Terms of Service

1. Services Provided

Beterra provides software and implementation services including performance measurement, safety and quality metrics, feedback measurement, benchmarking, analytics, and compliance management for healthcare organizations. Service specifics appear in an addendum to the Master Service Agreement (MSA). Addendum terms take precedence in case of conflict.

2. Corporate Responsibility Compliance

Beterra commits to following applicable local, state, and federal laws and regulations. The company will immediately notify clients of any regulatory violations. On-site personnel must comply with client health screenings, drug-free workplace policies, background checks, privacy requirements, and other reasonable standards necessary for service delivery.

3. Security & Data Protection

Services comply with:

• SOC 2 Type II Compliance with industry-standard security controls.
• HIPAA & HITECH Compliance protecting Protected Health Information (PHI) where applicable.
• Confidentiality & Data Access through authorized personnel only, with encryption and access controls.
• Optional: Clients may request annual penetration testing and security audits.
• Optional: Clients may request incident response commitments, such as 24-hour breach notification.

4. Confidentiality & Nondisclosure

Both parties acknowledge receiving potentially confidential information. Confidential Information excludes publicly available data or information known before disclosure. Neither party shall disclose, use, or permit unauthorized access to the other's Confidential Information.

5. Indemnification

Each party shall indemnify, defend, and hold harmless the other party and its affiliates from losses, claims, damages, or expenses arising from negligence, misconduct, or agreement breach.

6. Vendor Management (Optional)

• All third-party vendors handling client data must adhere to SOC 2 and GDPR security standards.
• Clients may request audit rights for vendors handling their data.
• Beterra shall notify clients within 30 days when introducing new vendors for data handling.

7. Service Availability & Business Continuity (Optional)

• Clients may request uptime SLAs, excluding planned maintenance.
• Clients may request disaster recovery plans including redundancy, offsite backups, recovery time objectives (RTO), and recovery point objectives (RPO).

8. Privacy & Data Rights (Optional)

Clients may request explicit clarification ensuring they retain all rights to their data.

9. Termination & Suspension

Either party may terminate for cause with 90 days' written notice unless specified in the services agreement. Clients may request 30 days post-termination transition assistance, including data migration support, detailed in an addendum.

10. Compliance Audits & Certifications (Optional)

• Clients may request annual SOC 2 Type II audit reports.
• Clients may request access to Beterra's latest security policies, penetration testing results, and compliance certifications.

11. AI & Automated Decision-Making Disclaimer (Optional)

Clients may request clarification that AI-driven analytics supplement but do not replace expert decision-making and may request human review of AI-based recommendations.

12. Dispute Resolution & Governing Law

Disputes shall be resolved through arbitration under American Arbitration Association rules in Atlanta, Georgia unless otherwise specified in the services agreement. This agreement is governed by Georgia state law unless otherwise specified.

13. Compliance Program

Beterra may notify the client's Compliance Office of potential fraud or conflicts of interest. Both parties agree not to engage in anti-kickback law violations.

14. Notices

All notices must be sent to: