement, this Agreement may be terminated as follows: a. Without Cause by Either Party. Either Party may terminate this Agreement: (i) if there is no active SOW, immediately upon notice to the other Party; or (ii) if there is an active SOW, upon sixty (60) calendar days' notice to the other Party. b. With Cause by Either Party. Either Party may terminate this Agreement: i, upon the material breach of this Agreement by the other Party if the breach is curable and remains uncured for thirty (30) calendar days following written notice to the breaching Party describing in reasonable detail the material breach at issue; ii. immediately upon written notice to the other Party upon the material breach by the other Party that is not curable; Contexture HIE Participation Agreement HIE General Terms and Conditions Page 22 of 32 Docusign Envelope ID. 3C41AF8A-12BB-4F07-ABCD-C625B941220F IDE • Creating connections. Improving lives contexture immediately upon notice to the other Party if the terminating Party determines in its sole discretion that continuation of this Agreement would cause it to violate Applicable Law or jeopardize its tax-exempt status (if applicable); or iv. immediately upon notice to the other Party if the other Party is adjudicated bankrupt, files a voluntary petition for bankruptcy, makes a general assignment for the benefit of creditors, or has a receiver appointed due to its insolvency. c. By Contexture. Contexture may terminate this Agreement immediately upon notice to Participant if Contexture determines, in its sole discretion, that: i. Participant's use of the Services violates Applicable Law; ii. one or more of Contexture's Subcontractors or Third -Party Service Providers becomes unavailable or suspends or terminates a service essential for Contexture to operate the HIE or provide any Service. d. By Participant. Participant may terminate this Agreement effective immediately: i. Upon the effective date of any material change to these HIE General Terms and Conditions in accordance with Section 1.4 (Changes to HIE Genera( Terms and Conditions), if such material change (i) directly impacts the Participant's access to and use of the Services, and (ii) is not required by Applicable Law; and ii. Upon the effective date of any amendment to Permitted Purposes in the Contexture Policies in accordance with Section 2.7 (Contexture Policies; Changes), if such amendment: (i) constitutes a material change that directly impacts the Participant's access to and use of the Services, and (ii) is not required by Applicable Law. Furthermore, if Participant is a Data Supplier, it may terminate this Agreement pursuant to this Section 7.1(d) with thirty (30) calendar days' notice to Contexture. 7.2 Termination of Special Terms and Conditions and SOWs. Special Terms and Conditions and SOWS may be terminated by either Party without terminating the entire Agreement: (a) for any of the reasons set forth in Section 7.1 (Agreement Termination) of these General Terms and Conditions; or (b) as otherwise provided for in the Special Terms and Conditions or SOW. Termination of this entire Agreement automatically terminates all Special Terms and Conditions and SOWS. 7.3 Suspension. Contexture may limit, suspend, or terminate the access of a Participant or Authorized User to some or all of the Services, for any of the following reasons: a. if Participant fails to pay any Fees owed under this Agreement within ninety (90) calendar days after the due date; b. if Participant and/or an Authorized User refuses to agree to any of the User Documents that are necessary for access to or use of any Service; c. if necessary, in Contexture's sole discretion, to ensure the confidentiality, Contexture HIE Participation Agreement HIE General Terms and Conditions Page 23 of 32 Docusign Envelope ID: 3C41AF8A-12BB-4F07-ABCD-C625B941220F contexture - Creating connections. Improving lives. integrity, accessibility, stability, or security of the HIE or any Service, or to prevent material harm to any person or organization; d. if Contexture in its sole discretion determines that Participant or any of its Authorized Users has violated any of the terms of this Agreement or of any User Document; e. if Contexture in its sole discretion determines that Participant or any of its Authorized Users has engaged in actual or suspected unauthorized access, fraud, illegal use, or other suspicious activity related to any Service; f. if Contexture in its sole discretion determines that Participant's or any Authorized User(s)' continued use of any Service would create a risk of Contexture breaching a contract, violating Applicable Law, of suffering any sanction, penalty, or liability; g• at the direction of Participant; or h. as otherwise provided for in this Agreement, including without limitation in any SOW or Attachment. Upon any such limitation, suspension, or termination, Contexture shall not incur any fees or liabilities due to such action, and Participant shall remain responsible for payment of any Fees or liabilities set forth in this Agreement, including without limitation any SOW. 7.4 Effect of Termination. Upon the termination or expiration of this Agreement, Contexture will cease providing access to all Services for Participant and its Authorized Users, and Participant and its Authorized Users will stop accessing and using all Services. Upon the termination or expiration of an SOW, Contexture will cease performing the Service(s) specified in that SOW for Participant, and Participant and its Authorized Users will stop accessing and using the Service(s). 7.5 Survival. Any termination or expiration of a SOW or the entire Agreement will not alter the respective rights and duties of the Parties with respect to any actions conducted prior to such termination or expiration. In addition, the rights and obligations which by their nature should survive, or which this Agreement expressly states will survive, will remain in full force and effect following termination or expiration of this Agreement. 8.0 INTELLECTUAL PROPERTY. 8.1 Contexture Intellectual Property. a. Generally. Participant acknowledges and agrees that all rights, title, and interest in Intellectual Property in the Services are owned by or under license to Contexture. The Parties explicitly agree that no title or ownership of Intellectual Property of Contexture may be considered transferred to Participant or any third parties. Participant agrees to not take any action inconsistent with Contexture's rights, title, and ownership of Intellectual Property. All rights not expressly granted to Participant in this Agreement are reserved by Contexture. b. Suggestions and Feedback. Participant acknowledges and agrees that any suggestions, Feedback, or ideas provided by Participant or its representatives regarding the Services ("Suggestions') shall not confer any Intellectual Property rights or ownership interest to Contexture HIE Participation Agreement HIE General Terms and Conditions Page 24 of 32 Docusign Envelope ID: 3C41AF8A-12BB-4F07-ABCD-C625B941220F E contexture' Creating connections. Improving lives. Participant. Contexture shall have sole discretion to determine whether to implement any Suggestions into the Services, and Participant shall have no rights or ownership related to any improvements or updates resulting from such Suggestions. Participant hereby irrevocably assigns all Intellectual Property rights it may have in the Suggestions to Contexture, without any additional compensation or consideration. 8.2 Infringement Notification. Participant agrees not to infringe upon or misappropriate Contexture's or its licensors' Intellectual Property. Upon discovering or being notified of any actual or suspected infringement or misappropriation of Contexture's Intellectual Property in the Services, Participant shall promptly inform Contexture and cease such infringement within its control. Participant will cooperate with Contexture in protecting and defending its Intellectual Property rights. Contexture is not obligated to enforce its Intellectual Property rights regarding the Services. 8.3 Publicity. Neither Party may use the other Party's trademarks, service marks, or logos ("Marks') without prior written consent, except that: (a) Contexture may list Participant as a Participant in the HIE and use Participant's Marks for related disclosures and activities; and (b) Participant may disclose its participation in the HIE and use Contexture's Marks as relevant to the Services received. Both Parties must adhere to reasonable usage guidelines for the Marks, refrain from diminishing their value, and acknowledge the owner's ownership of the Marks. 9.0 CONFIDENTIALITY. 9.1 Ownership of Confidential Information. During the Term of this Agreement Participant and Contexture may disclose or gain access to each other's Confidential Information, whether orally, electronically or in physical form. Unless expressly stated in this Agreement or as required by Applicable Law: (a) all Confidential Information provided by one Party (the "Disclosing_ Party") remains the sole property of the Disclosing Party; and (b) the receiving Party (the "Receiving Party") holds no interest in or rights to the Disclosing Party's Confidential Information, except to access, use and disclose the Confidential Information in accordance with this Agreement. 9.2 Non -Disclosure Obligations. a. General; Safeguards. The Receiving Party agrees not to use or disclose the Confidential Information of the Disclosing Party, except as expressly stated by this Agreement. The Receiving Party will protect all Confidential Information from unauthorized use, access, or disclosure, employing a level of care no less than reasonable and consistent with industry standards for protecting its own confidential or proprietary information of a similar nature. For clarity, the Receiving Party may use and disclose any HIE Data or PHI for the purposes, and subject to any restrictions or limitations, set forth in Section 4 (Data Rights and Responsibilities) of these General Terms and Conditions and the Business Associate Agreement and any applicable Attachment. The Parties acknowledge and agree that the intent of this Section 9 (Confidentiality) is not to impermissibly interfere with the access, exchange, or use of EHI. b. Limitation on Exposures Terms of this Agreement. The Receiving Party shall limit the number of personnel, Subcontractors, agents, and Third -Party Service Providers who will have access to Confidential Information to the extent access is necessary and appropriate to their respective job functions. Participant may disclose the general nature, but not the specific terms, Contexture HIE Participation Agreement HIE General Terms and Conditions Page 25 of 32 Docusign Envelope ID: 3C41 AFBA-12BB-4F07-ABCD-C625B941220F contexture Creating connections. Improving lives. of this Agreement without the consent of Contexture; provided, however, that Participant may provide a copy of this Agreement or otherwise disclose its terms in connection with any financing transaction or due diligence inquiry or legal/accounting or regulatory requirement. c. Disclosure Required by Applicable Law. The Receiving Party may disclose Confidential Information that is required to be disclosed by Applicable Law (including, without limitation, a subpoena or court order). However, prior to such disclosure, the Receiving Party must promptly notify the Disclosing Party (to the extent not prohibited by Applicable Law) and afford the Disclosing Party an opportunity to seek a protective order or other limitation on such disclosure at the Disclosing Party's expense. In any event, the Receiving Party will only furnish that portion of the Confidential Information which is required by law and shall request that the Confidential Information be treated as such. d. Notification of Unauthorized Use. If either Party becomes aware of any unauthorized use or disclosure of the other Party's Confidential Information, they shall promptly notify the affected Party of all relevant facts known to it concerning such unauthorized use or disclosure. 9.3 Destruction and Return. Except as otherwise expressly authorized by this Agreement, all Confidential Information provided by Disclosing Party to the Receiving Party must be returned to the Disclosing Party upon termination or expiration of this Agreement, or earlier upon request. Alternatively, the Receiving Party may destroy the Confidential Information and, if requested, provide certification of such destruction by an officer of the Receiving Party. However, the Receiving Party may retain one (or more if needed) archival copy in a secure location to demonstrate compliance with this Agreement or as required for legal and audit purposes, provided such retained copy is not used or disclosed contrary to the terms of this Agreement. 9.4 Duration. The Parties agree that the obligations of Participant in this Section 9 (Confidentiality) shall survive termination or expiration of this Agreement. Contexture's obligations under this Section 9.4 (Duration) of these General Terms and Conditions shall remain in effect for a period of six (6) years from the termination date of this Agreement or the date of disclosure, whichever is later, except for Confidential Information classified as a trade secret under Applicable Law. For such trade secrets, Contexture's obligations of non -disclosure will survive the termination or expiration of this Agreement for as long as such Confidential Information remains subject to trade secret protection under Applicable Law. However, this provision does not affect any restrictions on the use and disclosure of EHI or PHI outlined in this Agreement. 10.0 OTHER REPRESENTATIONS, WARRANTIES AND DISCLAIMERS. 10.1 Mutual Representations and Warranties. Each Party represents and warrants to the other that: (a) it is duly incorporated and validly existing under Applicable Laws and in good standing in applicable business locations; (b) it has all necessary rights, licenses, and authority to enter into and perform its obligations under this Agreement; and (c) it has appropriate agreements with its employees and Subcontractors to enable the provision and receipt of Services in accordance with this Agreement. 10.2 Performance Warranty. Contexture represents and warrants to Participant that it Contexture HIE Participation Agreement HIE General Terms and Conditions Page 26 of 32 Docusign Envelope ID: 3C41AF8A-12BB-4F07-ABCD-C625B941220F contexture Creating connections. Improving lives will use commercially reasonable efforts to perform the Services in a workmanlike and professional manner in conformity with industry standards. If Contexture breaches this limited warranty, Participant's sole and exclusive remedy shall be for Contexture to use reasonable efforts re -perform the Service(s). 