BUSINESS ASSOCIATE AGREEMENT (Confidentiality Agreement)

This Agreement ("Agreement") is between the undersigned and Keystone Insights, LLC, a Wisconsin limited liability company ("Keystone").

The Undersigned is a "Health Care Provider," as defined in the Health Insurance Portability and Accountability Act of 1996, as amended, and that act's implementing rules and regulations (collectively, "HIPAA") or a "Business Associate," as defined by HIPAA, of a "Health Care Provider." Keystone will receive electronic dictations from the Undersigned and shall electronically store, perform transcription services and electronically transfer the transcribed dictation on behalf of the Undersigned which will involve the use or disclosure of individually identifiable electronic protected health information ("PHI") which requires the Undersigned and Keystone to enter into this Agreement.

1. Permitted Use. Keystone is permitted to use and disclose PHI that it creates or receives on the Undersigned's behalf or receives from the Undersigned (or another business associate of the Undersigned) only to perform transcription services, which include the transfer and storage of medical dictations that may contain PHI, as well as the transcription of the dictation by Keystone's third-party subcontractors, or otherwise as required by law. Keystone will make reasonable efforts to use, disclose, and request only the minimum amount of PHI reasonably necessary to accomplish the transcription services.

2. Restricted Access. Keystone will develop, implement, maintain, and use appropriate administrative, technical, and physical safeguards to protect the privacy, confidentiality, integrity and availability of the PHI. The safeguards must reasonably protect the PHI from any intentional or unintentional use or disclosure in violation of HIPAA and shall limit incidental uses or disclosures made pursuant to a use or disclosure otherwise permitted by this Agreement.

3. Subcontractors and Agents. Keystone will require any third-party transcriptionist performing transcription services on its behalf, to which Keystone is expressly permitted by this Agreement to disclose the PHI, to provide reasonable assurance that the subcontractor will comply with the same privacy and security safeguard obligations with respect to the PHI that are applicable to Keystone under this Agreement by entering into a separate agreement with the subcontractor.

4. Permitted Disclosures/Required Access. Keystone shall not use PHI in any way, other than as permitted in this Agreement, and shall not disclose or provide another access to PHI, unless such disclosure is to Keystone's third-party transcriptionists, the Undersigned or is required by law. Keystone must allow access to any records or internal practices upon request from the Undersigned or the Department of Health and Human Services. Keystone shall not directly or indirectly receive remuneration in exchange for any PHI unless the Undersigned or Keystone obtains a valid authorization from the individual. Keystone shall honor and comply with, as applicable, the rights created by HIPAA for patients relating to PHI access, amendment, disclosure accounting and restriction agreements.

5. Unauthorized Disclosures. In the event Keystone becomes aware that a disclosure of PHI has occurred, other than as permitted by this Agreement, Keystone shall immediately take action to minimize the extent of the disclosure and report to the Undersigned the following: (a) what PHI was disclosed, (b) the date of the disclosure, (c) a description of how the disclosure occurred and (d) a description of the steps and measures Keystone has and will take to address the unauthorized disclosure and prevent future disclosures.

6. Termination. This Agreement may be terminated by either party at any time and for any reason. All PHI held by Keystone at the time of termination will be returned or destroyed in accordance with the requirements set forth by HIPAA.

By executing your electronic signature below, you are signing a binding agreement which creates certain obligations for you. Further, you represent that your personal information on record with Keystone is true and correct and you agree to update your personal information with Keystone, as appropriate.

CONFIDENTIALITY AGREEMENT (HIPAA Business Associate Agreement)

This Agreement ("Agreement") is between the undersigned ("Transcriptionist") and Keystone Insights, LLC, a Wisconsin limited liability company ("Keystone").

Transcriptionist performs transcription services for Keystone. Transcriptionist may receive information which identifies and/or contains personal information about individuals ("Confidential Information"). Confidential Information includes Protected Health Information ("PHI"). Some examples of PHI are a patient's name, address, birth date, admission/discharge date, date of death, phone/fax number, email address, social security number and other unique identifiers. Because Keystone provides dictation services to health care providers, it must keep all PHI private and secure by complying with the Health Insurance Portability and Accountability Act of 1996, as amended ("HIPAA"), and Transcriptionist, as a subcontractor of Keystone, must also comply with HIPAA. As such, Transcriptionist agrees to the following:

1. Permitted Use. Transcriptionist will receive Confidential Information from Keystone. Transcriptionist may only access and use the Confidential Information to transcribe the dictation and for no other purpose.

2. Restricted Access. Transcriptionist shall: (a) not release, transfer, discuss, disclose or otherwise transmit Confidential Information, in any form whatsoever, to any third party; (b) not share the password that protects access to Transcriptionist's Keystone account with any third party; (c) use reasonable safeguards to prevent access to the computer(s) Transcriptionist uses to perform the transcription services; (d) not allow any third party access to his or her Keystone account or information contained therein; (e) not subcontract any transcription duties; and (f) not retain or copy, either electronically or otherwise, any Confidential Information. At all times during this Agreement, Transcriptionist shall have safeguards in place to reasonably protect the Confidential Information Transcriptionist receives from Keystone.

3. Permitted Disclosures/Required Access. Transcriptionist shall not use Confidential Information in any way, other than as permitted in this Agreement, and shall not disclose or provide another access to Confidential Information, unless such disclosure is to Keystone or is required by law. Transcriptionist must allow access to any records or internal practices upon request from Keystone or the Department of Health and Human Services.

4. Unauthorized Disclosures. In the event Transcriptionist becomes aware that a disclosure of Confidential Information has occurred, other than as permitted by this Agreement, Transcriptionist shall immediately take action to minimize the extent of the disclosure and report to Keystone at support@keystoneinsights.com the following: (a) what Confidential Information was disclosed, (b) the date of the disclosure, (c) a description of how the disclosure occurred and (d) a description of the steps and measures Transcriptionist has and will take to address the unauthorized disclosure and prevent future disclosures.

By executing your electronic signature below, you are signing a binding agreement which creates certain obligations for you. Further, you represent that your personal information on record with Keystone is true and correct and you agree to update your personal information with Keystone, as appropriate.