CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
SOFTWARE AS A SERVICE (SaaS) AGREEMENT
This SOFTWARE AS A SERVICE (SaaS) AGREEMENT (“Agreement”) is made this 1st day of November, 2015 (“Effective Date”) by and between Anthem, Inc., an Indiana corporation (“Anthem”), and Castlight Health, Inc., a Delaware corporation (“Castlight”), and describes the terms under which Castlight will provide certain software and services to Anthem.
In consideration of the covenants and agreements contained herein, and other good and valuable consideration, the receipt and sufficiency of which is hereby acknowledged, the Parties agree to the terms and conditions contained in this Software as a Service (SaaS) Agreement.
1.GENERAL
1.1 Definitions. Capitalized terms used herein shall have the meanings ascribed to them in the body of this Agreement and/or in the Order Schedules, Exhibits and other documents attached hereto, or as defined below. Terms other than those defined herein shall be given their plain English meaning, and those terms known in the information technology industry shall be interpreted in accordance with their generally known meanings. Unless the context otherwise requires, words importing the singular include the plural and vice-versa.
1.1.1 “Affiliate” means any entity controlling or controlled by or under common control with a Party, at the time of execution of the Agreement and any time thereafter, where “control” is defined as (a) the ownership of at least fifty percent (50%) of the equity or beneficial interest of such entity, or (b) any other entity with respect to which such Party has significant management or operational responsibility (even though such Party may own less than fifty percent (50%) of the equity of such entity).
1.1.2 “Authorized User(s)” means with respect to the Services (other than the publicly available portal) any individual who is at least 18 years of age, and eligible as determined by Plan to receive Covered Services under a health benefit Plan, in each case solely to the extent that with respect to such person there is an effective Order Schedule for such person’s access to the Services. Individuals accessing the publicly available portal shall be Authorized Users solely with respect to such access of the publicly available portal. For all purposes related to this Agreement, including all schedules, attachments, exhibits, manual(s), notices and communications related to this Agreement, the term “Covered Individual” may be used interchangeably with the terms insured, Member or Enrollee, and the meaning of each is synonymous with any such other.
1.1.3 BCBSA” means the Blue Cross and Blue Shield Association
1.1.4 “BCBSA Requirements” means those requirements with which Anthem and its affiliates must comply pursuant to their license agreements with the Blue Cross and Blue Shield Association. These requirements include but are not limited to: (a) the requirements established by the Blue Cross Blue Shield Association (“BCBSA”), governing access to and use of the BCBS Axis Data and, as applicable, the Claims Data (the “BCBSA Axis Requirements”); and (b) co-branding requirements pertaining to the use of trade names and marks, to the extent applicable to the Services (the “BCBSA Co-branding Requirements”). The BCBSA Axis Requirements identified as of the effective date hereof are enumerated in Exhibit J to this Agreement. The BCBSA Co-branding Requirements identified as of the effective date hereof are summarized in Exhibit J to this Agreement. Castlight acknowledges the obligations of Anthem and its affiliates to comply with all applicable BCBSA requirements, which
Software as a Service (SaaS) Agreement REV. December 2014 Page 1
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
compliance is Anthem’s responsibility, and agrees to cooperate with Anthem in ensuring such compliance. Within thirty (30) days from notice unless the Parties mutually agree to a different timeframe, Castlight agrees to comply with BCBSA Requirements issued after the Effective Date and agrees to perform remediation if Anthem determines Castlight is noncompliant with applicable BCBSA Requirements, provided Anthem explains what specific rule necessitates a change and/or remediation upon each such notice.
1.1.1 “Collaboration Agreement” shall mean that certain Reference Based Benefits Collaboration Agreement entered into by the Parties effective as of January 18, 2013, including all amendments thereto.
1.1.2 “Confidential information” has the meaning ascribed in Section 9.2.
1.1.3 “Covered Service” means a medical procedure, service, or treatment that is covered under a health plan insured or administered by an Anthem Company.
1.1.4 “Documentation” shall mean all descriptions, instructions or other materials that are incorporated into this Agreement during the Term which describe the specifications, operation, functionality or other information regarding the Castlight System or Subscription Service.
1.1.5 “Exhibit” or “Exhibits” shall include, when applicable, the Business Associate Agreement (BAA), the Federal Government Services Addenda (Exhibits B and D), the Medicare Compliance Specialty Exhibit (Exhibit C), the Diversity Supplier Compliance Exhibit (Exhibit E), the Medicaid Requirements (Exhibit F) and/or any other exhibits attached hereto.
1.1.6 “Force Majeure Event” has the meaning ascribed in Section 18.8 below.
1.1.7 HIPAA” means the Health Insurance Portability and Accountability Act of 1996 and the regulations promulgated thereunder at 45 C.F.R. §§ 160-164.
1.1.8 “Intellectual Property” means all concepts, inventions (whether or not protected under patent laws), works of authorship, information fixed in any tangible medium of expression (whether or not protected under copyright laws), moral rights, mask works, trademarks, trade names, trade dress, trade secrets, publicity rights, names, likenesses, know-how, ideas (whether or not protected under trade secret laws) and all other subject matter protected under patent (or which is not patented, but is subject matter that is protected under patent law), copyright, mask work, trademark, trade secret, or other laws, whether existing now or in the future, whether statutory or common law, in any jurisdiction in the world, for all media now known or later developed, including all new or useful art, combinations, discoveries, formulae, algorithms, specifications, manufacturing techniques, technical developments, systems, computer architecture, artwork, software, programming, applets, scripts, designs, processes and methods of doing business.
1.1.9 “Jointly Developed Product(s)” shall mean any product that is jointly created by both Parties in the course of the collaboration pursuant to a mutually agreed separate Order Schedule.
Software as a Service (SaaS) Agreement REV. December 2014 Page 2
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
1.1.10 Non-Anthem Blue Plan” means an independent Blue Cross and/or Blue Shield health plan which is a licensee of the Blue Cross and Blue Shield Association that is not an Anthem company.
1.1.11 “Nonpublic Personal Financial Information” or “NPFI” shall have the same meaning as “Nonpublic Personal Information” in 15 USC, Subchapter I, Sec. 6801-6809, of the Gramm-Leach-Bliley Act. NPFI may also be referred to herein as “Personally Identifiable Information.”
1.1.12 “Notice” shall have the meaning ascribed in Section 18.5 below.
1.1.13 “Order Schedule” shall mean any order document, Statement of Work, Service Order Form or purchase order executed by the Parties noting the Subscription Service and/or types of Services Castlight shall provide and corresponding pricing. Each Order Schedule will incorporate terms of the Agreement.
1.1.14 “Party” means Anthem or Castlight; “Parties” means Anthem and Castlight.