11.0 DISCLAIMERS. 11.1 Disclaimer of Warranties. Except as expressly stated in this Agreement, and to the fullest extent permitted by Applicable Law, the Services, third -party software, HIE Data, Usage Data, Documentation, and Contexture Policies are provided "as is""as available,""with all faults," without any representations or warranties, express or implied. This includes, but is not limited to, warranties of merchantability, fitness for a particular purpose, noninfringement, and any implied warranties arising from a course of dealing, course of performance, usage of trade, or quiet enjoyment. Furthermore, there are no warranties that the Services or HIE Data will be uninterrupted, timely, accurate, complete, error -free, free from false matches, reliable, interoperable, compatible with any particular hardware, software, or data, or that they will enable interconnectivity with other networks or systems. Additionally, there is no warranty that errors will be corrected. No oral or written information given by Contexture, its employees, Subcontractors, or Third -Party Service Providers, shall create a warranty. 11.2 Not a Medical Service. Contexture does not make clinical, medical, or other decisions. The Services are not a substitute for professional medical judgment applied by Participant or its Authorized Users. Without limiting any other provision of this Agreement, Participant and its Authorized Users shall be solely responsible for all decisions and actions taken or not taken involving Treatment, Payment, Limited Health Care Operations and other Health Care Operations activities for their respective patients and clients resulting from or in any way related to the use of the Services or the HIE Data, including, without limitation, any unavailability or degradation of the Services. 11.3 Internet Connections. Contexture will not be held responsible for any delay, failure, interruption, loss, or other problem with HIE Data or the Services attributable to the Internet or Participant's Authorized Users' or any third party's network or the ability to access the same. 11.4 Other Participants and Trusted Exchange Networks. By using the Services, the Participant acknowledges that other HIE Participants have access to the Services under similar terms and conditions. Contexture relies on Participant and its Authorized Users to provide accurate information about their identity and about their purposes for access to and use of the Services. Except for reasonable measures, Participant acknowledges that Contexture cannot directly control third -party (including without limitation other HIE Participants and Data Recipients) access or usage of the Services or HIE Data. Except as expressly stated in this Agreement, Participant waives any claim or cause of action against Contexture arising from actions or inactions of such third parties, including without limitation any unauthorized access, exchange or use resulting from other HIE Participants' and Data Recipients' misrepresentations, breach, violation of Contexture Policies, or violation of Applicable Law. Additionally, Participant acknowledges that HIE Data may be shared with participants of Trusted Exchange Networks. Contexture shall have no liability for the acts or omissions of any users accessing or utilizing such Networks. Contexture HIE Participation Agreement HIE General Terms and Conditions Page 27 of 32 Docusign Envelope ID: 3C41AF8A-12BB-4F07-ABCD-C625B941220F . contexture Creating connections. Improving lives. 12.0 LIABILITY AND RISK. 12.1 Indemnification. a. General Indemnification. Each Party shall indemnify, defend, and hold harmless the other Party from and against that portion of all claims by third parties arising out of or relating to the indemnifying Party's material breach of this Agreement or violation of Applicable Law. Participant is not responsible for any indemnification required by the Agreement as set forth in this section 12.1 to the extent such indemnification is prohibited by law. b. Intellectual Property Indemnification. Contexture shall indemnify, defend and hold harmless Participant from and against claims by third parties alleging that Participant's proper use of the Services during the Term infringes or misappropriates any U.S. Intellectual Property right ("Infringement Claim'), except when such claims arise from: (1) use of the Services outside of the scope of this Agreement; (2) unauthorized modification of the Services by Participant or its Authorized Users; or (3) using the Services in combination with any other software, hardware or products not supplied by Contexture. If any Service becomes or, in Contexture's opinion, is likely to become, the subject of an Infringement Claim or an injunction preventing its use as contemplated in this Agreement, Contexture may, at its option and expense: (aa) procure for Participant the right to continue using the allegedly infringing Services, or portion thereof, as applicable, in accordance with this Agreement; (bb) replace or modify the allegedly infringing Service, or portion thereof, as applicable, so that it becomes non -infringing without substantially compromising its principal functions; or (cc) terminate this Agreement or any affected SOW mmediately upon notice to Participant. This Section 12.1(b) (Intellectual Property Indemnification) states the entire liability of Contexture, and Participant's sole and exclusive remedy, with respect to any actual or alleged violation of a third party's Intellectual Property rights arising from or relating to the Services. c. Indemnification Procedure. Upon becoming aware of a claim that may require indemnification under Section 12.1 (Indemnification), the indemnified Party must promptly notify the indemnifying Party. Failure by the indemnified Party to provide prompt notice does not relieve the indemnifying Party of its obligations unless the failure materially prejudices the indemnifying Party. 12.2 Limitation of Liabilities. a. General Limitation of Liabilities. In addition to any other limitations or releases of liability in this Agreement, except as provided in Section 12.2(b) (Intellectual Property Rights and Remedies) below, neither Party will be liable for any special, incidental, exemplary, indirect, punitive, or consequential damages arising out of or relating to this Agreement under any theory of liability (including negligence) and whether or not such Party was or should have been aware or advised of the possibility of such damage. This includes, without limitation, lost revenue or profits, lost data or information, costs of procurement of substitute services, or injury to reputation, or claims arising from any delay, omissions, or error in the HIE, the Services, or the provision or receipt of HIE Data. The foregoing limitations of liability are intended to apply only to the Parties to this agreement and each Party expressly retains all rights and remedies it may have under this Agreement or under Applicable Law with respect to any third party. Contexture HIE Participation Agreement HIE General Terms and Conditions Page 28 of 32 Docusign Envelope ID: 3C41 AFBA-12BB-4F07-ABCD-C625B941220F contexture Creating connections Improving lives b. Intellectual Property Rights and Remedies. As an exception to the limitations of liabilities in Section 12.2(a) (General Limitation of Liabilities), in the event of an Contexture HIE Participation Agreement HIE General Terms and Conditions Page 29 of 32 Docusign Envelope ID: 3C41AF8A-12BB-4F07-ABCD-C625B941220F contexture Creating connections. Improving lives. infringement of Contexture's Intellectual Property Rights by Participant in violation of Section 8 (Intellectual Property) of these General Terms and Conditions, Contexture is entitled to seek actual damages for such infringement, as well as appropriate injunctive relief. 12.3 Releases of Liability. For purposes of this Section 12.3, ("Contexture Indemnitees') means Contexture as well as its officers, directors, employees, agents, affiliates, and successors. Participant releases Contexture Indemnitees and other Data Suppliers from any claims relating to any inaccuracy, incompleteness or timeliness of HIE Data; provided, however, this release shall not apply to that portion of any claims directly caused, respectively, by Contexture's or other Data Supplier's intentional misconduct or gross negligence. Participant further releases Contexture Indemnitees from that portion of any and all any claims arising out of or relating to: (a) any clinical, medical, or other decisions related to the Treatment of an individual, regardless of Participant's HIPAA status; (b) individual matching or record locating; (c) Participant's breach of this Agreement or Applicable Law; (d) Participant's gross negligence or intentional misconduct; and (e) Contexture's lawful use or disclosure of Participant Data pursuant to Section 4.2(b) (Participant Data Use Rights); except for claims resulting from Contexture's intentional misconduct or gross negligence in (a) and (b) of this Section. 12.4 Insurance. During the Term of this Agreement, each Party agrees to maintain in force, at its sole cost and expense, liability and cyber insurance coverage in amounts commercially reasonable and appropriate to cover its obligations and liabilities under this Agreement. The insurance coverage required under this Agreement may be provided through one or more reputable commercial insurance policies, through a reasonably acceptable self-insurance program, or through a combination of commercial and self-insurance programs. Upon request, each Party agrees to furnish the other Party with a certificate of insurance indicating the required coverage. 13.0 MISCELLANEOUS. 13.1 No Exclusion. Contexture represents and warrants that it, and Participant represents and warrants that it (and its Authorized Users): (a) are not debarred, suspended, declared ineligible, or voluntarily excluded from participation in federal contracting or federal health care programs; (b) have not been placed on the sanctions list issued by the Office of the Inspector General of the Department of Health and Human Services in accordance with 42 U.S.C. § 1320a-7; and (c) have not been convicted of a felony or any crime relating to health care. Each Party will immediately notify the other Party if it becomes aware that any of these representations and warranties is incorrect or needs to be updated. 13.2 Notice. Except as otherwise specified in this Agreement, each Party shall deliver all notices, requests, consents, claims, demands, waivers, and other communications under this Agreement (each, a "Notice") in writing and addressed to the other Party at its mailing or email address that is listed in the Cover Sheet, in any SOW, or in this Section 13.2 (Notice). Each Party shall deliver all Notices by (i) personal delivery, (ii) a nationally recognized delivery service such as FedEx or UPS, (iii) email, or (iv) certified or registered mail through the U.S. Postal Service. A Party may change its contact information for Notices by giving the other Party notice of the new contact information in accordance with this Section 13.2 (Notice). Nothing in this Section prevents the Parties from: (i) communicating via other forms of communication for the routine administration of the Services; or (ii) mutually agreeing, in writing, to waive the requirements of this Section 13.2 (Notice) as to any specific Notice required under this Agreement. Contexture HIE Participation Agreement HIE General Terms and Conditions Page 30 of 32 Docusign Envelope ID: 3C41AF8A-12BB-4F07-ABCD-C625B941220F contexture Creating connections. Improving lives. 13.3 Assignment. Neither Party may assign or transfer its rights or duties in connection with this Agreement without the prior written consent of the other Party, which will not be unreasonably delayed, conditioned, or withheld; provided, however, that Contexture may (with prompt notice to the other Party) assign its rights and obligations hereunder to a parent, subsidiary, or affiliated entity that has agreed to be bound by the terms and conditions of this Agreement. 13.4 Antitrust Compliance. Participant agrees not to use the Services, HIE Data or other information available through or in connection with the Services or to which it has access under this Agreement to evaluate or set its own prices, or otherwise in violation of state or federal antitrust laws. 13.5 Governing Law and Venue. This Agreement and any claims arising from or relating to this Agreement will be governed by and interpreted in accordance with the substantive laws of the State of Colorado, without regard to conflict of laws principles. The Parties consent to the exclusive jurisdiction and venue of the state and federal courts located in either Denver, Colorado or Phoenix, Arizona for the resolution of any and all disputes arising under or related to this Agreement or related to the HIE or Services. 13.6 Informal Dispute Resolution. Should a claim, controversy, or dispute relating to this Agreement arise between the Parties, either Party will, by notice, call a meeting regarding the dispute to be attended (in person or by phone or video meeting) by senior manager or executive of each Party, with authority to settle the dispute, who will attempt in good faith, to resolve the dispute. If the dispute cannot be resolved through good faith negotiations within ninety (90) calendar days from the initial notice of a dispute, then either Party may pursue its remedies at law or in equity. Notwithstanding the foregoing terms: (a) the Parties agree that a Party may promptly file a claim in the event the statute of limitations is due to expire for a claim within the ninety (90) calendar day period contemplated in this Section; and (b) if a Party determines, in good faith, that a breach or threatened breach of the terms of this Agreement by the other Party could cause significant and substantial damages which may not be adequately compensated by the payment of monetary damages and that the affected Party's remedy at law may be inadequate, such Party may proceed directly to court or other forum to seek an injunction and/or any other appropriate equitable relief to enforce its rights under the terms of this Agreement. All negotiations pursuant to this Section will be confidential and will be treated as compromise and settlement negotiations for the purpose of the applicable rules of evidence to the fullest extent permitted under such rules. 