Supplier at all times will comply with all Applicable Law in the performance of this PO, including without limitation those related to antitrust, anti-corruption, privacy, discrimination, disabilities, fair labor standards, payment of wages, international trade, intellectual property, fraud and abuse, false claims, sampling, and prohibition of kickbacks and unlawful self-referrals. Additionally, Supplier at all times will comply with the following specific requirements as applicable to the Products and/or Services:
1. Interactions with Healthcare Suppliers and Professionals.
1.1 Interaction with Healthcare Professionals.
The parties acknowledge that Buyer conducts its relationships with healthcare professionals in compliance with applicable laws, including without limitation 42 C.F.R. §1001.952(d), the “safe harbor” to the U.S. Anti-Kickback Statute, 42 U.S.C. §1320a-7(b), with respect to personal services, the PhRMA Code on Interactions with Healthcare Professionals (the “PhRMA Code”) promulgated by the Pharmaceutical Research and Manufacturers of America (PhRMA), the AdvaMed Code of Ethics on Interactions with Healthcare Professionals, as amended, promulgated by the Advanced Medical Technology Association (“AdvaMed”) and Section 6002 of the Patient Protection and Affordable Care Act (the “Physician Payment Sunshine Act”) and its applicable implementing regulations (42 C.F.R. §403.904). Supplier, in the performance of this PO, will conduct its relationships with healthcare professionals (and, to the extent applicable, will cause its employees and subcontractors to conduct their relationships with healthcare professionals) in accordance with all applicable laws, the PhRMA Code and AdvaMed.
Supplier further represents and warrants that it has not and has never been, nor has any of its employees, agents, or subcontractors (or subcontractor agents or employees) been (i) convicted of a crime for which a person or entity can be debarred under Section 306(a) or 306(b) of the United States Food, Drug and Cosmetic Act (21 U.S.C. Section 335(a) and (b)) or under 42 U.S.C. Section 1320a-7 or (ii) sanctioned by, suspended, excluded, or otherwise deemed ineligible to participate in any federal health benefit program, including Medicare and Medicaid, or any other federal procurement or non-procurement programs. Supplier further warrants that it will immediately notify Buyer if Supplier or any of its employees, agents or subcontractors (or subcontractor agents or employees) hereafter is or becomes the subject of any investigation or proceeding which may result in a conviction or sanction as described in (i) or (ii) above.
1.3 Bona fide Services.
All Services requested by, and to be performed for, Buyer represent bona fide services and under no circumstances is the requisition of such Services, or the remuneration therefore, meant to serve as an obligation, express or implied, to purchase, prescribe or otherwise support Buyer’s products.
2. Federal Acquisition Regulations.
In the event any Products or Services being furnished by Supplier are in furtherance of or fulfilling, in whole or in part, Buyer’s obligations with respect to a federal agency procurement award or contract, Supplier agrees to comply with all applicable Federal Acquisition Regulations and applicable laws and regulations of the U.S. Small Business Administration, including without limitation the Utilization of Small Business Concerns and Small Business Concerns Owned and Controlled by Socially and Economically Disadvantaged Individuals clause of Section 8(d) of the Small Business Act. Supplier further agrees to comply with all Applicable Law including without limitation the Fair Labor Standards Act and all other Applicable Law related to discrimination. Buyer and Supplier will abide by the requirements of 41 CFR §§ 60-1.4(a) or (b) (as applicable), 60- 300.5(a) and 60-741.5(a). These regulations prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities, and prohibit discrimination against all individuals based on their race, color, religion, sex, sexual orientation, gender identity, or national origin. Moreover, these regulations require that covered prime contractors and subcontractors take affirmative action to employ and advance in employment individuals without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status. Supplier agrees, to the extent applicable, to comply with the employee notice requirements set forth in 29 CFR Part 471, Appendix A to Subpart A, which are hereby incorporated by reference into this PO. Without limiting the foregoing, Supplier agrees, to the extent applicable: (a) to comply with the equal employment opportunity