1.1.15 “Plan” means an Anthem Affiliate that contracts with individuals, employers, and other entities to administer, arrange, insure, provide, and underwrite health services for Covered Individuals, as that term is defined herein.
1.1.16 “Protected Health Information” or “PHI” shall have the same meaning as the term “Protected Health Information” in 45 C.F.R. § 160.103, limited to the information created or received by Castlight from or on behalf of Anthem.
1.1.17 “Castlight System” means the software, hardware, middle ware, servers, or any other item operated by or behalf of Castlight, and communications connectivity used in conjunction with the foregoing.
1.1.18 “Services” means the services to be provided by Castlight under this Agreement and any Order Schedule including, without limitation, access to, and use of, the Subscription Services, technical support and training.
1.1.19 “Service Levels” means those requirements set forth on Exhibit G attached hereto.
1.1.20 “Subscription Service” shall mean the online services, computer applications, associated user interfaces, help resources, and any related technology to be made available by Castlight via the Castlight System and the Internet that are specified on any Order Schedule to this Agreement, together with all security devices, and any proprietary third party software that is provided as part of or that accompanies the Subscription Service.
1.1.21 “Anthem Data” means the data that Anthem agrees to release to Castlight as needed to provide the Services and which shall consist of the types of data outlined in the applicable Order Schedule.
Software as a Service (SaaS) Agreement REV. December 2014 Page 3
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
1.2 The definitions contained in this Agreement shall apply to each Exhibit or Order Schedule.
1.3 Each Order Schedule and each amendment thereto must be signed by both Parties and must state that it is made pursuant to this Agreement. Each Order Schedule shall constitute a separate agreement which incorporates the terms and provisions of this Agreement. The provisions of this Agreement shall control over any conflicting provisions in an Order Schedule or Exhibit, except to the extent the Order Schedule or Exhibit indicates the clear intent of the parties that such conflicting term prevail over a term or condition of this Agreement. Notwithstanding the foregoing or any other provision of this Agreement to the contrary, in the event of any inconsistency or conflict between the terms and conditions of this Agreement and the terms and conditions of any of the following exhibits, if such Exhibits are attached to this Agreement, then the terms and conditions of the following specified Exhibits shall prevail over the terms and conditions of the main body of this Agreement or Order Schedule: ( i) Business Associate Agreement; (ii) Federal Government Services Addenda; (iii) Medicare Compliance Specialty; and (iv) Medicaid Requirements. An Order Schedule may contain additional terms, provided that the terms do not conflict with the provisions of this Agreement.
1.4 Interpretation. The use of the terms “including,” “include” or “includes” shall in all cases herein mean “including without limitation,” “include without limitation” or “includes without limitation,” respectively.
1.5 Number and Gender. Words importing the singular include the plural and words importing the masculine include the feminine and vice versa where the context so requires.
1.6 No Primary Drafter. The Parties acknowledge and agree that they have mutually negotiated the terms and conditions of this Agreement and that any provision contained herein with respect to which an issue of interpretation or construction arises shall not be construed to the detriment of the drafter on the basis that such Party or its professional advisor was the drafter, but shall be construed according to the intent of the Parties as evidenced by the entire Agreement.
1.7 Benefits of this Agreement. All rights and benefits granted hereunder to Anthem may be exercised and enjoyed by any Affiliate of Anthem, and all such rights and benefits (including without limitation, all licenses granted by Castlight hereunder) shall be deemed to be granted to all Anthem Affiliates. Further, for purposes of calculating discounts available under this Agreement that are based on volume, quantity or other measurement factor, the total volume of all Anthem Affiliates shall be counted to determine whether the applicable volume, quantity or other measurement factor has been achieved.
1.8 No Commitment. Unless otherwise agreed to in an executed Order Schedule, Castlight understands and agrees that Anthem offers no commitments or guarantee of any minimum volume of purchases or of revenues under this Agreement and that Castlight may not be Anthem’s sole provider of similar applications or services. This Agreement is nonexclusive and does not grant Castlight an exclusive right to provide Anthem with any kind of services, deliverables or licensed products and Anthem may use its own employees, other independent contractors and/or other suppliers to perform the same or similar services or provide the same or similar licensed products as are to be performed and/or provided by Castlight hereunder.
1.9 Anthem Policies and Procedures. In addition to all other obligations contained herein, Castlight and its subcontractors shall adhere to the Anthem policies and procedures, as applicable, and further described in this Section 1.9 and this Agreement. The policies and procedures are expressly
Software as a Service (SaaS) Agreement REV. December 2014 Page 4
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
referenced and incorporated into this Agreement and are either attached as Exhibits to this Agreement and/or provided to Castlight via the web site address listed below (or any successor site or communicate designated by Anthem). Castlight shall adhere to policies and procedures as amended subsequent to the Effective Date of this Agreement necessary for statutory or regulatory compliance, provided: (a) Castlight is given reasonable written notice (email is acceptable) of such amendments prior to being required to adhere to such policies and procedures; and (b) if there are any additional costs for Castlight to comply with such amended Company policies and procedures, the parties will confer in good faith to reach a mutually agreeable resolution regarding Castlight’s additional cost of compliance. To the extent Anthem amends its policies or procedures other than as necessary for statutory or regulatory or BCBSA compliance, Anthem will provide Castlight written notice of such amendments (email is acceptable), and the parties shall discuss in good faith Castlight’s compliance with such amended policies and/or procedures.
Anthem Supplier Relations webpage:
http://www.antheminc.com/prodcontrib/groups/wellpoint/@wp_suppliers/documents/wlp_assets/pw_e226861.pdf
aProcurement Process Technology and Electronic Signatures
bSupplier Code of Conduct
cReimbursable Expense Guidelines
dExhibit A: The Business Associate Agreement entered into by the Parties on September 12, 2013 is incorporated herein by reference.
eExhibit B: Intentionally Omitted.
fExhibit C: Intentionally Omitted
gExhibit D: Intentionally Omitted.