13.7 Equitable Relief; Cumulative Relief. If there is a violation or attempted violation of Section 8.1 (Contexture Intellectual Property) or Section 9 (Confidentiality) of these General Terms and Conditions, the injured or potentially injured Party will have, in addition to other remedies available to it, the right to seek injunctive relief enjoining such action. Except as otherwise provided in this Agreement, all remedies will be deemed cumulative with and not exclusive of any other remedy, and the exercise by a Party of any one remedy will not preclude the exercise of any other remedy. 13.8 Force Majeure. No Party shall be liable or responsible to the other Party, nor be deemed to have defaulted under or breached this Agreement, for any failure or delay in fulfilling or performing any term of this Agreement, when and to the extent such failure or delay is caused by or results from acts beyond the affected Party's reasonable control, including, without Contexture HIE Participation Agreement HIE General Terms and Conditions Page 31 of 32 Docusign Envelope ID: 3C41AF8A-12BB-4F07-ABCD-C625B941220F contexture Creating connections. Improving lives limitation: (a) acts of God; (b) flood, fire, earthquake, severe weather, epidemic, or pandemic; (c) war, invasion, hostilities (whether war is declared or not), terrorist threats or acts, riot, or other civil unrest; (d) government order or Taw; (e) embargo or blockade; (f) action by any governmental authority; (g) national or regional emergency; (h) strikes, labor stoppages or slowdowns, or other industrial disturbances; or (i) telecommunication breakdowns, or power outages or shortages ("Force Majeure Event'). The nonperforming Party shall promptly give notice to the other Party of a Force Majeure Event and use commercially reasonable efforts to mitigate the impact of such delay and perform its obligations despite such Force Majeure Event. 13.9 Entire Agreement. This Agreement (collectively including without limitation any and all SOWs and Attachments) constitutes the complete agreement of the Parties relating to the matters specified in this Agreement and supersedes all earlier proposals, negotiations, conversations, prior drafts, discussions, oral/written representations, oral agreements, and executed agreements with respect to the subject matter of this Agreement. 13.10 Modification. This Agreement may be modified or otherwise amended as; (a) provided for in this Agreement; or (b) by mutual agreement of the Parties at any time without additional consideration in a writing signed by an authorized representative of each Party. No oral modification of any of the provisions of this Agreement is binding on either Party. 13.11 No Waiver. A Party's failure to enforce any right under this Agreement at any time for any period is not a waiver of that right, and the exercise of one right or remedy is not a waiver of any other right or remedy. No extension of time for performance of any obligation or act under this Agreement shall be deemed an extension of the time for performance of any other obligation or act. 13.12 Severability. If any portion of this Agreement is determined by a court to be invalid, illegal, void, or unenforceable, the remainder of this Agreement will remain in full force and effect. In the event of a determination that any portion of this Agreement is invalid, illegal, or unenforceable, the court may modify this Agreement to reflect the original intent of the Parties as closely as possible. 13.13 No Third -Party Beneficiaries. This Agreement is strictly between Contexture and Participant, and no other persons or entities shall be considered beneficiaries of this Agreement. Accordingly, no rights or remedies are conferred upon any third parties under this Agreement. Furthermore, this Agreement is not intended to create any contractual relationship, confer any rights, or impose any obligations on any persons other than Contexture and Participant, nor is it intended to affect any rights among Contexture or any other HIE Participants not expressly addressed herein. 13.14 Relationship of the Parties. Nothing in this Agreement shall be construed to create a joint venture, agency, or employment relationship. Nothing in this Agreement shall be construed to give a Party any express or implied right or authority to assume or create any obligations on behalf of or in the name of another Party, or to bind the other Party to any contract, agreement, or undertaking with any third party. Participant will not be deemed an agent of any other HIE Participant due to its participation in the HIE. 13.15 Interpretation. This Agreement shall be construed without regard to any presumption or rule requiring construction or interpretation against the Party that drafted the Contexture HIE Participation Agreement HIE General Terms and Conditions Page 32 of 32 Docusign Envelope ID: 3C41AF8A-12BB-4F07-ABCD-C625B941220F contexture Creating connections Improving lives. document or a specific term or provision. When words such as "will," "shall," "must," "agrees to," and "is responsible for" are used in this Agreement, they impose a mandatory obligation or requirement. Unless the context requires otherwise, references in this Agreement to a statute or regulation mean the statute or regulation as amended from time to time. 13.16 Counterparts; Electronic Signatures; Electronic Documents. The Parties may sign this Agreement (including any SOW) in multiple counterparts, each of which constitutes an original, and all of which, collectively, constitute only one agreement. This Agreement (including any SOW) may be executed electronically through any means. The Parties agree that signatures exchanged by facsimile or electronic means shall be binding as originals. Each of the individuals signing below on behalf of either Party hereby represents and warrants that they are signing with full and complete authority to bind the Party. In addition, the individual signing on behalf of Participant represents, warrants, and agrees that (i) every entity or individual listed as an Affiliate in any SOW or other part of the Agreement is a Participant under the entire Agreement, and (ii) every Affiliate is a Party to, and bound by the terms of, the entire Agreement. CONTEXTURE, a Colorado nonprofit Kelly Procopio Printed Name \'1', ( rant; and Contracts \dministration Title 5/20/2025 Date Contexture HIE Participation Agreement HIE General Terms and Conditions County of Weld Signed by. Pbid �C rfmA7E43E Peru- 1, buck Printed Name Weld County Commissioner - Chair Title 5/20/2025 Date Page 33 of 32 Docusign Envelope ID: 3C41 AFBA-12BB-4F07-ABCD-C625B941220F contexture Creating connections. Improving lives CONTEXTURE HIE PARTICIPATION AGREEMENT Trusted Exchange Addendum This Trusted Exchange Addendum ("Addendum') is an Attachment that is incorporated by reference into the Contexture HIE Participation Agreement (the "Agreement") to which this Addendum is attached. 1.0 APPLICABILITY. To allow our Participants to exchange health information with entities that do not participate in Contexture's HIE, Contexture participates in Trusted Exchange Networks that facilitate the exchange of health information across the country. For example, Contexture participates in health information exchange through the eHealth Exchange network and the Patient Centered Data Home. As a condition of participation, many of these Trusted Exchange Networks require Contexture to agree to a trusted exchange agreement and to flow down certain terms and conditions to HIE Participants that access or use those Trusted Exchange Network connections. The provisions of this Addendum apply to Participant's access to and use of the relevant Trusted Exchange Network. To the extent that Participant does not access or use a particular Trusted Exchange Network, then the portions of this Addendum that address that particular Trusted Exchange Network do not apply. 2.0 DEFINITIONS. All capitalized words and phrases not defined in this Addendum have the meanings given elsewhere in the Agreement, including in the Cover Sheet and the HIE General Terms and Conditions. "Applicable Law" means: (a) for HIE Participants that are not federal agencies, all applicable statutes and regulations of the State(s) or jurisdiction(s) in which the Participant operates, as well as all applicable federal statutes, regulations, standards and policy requirements; and (b) for Participants that are federal agencies, all applicable federal statutes, regulations, standards and policy requirements. 3.0 MODIFICATIONS TO THIS ADDENDUM. Contexture may update and revise this Addendum from time to time. Contexture will notify Participant of material changes to this Addendum by giving notice in accordance with Section 13.2 (Notice) of the HIE General Terms and Conditions. 4.0 RELATIONSHIP WITH OTHER DOCUMENTS. In the event of a conflict between any term or condition of this Addendum and any term or condition in the HIE General Terms and Conditions or any other document that is part of the Agreement, this Addendum shall govern with respect to Participant's access to and use of the applicable Trusted Exchange Network. Provided, however, that the Business Associate Agreement shall continue to take precedence with respect to required HIPAA compliance Contexture HIE Participation Agreement Page 1 of 3 Trusted Exchange Addendum Docusign Envelope ID: 3C41 AFBA-12BB-4F07-ABCD-C625B941220F . contexture Creating connections Improving lives obligations of the Parties. 5.0 INDEMNIFICATION. In addition to any other indemnification obligations in the Agreement, Participant will indemnify, defend and hold harmless Contexture Indemnitees for any and all claims, demands, loss, liabilities, judgments, awards, costs, interest, damages, fees, or expense (including reasonable attorneys, court, and expert fees and expenses) (each, a "Claim") arising out of or related to Participant's (including its Authorized Users') actions or omissions in connection with this Trusted Exchange Addendum. This indemnification obligation is not subject to any limitations of liability in the HIE General Terms and Conditions. Participant is not responsible for any indemnification required by the Agreement as set forth in this section 12.1 to the extent such indemnification is prohibited by law. 6.0 DATA USE AND RECIPROCAL SERVICES AGREEMENT (DURSA). 6.1 General; Applicability. Contexture participates in the eHealth Exchange Network. The eHealth Exchange Network connects healthcare organizations and federal exchanges so that electronic health information can be exchanged nationwide to improve patient care and public health. As a condition of participation in the eHealth Exchange Network, Contexture has signed the Data Use and Reciprocal Services Agreement ("DURSA') and is required to obtain HIE Participants' agreement to comply with certain provisions in the DURSA. Participant agrees that the terms of this Section 6 apply to Participant's exchange of health information under the DURSA. 6.2 Cooperation. Participant will reasonably cooperate with Contexture on any issues related to the DURSA, including: a. safeguarding the confidentiality, privacy and security of personal information and PHI exchanged through the eHealth Exchange Network; b. allowing periodic audits and/or monitoring of the Services by Contexture to ensure compliance with the DURSA; and c. gathering and providing information and documentation related to Participant's use of the Services to exchange health information through the eHealth Exchange Network, including reporting and responding to Security Incidents. 6.3 Use of eHealth Exchange Network. When Participant accesses, uses or otherwise exchanges health information through the eHealth Exchange Network under the DURSA, such access, use and exchange will be done (i) in accordance with Applicable Law, (ii) in accordance with this Section 6 of the Addendum, and (iii) only for a Permitted Purpose provided for under the DURSA (but only if it is also a Permitted Purpose under the Contexture HIE Participation Agreement). 6.4 Compliance with Law. Participant will comply with the applicable terms and conditions of the DURSA, located at https:lehealthexchange.org/dursa/ (as may be amended from time to time). Contexture HIE Participation Agreement Page 2 of 3 Trusted Exchange Addendum Docusign Envelope ID: 3C41 AFBA-12BB-4F07-ABCD-C625B941220F contexture Creating connections. Improving lives. 6.5 Reporting Breaches. Participant shall report to Contexture all suspected and confirmed use or disclosure of PHI that is not authorized by this Addendum or the DURSA as soon as reasonably practicable, and, in any event, no later than five (5) calendar days. 6.6 Termination of DURSA. If Contexture's participation in the DURSA terminates for any reason, Participant will no longer have any right to access, use, and exchange health information through the eHealth Exchange Network under the DURSA utilizing Contexture's connection. 7.0 TRUSTED EXCHANGE FRAMEWORK AND COMMON AGREEMENT (TEFCA). [Reserved] Each of the individuals signing below on behalf of either Party hereby represents and warrants that they are signing with full and complete authority to bind the Party, and to bind each Affiliate identified in any document that is part of the Agreement. CONTEXTURE, a Colorado nonprofit krAtion Prottra 5AA260E9319E44C.. Signature Kelly Procopio Printed Name vP, Grants and Contracts .Administration Title 5/20/2025 Date County of Weld P Signed by: Signature Pelf\ T, Buck �E _ Printed Name Weld County Commissioner - Chair Title 5/20/2025 Date Contexture HIE Participation Agreement Page 3 of 3 Trusted Exchange Addendum Docusign Envelope ID: 3C41 AFBA-12BB-4F07-ABCD-C625B941220F to contexture - Creating connections. Improving lives CONTEXTURE HIE PARTICIPATION AGREEMENT HIPAA Business Associate Agreement This HIPAA Business Associate Agreement ("BAA') is an Attachment that is incorporated by reference into the Contexture HIE Participation Agreement (the "Agreement") to which this BAA is attached. 1.0 APPLICABILITY; DEFINITIONS; CHANGES. 1.1 Applicability; Prior BAA. This BAA applies to the Parties regardless of whether Participant is a HIPAA Regulated Entity. For clarity, this BAA applies to any entity or individual listed as a Participant or Affiliate in any document that is part of the Agreement. This BAA supersedes and terminates any prior BAA between the Parties related to HIE participation. 1.2 Definitions. All capitalized words and phrases not defined in this BAA have the meanings given in the HIE General Terms and Conditions, or if not defined in the HIE General Terms and Conditions, have the meanings given in HIPAA. "Individual" has the meaning given in HIPAA, specifically 45 C.F.R. § 160.103. For purposes of this BAA, "Individual" includes a person who qualifies as a personal representative under 45 C.F.R. § 164.502(g). "PHI" or "Protected Health Information" has the meaning given in HIPAA, specifically 45 C.F.R. § 160.103 (and regardless of whether Participant is a HIPAA Regulated Entity). For the purposes of this BAA, PHI refers to Participant Data provided to or handled by Contexture in connection with the Services. 