and affirmative action provision of: (1) Executive Order 11246, as amended and U.S. Dept. of Labor regulations issued pursuant thereto (41 CFR 60); (2) Section 503 of the Rehabilitation Act of 1973 (29 U.S.C. 793), as amended; and U.S. Dept. of Labor regulation issued pursuant thereto (41 CFR 60-741), in contracts for $2500 or more; and (3) Section 402 of the Vietnam Era Veterans Readjustment Assistance Act of 1974 (38 U.S.C. 2012), and U.S. Dept. of Labor regulations pursuant thereto (41 CFR 60-250), in contracts for $10,000 or more; Title VII of Civil Rights of 1964, 78 Stat. 253, as amended, and regulations issued pursuant thereto; (b) to comply with the requirement of the certification of non-segregated facilities as ordered by the Secretary of Labor (32 F.R. 7439) and as required by 41 CFR 60-1; (c) to comply with Executive Order 11141 which proscribes discrimination because of age by government contractors and subcontractors; (d) to comply with the provisions of the Executive Order 12092, as amended, and any federal procurement regulations adopted pursuant thereto or to any other Executive Orders issued under Section 206 of the Economic Stabilizations Act of 1970 (PL 91-379), as amended; (e) in domestic, non-personal contracts over $10,000, to comply with the Utilization of Small Business Concerns and Small Business Concerns Owned and Controlled by Socially and Economically Disadvantaged Individuals clause of Section 8(d) of the Small Business Act as amended (15 USC 631), and to provide subcontracting plans pursuant thereto; with Federal Acquisition Regulation 52.219-8 (if this contract is less than $550,000), and with Federal Acquisition Regulation 52.219-9 (if this contract is more than $550,000), with the same force and effect as if Supplier were the prime contractor under a government contract containing these regulations; (f) to comply with the regulations regarding Equal Opportunity for Special Disabled Veterans, Veterans of the Vietnam Era, and Other Eligible Veterans (Sept 2006) as specified in Federal Acquisition Regulation 52.222-35; (g) in domestic, non-personal contracts over $10,000, to comply with the regulations for Affirmative Action for Workers With Disabilities as specified in Federal Acquisition Regulation 52.222-36; (h) to comply with the regulations for Combating Trafficking in Persons as specified in Federal Acquisition Regulation 52.222-50; (i) to comply with the regulations applicable to the Preference for Privately-Owned U.S. Flag Commercial Vessels as specified in Federal Acquisition Regulation 52.247-64; (j) to comply with regulations, rules and orders promulgated by federal agencies pursuant to Executive Order 12138 regarding the promotion of women’s owned businesses where applicable; and (k) until three years after payment under the order, to afford the Comptroller General of the United States or any of his duly authorized representatives, access to, and the right to examine any pertinent books, papers and records of Supplier involving transactions relating to this PO. Supplier agrees to comply with all applicable laws, ordinances or regulations pertaining to nondiscrimination toward employees; nondiscrimination in hiring practices, and the elimination of segregated facilities.
3. Trade Compliance.
3.1 Importer of Record.
Supplier will be the importer of record on all imports into the United States. Supplier represents and warrants that it will comply with all Applicable Law relating to exports and import of goods and will supply all necessary information relevant to import of Products by the recipient. Supplier also will supply to Buyer such other information related to the export or import of Products as Buyer may from time to time request.
3.2 Supply Chain Security.
With respect to any imports into the United States, Supplier will use reasonable efforts to bring its supply chain security capabilities into substantial compliance with the security guidelines set forth in U.S. Customs and Border Protection’s Customs-Trade Partnership Against Terrorism program and to complete a supply chain security questionnaire as provided by Buyer. ‘Reasonable Efforts’ means, with respect to a given goal, the efforts that a reasonable person in the position of the Supplier would use so as to achieve that goal as expeditiously as possible. When Supplier is responsible for selecting carriers, they must be C-TPAT members or if C-TPAT membership is not available to such carriers in general, have been screened by Supplier and determined by Supplier to meet C-TPAT requirements. Supplier must immediately notify Buyer of any container seal discrepancy or breakage (for any reason).