hExhibit E: Minority and Women’s Business Enterprise Compliance
iExhibit F: Medicaid Requirements
•Exhibit F-1 California Medicaid Subcontract Exhibit
•Exhibit F-2 Medicaid Exhibit Indiana HHW HIP HCC
•Exhibit F-3 Massachusetts Medicaid Requirements for Vendors
•Exhibit F-4 New York Medicaid Requirements - Vendors
•Exhibit F-5 Medicaid Exhibit South Carolina
•Exhibit F-6 Medicaid Exhibit Texas (Anthem)
•Exhibit F-7 Virginia Medicaid Requirement
•Exhibit F-8 West Virginia Medicaid Requirements - Vendor
•Exhibit F-9 Medicaid Exhibit Wisconsin
•Exhibit F-10 Florida Medicaid Subcontract Exhibit
Software as a Service (SaaS) Agreement REV. December 2014 Page 5
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
•Exhibit F-11 Kansas Medicaid Subcontract Exhibit
•Exhibit F-12 Medicaid Exhibit Louisiana
•Exhibit F-13 Medicaid Exhibit Maryland
•Exhibit F-14 New Jersey Medicaid Subcontract Exhibit
•Exhibit F-15 Medicaid Exhibit Nevada
•Exhibit F-16 Medicaid Exhibit Tennessee
•Exhibit F-17 Medicaid Tennessee BAA – Utilize for all TN Vendors
•Exhibit F-18 Medicaid Exhibit Texas (Amerigroup)
•Exhibit F-19 Medicaid Exhibit Kentucky
•Exhibit F-20 Medicaid Exhibit Washington
•Exhibit F-21 Georgia Medicaid Exhibit
o Exhibit G: Service Levels
o Exhibit H: Required Information Security Controls
o Exhibit I: Qualified Health Plans
o EXHIBIT J: BCBSA Requirements
§ Exhibit J-1: BCBSA Axis Requirements
§ Exhibit J-2: BCBSA Co-Branding Requirements
§ Exhibit J-3: Patient User Review Requirements
o EXHIBIT K: NCQA Requirements – Division of Responsibilities
o EXHIBIT L: Pricing Exhibit
o EXHIBIT M: Jointly Developed Products
o EXHIBIT N: Approved Subcontractors and Service Locations
o Exhibit O: Competitors
o Exhibit P: Medicare Medicaid Dual Integration Regulatory Exhibits
§ Exhibit P -1: New York Dual Integration Regulatory Exhibit
§ Exhibit P-2: Texas Dual Integration Regulatory Exhibit
§ Exhibit P-3: Virginia Dual Integration Regulatory Exhibit
2.SUBSCRIPTION RIGHTS
Software as a Service (SaaS) Agreement REV. December 2014 Page 6
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
2.1 Castlight hereby grants Anthem and its Affiliates and their Authorized Users, solely to the extent described in an applicable Order Schedule, a subscription to access that portion of the Castlight System so described and access and use the Subscription Service and all related Documentation so described. Castlight acknowledges and agrees that (i) the Castlight System and Subscription Service may be accessed and used by the number of users, on the number of computers or equipment, and/or at the number of sites, for the term and limited to the functionality set forth in the applicable Order Schedule, as well any other computers owned, leased or otherwise used by Anthem or its Affiliates, and their respective employees or agents that are electronically linked to Anthem’s or its Affiliates’ servers; (ii) Anthem’s and Anthem Affiliates’ agents, contractors, consultants, suppliers, customers and third-party service providers are authorized to exercise the rights granted to Anthem and its Affiliates in this Section 2.1 in furtherance of services provided to Anthem and its Affiliates subject to requirements set forth in Section 4.3 (Cooperation With and Access by Third Parties); (iii) the Castlight System and Subscription Service may be used for Anthem’s and Anthem Affiliates’ normal business purposes solely to the extent described in an applicable Order Schedule.
2.2 Service Levels. Castlight shall provide Subscription Services to Anthem in accordance with the terms set forth on Exhibit G attached hereto.
3.IMPLEMENTATION; ACCEPTANCE TESTING
3.1 Implementation. A Preliminary Implementation Plan has been developed by the Parties prior to the Effective Date hereof. A comprehensive Detailed Implementation Plan for implementation of the Castlight System (together with the Preliminary Implementation plan to be referred to collectively as the “Implementation Workplan”) shall be prepared by Castlight and approved by Anthem and incorporated into the applicable Order Schedule. The Implementation Workplan shall include where applicable, but not be limited to management and staffing resources as required by both Parties, configuration schedule and specifications, training schedule, testing schedules and implementation budget. Such project plan shall further detail any other Services to be provided by Castlight and Anthem. Failure of Castlight to perform its obligations substantially in accordance with the Implementation Workplan shall constitute a material breach of this Agreement, provided, however, that Castlight shall not be responsible for any failure to meet any obligation in the Implementation Workplan to the extent such failure is caused by the delays or other failure of Anthem to meet its obligations under the Implementation Workplan.
3.2 Acceptance Testing for Castlight System and Subscription Service. Unless otherwise specifically indicated herein, Anthem shall have thirty (30) days (the “Acceptance Period”) after receipt of Castlight’s written notice (which notice shall be provided in accordance with Section 17.4 and Castight shall use best efforts to determine that Anthem received such notice) that Anthem has access to the Castlight System to test, review and evaluate the Castlight System and Subscription Service (“Acceptance”) for compatibility with Anthem’s relevant infrastructure and for conformance with the (a) published specifications for the Castlight System and Subscription Service; (b) representations made to Anthem regarding such Subscription Service; and (c) operational requirements set forth by Anthem in the Order Schedule, or if none stated, then the criteria shall be Anthem’s reasonable acceptance. During the Acceptance Period, Anthem shall provide Castlight with either written notice of acceptance or, if in Anthem’s reasonable discretion the Subscription Service does not comply in any material way with the applicable specifications, written notice of rejection, which shall specify, in reasonable detail, the reason(s) why the Subscription Service fails to meet the applicable specifications. Upon receipt of any such notice of rejection, Castlight shall exercise commercially reasonable efforts to correct the
Software as a Service (SaaS) Agreement REV. December 2014 Page 7
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
deficiencies at no cost to Anthem, and to provide Anthem with access to the modified Castlight System and Subscription Service as soon as practicable, but not to exceed forty five (45)) days from Anthem’s notice. Commencing upon Castlight’s provision of the modified Subscription Service, Anthem shall have twenty (20) days to test, review and evaluate such modifications. If Anthem does not furnish any written notice of acceptance or non-acceptance to Castlight as required above, prior to the end of the applicable Acceptance Period, then Castlight will give the Anthem and the SPCC (as defined in Section 17.1.1) written notice of Anthem’s failure to provide notice of acceptance or non-acceptance (and Castlight shall again use best efforts to determine that Anthem and the SPCC have received such notice). In the event that Castlight has not received written notice of acceptance or non-acceptance of the applicable Subscription Service within ten (10) business days after Anthem’s receipt of such notice, then and only then will Anthem will be deemed to have accepted the applicable Subscription Service. If after repeating the process set forth in the preceding sentences three times Castlight has not corrected all material deficiencies, as determined in Anthem’s reasonable good faith discretion, , Anthem may (1) terminate this Agreement immediately and/or (2) terminate any applicable Order Schedule and the Parties agree to meet and confer in good faith to determine applicable fees Castlight will pay to Anthem as a result of the failed Services.