1.3 Amendments for Legal Compliance. Contexture may unilaterally amend this BAA ifsuch amendments are necessary to comply with Applicable Law. Contexture will provide Participant with notice of any unilateral amendment in accordance with Section 13.2 (Notice) of the General Terms and Conditions at least thirty (30) calendar days before the amendment takeseffect, unless an earlier effective date is required for compliance with Applicable Law. If Participantobjects to the amendment, it may terminate the Agreement by providing notice to Contexture inaccordance with Section 13.2 (Notice), effective as of the amendment's effective date. 2.0 CONTEXTURE'S OBLIGATIONS. 2.1 Permitted Purposes. a. Performance of Services. Contexture may use or disclose PHI in connection with the Services, to operate the HIE, for any Permitted Purpose, as permitted in the Agreement or this BAA, or as required by Applicable Law, and will not further use or disclose such PHI. Contexture will not use or disclose PHI in a way that, if done by the Participant, would violate HIPAA. To the extent Contexture is to carry out Participant's obligations under HIPAA in the performance of the Services, Contexture will comply with the requirements of HIPAA that apply to Participant's performance of such obligations. Contexture may obtain Individual HIPAA Authorizations and other consents in accordance with HIPAA and may use and disclose PHI as permitted by such authorizations and consents in compliance with Contexture Policies. Contexture HIE Participation Agreement Page 1 of 5 HIPAA Business Associate Agreement Docusign Envelope ID: 3C41AF8A-12BB-4F07-ABCD-C625B941220F contexture Creating connections. Improving lives. b. Contexture Management, Administration and Legal Responsibilities. Contexture may use and disclose PHI for the proper management and administration of Contexture, and to carry out Contexture's legal responsibilities. Contexture may disclose PHI to a third party for such purposes if: (i) the disclosure is required by Applicable Law; or (ii) Contexture secures written assurance from the receiving third party that it will: (1) hold the PHI confidentially; (2) use or disclose the PHI only as required by Applicable Law or for the purpose(s) for which it was disclosed to the receiving third party; and (3) notify Contexture of any unauthorized access, use, disclosure or Breaches of the PHI. c. Data Aggregation and De -Identification Services. Participant acknowledges and agrees that Data Aggregation and De -Identification services are a critical component of the operation of Services and the access, exchange and use of HIE Data. Accordingly, Contexture may use PHI to perform Data Aggregation services in accordance with 45 C.F.R. § 164.504, and Contexture may disclose PHI relating to its Data Aggregation services to third parties to the extent such disclosure is permitted under HIPAA and the Agreement. Contexture may use PHI to create De -Identified Data in accordance with 45 C.F.R. § 164.514 and may use and disclose De -Identified Data as permitted in the Agreement. d. Limited Data Sets and Data Use Agreement. Contexture may use PHI to create Limited Data Sets, and will maintain, use and/or disclose such Limited Data Sets in accordance with 45 C.F.R. § 164.514(e). Contexture will: (i) not use or disclose a Limited Data Set other than for the purpose of Health Care Operations, Public Health and/or Research, or as otherwise required by Applicable Law; (ii) use appropriate safeguards to prevent the use or disclosure of the Limited Data Set other than as permitted by this section 2.1(d); (iii) limit the use or receipt of the Limited Data Set to its personnel who need access to the Limited Data Set for the purpose of performing the Health Care Operations, Public Health and/or Research function; (iv) report to Participant any uses or disclosures in violation of this section 2.1(d) of which Contexture becomes aware; (v) hold any agent (including Subcontractors) to the standards, restrictions, and conditions stated in this section 2.1(d) with respect to the Limited Data Set; (vi) not use the Limited Data Set to identify or contact the individuals who are the data subjects; and (vii) not use or disclose the Limited Data Set in a way that, if done by the Participant, would violate HIPAA. Contexture will disclose a Limited Data Set to a third party only under a written data use agreement that complies with 45 C.F.R. § 164.514(e)(4). Participant authorizes Contexture to enter into data use agreements for the use of the Limited Data Sets in accordance with Applicable Law and Contexture Policies. e. Minimum Necessary. Contexture, and its agents and Subcontractors, will make reasonable efforts to use, disclose, or request only the minimum necessary PHI to accomplish the intended purpose (as described in 45 C.F.R. § 164.502(b) and § 164.514(d)). f. Agents & Subcontractors. Contexture agrees that, in accordance with 45 C.F.R. § 164.502(e)(1), if Contexture's Subcontractor or agent creates, receives, maintains or transmits PHI on behalf of Contexture, Contexture will enter into an agreement with such Subcontractor or agent that contains substantially the same terms, restrictions and conditions on the use and disclosure of PHI as contained in this BAA. Contexture HIE Participation Agreement Page 2 of 5 HIPAA Business Associate Agreement Docusign Envelope ID: 3C41AF8A-12BB-4F07-ABCD-C625B941220F contexture Creating connections. Improving lives. 2.2 Safeguards. Contexture shall implement administrative, physical, and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability of the PHI that Contexture creates, receives, maintains, uses, discloses, or transmits on behalf of Participant, in accordance with all applicable provisions of HIPAA. Contexture shall comply with the requirements in 45 C.F.R. Part 164, subpart C. Contexture shall Encrypt, or cause the Encryption of, all electronic PHI it transmits or stores such that such electronic PHI will not be Unsecured PHI (as defined by 45 C.F.R. Part 164, subpart D). 2.3 Reporting. a. Use or Disclosure Not Permitted by this BAA. Contexture will report in writing to Participant any use or disclosure of PHI for purposes other than those permitted by this BAA of which Contexture becomes aware. b. Security Incidents. Contexture will report to Participant any Security Incident of which Contexture becomes aware without unreasonable delay and, in any event, within five (5) business days of Contexture's learning of such event. The Parties agree that this BAA serves as notification, and that no further notification is required, of the ongoing existence of Unsuccessful Security Incidents. c. Breach of Unsecured PHI. Contexture will report to Participant any Breach of Unsecured PHI without unreasonable delay and, in any event, within five (5) business days after such Breach of Unsecured PHI is known to Contexture. Contexture will provide such information to Participant as required by HIPAA. If there is a Breach of Unsecured PHI for which more than one HIE Participant has a reporting obligation under 45 C.F.R. § 164.400 to § 164.414 (the HIPAA Breach Notification Rule), Contexture may assume the obligation to report on behalf of such HIE Participants to avoid duplicative reporting. If Contexture undertakes the obligation to report on behalf of Participant, Contexture will comply with the requirements set forth in the HIPAA Breach Notification Rule and will make reasonable efforts to provide an advance copy of the draft notification to Participant for review and input. 2.4 Government Access. Upon request, Contexture shall make its internal practices, books and records relating to the use and disclosure of PHI available to the U.S. Department of Health and Human Services to the extent required for determining Participant's or Contexture's compliance with HIPAA. No attorney -client, accountant -client or other legal privilege will be deemed waived by Contexture or Participant by virtue of this Section 2.4. 2.5 Individual Rights. a. Access to PHI. Contexture will make available PHI to support individual access rights in accordance with 45 C.F.R. § 164.524 and, to the extent applicable, the Arizona HIO Law. b. Amendment of PHI. Contexture will incorporate any amendments to PHI made by Participant in accordance with 45 C.F.R. § 164.526 and, to the extent applicable, the Arizona HIO Law. Contexture HIE Participation Agreement Page 3 of 5 HIPAA Business Associate Agreement Docusign Envelope ID: 3C41AF8A-12BB-4F07-ABCD-C625B941220F contexture Creating connections. Improving lives. c. Disclosure Accounting. Contexture will make available the information required to provide an accounting of disclosures in accordance with 45 C.F.R. § 164.528 and, to the extent applicable, the Arizona HIO Law. 2.6 PARTICIPANT OBLIGATIONS. a. Restrictions; Notification. Participant shall notify Contexture of any restriction or limitation that may affect Contexture's use or disclosure of PHI that is permitted by this BAA. This notification must be provided at least ten (10) calendar days prior to the effective date of the restriction or limitation, unless otherwise specified in the Agreement or the applicable Contexture Policies. Notifications should include, without limitation: (a) any restrictions or limitations in Participant's HIPAA Notice of Privacy Practices; (b) any changes in, or revocation of, permission by an Individual to use or disclose PHI; or (c) any restriction on the use and disclosure of PHI that Participant has agreed to in accordance with 45 C.F.R. § 164.522 or otherwise (collectively, "Restrictions'). b. Effect of Restrictions. Due to current legal, technical, and administrative limitations, including the infeasibility of data segmentation, Participant acknowledges that any Restrictions may require Contexture to opt out affected Individuals from participation in the HIE. Participant agrees tD the extent permitted under Colorado law, to indemnify, defend, and hold harmless Contexture from and against all claimsby third parties arising out of or relating to opt outs made in connection with implementing a Restriction. 3.0 TERM AND TERMINATION; EFFECT OF TERMINATION 3.1 Term and Termination. This BAA is effective as of the Effective Date of the Agreement and shall terminate upon expiration or termination of the Agreement, or earlier as provided in this BAA. For clarity, the termination of one or more SOWs does not terminate this BAA. 3.2 Termination for Cause. Participant may terminate this BAA and the Agreement upon written notice to Contexture if Contexture breaches a material term of this BAA and Contexture fails to cure the breach within thirty (30) calendar days after Participant provides the written notice. 3.3 Return or Destruction of PHI. Upon expiration or termination of this BAA, Contexture will return or destroy all PHI, as set forth in Section 4.2(d) (Return and Destruction Limitations) of the HIE General Terms and Conditions of the Agreement. Participant acknowledges, however, that PHI provided to the HIE may be integrated into the medical record of Data Recipients, and into records maintained by Contexture (including but not limited to back-up tapes), and it will not be feasible for Contexture to return or destroy the PHI that has been integrated. If Contexture does not return or destroy PHI upon termination, Contexture will continue to follow the provisions of this BAA and will limit its use or disclosure of PHI to those purposes that make the return or destruction of PHI infeasible. 3.4 Survival. To the extent Contexture continues to maintain any PHI after the expiration or termination of this BAA, rights and obligations which by their nature should survive, or which this Agreement expressly states will survive, will remain in full force and effect following termination or expiration of this BAA. Contexture HIE Participation Agreement Page 4 of 5 HIPAA Business Associate Agreement Docusign Envelope ID: 3C41 AFBA-I2BB-4F07-ABCD-C625B941220F contexture Creating connections. Improving lives Each of the individuals signing below on behalf of either Party hereby represents and warrants that they are signing with full and complete authority to bind the party, and to bind each Affiliate identified in any document that is part of the Agreement. CONTEXTURE, a Colorado nonprofit Organization DocuSigned by: pacifies i`-n5 �E�33i9"t�tL Sg'a�ure Kelly Procopio County of Weld P Signed by: \—or,a7ciRr f-A7PNIC Signature Puffy 1, duck Printed Name Printed Name VP, ( ;rants and Contracts Administration Weld County Commissioner - Chair Title Title 5/20/2025 5/20/2025 Date Date Contexture HIE Participation Agreement Page 5 of 5 HIPAA Business Associate Agreement Docusign Envelope ID: 3C41 AFBA-12BB-4F07-ABCD-C625B941220F contexture' Creating connections. Improving lives. Statement of Work Solution: Health Care Provider Gold Bundle This Statement of Work ("SOW") is an Attachment that is incorporated by reference into the Contexture HIE Participation Agreement (the "Agreement"). This SOW is subject to the terms and conditions contained in the Agreement between the parties and is made a part thereof. In the event of any conflict or inconsistency between the terms of this SOW and the terms of this Agreement, the terms of this SOW shall govern and prevail. The Exhibit(s) to this SOW, if any, shall be deemed to be a part hereof. In the event of any inconsistencies between the terms of the body of this SOW and the terms of the Exhibit(s) hereto, the terms of the body of this SOW shall prevail. Participant Information - _. _4.- 4. Legal Name of Participant Entity: County of Weld Name/Doing Business As: County of Weld Trade Physical Address: Street Address: 1150 O Street City, State, Zip: Greeley, CO 80631 ID Number (TIN): 84-6000813 Tax Primary Contact: Name: Jacob Mundt Title: Director of Apps & DB Sys Phone: 970-400-2521 Email: jmundt@weld.gov Billing Contact for Electronic Invoices: Name: Latisha Rodriguez contact is responsible for billing of Title: Office Coordinator This solutions listed in this SOW Phone: 970-400-2537 Email: billing.it@weld.gov Billing Street Address: 1150 o street Billing City, State, Greeley, CO 80631 Zip: Contacts listed in this section may be changed at any time and without the need for an amendment to this SOW by a) emailing the Contexture Help Desk at Helpdesk@contexture.org, b) emailing the Contexture team member assigned to the Participant, or c) emailing getconnected@contexture.org. 1 Docusign Envelope ID: 3C41 AFBA-12BB-4F07-ABCD-C625B941220F contexture Creating connections. Improving lives. Eligibility and Permitted Purpose: Will Participant be directing Contexture to provide the Solutions covered by this SOW to one or more Affiliates? Participant Service Area: XI] No ❑ Yes, complete Exhibit C with all Affiliates ❑ Arizona Q Colorado ❑ Arizona and Colorado ❑ National Participant agrees to notify Contexture within 14 business days of any changes to Participant's Service Area and Contacts as listed in Participant Information. 