3.3 Human Rights.
No Products sold under this PO will be manufactured by use of prohibited labor including convict, forced, child or indentured labor.
3.4 Controlled Technology or Technical Data.
In the event any Products or Services being furnished by Supplier potentially relate to technology or technical data that is subject to export control laws and regulations, Confidential Information or other information obtained in connection with its performance of this PO may be considered technology or technical data that is subject the export control laws and regulations of the United States or other countries, and hereby agrees to comply with any such Applicable Law. To the extent applicable, Supplier agrees to cooperate with Buyer to ensure compliance with United States import and export laws and regulations, including without limitation by ensuring that its employees abide by deemed export laws and adhere to the compliance processes for import and export laws and regulations of Buyer or any of its affiliates. If requested by Buyer, Supplier agrees to implement a verification process to validate (and be able to demonstrate to Buyer) that Supplier and its employees, agents, subcontractors and subcontractor agents and employees have complied with all applicable import and export control laws including without limitation U.S. deemed export regulations. Supplier further agrees that it will not assign to perform work with regards to Products or Services being provided to Buyer any person or subcontractor or subcontractor agent or employee who is not a US Person (defined below) unless Supplier has (a) provided Buyer with all information necessary for it to determine whether disclosure of information during the course of such person’s or subcontractor’s or subcontractor agent’s or employee’s assignment could require an export license; and (b) has received from Buyer written permission to assign such person, subcontractor or subcontractor agent or employee to Buyer work. For the purposes of this section, a “US Person,” means any person who is: (i) a Citizen of the United States, (ii) lawfully permitted for permanent residence in the United States, or (iii) a protected individual under the Immigration and Naturalization Act (8 U.S.C. 1324b(a)(3)).
4. Data Privacy and Security.
In the event any Supplier obtains access to Personal Data in connection with its provision of Products or Services under this PO, this Data Privacy and Security section will apply. “Personal Data” means any information that identifies or can be used to identify an individual, including, without limitation, information related to Buyer’s and its affiliates’ personnel (e.g., employees, temporary workers and independent contractors), customers, suppliers and invitees, that is provided to, or obtained, used, accessed, maintained, or otherwise handled by, Supplier in connection with providing Products or Services under this PO. Supplier will treat Personal Data as Confidential Information. Supplier certifies that it will (and any third-parties to which it grants access to Personal Data will), at all times, comply with and treat Personal Data in accordance with: (i) this Privacy and Security section; and (ii) applicable Data Protection Requirements. “Data Protection Requirements” means all Applicable Law relating to the collection, use, disclosure and protection of Personal Data in a jurisdiction in or from which Buyer or Supplier collects, transmits, stores, uses, discloses or otherwise processes (collectively, “Process” or “Processing”) Personal Data. Without limiting the foregoing, Supplier agrees that:
4.1 Data privacy.
Supplier will only Process Personal Data to provide Products or Services under this PO and for no other purpose unless authorized in advance in writing by Buyer. In no event may Supplier: (i) Process Personal Data to market its services or those of an affiliate or third party; or (ii) sell, rent, disclose or otherwise provide access to Personal Data to its affiliates or third parties (except as agreed by Buyer in writing or as strictly necessary to provide the Products or Services or to comply with Applicable Law). Supplier will remain accountable and responsible for all actions by, and omissions of, third parties to which it discloses or provides access to Personal Data with respect to such Personal Data. With each third party to which Supplier discloses or provides access to Personal Data, Supplier will execute a written agreement that includes provisions that are no less protective of Personal Data than the level of protection required of Supplier. Upon request from Buyer, Supplier will provide all reasonable cooperation and assistance in responding to any request, inquiry or other communication from individuals or any regulatory or law enforcement authorities pertaining to Personal Data Processed under this PO.