4.TRAINING, SUPPORT AND COOPERATION
4.1 Training. Castlight will provide Anthem and its Affiliates and its and their employees that primarily perform functions in the sales, account management and/or service operations functions for Anthem) with training on the Core Transparency Service. The training will consist of Castlight providing such Anthem employees with “train-the-trainer” type of training with respect to the functions, features, operation of the Core Transparency Service, which training may be provided via webinar or other remote means (and which training may be posted by Anthem and made available to other Anthem employees). Upon mutual agreement of the Parties, such training will include attendance by Anthem-identified individuals at Castlight’s internal training programs
4.2 Support. Castlight shall provide Anthem and its Authorized Users technical support regarding the use of the Castlight System and the Subscription Service. Such support shall be as described in the applicable Order and as further described in the Service Levels. Castlight also will provide to Anthem any revisions to the existing Documentation necessary to reflect the foregoing.
4.3 Cooperation with and Access by Third Parties. Anthem may from time to time hire outsourcers, subcontractors, consultants, or other third Parties (“Anthem Third-Party Contractors”) to perform services or provide products relating to Anthem’s business or the business of an Anthem Affiliate. Such services and products provided by Anthem Third-Party Contractors, may be integrated with the Services or Castlight Materials provided by Castlight hereunder (an “Integrated Project”) upon Castlight’s prior written consent, which may be via email and which shall not be unreasonably withheld. Castlight shall cooperate with and work in good faith with any Anthem Third-Party Contractor(s) as requested by Anthem. Such cooperation may include knowledge sharing of standards, policies, quality assurance and testing processes, as applicable, to ensure smooth deployment of Integrated Projects and/or the smooth and efficient transition of any Services (or component of Services) to, from, or among Anthem, Castlight and any Third Party Contractor. Castlight may require such Third Party Contractors to execute direct non-disclosure agreements with terms no more restrictive than the confidentiality terms contained herein prior to accessing the Services or Castlight System (such non-disclosure agreements “Castlight NDAs”). Access shall be limited to Third Party Contractors that: (a) that have executed a Castlight NDA; (b) need access in connection with the performance of services for Anthem for an applicable SOF; and (c) are not Competitors (as defined below) of Castlight. For the purposes of this
Software as a Service (SaaS) Agreement REV. December 2014 Page 8
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
Section 4.3 , Competitors shall mean entities providing direct-to-client products that enable employers to optimize the delivery of healthcare benefits and improve employee decision-making. Castlight Materials, and/or Deliverables, as applicable, as reasonably required for such Third Party Contractors to perform functions for and on behalf of Anthem or any Anthem Affiliate; and provided that such Third Party Contractors shall use or access the Castlight Materials and/or Services solely for Anthem’s benefit and shall have agreed to confidentiality provisions no less restrictive than those contained in this Agreement, and Anthem shall remain responsible for such Third Party Contractor’s use or access to the Castlight Materials and/or Services in accordance with the terms of this Agreement.
5.BUSINESS CONTINUITY/DISASTER RECOVERY; FLIP-OVER RIGHTS.
5.1 Castlight represents and warrants that its enterprise business continuity program complies with ISO 22301 standards. Castlight shall also comply with the business continuity requirements set forth in the Vendor Agreement between the Parties dated September 12, 2013, as amended, incorporated herein by reference.
5.2 Anthem may exercise Flip-Over Rights (as defined below) at any time during the period that the Castlight fails to restore Services in accordance with the applicable and approved BCP and included RTO(s) and, upon written request cannot provide adequate assurances that restoration of services will occur reasonably soon (as reasonably determined by Anthem), and, in doing so, may take other action as is reasonably necessary to provide similar services during the period the Services are disrupted. Castlight shall cooperate with Anthem and its agents, as applicable, in the exercise of such Flip-Over Rights and provide reasonable assistance at no charge to Anthem to promptly restore such disrupted Services. Castlight shall not be entitled to receive any charges to the extent they relate to Services performed by Anthem and all costs associated with the exercise of such Flip-Over Rights shall be borne by Castlight. Such Flip-Over Rights shall continue until Castlight demonstrates to Anthem’s reasonable satisfaction that Castlight is able to resume performance of the Services with appropriate mitigation in place designed to prevent further BCP failures for the Services. Such exercise of Flip-Over Rights shall not constitute a waiver by Anthem of any termination rights or rights to pursue a claim for damages arising out of the failure that led to the Flip-Over Rights being exercised. Flip-Over Rights shall mean that Anthem may use its own proprietary tools and/or another website or websites to provide information to Authorized Users as Anthem may determine is reasonably under the circumstances.
6.INVOICING AND PAYMENT; AUDIT.
6.1 Payment of Fees and Expenses. Castlight shall invoice Anthem for the fees set forth in each Order Schedule, as applicable (“Fees”). Except for the Fees and expenses agreed to in an applicable Order Schedule and not otherwise incurred in violation of this Agreement (“Expenses”), no other amounts shall be charged by Castlight or payable by Anthem. Neither party shall not have any right of offset against amounts owed to it by the other party.
6.2 Invoices. Castlight shall invoice Anthem for all Fees and, if applicable, Expenses via the Anthem Invoice online tool in accordance with the then current requirements at http://www.Anthem.com/business/policies_procedures.asp and as stated in the Procurement Process Technology and Electronic Signatures provisions therein for all invoices less than five hundred thousand dollars ($500,000.00). For all invoices greater than five hundred thousand dollars ($500,000.00), Castlight will retain the right to invoice Anthem directly, not through Anthem’s Procurement Process
Software as a Service (SaaS) Agreement REV. December 2014 Page 9
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
Technology, and Anthem will pay Castlight directly. Castlight will be solely responsible for all expenses associated with transmitting and receiving documents via Anthem’s Procurement Process Technology. Castlight shall not charge Anthem for researching, reporting or correcting errors related to invoices. The invoice date shall not be earlier than the date on which Castlight is entitled to payment under the applicable Order Schedule, or if not specified in the Order Schedule, invoices will be issued monthly in advance. Castlight shall give Anthem at least ninety (90) days prior written notice of any increase in rate. Anthem shall not be responsible for any Fees or Expenses invoiced more than four (4) months after the close of the month to which such fees or expenses relate. Each such invoice shall contain sufficient detail to allow Anthem to identify all Licensed Products and their corresponding Fee.
6.3 Payment by Anthem. Upon Acceptance of the Subscription Service and/or Services, in accordance with any acceptance criteria provided in this Agreement and in each applicable Order Schedule and receipt of a correct and undisputed invoice, Anthem shall
(i) pay Fees net fifty (50) days with no discount;
(ii) if applicable, pay Expenses net fifty (50) days with no discount; and
6.4 (iii) and pay the amounts in accordance with Anthem’s then-current payment policies (e.g. payment via ACH electronic payment to Castlight’s financial institution per instructions in Anthem’s ACH electronic payment form).