1.0 Definitions. All capitalized words and phrases not defined in this Statement of Work have the meanings given elsewhere in the Agreement, including in the Cover Sheet and the HIE General Terms and Conditions. a. "Beds" means the maximum number of beds for which a hospital and/or facility holds a license, or is otherwise authorized, to operate. b. "CCD" means Continuity of Care Document and refers to an electronically generated, patient -specific clinical summary document. c. "Direct Secure Messaging Network" means the communications network offered by Contexture to enable secure exchange of patient information and other messages among Participant and others, including health care providers, payers, and patients, in accordance with the Direct Standard. d. "Direct Secure Messaging Network Directory" means the repository of information regarding Authorized Users of the Direct Secure Messaging Network collected, maintained, and made available by Contexture, in accordance with applicable Policies and Procedures. e. "Direct Standard" means the set of protocols and technical specifications, as defined by 45 C.F.R § 170.202(a) and endorsed by the Office of the National Coordinator for Health IT (ONC), to enable the secure exchange of health information over the Internet. Contexture supports all XDS Direct Standard protocols and an external web -based platform for managing Direct Secure mail i n boxes. f. "Effective Date" means the later of January 1, 2026, or the date of last signature on this SOW (for SOWs executed after January 1, 2026). g. "HISP" means Health Information Service Provider and refers to the accredited network service operator that allows for clinical data exchange on a national level through Direct Secure Messaging. HISP works by allowing hospitals, health plans, doctors, health information exchanges, and consumers a way to access the Direct Secure Message Network. h. "HL7 Interface" means an automated connection and process for formatting information in accordance with the HL7 messaging standard to enable the secure exchange of Data between linked applications. 2 Docusign Envelope ID: 3C41AF8A-12BB-4F07-ABCD-C625B941220F 1 a contexture Creating connections. Improving lives. i. "Identity Only Inbound Data" is data that is leveraged solely for the purposes of creating an output identity that will not become part of the clinical record/content and therefore cannot be used in any HIE products or services without specific approval. "Implementation" means the installation and initial testing of the services described in this SOW. k. "Implementation Fees" means one-time Fees that are applicable to the initial SOW term only and not to any renewal SOW term. I. "Limited Use Inbound Data" is data, such as physical health and/or behavioral health data, which may include Part 2 Data, that is leveraged solely for limited purposes such as electronic clinical quality measures (eCQMs), other quality reporting, or otherwise specified use cases. This data may not be used for the purposes of HIE products and services except for identity enrichment services. m. "Live Date" means the date after Implementation of the services described in this SOW on which Contexture begins receiving the requested data. n. "Message" means a Direct Secure Message used to send information via the Contexture provided HISP, in accordance with the Direct Trust specifications. o. "Non -Part 2 Inbound Data" refers to inbound data that contains physical health and/or behavioral health data and that does not include Part 2 Data. This data may be shared, in accordance with system -level consent, across HIE products and services. P. "Notification" is an electronic notification indicating that a patient has undergone a triggering event. A Notification may or may not be a complete message, which is a type of standard H L7 message generated by healthcare systems based upon events. "Part 2 Mixed Inbound Data" refers to inbound data to Contexture from a general medical facility that operates a Part 2 Program and provides non -Part 2 services such as physical or behavioral health services (a "mixed use facility"). Part 2 Mixed Inbound Data may come from an organization with Part 2 designation that cannot separate the Part 2 data from other data types OR an organization with Part 2 designation that is capable of separating its data into separate interfaces. Any mixing of non -Part 2 data with Part 2 data must be treated as Part 2 Data due to the inability to separate the two types of data. r. "Part 2 Only Inbound Data" refers to inbound data to Contexture from a medical facility that operates a Part 2 program and is not a mixed -use facility - these facilities are sometimes referred to as single use facilities. s. "Solution" has the same meaning as in the HIE General Terms and Conditions and may also be referred to as "Service." 3 Docusign Envelope ID: 3C41AF8A-12BB-4F07-ABCD-C625B941220F contexture Creating connections. Improving lives. 2.0 Contexture Solution: Contexture will use commercially reasonable efforts to provide the following Solution: PatientCare 360 Portal (Portal) is a web -based platform where participants are able to access and query individual pafients' comprehensive health records. This functionality allows participants to review demographic data, past health issues, test results, and medication history providing a longitudinal view of a Member's health records. Contexture populates the Portal with data from a wide variety of healthcare entities from across the U.S. with the majority of the data coming from entities in Arizona and Colorado. Solution Selected: O Yes ❑ No Inbound HL7 is a solution that brings data into the HIE via Health Level 7 (HL7) format. Each HL7 data type has its own interface. Contexture will implement and maintain one of more of the following HL7 Interface types from the Participant's electronic health record ("EHR") system to the HIE. Solution Selected: ❑ Yes C No Participants may choose to send one data type or multiple data types, select those that apply: ❑ Laboratory Results ❑ Radiology Reports ❑ PACs Link ❑ Transcription ❑ Pathology Results ❑ ADTs ❑ RDE (Pharmacy Treatment Encoded Order) ❑ OMP (Pharmacy Treatment Order) ❑ Syndromic Surveillance ❑ Electronic Lab Reporting ❑ VXU Inbound HL7 messages must follow HL7 standards as well as the specifications provided by Contexture's data ingestion vendor. Select the data type that will be sent to Contexture: ❑ Limited Use Inbound Data ❑ Part 2 Only Inbound Data ❑ Part 2 Mixed Inbound Data ❑ Non -Part 2 Inbound Data 4 Docusign Envelope ID: 3C41 AF8A-12BB-4F07-ABCD-C625B941220F contexture Creating connections. Improving lives. CCD Data Sender is a solution that brings data into the HIE via CCD-A format. Contexture will implement summary and documents maintain from a connection the Participant, from who Participant is acting to as the a Data HIE System Sender. to ingest CCD/care Solution Selected: O Yes ❑ No Select the data type that will be sent to Contexture: ❑ Limited Use Inbound Data ❑ Part 2 Only Inbound Data ❑ Part 2 Mixed Inbound Data x Non -Part 2 Inbound Data Contexture offers HISP services and Direct Secure For Participants Messaging Network EHR addresses that is to Participants if they use an electronic health if record EHR does (EHR). Contexture with an -based not solution capable of for providing sending and HISP receiving services Messages. or an not exist, offers a web Solution Selected: D Yes rl No Solution Selected ❑ Yes ill No ADT events Notification for Members will on be the sent regarding Participant's admission, Member File discharge, upon and receipt transfer of data ❑ Admission, Discharge, Transfer Notification (ADT) from HIE participants. Laboratory the Participant's Notification Member will File. be sent regarding all lab results for Members on ❑ Laboratory Notification Pathology Notification will be sent regarding new pathology reports for D Pathology Notification Members on the Participant's Member File. Transcription Members on the Notification Participant's will be Member sent regarding File. new patient notes for ❑ Transcription Notification Radiology Members on Notification the Participant's will be sent Member regarding File. new radiology reports for ❑ Radiology Notification Transformation HTP Regional Accountable Entities (RAEs) utilizing Hospital (Colorado Notification Participants Only) Program (HTP) Notifications will HTP receive data feeds timely for HTP Members measure the data RAE's from Colorado Member solution is hospitals' File. only RAEs available Inbound can be in notified Colorado. via flat file delivered daily on or weekly. This Mental the Participant's Health Hospitalization Member File Notification is admitted, discharged, will be sent when or a transferred Member on from D Mental Health Hospitalization Notification participating Notification facilities. solution. These facilities are not included in Contexture's ADT 5 Docusign Envelope ID: 3C41AF8A-12BB-4F07-ABCD-C625B941220F rip contexture Creating connections. Improving lives. . Cholesterol Notification will be sent regarding the High Participant's Lipoprotein Members' ❑Cholesterol Notification lipid Cholesterol Triglycerides panel results, (HDL-C), including Low -Density Total Cholesterol, Lipoprotein Cholesterol -Density (LDL-C), and Hepatitis hepatitis Notification panel (A, will B, C, and be sent anti -body regarding results). the Participant's Members' ❑Hepatitis Notification Diabetes Notification will be sent for the Participant's Members' diabetes ❑ Diabetes Notification panel, fasting including blood sugar, Hemoglobin and glucose A1C, estimated tests. average Hemoglobin A1c, COVID-19 Member File Notification has will a new COVI be sent D lab when result (positive a Member on or negative). the Participant's ❑ COVID-19 Notification 3.0 Delivery Frequency and Methods: Participant specific decisions made during Implementation a. sFTP- Notifications can be sent as HL7 files real time as data comes in or can be sent as a dally report. b. HL7 Interface- Notifications will be sent via Virtual Private Network (VPN) real time to Participant. c. Direct Secure Message- Notifications can be sent real time as data comes in or as a daily report to the Participant. 4.0 Contexture Obligations: a. General Obligations 1. Project and Implementation Management. Contexture will assign an Implementation project manager to oversee Implementation planning, scheduling and execution. The Implementation project manager will be the first point of contact for Participant during Implementation. Contexture's Implementation project manager and Participant will jointly be responsible for managing the project schedule, risks, and issues. ii. Ongoing Maintenance, Help Desk, & Monitoring Support. Contexture will provide routine maintenance, help desk and system monitoring services for this product in accordance with the terms of the Agreement and Contexture's then -current Service and Support Level Addendum. b. Solution Specific Obligations. 1. PatientCare 360 Portal: (1) Authorized User Training. Contexture will provide online training modules, available on the Contexture website, to all Authorized Users listed on the request form. ii. Inbound HL7: Contexture will provide the following services as part of the analysis, design, and testing of Participant's inbound and outbound HIE interfaces: 6 Docusign Envelope ID: 3C41 AFBA-12BB-4F07-ABCD-C625B941220F contexture Creating connections. Improving lives. (1) Participate in project kick-off and engage in Implementation with necessary focus and resources to meet a project Implementation timeline of nineteen (19) sequential weeks. (2) Support set up of a secure connection between Data Sender's EHR and the HIE System. (3) Conduct analysis of data feeds and develop interface specifications. (4) Build interfaces in conjunction with EHR and system vendors. CCD Data Sender (1) Support set up of a secure connection with Contexture. (2) Review, with participant, data delivery method (e.g., Direct Secure Message, XDS.b, sFTP, Remote Integrator or API) and build interfaces in conjunction with Contexture specifications. (3) Conduct necessary testing and data quality validation. (4) Connect interfaces to the HIE System. (5) Provide identity management services to facilitate the matching of patients and data across disparate systems. iv. Direct Secure Message. (1) Contexture will provide Participant with access to the Direct Secure Messaging Network for the sole purpose of enabling Authorized Users to transmit and receive PHI for the purposes permitted under the Agreement, Contexture Policies, Applicable Law and the Business Associate Agreement. All access to and use of the Direct Secure Messaging Network will be restricted to Authorized Users of Participant as permitted under this Agreement and Applicable Law and Contexture Policies. (2) Contexture will assign each of Participant's Authorized Users an account or other means of accessing the Direct Secure Messaging Network. v Quick Results. If the participant organization and/or their healthcare providers do not have codes assigned to them by the health systems sending data into the HIE, Contexture will help the participant to engage with the health system to get a provider code created. (1) Authorized User Training. Contexture will provide online training modules, available on the Contexture website, to all Authorized Users. All Authorized Users identified on the Authorized User request form will receive the link and registration information. vi. Notifications (1) Contexture will provide its standard Member File requirements that define content and format specifications, which are required for Notifications delivery. 7 Docusign Envelope ID: 3C41AF8A-12BB-4F07-ABCD-C625B941220F contexture Creating connections. Improving lives. • (2) Depending on Participant Member File delivery method decided, Contexture and Participant will establish needed connectivity for Member File delivery. If applicable, Contexture will provide all sFTP requirements and establish an sFTP location for the transfer of the Participant's Member File. The Member File must be updated at least every 30 days by Participant to continue receiving Notifications. If applicable, Contexture will work with Participant to establish Direct Secure Message account for delivery of Member File. (3) Contexture will identity manage each Participant's Member File and then generate the applicable Notification for the Participant's Member File (4) Contexture will validate that connectivity, user access and location meet Contexture's data security standards and requirements. (5) Contexture will update the Notification feed/report when updated Member Files are received from Participant (at least every 30 days or the Notifications delivery will stop). 5.0 Participant Obligations: Participant agrees to do the following in support of the Solutions described in this SOW: a. General Obligations. i. Participant acknowledges that the successful and timely Implementation of the Services covered by this SOW will require Participant's active participation. ii. Coordinate both internal and vendor resources (if applicable) required for the Implementation and testing work to proceed. Participant acknowledges that such Implementation will require multiple meetings, and that Contexture can only proceed with participation from the Participant and its vendors. Comply with all requirements included in the Implementation Documentation provided by Contexture. iv. Project Delays. Contexture and Participant acknowledge that delays beyond their control may occur during the project, including but not limited to, obtaining approvals and resource availability. Participant is accountable for engaging vendor and working to mitigate any delays caused by vendor organization. b. Solution Specific Obligations: i. PatientCare 360 Portal (1) Authorized User Accounts for Portal Access. Access to the HIE and Solutions covered by this SOW will be provided only to Authorized Users. Participant will provide all information requested by Contexture, including a unique email address, in connection with the establishment of each Account, which may be used only by the Authorized User of the applicable Account. Participant is responsible for requiring all Authorized Users to meet the requirements of this SOW and applicable Policies and Laws for access to the HIE and 8 Docusign Envelope ID: 3C41 AFBA-12BB-4F07-ABCD-C625B941220F contexture' Creating connections. Improving lives. Services covered by this SOW. Participant will ensure the security and confidentiality of each Account and the associated login credentials and will notify Contexture immediately if any Account login credentials are lost, stolen, or otherwise compromised. (2) Contexture provides access to the Solutions covered by this SOW via secured methodology. Consistent with industry standards and best practices, Contexture is incorporating multi -factor authentication for access to the Solutions by all Authorized Users that access the Portal through the web following Implementation and on a schedule that is mutually agreeable to Contexture and Participant (in no case to exceed three (3) months). All Authorized Users of Participant that access the Portal through the web portal will be trained on and required to install and utilize a software application that will be used to validate Authorized Users' identities. (3) Each Authorized User will complete all training required by Contexture, and Participant will certify that each Authorized User has completed all such training. (4) Changes in Authorized User Status. Participant is responsible for initiating, updating, removing or suspending access of its Authorized Users to the HIE in compliance with applicable Laws and Policies and the Agreement. Participant shall take immediate action regarding any changes in the status of any Authorized User (or their ability to access the HIE or Solutions covered by this SOW) as set forth in the applicable Policies, including but not limited to employee departures or terminations. (5) Permitted Use Policy. Participant is responsible for requiring all Authorized Users to meet the requirements of this SOW and Contexture's applicable Permitted Use Policies and Applicable Laws for access to the HIE. (6) Participant Responsibility for Actions of Authorized Users. Participant is fully responsible for all liabilities and damages incurred through access and use of the Solutions covered by this SOW by Participant's Authorized Users. Any activity completed by an Authorized User of Participant will be deemed to have been completed by Participant. Third -Party Service Providers. As part of this Solution, Authorized Users may access and use services and products provided by third - party service providers. Participant's access and use of third -party services and products will comply with Section 2.6 (Third -Party Service Providers) of the HIE General Terms and Conditions. These services and products are subject to change and Contexture has no duty to notify Participant of changes. (7) Data Sender H L7: (1) Participant shall provide a point of contact (POC) for outage information as well as a HIPAA Compliance or Privacy Officer. 9 Docusign Envelope ID: 3C41 AFBA-I2BB-4F07-ABCD-C625B941220F contexture Creating connections. Improving lives. Participant agrees to notify Contexture within fourteen (14) days of any changes to these roles. (2) HL7 Requirements: (a) Contexture utilizes the current version of HL7, as available at http://www.hl7.org/index.cfm, in the development of HL7 Interfaces between Participant and the HIE System. (b) Participant will cooperate with Contexture to conduct any required acceptance testing of its HL7 Interfaces. (c) Participant shall map and apply the appropriate vocabulary, ontology and/or terminology codes (e.g. LOINC® vocabulary codes to lab test results or SNOMED® CT concepts for pathology reports) to the content of Participant data prior to providing data to the HIE. (3) OID Requirements: (a) Participant shall obtain and register an OID (a globally unique ISO identifier) via HL7.org so that Contexture may accurately identify and route data to other HIE Participants. (b) Participant shall provide Contexture with its unique HL7 registered OID as soon as possible following execution of this Agreement and before Implementation commences. (c) The OID must be unique and different from the electronic health record issued OID. (d) Participant must follow HL7 standards regarding OID branching or adopt the Contexture OID Branching Standard. (e) Participant shall provide advance notice to Contexture of OID and facility modifications before sending data inbound to the HIE. (f) Participant shall send Facility OID and Facility Name in HL7 interface in accordance with Contexture interface specification. (4) Provide necessary production messages to begin initial pre -validation process (this is typically two -weeks / -10,000 messages). (a) Participant will engage in the review of pre -validation outcomes and make changes to the HL7 structure to comply with the HIE Gold Standard, as defined in Contexture Documentation, and HL7 Standards, as applicable. (5) By providing a Member's data to the HIE, Participant represents and warrants that it has a HIPAA-compliant treatment, payment or healthcare operations relationship with the Member and that Participant is authorized to send data to the HIE for that Member. (6) Prohibited Data Submissions. Participants will comply with the requirements of Section 4.4 (Prohibited Data Submissions) of the HIE General Terms and Conditions. 10 Docusign Envelope ID: 3C41AF8A-12BB-4F07-ABCD-C625B941220F contexture Creating connections. Improving lives. (7) Facility Changes. If Participant establishes, acquires or otherwise affiliates with a new clinical practice whose data will be sent to the HIE, Participant will promptly notify Contexture of the facility name and OID before such facility's data is sent through a Participant interface. The addition of new facilities may be subject to additional Implementation Fees. Additionally, if any facilifies are removed, Participant will notify Contexture within 30 days. CCD Data Sender (1) Participant agrees to coordinate both internal and external vendor resources (if applicable) required for the Implementation and testing work to proceed. Participant acknowledges that such Implementation will require multiple meetings, and that Contexture can only proceed with the participation from the Participant and its vendors. (2) OID Requirements. (a) Participant shall obtain and register an OID (a globally unique ISO identifier) via HL7.org so that Contexture may accurately identify and route data to other HIE Participants. (b) Participant shall provide Contexture with its unique HL7 registered OID as soon as possible following execution of this Agreement and before Implementation commences. (c) The OID must be unique and different from the electronic health record issued OID. (3) (d) Participant must follow applicable standards regarding OID branching or adopt the Contexture OID Branching Standard. (e) Participant shall provide advance notice to Contexture of OID and facility modifications before sending data inbound to the HIE. (f) By providing a Member's data to the HIE, Participant represents and warrants that it has a HIPAA-compliant treatment, payment or healthcare operations relationship with the Member and that Participant is authorized to send data to the HIE for that Member. Prohibited Data Submissions. Participants will comply with the requirements of Section 4.4 (Prohibited Data Submissions) of the HIE General Terms and Conditions. (4) Facility Changes. If Participant establishes, acquires or otherwise affiliates with a new clinical practice whose data will be sent to the HIE, Participant will promptly notify Contexture of the facility name and OID before such facility's data is sent through a Participant interface. The addition of new facilities may be subject to additional Implementation Fees. Additionally, if any facilities are removed, Participant will notify Contexture within 30 days. iv. Direct Secure Message. (1) Installation. Participant will be solely responsible, at Participant's own expense, for acquiring, installing, and maintaining all hardware, 11 Docusign Envelope ID: 3C41AF8A-12BB-4F07-ABCD-C625B941220F contexture • Creating connections. Improving lives. software, and other equipment as may be necessary for Participant and each Authorized User to connect to, access, or use the Direct Secure Messaging Network except for any web portal tools provided by Contexture specifically for accessing the Direct Secure Messaging Network. (2) Participant Responsibility for Authorized Users. (a) Participant is solely responsible for all use of the Direct Secure Messaging Network by each Authorized User and for compliance by each Authorized User with the applicable terms of this Agreement, Applicable Law and Contexture Policies, and any additional terms of use applicable to the Direct Secure Messaging Network. Upon request by Contexture, Participant will verify that each Authorized User has agreed to be bound by any such additional terms of use. (b) Participant will immediately notify Contexture upon becoming aware of any breach of this Agreement or any such additional terms of use and will assist Contexture in the enforcement and mitigation of any such breach by Participant or any Authorized User. (c) Participant is responsible for initiating, updating, removing or suspending access of its Authorized Users to the HIE in compliance with Applicable Law, Contexture Policies and the Agreement. (d) Participant shall notify the Contexture Help Desk immediately of any changes in the status of any Authorized User (or their ability to access the HIE or Services) as set forth in the applicable Contexture Policies. (e) Participant shall take reasonable actions, in accordance with Applicable Law, Contexture Policies, and industry standards, to confirm that all Messages transmitted by Participant via the Direct Secure Messaging Network originate from Authorized Users. (3) Messaging Content. Participant shall not, in conjunction with the Direct Secure Messaging Network, use any means, program, or device, or permit any other person to use any means, program, or device, including, but not limited to, advertising, instant messaging, or so- called "pop -ups," to solicit business or to influence or attempt to influence for commercial purposes (through economic incentives or otherwise) any diagnostic or treatment -related decision of a health care provider. The bona fide professional recommendation of an Authorized User to another health care provider regarding the treatment or diagnosis of a shared patient is not intended to be prohibited by this provision; however, Contexture shall have sole discretion to determine the bona fide non-commercial and clinical nature of all Clinical Messages and uses of the Direct Secure Messaging Network. 