4.2 Information Security.
Supplier will maintain and monitor a comprehensive, written information security program that contains administrative, technical, and physical safeguards to protect the security, confidentiality and integrity of Personal Data, including, but not limited to, measures to protect against unauthorized access to or alteration, disclosure, destruction or loss of Personal Data. Supplier certifies that its information security program is consistent with: (i) Buyer’s information security practices and requirements as may be issued to Supplier by Buyer from time to time, and (ii) the Data Protection Requirements. Supplier will notify Buyer in writing immediately (and in any event within twenty-four (24) hours) to Privacy@betabionics.com and via telephone to Supplier’s primary business contact whenever Supplier reasonably believes there has been either: (a) an actual unauthorized acquisition, destruction, modification, use, disclosure of, or access to, Personal Data; or (b) a possible unauthorized acquisition, destruction, modification, use, disclosure of, or access to, Personal Data that triggers a legal obligation (e.g., notification) pursuant to the Data Protection Requirements (an “Information Security Breach”). Unless required by Applicable Law, Supplier will not notify any individual or any third party other than law enforcement of any potential Information Security Breach involving Personal Data without first consulting with, and obtaining the permission of, Buyer. If Buyer directs Supplier to correspond with or notify individuals of the Information Security Breach, Supplier will be responsible, at Supplier’s sole cost and expense, for filing all notices and making all notifications required by applicable law, and will provide Buyer with sufficient documentation to support that all legal obligations have been satisfied. Except to the extent the Information Security Breach was caused by an act or omission by Buyer, Supplier will (a) reimburse Buyer for all losses suffered or incurred by Buyer in connection with the Information Security Breach, including without limitation losses that result from, occur in connection with or arise out of any of filing notices and/or notifying individuals regarding the Information Security Breach, and consulting outside advisors (e.g., attorneys, consultants) to determine and/or address Buyer’s legal obligations resulting from the Information Security Breach; and (b) provide, at Supplier’s sole cost, reasonable assistance and cooperation requested by Buyer in the furtherance of any correction or remediation of the Information Security Breach and/or the mitigation of any damage, including without limitation one year of identity theft protection and credit monitoring services to any individual whose Personal Data was included in the Information Security Breach. Supplier will indemnify, defend and hold harmless Buyer from and against any and all losses arising from, in connection with, or based upon any third-party claim against any of them that results from, occurs in connection with or arises out of any Information Security Breach, a violation of the requirements of this Data Privacy and Security section or the Data Protection Requirements, and any negligence or willful misconduct of Supplier, its personnel, or any third party to whom Supplier provides access to Personal Data, with respect to security or confidentiality of such Personal Data.
4.3 Obligations on Termination.
Upon termination or expiration of the Agreement, or for any reason upon Buyer’s request, Supplier will: (a) immediately cease handling Buyer’s Personal Data and will, as directed by Buyer, return or dispose of any or all such Personal Data; and (b) direct any relevant third-parties to return or dispose of any or all Personal Data in their possession, power or control. Supplier will certify to Buyer that all forms of the requested Personal Data have been either returned or destroyed. Notwithstanding the foregoing, Supplier may retain copies of Personal Data to the extent required by Applicable Law or as permitted under this Agreement. If Supplier disposes of any paper, electronic or other record containing Personal Data, Supplier will do so by taking all reasonable steps to destroy the information by: (a) shredding; (b) permanently erasing and deleting; (c) degaussing; or (d) otherwise modifying the Personal Data to make it unreadable, unreconstructable and indecipherable. Supplier’s obligations under this Data Privacy and Security section will continue for so long as Supplier continues to have access to, is in possession of or acquires Personal Data, even if all agreements between Supplier and Buyer have expired or terminated.