6.5 If Anthem in good faith disputes any invoiced amount, Anthem may withhold the disputed amount and Anthem shall pay per the terms of this Agreement any undisputed amounts and will notify Castlight in detail in writing as to the nature of the disputed charges and the reason for Anthem’s disagreement. Castlight shall respond by providing documentation in reasonable detail for the disputed charges. The Parties shall make all reasonable attempts to resolve the dispute as amicably as possible within thirty (30) days. Unless otherwise agreed to by both Parties, invoices which are not sent via the Anthem invoice online tool shall automatically be deemed to be in dispute until the invoice is resubmitted via such online tool.
6.6 Record Retention; Audits.
6.6.1 Billing Audits. Castlight shall maintain complete, accurate and detailed records regarding all amounts charged to Anthem under this Agreement. Castlight shall retain such records for no less than three (3) years from date of the invoice for such amount charged. Castlight shall allow Anthem and/or its authorized representatives to inspect and conduct audits on such records during normal business hours upon ten business days’ day’s written notice. If discrepancies or questions arise with respect to such records, Castlight shall preserve such records until an agreement is reached with Anthem regarding their disposition. Each Party shall bear its own expenses in conducting the audit and responding to information requests and Castlight shall not pass on such costs (including employee time, overhead, research, copying charges, professional fees, etc.) to Anthem. If an audit reveals that Castlight overcharged Anthem for any Fees, expenses or any other charges under this Agreement for any logically or readily identifiable component of a Service or chargeable material (as examples for illustrative purposes only: such as a greater than an agreed upon hourly rate for one or more personnel providing services, billing in excess of actual hours worked, miscalculation of actual amount of chargeable of supplies consumed, etc.), Castlight shall promptly reimburse Anthem in full for such overcharge(s). If such overcharges exceed five percent (5%) of the Fees, expenses or any other charges under this
Software as a Service (SaaS) Agreement REV. December 2014 Page 10
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
Agreement, Castlight shall also promptly reimburse Anthem for all reasonable internal and external audit expenses incurred by Anthem, including the reimbursement for any contingency fees paid by Anthem.
6.6.2 SSAE16 Audit Reports. Castlight shall, at Castlight’s expense, have conducted a general (i.e., not Anthem specific) SSAE 16 audit (SOC 2, Type II Statement on Standards for Attestation Engagements) of Castlight annually and provide Anthem with a summary of the results of such audit. In the event the nature of the Services includes transactions processing, then the audit report shall be a SOC 1, Type II , Statement on Standards for Attestation Engagements). The report of the third-party auditors will be solely for the use of Castlight and Anthem, its regulators and its independent accountants and will not be distributed to or used by any other parties unless approved by Castlight, such approval not to be unreasonably withheld. If such report includes any findings that Castlight fails to comply with the SSAE16 requirements, or audit tests results in exceptions, Castlight agrees to remedy such noncompliance. Bridge letters covering the period from the end of the SSAE16 audit period through the end of Anthem’s financial reporting period will also be provided by Castlight upon request by and without cost to Anthem. Castlight will comply with future guidance relating to SSAE16 as issued by the AICPA, the Securities and Exchange Commission or the Public Company Accounting Oversight Board. Both Parties recognize that the report of the third-party auditor does not constitute a certification or an attestation by Castlight under the Sarbanes-Oxley Act of 2002 or otherwise, but Castlight acknowledges that such report may be relied upon by Anthem and Anthem’s auditors as they deem appropriate.
6.7 Performance Audits. Once in each 12 month period, or more frequently if necessary to comply with regulatory or accrediting agencies’ requests or if Anthem has a good faith reasonable belief that Castlight is not in material compliance with this Agreement, Castlight agrees to make available (including providing copies of documents requested by Anthem auditors at no additional expense to Anthem), during normal business hours and upon at least 2 weeks prior notice (unless a shorter period is required for compliance with a request from a regulatory or accrediting agency) Castlight personnel and any and all books, records or other documents in its possession pertaining to the performance of its duties under this Agreement. The foregoing audit rights shall include when applicable, audits of (i) practices and procedures, (ii) security practices and procedures, (iii) disaster recovery and backup procedures, and (iv) other areas necessary to enable Anthem to meet laws applicable to the Services. Such audits and inspections may address Castlight’s performance of the Services and compliance with the provisions of this Agreement The auditors and other representatives of Anthem will be bound by confidentiality obligations related to Castlight Confidential Information no less restrictive than the confidentiality terms hereof; provided that if the auditor or other representative is a third party, Castlight may require a reasonable confidentiality agreement from such third party.
6.8 Taxes. Anthem shall pay to Castlight all applicable sales or use taxes assessed by a government authority with respect to Anthem’s use of the Subscription Service and/or Services provided by Castlight under this Agreement, provided that Castlight shall separately itemize such taxes on its invoice(s) to Anthem and that, upon request of Anthem, Castlight shall provide substantiation to Anthem confirming Castlight’s reporting and remittance of such taxes to the appropriate government entity. To the extent Anthem has timely paid Castlight for any sales or use type tax, Castlight shall indemnify, defend, and hold Anthem harmless for any such tax, and any related penalties and interest arising from any failure of Castlight to timely report and remit such tax. Anthem shall not be liable for the payment of taxes imposed upon Castlight or upon Castlight’s personnel resources, including state and federal income taxes, franchise taxes, Social Security taxes, welfare taxes, unemployment contributions, disability insurance, training taxes and any prepayments, estimated payments, reports, or withholdings required for such taxes.
Software as a Service (SaaS) Agreement REV. December 2014 Page 11
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
6.9 No Effect of Payment on Castlight’s Other Obligations. Any payment by Anthem shall in no way affect Castlight’s obligations under this Agreement and shall not be construed as acceptance by Anthem of any Subscription Service or as a waiver of any of Anthem’s rights.
7.TERM AND TERMINATION; TRANSITION ASSISTANCE.
7.1 Agreement. The initial term of this Agreement (the “Initial Term”) shall begin on the Effective Date and shall end three (3) years thereafter unless earlier terminated in accordance with this Agreement; provided however, that the Term shall be extended to the last completion date of any Order Schedule(s) then in effect if such Order Schedule(s) have specified a term longer than the Term stated above. Following the Initial Term of this Agreement, this Agreement shall automatically renew for an additional one year term (each a “Renewal Term”) unless either Party provides the other Party with written notice of non-renewal at least one hundred eighty (180) days prior to the end of the Initial Term or any Renewal Term. Each Party agrees to commence good faith negotiations on changes to the terms (excluding pricing for the Core Transparency Functionality) at least 90 days prior to the expiration of the Initial Term and any Renewal Term unless otherwise agreed to by the Parties.
7.2 Order Schedules. Each Order Schedule is an independent obligation of the Parties, and each Order Schedule if not entered into as of the Effective Date shall commence as of the commencement date set forth in (or if not specified, as of the date last set forth in the signature area of ) the relevant Order Schedule.