12 Docusign Envelope ID: 3C41 AFBA-12BB-4F07-ABCD-C625B941220F contexture Creating connections. Improving lives. (4) Direct Secure Messaging Network Directory. (a) Participant shall identify an individual who will complete any applicable Contexture provided training and assume responsibility for the accuracy and integrity of information provided by Participant to Contexture for inclusion in Contexture's Direct Secure Messaging Network Directory. (b) Participant agrees that, at minimum, all of its Authorized Users who are duly licensed health care providers will be listed in the Direct Secure Messaging Network Directory. (c) Participant acknowledges that Contexture may use all directory and related information that it maintains in conjunction with the Direct Secure Messaging Network, whether provided by Participant or obtained otherwise, for HISP maintenance and operations related to the Direct Secure Messaging Network, interoperability with other HISPs, disclosure to appropriate third - parties, and creation and maintenance of other provider directories, as Contexture, in its sole discretion, deems appropriate. (5) Prohibited Uses of the Direct Secure Messaging Network Directory. (a) Participant and its Authorized Users are prohibited from commercially redistributing the Direct Secure Messaging Network Directory. (b) Participant may not provide to any third party HISP or permit a third party HISP to acquire or create a copy of the Direct Secure Messaging Network Directory. (c) Participant may not provide or use the Direct Secure Messaging Network Directory for direct marketing or database marketing. (d) Participant may not sell, disclose or make available the Direct Secure Messaging Network Directory to any third party unless expressly authorized in writing by Contexture. (6) Participant Audits by Contexture. Upon reasonable request, Participant shall allow Contexture to access, inspect, and audit Participant's systems and records relating to the use of the Direct Secure Messaging Network, including any data or information transmitted or received by Participant, for purposes of operating and maintaining the Direct Secure Messaging Network and determining Participant's compliance with this Agreement, Applicable Law and Contexture Policies. v Notifications (1) Follow all requirements associated with delivery of Member File and receipt of Notifications, to include leveraging the Contexture systems/solutions (such as sFTP). (2) Cooperate with Contexture to conduct any required acceptance testing of the Notifications data. 13 Docusign Envelope ID: 3C41AF8A-12BB-4F07-ABCD-C625B941220F EllCreating connections. Improving lives. contexture (3) Member Files. (a) Participant will send updated Member Files that meet Contexture's specifications at least every 30 days. If Participant fails to send an updated Member File at least every 30 days, then Contexture has the right to discontinue the delivery of Notifications data until an updated file is delivered and processed. (b) By including a Member on Participant's Member File, Participant represents and warrants that it has a current HIPAA-compliant treatment, payment or healthcare operations relationship with the Member and that Participant is authorized to receive data through the HIE for that Member. (4) Participant acknowledges that it is responsible for the proper use of all data received through the HIE and Services in accordance with the Agreement, Applicable Law and Contexture Policies. (5) Participant is responsible for ensuring that only users who require access to the Notifications are granted credentialed access. (6) Participant acknowledges that Contexture does not have any obligation or ability to monitor or review the content of the data for accuracy or completeness before making the data available through the HIE. 6.0 Fees and Payment: The following Fees are payable to Contexture by electronic means (such as e -check, ACH transfer, or credit card), unless Contexture determines that is not feasible. Fees are nonrefundable. a. Implementation Fees. Reference Implementation Fee Table in Exhibit A, Version 2. Implementation Fees: $0. Implementation Fees paid by State funding Q Implementation Fee Not Applicable due to ONE Platform Migration O Participant to pay Implementation Fee 1. If paid by the Participant, Contexture will invoice Participant 50% of the Implementation Fees within 30 days of the SOW Effective Date. Contexture will invoice the remaining 50% at the earlier of (i) two weeks after Implementation of a Service covered by this SOW, or (ii) six months after SOW Effective Date. ii. Use of State Program Funding to cover Implementation Fees is subject to availability and Participant's eligibility. If the programs are discontinued, or the funds are no longer available, or the Participant is ineligible at the time that Participant seeks to implement the Services covered by this SOW, then Participant shall be responsible for the Implementation Fees. b. Subscription Fees. Reference Subscription Fee Table in Exhibit B, Version 2.1. 14 Docusign Envelope ID: 3C41AF8A; 12BB-4F07-ABCD-C625B941220F A contexture Creating connections. Improving lives. i. Subscription Fees will be billed starting the first month after Implementation of any Service covered by this SOW. Participant is responsible for paying the full amount of the Subscription Fees once billing begins. ii. The number of Authorized Users, Member File size or number of Beds, as applicable, will be reviewed at Live Date then quarterly or annually (based upon Participant's billing cadence, as indicated in Exhibit B) with the Participant and the fee tier will be adjusted based upon that review effective for the first billing, subsequent quarter or year, as applicable. iii. Participant is responsible for informing Contexture immediately when there is a change in Authorized Users, Member File size or number of Beds, as applicable. iv. Contexture typically updates fee schedules on an annual calendar year basis effective January 1st of each year. Contexture will provide updated fee tables to be incorporated by reference as exhibits at least 60 days prior to the effective date, in accordance with Section 6.6 (Fee Increases) of the HIE General Terms and Conditions. c. Invoicing and Payment. i. Invoicing and payment of Fees under this SOW is governed by Section 6.0 (Fees and Payment) of the HIE General Terms and Conditions. ii. Participant shall provide an email address to Contexture for electronic invoicing and shall update Contexture within 14 business days of any change in that email address. d. Pricing Validity. i. The pricing set forth in this SOW is valid for 90 days from Participant's receipt of this SOW. If the SOW is not executed by Participant within 90 days of receipt, then Contexture reserves the right to adjust the pricing. 7.0 Term, Termination and Suspension. a. Term: The initial term of this Agreement shall run from the Effective Date until December 31St of the year contract signed. b. SOW Renewal: This SOW will automatically renew for additional one (1) year terms, beginning January 1st after the expiration of the initial term, until a Party terminates the Agreement as provided in the HIE General Terms and Conditions. c. SOW Termination: SOW may be terminated by either Party without terminating the entire Agreement for any of the reasons set forth in Section 7.1 (Agreement Termination) of the HIE General Terms and Conditions. Upon the termination or expiration of this SOW, Contexture will cease providing access to all Services for Participant and its Authorized Users, and Participant and its Authorized Users will stop accessing and using all Services. d. Suspension: Contexture may limit, suspend, or terminate the access of a Participant or Authorized User to some or all of the Solutions for and of the reasons set forth in Section 7.3 of the HIE General Terms and Conditions. 15 Docusign Envelope ID: 3C41AF8A-12BB-4F07-ABCD-C625B941220F contexture Creating connections. Improving lives. • 8.0 SIGNATURES: Each of the individuals signing below on behalf of either Party hereby represents and warrants that they are signing with full and complete authority to bind the party, and each identified Affiliate listed in Exhibit C on whose behalf they are signing to each term of this SOW. Participant affirms and agrees that (i) each Affiliate is a Participant under the entire Agreement and (ii) the signer below agrees on behalf of each Affiliate to all applicable terms of the Agreement, including, but not limited to, the HIE General Terms and Conditions, any applicable Special Terms and Conditions, and the Business Associate Agreement/Addendum. Contexture, a Colorado nonprofit corporation Signature: c-DocuSigned by: p litiCtrt6 5AA260E9319E44C_ Printed Name: Kelly Procopio itle: VP, Grants & Contracts Administration Signature Date:5/20/2025 County of Weld Signature: /-Signed by: Pte? bwk \---969751ECCA7E43E .. Printed Name: Perry L Buck Title: Weld County Commissioner - Chair Signature Date: 5/20/2025 16 Docusign Envelope ID. 3C41AF8A-12BB-4F07-ABCD-C625B941220F contexture Creating connections. Improving lives. Exhibit A, Version 2: Implementation Fees Participant will not be charged Implementation Fees under this SOW. 17 Docusign Envelope ID: 3C41AF8A-12BB-4F07-ABCD-C625B941220F ■ contexture Creating connections. Improving lives. Exhibit B, Version 2.1: Subscription Fees Colorado Fee Schedule Quoted Tier sr Member File SizeIt.Annual Fee Less Net Price Quarter Fee Monthly Fee - Billing Cadence . B Discount u n d I e 1 1,500 $2,820 $1,060 $1,760 $440 $147 Annual ID 1,501 2,500 $6,400 $2,320 $4,080 $1,020 $340 Annual ❑ 2,501 5,000 $9,620 $3,480 $6,140 $1,535 $512 Annual ❑ 5,001 7,500 $15,060 $5,200 $9,860 $2,465 $822 Annual ❑ 7,501 10,000 $20,440 $6,860 $13,580 $3,395 $1,132 Quarterly ❑ 10,001 15,000 $27,120 $9,380 $17,740 $4,435 $1,478 Quarterly ❑ 15,001 25,000 $44,820 $15,600 $29,220 $7,305 $2,435 Quarterly ❑ 25,001 50,000 $79,600 $27,400 $52,200 $13,050 $4,350 Quarterly ❑ 50,001 75,000 $126,820 $42,140 $84,680 $21,170 $7,057 Quarterly ❑ 75,001 100,000 $162,820 $53,520 $109,300 $27,325 $9,108 Quarterly ❑ 100,001 150,000 $208,220 $67,040 $141,180 $35,295 $11,765 Quarterly ❑ 150,001 200,000 $259,980 $81,900 $178,080 $44,520 $14,840 Quarterly ❑ 200,001 300,000 $296,440 $92,740 $203,700 $50,925 $16,975 Quarterly ❑ 300,001 400,000 $314,480 $98,640 $215,840 $53,960 $17,987 Quarterly ❑ 400,001 500,000 $338,280 $105,800 $232,480 $58,120 $19,373 Quarterly ❑ 500,001 600,000 $415,960 $130,440 $285,520 $71,380 $23,793 Quarterly ❑ 600,001 750,000 $481,960 $155,440 $326,520 $81,630 $27,210 Quarterly ❑ 750,001 1,000,000 $564,080 $183,260 $380,820 $95,205 $31,735 Quarterly ❑ 1,000,001 1,400,000 $603,680 $199,280 $404,400 $101,100 $33,700 Quarterly ❑ 1,400,001 1,800,000 $769,100 $245,640 $523,460 $130,865 $43,622 Quarterly ❑ 1,800,001 2,200,000 $936,860 $291,360 $645,500 $161,375 $53,792 Quarterly ❑ 2,200,001 2,600,000 $1,092,540 $335,000 $757,540 $189,385 $63,128 Quarterly ❑ 2,600,001 3,000,000 i $1,236,540 $371,000 $865,540 $216,385 $72,128 Quarterly ❑ 3,000,001 3,500,000 $1,398,540 $411,500 $987,040 $246,760 $82,253 Quarterly ❑ 3,500,001 4,000,000 $1,578,540 4 $456,500 $1,122,040 $280,510 $93,503 Quarterly ❑ 4,000,001 4,500,000 $1,758,540 $501,500 $1,257,040 $314,260 $104,753 Quarterly ❑ 4,500,001 5,000,000 $1,938,540 $546,500 $1,392,040 $348,010 $116,003 Quarterly ❑ 5,000,001 5,500,000 $2,118,540 $591,500 $1,527,040 $381,760 $127,253 Quarterly ❑ 5,500,001 6,000,000 $2,298,540 $636,500 $1,662,040 $415,510 $138,503 Quarterly ❑ 6,000,001 6,500,000 $2,478,540 $681,500 $1,797,040 $449,260 $149,753 Quarterly ❑ 6,500,001 7,000,000 $2,658,540 $726,500 $1,932,040 $483,010 $161,003 Quarterly ❑ 7,000,001 7,500,000 $2,838,540 A $771,500 $2,067,040 $516,760 $172,253 Quarterly ❑ 18 Docusign Envelope ID: 3C41AF8A-12BB-4F07-ABCD-C625B941220F contexture Creating connections. Improving lives. CONTEXTURE HIE PARTICIPATION AGREEMENT Special Terms and Conditions for Medical Examiners and Coroners These Special Terms and Conditions for Medical Examiners and Coroners ("Medical Examiner Terms") are an Attachment that is incorporated by reference into the Contexture HIE Participation Agreement (the "Agreement") to which these Medical Examiner Terms are attached. 1.0 APPLICABILITY; DEFINITIONS. 1.1 Applicability. Participant is a Medical Examiner or Coroner. 1.2 Definitions. All capitalized words and phrases not defined in these Medical Examiner Terms have the meanings given elsewhere in the Agreement, including in the Cover Sheet and the HIE General Terms and Conditions. "Coroner" is as defined in the HIE General Terms and Conditions. "Medical Examiner" is as defined in the HIE General Terms and Conditions. "Medical Examiner Activities" is as defined in the HIE General Terms and Conditions. 2.0 SERVICES LIMITATIONS. 2.1 Participant acknowledges and agrees that there may be instances in which Applicable Law such as state law that is more restrictive than HIPAA might prohibit Contexture from allowing Participant and its Authorized Users to access the HIE Portal or to receive other Services. In such instances, Contexture will work with Participant to try to identify an alternative manner for Participant to receive HIE Data. 2.2 Participant acknowledges and agrees that Contexture, at all relevant times, is fulfilling Participant's request for the access, exchange, or use of HIE Data in the manner requested for the Permitted Uses applicable to Participant. 3.0 MEDICAL EXAMINER REPRESENTATIONS, WARRANTIES AND OBLIGATIONS. 3.1 Authorized by Applicable Law. Participant represents, warrants and covenants that its access to, exchange of, or use of the HIE, HIE Data, and/or Services for Medical Examiner Activities is authorized by Applicable Law. 3.2 Attestations. Participant acknowledges and agrees that, as a condition of Participant's access to or use of the HIE, HIE Data, or Services, Participant will provide Contexture with any attestations, other documents, or information that Contexture determines is necessary for compliance with Applicable Law or Contexture Policies. Contexture HIE Participation Agreement Page 1 of 2 Special Terms and Conditions for Medical Examiners & Coroners Docusign Envelope ID: 3C41AF8A-12BB-4F07-ABCD-C625B941220F Lim contexture Creating connections. Improving lives 3.3 Prohibited Uses. Participant represents, warrants, and attests that, under no circumstances will Participant access, disclose or use HIE Data for a purpose prohibited under 45 C.F.R. § 164.502(a)(5)(iii) or other Applicable Law. 3.4 Medical Record; Minimum Necessary. Participant represents, warrants and covenants that to perform its Medical Examiner Activities, Participant needs the ability to access an individual's medical records. Participant, in its capacity as a Medical Examiner, represents, warrants and covenants that it will access only the minimum amount of HIE Data necessary for Participant's Medical Examiner Activities. 3.5 Duty to Notify Contexture of Legal Limitation on Participant's Access to the HIE. If Participant becomes aware of an Applicable Law or change in circumstances that materially limits its legal authority to access the HIE Portal or HIE Data, then Participant will immediately (i) notify Contexture; and (ii) suspend Participant's use of the HIE Portal and HIE Data for its Medical Examiner Activities. In this situation, Participant may resume accessing or using the HIE Portal or HIE Data only with Contexture's written agreement, and the Parties may discuss an alternative manner for Participant to receive HIE Data. 4.0 MISCELLANEOUS. These Medical Examiner Terms may not be modified except in writing signed by all Parties. Each of the individuals signing below on behalf of either Party hereby represents and warrants that they are signing with full and complete authority to bind the party. CONTEXTURE, a Colorado nonprofit Organization DccuSigned by: 'Sitjhbittitab pretbPtb Kelly Procopio Printed Name VP, Grants & Contracts Administration Title 5/20/2025 Date County of Weld Signed by: Pc,v (, fAttic Iatate Perry L Buck Printed Name WPM County C ommicsinner - Chair Title 5/20/2025 Date Contexture HIE Participation Agreement Special Terms and Conditions for Medical Examiners & Coroners Page 2 of 2 Docusign Envelope ID: 3C41AF8A 12BB-4F07-ABCD-C625B941220F contexture Creating connections. Improving lives. CONTEXTURE HIE PARTICIPATION AGREEMENT Special Terms and Conditions for Public Health Authorities These Special Terms and Conditions for Public Health Authorities ("PHA Terms") are an Attachment that is incorporated by reference into the Contexture HIE Participation Agreement (the "Agreement") to which these PHA Terms are attached. 