7.3 Termination for Breach. Either party may terminate this Agreement and any Order Schedule (in whole or in part) by providing the other party with not less than sixty (60) days' prior written notice in the event the other party materially breaches any provision of this Agreement. The notice must specify the nature of said material breach. The breaching party shall have sixty (60) days from receipt of the notice to correct the material breach. If the breaching party fails to cure the material breach within the sixty (60) day period, the non-breaching party may terminate this Agreement, effective upon completion of the aforementioned sixty (60) day notice period.
7.4 Additional Termination Rights for Breach. In the event any material breach by either Party that creates a material violation of law, non-compliance with any of the organizations in which such Party or its Affiliate holds an accreditation or a situation whereby either Party is in significant jeopardy as to its ability to perform under this Agreement, then the non-breaching Party may give ten (10) business days’ notice of the material breach to the other Party. If the breaching Party fails to cure the material breach within such ten (10) business day period, the non-breaching Party may terminate this Agreement effective at the end of the ten (10) business days, notwithstanding any other provision in this Agreement.
7.5 Termination Due to Insolvency. Either Party may terminate this Agreement or any Order Schedule immediately upon the occurrence of any of the following events with respect to the other Party: (a) the other Party becomes insolvent, generally unable to pay its debts as they become due, or makes an assignment for the benefit of its creditors or seeks relief under any bankruptcy, insolvency or debtor’s relief law; (b) if proceedings are commenced against the other Party under any bankruptcy, insolvency or debtor’s relief law, and such proceedings have not been vacated or set aside within sixty (60) days from the date of commencement thereof; (c) a receiver is appointed for the other Party or its material assets; or (d) if the other Party is liquidated, dissolved or ceases operations.
Software as a Service (SaaS) Agreement REV. December 2014 Page 12
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
7.6 Termination Upon Competitor Change of Control of Castlight. Upon a Competitor Change in Control of Castlight (as defined below), Anthem may at its option, terminate this Agreement, by giving Castlight at least thirty (30) days’ prior written notice and designating a date upon which such termination will be effective without the payment of any early termination fees, wind-down charges or similar costs, and Castlight will make a one-time payment to Anthem to cover actual switching costs up to ten million dollars ($10,000,000.00) of moving to another solutions supplier. Any such notice must be given with forty five (45) days following the later of Castlight’s provision of written notice to Anthem of, or, if Castlight fails to give such notice, the date on which Anthem learns of such Competitor Change in Control For this purpose, “Competitor Change in Control” and its derivatives means a transactions in which a Competitor (as defined on Exhibit O has obtained the legal, beneficial or equitable ownership, directly or indirectly, of at least (50.01%) of the aggregate of all voting equity interests in an entity or equity interests having the right to at least 50.01% of the profits of Castlight or, in the event of dissolution, to at least 50.01% of the assets of an entity and, if Castlight is a partnership, also includes the holding by an entity of the position of sole general partner in Castlight.
7.7 Termination for Convenience. Subsequent to the expiration of the Initial Term, either Party may terminate this Agreement, including any and all Order Schedules, for its convenience on one hundred eighty (180) calendar days prior written notice to the other Party without payment of an early termination fee or similar charges.
7.8 Effect of Termination or Expiration.
7.8.1 In the event that Anthem terminates an Order Schedule pursuant to the terms contained herein Anthem may, in its sole discretion, simultaneously terminate other Order Schedules that are materially and adversely affected by such termination or expiration. Notwithstanding the foregoing, the termination of a particular Order Schedule shall not result in the termination of the Agreement unless such termination explicitly provides for termination of the entire Agreement between the Parties. However, termination of the Agreement shall serve to terminate all Order Schedules unless such notice of termination specifies otherwise. All Sections identified as surviving the termination of an Order Schedule, as well as Sections 6.5 (Record Retention), 8 (Security), 9 (Confidentiality) 12 (Intellectual Property Ownership), 13 (Indemnification), 14 (Limitation of Liability) and 17 (Dispute Resolution) inclusive, shall survive the expiration or termination of the Agreement.
7.9 Transition Assistance. At Anthem's request, commencing upon the termination of this Agreement or any Order Schedule hereunder, or other discontinuation of a component of the Services, for any reason, Castlight shall provide up to one-hundred eighty (180) days of assistance to Anthem for transition of the Services to Anthem or a third-party designee of Anthem. Such termination assistance shall be rendered at $150 per hour. In the event Castlight terminates the Agreement or an Order Schedule for Anthem’s uncured material breach, Anthem shall pre-pay for applicable transition assistance. Within ten (10) calendar days of Anthem’s request for transition assistance, the Parties shall meet to develop a transition plan. Such transition plan and transition assistance may include, by way of example: detail of Castlight’s then-current responsibilities for Anthem; and cooperation sufficient to assure a smooth transition and to enable Anthem or its designee to provide services similar to the Services with minimal disruption to Anthem’s business and operations. The Parties may provide for different transition assistance responsibilities, timing and payment schedules in an Order Schedule.
8.SECURITY.
Software as a Service (SaaS) Agreement REV. December 2014 Page 13
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
8.1 General. Castlight shall implement reasonable security measures to prevent unauthorized access to the Castlight System, Subscription Service, Anthem Data and other Anthem Confidential information and content under Castlight’s control. Such measures shall in no event be less stringent than those used to safeguard Castlight’s own property. Such measures shall include, where appropriate, use of updated firewalls, virus screening software, logon identification and passwords, encryption, intrusion detection systems, logging of incidents, periodic reporting, and prompt application of current security patches, virus definitions and other updates. In no event shall Castlight make less stringent its security procedures, other procedures, policies or controls currently in place without the prior written agreement to such modifications by Anthem. Anthem reserves the right to terminate the Agreement, in its sole discretion and without limitation or termination liability, if Anthem reasonably determines that Castlight fails to meet its obligations under this Section. Castlight shall notify Anthem within 24 hours (a) of any breach of the security of the Castlight System or Subscription Service, (b) if the security of the Anthem Data is compromised in any way, or (c) of any unauthorized disclosure of the Anthem Data. Castlight shall cooperate with Anthem in any investigation of the foregoing and shall provide Anthem with any copies of reports of Castlight’s investigation into, or remedial efforts with respect to, any of the foregoing.
8.2 Limited Access. To the extent made accessible to Castlight, Castlight shall, at all times, limit access to Anthem Data and Anthem Confidential information to those employees or subcontractors that have an actual need to access such data for purposes of providing the Services. Prior to gaining access to Anthem Data or Anthem Confidential information, Castlight shall require all employees or subcontractors to comply with confidentiality, security and intellectual property provisions no less stringent than the provisions set forth in this Agreement and, at Anthem’s request, have an officer certify in writing it has done so.
8.3 Notification of Security Breaches. Castlight shall within 24 hours notify Anthem should it discover any breach of the Anthem Data and will immediately coordinate with Anthem to investigate and remedy such breach(es) in a diligent and timely manner. Except as may be strictly required by applicable law, Castlight agrees that it will not inform any third party of any such security breach, without Anthem’s prior written consent; however, if such disclosure is required by applicable law, Castlight agrees to work with Anthem, at no additional cost to Anthem, regarding the content of such disclosure so as to minimize any potential adverse impact upon Anthem and its members.
8.4 Access to Anthem Systems. If Castlight is given access, whether on-site or through remote facilities, to any Anthem computer or electronic data storage system, in order for Castlight to perform any of its obligations hereunder, Castlight shall limit such access and use solely to perform such obligations and will not attempt to access any computer system, electronic file, software or other electronic services other than those specifically required to perform the obligations. Castlight shall limit such access to those of its personnel with an express requirement to have such access in connection with this Agreement or the applicable Order Schedule, shall advise Anthem in writing of the name of each such personnel who will be granted such access (and identifying whether each is an employee or subcontractor of Castlight), and shall strictly follow all requirements noted in the Castlight Code of Conduct and/or any other Anthem policy (including without limitation the Anthem Information Security Policy and the Required Information Security Controls, attached hereto as Exhibit H), as made available to Castlight, regarding the use of Anthem’s electronic resources and systems. All user identification numbers and passwords disclosed to Castlight and any information obtained by Castlight as a result of Castlight’s access to, and use of, Anthem computer and electronic storage systems shall be deemed to be, and shall be treated as Confidential information (under applicable provisions of this Agreement. Castlight shall cooperate with Anthem in the investigation of any apparent unauthorized access by Castlight to Anthem computer or electronic data storage systems or unauthorized release of Confidential information
Software as a Service (SaaS) Agreement REV. December 2014 Page 14
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
by Castlight. Castlight’s access shall be subject to such other business control and information protection policies, standards, and guidelines as may be provided to Castlight by Anthem from time to time. Any other use by Castlight of any other Anthem assets or property or systems is strictly prohibited. Castlight warrants and agrees that its personnel will not remotely access Anthem’s system from a networked computer unless the network is protected from all third party networks by a firewall that is maintained with all patches up to date by a 7x24 administrative staff. Said firewall must be certified by the International Computer Security Association (ICSA) (or an equivalent certification as determined by Anthem) if the connection to Anthem’s network is an ongoing connection such as frame relay or T1 line.
9.CONFIDENTIALITY AND DATA USE.
9.1 HIPAA, Medicare, FEP, Medicaid. The provisions set forth in this Section 9 are in addition to and not in lieu of any confidentiality, privacy, security and other requirements imposed on Castlight if Exhibit A (Business Associate Addendum), Exhibit B (Federal Government Services Addendum for Non-Commercial Items), Exhibit C (Medicare Compliance Specialty), Exhibit D (Federal Government Services Addendum for Commercial Items), Exhibit F (Medicaid Requirements), Exhibit H (Required Information Security Controls) and/or Exhibit I (Qualified Health Plans) are included among the Exhibits that form part of this Agreement.
9.2 Confidential information.
9.2.1 During the Term, a Party (the “Receiving Party”) may be exposed to or acquire information regarding the business, projects, operations, finances, activities, affairs, research, development, products, technology, technology architecture, business models, business plans, business processes, marketing and sales plans, customers, finances, personnel data, health plan rating and reimbursement formulas, computer hardware and software, computer systems and programs, processing techniques and generated outputs, intellectual property, procurement processes or strategies or providers of the other Party or their respective directors, officers, employees, agents or clients (collectively, the “Disclosing Party”), including, without limitation, any idea, proposal, plan, procedure, technique, formula, technology, or method of operation (collectively, “Confidential information”). With respect to Anthem only, Confidential information shall include all Anthem Data and all Confidential information of Anthem Affiliates.
9.2.2 In the case of Anthem, “Confidential Information” shall expressly include the following types of information:
9.2.2.1 Anthem’s proprietary information consisting of non-public, trade secret, commercially valuable, or competitively sensitive information or other material and information relating to products, projects, operations, customers, finances, business, affairs, or activities, including but not limited to: (i) information about systems, technologies, procedures, methodologies, and practices used in performing its services; and (ii) financial information, market analyses and forecasts, sales and marketing research, proposed products or services, provider and beneficiary demographics, and customer lists and other customer-specific information; (iii) information about provider networks, provider negotiated fees, provider discounts, and provider contract terms (including combinations of data elements that could enable such information to be derived, calculated, or reverse-engineered); and (iv) information about activities such as underwriting, claims processing, claims payment, and health care management.
9.2.2.2 Information that Anthem is obligated by law or contract to protect, including without limitation: (i) Social Security Numbers; (ii) provider tax identification numbers (TINs);
Software as a Service (SaaS) Agreement REV. December 2014 Page 15
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
(iii) National Provider Identification Numbers (NPIs); (iv) provider names, provider addresses, and other identifying information about providers; and (v) drug enforcement administration (DEA) numbers, pharmacy numbers, and other identifying information about pharmacies.
9.2.3 In the case of Castlight, “Confidential Information” shall expressly include the following types of information:
9.2.3.1 Castlight’s proprietary information consisting of non-public, trade secret, commercially valuable, or competitively sensitive information or other material and information relating to products, projects, operations, customers, finances, business, affairs, or activities, including but not limited to: (i) information about systems, technologies, procedures, methodologies, and practices used in performing its services; and (ii) financial information, market analyses and forecasts, sales and marketing research, proposed products or services, provider and beneficiary demographics, and customer lists and other customer-specific information;.
9.2.4 Confidential information shall not include any information that a Party can demonstrate: (i) was in the public domain at the time of disclosure to such Party; (ii) was published or otherwise became part of the public domain after disclosure to such Party through no fault of such Party; (iii) was previously disclosed to such Party without a breach of duty owed to the other Party by a third-party who had a lawful right to such information; or (iv) was independently developed by such Party without reference to Confidential information of the other Party.
9.2.5 In addition, either Party may disclose Confidential information to the extent disclosure is based on the good faith opinion of such Party’s legal counsel that disclosure is required by law or by order of a court or governmental agency; provided that, the Party that is the recipient of such Confidential information shall give prompt notice to the Disclosing Party, use all commercially reasonable efforts to maintain the confidentiality of the Confidential information, and cooperate with the owner of such Confidential information, in efforts to protect the confidentiality of such Confidential information by an appropriate protective order. The owner of such Confidential information reserves the right to obtain a protective order or otherwise protect the confidentiality of such Confidential information. Each Party shall be responsible for its own costs with respect to the performance of its obligations under this Section. Either Party may disclose the existence of this Agreement and the terms of this Agreement to the extent required to enforce its terms or the rights of such Party hereunder or to comply with its legal obligations (but in the event either Party files this Agreement or portions thereof with any public agency it shall redact sensitive portions hereof, to the mutual written agreement of the other Party, which agreement shall not be unreasonably withheld or delayed).