1.0 APPLICABILITY; DEFINITIONS. 1.1 Applicability. Participant is a PHA. These PHA Terms apply to Participant's access to the HIE in Participant's capacity as a Public Health Authority and for the purpose of Limited Public Health Activities. 2.1 Definitions. All capitalized words and phrases not defined in these PHA Terms have the meanings given elsewhere in the Agreement, including in the Cover Sheet and the HIE General Terms and Conditions. "Limited Public Health Activity" is as defined in Contexture Policies. "PHA Pro Activity. ect" refers to a specific use case involving HIE Data for a Limited Public Health "Public Health Authority" or "PHA" has the meaning given under HIPAA at 45 C.F.R. § 164.501 and in Contexture Policies. 2.0 SERVICES LIMITATIONS. 2.1 Participant acknowledges and agrees that there may be instances in which Applicable Law —including without limitation Arizona state law that is more restrictive than HIPAA— might prohibit Contexture from allowing Participant and/or its Authorized Users to access the HIE Portal. In such instances, Contexture will work with Participant to try to identify an alternative manner for Contexture to deliver the health information that Participant is legally permitted to receive. 2.2 Participant acknowledges and agrees that Contexture, at all relevant times, is fulfilling Participant's request for the access, exchange or use of HIE Data in the manner requested for the Permitted Uses applicable to Participant. 3.0 PHA REPRESENTATIONS, WARRANTIES AND OBLIGATIONS. 3.1 Authorized by Applicable Law. Participant represents, warrants and covenants that its access, exchange or use of HIE Data for Limited Public Health Activities is authorized by Applicable Law at all relevant times. 3.2 Medical Record; Minimum Necessary. Participant represents, warrants and covenants that to perform its Limited Public Health Activities, including without limitation investigations into reportable communicable diseases, Participant needs the ability to access an individual's medical record. Participant, in its capacity as a PHA, represents, warrants and Contexture HIE Participation Agreement Page 1 of 3 Special Terms and Conditions: Public Health Authority Docusign Envelope ID: 3C41 AFBA-12BB-4F07-ABCD-C625B941220F DI Creating connections. Improving lives. contexture covenants that it will access only the minimum amount of HIE Data necessary for the PHA Project. 3.3 Duty to Notify Contexture of Legal Limitation on Participant's Access to the HIE. If Participant becomes aware of an Applicable Law or change in circumstances that materially limits its legal authority to access the HIE or HIE Data for a specific PHA project, then Participant will immediately (i) notify Contexture; and (ii) suspend Participant's use of the HIE Portal for that PHA Project. In this situation, Participant may resume using the HIE Portal only with Contexture's written agreement and the Parties may discuss an alternative manner to receive HIE Data. 3.4 Auditing of Communicable Disease Investigations. Consistent with 45 CFR Part 164 Subpart C, the Participant agrees to cooperate with audits by Contexture related to the investigation of reportable communicable diseases through access to or use of the HIE or Services. Participant shall provide necessary information and documentation upon request to ensure compliance with Applicable Law and Contexture Policies. The specifics of the auditing process, including frequency and method of information transfer, will be determined mutually by Participant and Contexture. If the Parties are unable to agree to a mutually agreeable auditing process, either Party may terminate the Agreement in accordance with Section 7.1(a) of the HIE General Terms and Conditions. 3.5 Prohibited Activities. Participant acknowledges and agrees that Participant will not access the HIE, or use HIE Data, for any of the following purposes: i. Medical Examiner Activities (as defined in the HIE General Terms and Conditions); ii. Health oversight activities (as described by HIPAA at 45 C.F.R. § 164.512(d)); iii. Judicial or administrative proceedings (as described by HIPAA at 45 C.F.R. § 164.512(e)); iv. Law enforcement activities (as described by HIPAA at 45 C.F.R. § 164.512(f)); v. A purpose prohibited under 45 C.F.R. § 164.502(a)(5)(iii). 3.6 Attestations. Participant acknowledges and agrees that, as a condition of Participant's access to the HIE and its use of the Services, Participant will provide Contexture with any attestations, other documents, or information that Contexture determines is necessary for compliance with Applicable Law and Contexture Policies. 4.0 MISCELLANEOUS. These PHA Terms may not be modified except in writing signed by all Parties. Contexture HIE Participation Agreement Page 2 of 3 Special Terms and Conditions: Public Health Authority Docusign Envelope ID: 3C41AF8A-12BB-4F07-ABCD-C625B941220F contexture Creating connections. Improving lives. Each of the individuals signing below on behalf of either Party hereby represents and warrants that they are signing with full and complete authority to bind the party. CONTEXTURE, a Colorado nonprofit Organization DocuSigned try. ,—Srgned by: pm✓aria .4si tture `---sofgrb Contexture county of weld P (, Kelly Procopio Perry L Buck Printed Name Printed Name VP, Grants and Contracts Administration Wild County Commissioner - Glair Title Title 5/20/2025 5/20/2025 Date Date Contexture HIE Participation Agreement Page 3 of 3 Special Terms and Conditions: Public Health Authority d docusign Certificate Of Completion Envelope Id: 3C41AF8A-12BB-4F07-ABCD-C625B941220F Subject: Docusign: County of Weld SOW Health Care Provider Gold Colorado Participant Name: County of Weld Source Envelope: Document Pages: 67 Signatures: 14 Certificate Pages: 2 Initials: 0 AutoNav: Enabled EnvelopeId Stamping: Enabled Time Zone: (UTC-07:00) Mountain Time (US & Canada) Status: Completed Envelope Originator: Danielle McNew 2000 S Colorado Blvd Ste 1200 Denver, CO 80222 Danielle.McNew@contexture.org IP Address: 73.78.11.191 Record Tracking Status: Original 5/13/2025 1:20:22 PM Holder: Danielle McNew Danielle.McNew@contexture.org Location: DocuSign Signer Events Signature Timestamp Perry L Buck jmundt@weld.gov Weld County Commissioner - Chair Security Level: Email. Account Authentication (None) Electronic Record and Signature Disclosure: Not Offered via Docusign Kelly Procopio kelly.procopio@contexture.org VP, Grants and Contracts Administration Security Level: Email, Account Authentication (None) Electronic Record and Signature Disclosure: Not Offered via Docusign Signed by \---969751ECCA7E43E_ Signature Adoption: Pre -selected Style Using IP Address: 204.133.39.9 DocuSrgned by: procaine, SAA260E9319E44C. Signature Adoption: Pre -selected Style Using IP Address: 216.147.124.177 Sent: 5/13/2025 2:53:09 PM Viewed: 5/13/2025 2:59:59 PM Signed: 5/20/2025 11:14:38 AM Sent: 5/20/2025 11:14:45 AM Viewed: 5/20/2025 11:44:27 AM Signed: 5/20/2025 11:45:46 AM In Person Signer Events Signature Timestamp Editor Delivery Events Status Timestamp Agent Delivery Events Status Timestamp Intermediary Delivery Events Status Timestamp Certified Delivery Events Status Timestamp Carbon Copy Events Status Timestamp Contexture Contracts contracts@contexture.org Contracts Security Level: Email, Account Authentication (None) Electronic Record and Signature Disclosure: Not Offered via Docusign COPIED Sent: 5/20/2025 11:45:52 AM Carbon Copy Events Status Timestamp Danielle McNew danielle.mcnew@contexture.org Security Level: Email, Account Authentication (None) Electronic Record and Signature Disclosure: Not Offered via Docusign Raezelle Maestas Raezelle. Maestas@contexture.crg Security Level: Email, Account Authentication (None) Electronic Record and Signature Disclosure: Not Offered via Docusign Kirstin Smith kirstin.smith@contexture.org Security Level: Email, Account Authentication (None) Electronic Record and Signature Disclosure: Not Offered via Docusign Jacob Mundt jmundt@weld.gov Weld County Commissioner - CI^air Security Level: Email, Account Authentication (None) Electronic Record and Signature Disclosure: Not Offered via Docusign Contracts BOCC-Contracts@weld.gov Chair Weld County Commissioners Security Level: Email, Account Authentication (None) Electronic Record and Signature Disclosure: Not Offered via Docusign Witness Events COPIED COPIED COPIED COPIED COPIED Signature Sent: 5/20/2025 11:45:53 AM Resent: 5/20/2025 11:46:05 AM Sent: 5/20/2025 11:45:54 AM Sent: 5/20/2025 11:45:54 AM Sent: 5/20/2025 11:45:55 AM Sent: 5/20/2025 11:45:59 AM Viewed: 5/20/2025 4:01:56 PM Timestamp Notary Events Signature Timestamp Envelope Summary Events Status Timestamps Envelope Sent Envelope Updated Certified Delivered Signing Complete Completed Hashed/Encrypted Security Checked Security Checked Security Checked Security Checked 5/13/2025 2:53:09 PM 5/20/2025 10:56:56 AM 5/20/2025 11:44:27 AM 5/20/2025 11:45:46 AM 5/20/2025 11:45:59 AM Payment Events Status Timestamps f,4C®fitf ®A CONTTEX-01 CERTIFICATE OF LIABILITY INSURANCE TCORNEJO DATE (MM/DD/YYYY) 5/13/2025 THIS CERTIFICATE IS ISSUED AS A MATTER OF INFORMATION ONLY AND CONFERS NO RIGHTS UPON THE CERTIFICATE HOLDER. THIS CERTIFICATE DOES NOT AFFIRMATIVELY OR NEGATIVELY AMEND, EXTEND OR ALTER THE COVERAGE AFFORDED BY THE POLICIES BELOW THIS CERTIFICATE OF INSURANCE DOES NOT CONSTITUTE A CONTRACT BETWEEN THE ISSUING INSURER(S), AUTHORIZED REPRESENTATIVE OR PRODUCER, AND THE CERTIFICATE HOLDER IMPORTANT If the certificate holder's an ADDITIONAL INSURED, the policy(ies) must have ADDITIONAL INSURED provisions or be endorsed If SUBROGATION IS WAIVED, subject to the terms and conditions of the policy, certain policies may require an endorsement A statement on this certificate does not confer rights to the certificate holder in lieu of such endorsement(s) PRODUCER License # 0757776 mac,' Alice O'Rourke -Mills HUB International Insurance Services (COL) 2000 S Colorado Blvd Tower 2, Suite 150 'T No, Ext) (970) 541-6024 I jac, No) (866) 243-0727 EMIL ADDAREss ahce orourkemills aehubinternational com Denver, CO 80222 INSURER(S) AFFORDING COVERAGE NAIC # INSURER Philadelphia Indemnity Insurance Company 18058 INSURED INSURER B Pinnacol Assurance Company 41190 Contexture Colorado Regional Health Information Organization Health Current, Contexture LLC, QHN INSURER Evanston Insurance Company 35378 INSURER 2000 S Colorado Blvd Tower 1 Suite 12000 Denver, CO 80222 INSURER E INSURER F REVISION NUMBER ..THIS' 'As, a CERTIFY THAT THE POLICIES OF INSURANCE LISTED BELOW HAVE BEEN ISSUED TO THE INSURED NAMED ABOVE FOR THE POLICY PERIOD INDICED NOTWITHSTANDING ANY REQUIREMENT, TERM OR CONDITION OF ANY CONTRACT OR OTHER DOCUMENT WITH RESPECT TO WHICH THIS CERTIFICATE MAY BE ISSUED OR MAY PERTAIN, THE INSURANCE AFFORDED BY THE POLIC ES DESCRIBED HEREIN IS SUBJECT TO ALL THE TERMS, EXCLUSIONS AND CONDITIONS OF SUCH POLICIES LIMITS SHOWN MAY HAVE BEEN REDUCED BY PAID CLAIMS INSR TYPE OF INSURANCE LTR ADDL SUER INSD WVD POLICY NUMBER POLICY EFF (MMIDD/YYYYI POLICY E%P IMM/DDlYYYYI LIMITS A X COMMERCIAL GENERAL LIABILITY CLAIMS MADE ® OCCUR PHPK2555481 7/1/2024 7/1/2025 EACH OCCURRENCE $ 1'000'000 DAMAGE TO RENTED PREMISES (Ea accurrencel $ 100,000 MED EXP (Any one person) S 5'000 PERSONAL & ADV INJURY $ 1'000'000 GENERAL AGGREGATE $ 2'000'000 GEN L AGGREGATE LIMIT APPLIES PER POLICY ❑ TET ® LOC OTHER PRODUCTS COMP/OPAGG $ 2,000,000 $ A AUTOMOBILE _ LIABILITY ANY AUTO OWNED AUTOOS ONLY AUTOS ONLY SCHEDULED AUpT0pSyy� . AUTOS ONL° PHPK2555481 7/1/2024 7/1/2025 EM.I ED SINGLE LIMIT (Ea acadentl 1,000,000 $ BODILYINJURY(per person) S BODILY INJURY (Per accident) S (Pe acEcldentrAGE $ $ A X UMBRELLA LIAB EXCESS LIAB X OCCUR CLAIMS MADE PHUB864352 7/1/2024 7/1/2025 EACH OCCURRENCE $ 5'000'000 AGGREGATE $ 5'000'000 $ DED I X I RETENTIONS 10,000 B AND EMPLOYER8 LIABILOITY YIN OFFICER/MEMBER/EXCLL'IST ECUTIVE (Mandatory m NH) If yes descnbeunder DESCRIPTION OF OPERATIONS below N /A 4256719 2/18/2025 7/1/2025 X I STATUTE I I EORH E L EACH ACCIDENT 1,000,000 $ E L DISEASE - EA EMPLOYEE $ 1'000'000 E L DISEASE - POLICY LIMIT 1,000,000 $ C Professional Ltab C Cyber Liability MKLV5PEO003180 MKLV5PEO003180 7/1/2024 7/1/2024 7/1/2025 7/1/2025 5,000,000 / Aggregate Limit 5,000,000 5,000,000 DESCRIPTION OF OPERATIONS / LOCATIONS / VEHICLES (ACORD 101, Additional Remarks Schedule, may be attached If more space Is required) Workers Compensation - Other States Carney Zurich American Insurance Company NAIC #16535 Policy #WC 0718760 - 00 Effective 4/25/2025 - 7/1/2025 Limits 1,000,000 / 1,000,00 / 1,000,000 CANCELLATION Weld County SHOULD ANY OF THE ABOVE DESCRIBED POLICIES BE CANCELLED BEFORE THE EXPIRATION DATE THEREOF, CE WILL BE DELIVERED IN ACCORDANCE WITH THE POLICY PROVISIONS PO Box 758 1401 N 17th Ave AUTHORIZED REPRESENTATIVE Greeley, CO 80632 1--.1Y)`— ACORD 25 (2016/03) © 1988-2015 ACORD CORPORATION All rights reserved The ACORD name and logo are registered marks of ACORD Contract Form Entity Information Entity Name* CONTEXTURE Contract Name* MSA FOR HIE PARTICIPATION Contract Status CTB REVIEW Contract Description* MSA FOR HIE PARTICIPATION Contract Description 2 Contract Type* AGREEMENT Amount* $1,760.00 Renewable* NO Automatic Renewal Grant IGA Entity ID* P00036171 Department INFORMATION TECHNOLOGY-GIS Department Email CM- InformationTechnologyGl S@weld.gov Department Head Email CM- InformationTechnologyGl S-DeptHeadgweld.gov County Attorney GENERAL COUNTY ATTORNEY EMAIL County Attorney Email CM- COUNTYATTORNEY@WEL D.GOV New Entity? Contract ID 9465 Contract Lead* JMUNDT Contract Lead Email jmundt@weld.gov Requested BOCC Agenda Date* 05;-2112025 Parent Contract ID Requires Board Approval YES Department Project # Due Date 05/17 2025 Will a work session with BOCC be required?* NO Does Contract require Purchasing Dept. to be included? If this is a renewal enter previous Contract ID If this is part of a MSA enter MSA Contract ID Note: the Previous Contract Number and Master Services Agreement Number should be left blank if those contracts are not in OnBase Contract Dates Effective Date Termination Notice Period Contact Information Contact Info Contact Name Purchasing Review Date* 1 1 /01 /2026 Committed Delivery Date Contact Type Contact Email Renewal Date Expiration Date* 1 2, 31 2026 Contact Phone 1 Contact Phone 2 Purchasing Approver Purchasing Approved Date CONSENT 05. 14'2025 Approval Process Department Head RYAN ROSE DH Approved Date 05/14;2025 Final Approval BOCC Approved BOCC Signed Date BOCC Agenda Date 05/19/2025 Finance Approver CONSENT Legal Counsel CONSENT Finance Approved Date Legal Counsel Approved Date 05,.14:'2025 05,`14 2025 Tyler Ref # AG 051925 Originator JMUNDT Hello