9.2.6 Anthem Non-Disclosable Information. With respect to Anthem only, Confidential information shall also include the following: (i) PHI and NPFI; (ii) other medical information and personal information regarding Anthem’s or its Affiliates’ health plan members, employees, or medical or hospital service providers; (iii) other information that Anthem or its Affiliates are required by law, regulation or company policy to maintain as confidential; (iv) other financial information concerning Anthem’s or its Affiliates’ health plan members, employer groups and other health plan groups or medical or hospital service providers that is disseminated by Anthem or its Affiliates internally for staff use; (v) personnel and payroll records, patient accounting and billing records, and information contained in those records; (vi) Anthem’s or its Affiliates’ trade secrets; and (vii) information that could aid others to commit fraud, sabotage or otherwise misuse Anthem’s or its Affiliates’ products or services or damage their business, including without limitation Exhibit H attached
Software as a Service (SaaS) Agreement REV. December 2014 Page 16
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
hereto and other Anthem security policies (collectively, the “Anthem Non-Disclosable Information”). Due to the sensitive nature of the Anthem Non-Disclosable Information and due to Anthem’s obligations to maintain the privacy of its customers and providers, Castlight acknowledges and agrees that Anthem Non-Disclosable Information shall at all times remain confidential and shall not be subject to exceptions, except as set forth in the BAA.
9.2.7 General Obligations. Each Party agrees to hold the Confidential information of the other Party in strict confidence, to use such information in the course of performing its obligations hereunder, and to make no disclosure of such information except as authorized in accordance with the terms of this Agreement. To the extent a Party may be exposed to the Confidential information of a third party (for example, because Castlight may be maintaining Anthem systems on which third party software is loaded), the Parties agree to accord such third party Confidential information the same protections accorded a Party’s Confidential information hereunder. A Party may disclose Confidential information to its personnel and the personnel of its subcontractors who have an absolute need to know such Confidential information in order to fulfill its obligations hereunder and who have previously executed a written confidentiality agreement imposing confidentiality obligations no less restrictive than those applicable hereunder. In addition, either Party may disclose Confidential information of the other Party to third party professional advisors (including accountants, auditors, attorneys, financial or other advisors) which are acting solely for the Party’s benefit and on such Party’s behalf, provided: (i) such professional advisors have previously executed a written confidentiality agreement imposing confidentiality obligations no less restrictive than those applicable hereunder; (ii) such professional advisors have a need to know such information in order to provide advice or services to the disclosing Party and agree to use the disclosing party’s Confidential information solely for the purpose of providing such advice or services; (iii) such professional advisors agree not to disclose the Confidential information to any other party without the disclosing Party’s prior written consent; and (iv) notwithstanding anything to the contrary, no Anthem Non-Disclosable Information is disclosed by the other Party to its professional advisors. Each Party shall be primarily responsible and liable for any confidentiality breaches by its personnel and the personnel of its subcontractors. Each Party shall immediately advise the other Party of any actual or potential violation of the terms of this Section 10, and shall reasonably cooperate with the Disclosing Party in relation thereto.
9.2.7.1 Castlight shall not, without Anthem’s advance written consent: (i) use or display Anthem’s Confidential Information, or reports or summaries arising therefrom, for any other purpose; (ii) except as permitted by subsection 9.2.7.2 combine Anthem’s Confidential Information with other data to create or add to an aggregated database for use in producing information, analyses, reports, extracts, or summaries; (iii) combine Anthem’s Confidential Information provided under the terms of this Agreement with Confidential Information provided to Castlight by Anthem under other agreements entered into between Anthem and Castlight for other purposes, if any; (iv) sell or disclose Anthem’s Confidential Information to any other person or entity, including without limitation affiliates of Castlight, except as expressly permitted herein; or (v) except to provide the Services, use Anthem’s Confidential Information for its own internal use and analysis.
9.2.7.2 Permitted Aggregation of Health Plan Confidential Information. Castlight may add Anthem’s Confidential Information to its aggregated database, and, in addition to the permitted uses of such De-identified Information (as defined herein) from such database as are set forth in other operative agreements between Anthem and Castlight, may use and disclose such De-identified Information to provide the Services. For purposes of this provision, “De-identified Information” means information that:
Software as a Service (SaaS) Agreement REV. December 2014 Page 17
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
i.Has been de-identified in accordance with the specifications and requirements set forth in HIPAA, specifically 45 C.F.R. Part 164.514(a)-(c); and
ii.Has been stripped of any identifier(s) that could directly or indirectly be used to identify: (i) an employer, trade group, union, healthcare purchasing coalition, or other healthcare purchaser; or (ii) an insurance company, health maintenance organization, health plan, third party administrator, or other healthcare payor.
9.2.7.3 BCBSA Permitted Aggregation. If the BCBSA revises the BCBSA Requirements regarding data aggregation such that aggregation across Blues is permitted, the Parties will meet and discuss in good faith whether such aggregation may improve the experience of an Authorized User under any then existing SOF of using the applicable Castlight Services, and the timing and actual and substantiated implementation charges by Castlight to Anthem of achieving any such improved Authorized User experience of the applicable Castlight Services.
9.2.8 Continuing Obligations. A Party’s obligation to maintain the confidentiality of Confidential information shall remain in force until information falls within one of the exceptions noted in Section 9.2.2. Castlight’s obligation to maintain the confidentiality of Anthem Non-Disclosable Information shall neither terminate nor expire.
9.2.9 Destruction of Confidential information. Promptly following written notice upon expiration or termination of the entire Agreement or of an Order Schedule (with regard to the Confidential information disclosed under the Agreement or through such Agreement or Order Schedule, as the case may be) and the applicable transition assistance period, the Receiving Party shall destroy within 45 days (but 135 days for information stored on backup media) all (or, if the Disclosing Party so requests, any part) of the Confidential information, and all copies, summaries and redactions thereof and other materials containing such Confidential information, including deletion from such Party’s files and systems and the Receiving Party shall certify in writing its compliance with the foregoing. Notwithstanding the foregoing, except for PHI or NPFI (which shall be promptly destroyed), each Party may, subject to the obligations of confidentiality as described in this Section 9, retain (i) one (1) copy of the other Party’s Confidential information for archival purposes only, but such retained Confidential information shall only be accessed by the retaining Party on a limited need basis to, for example, defend a claim by the other Party or for auditing purposes and (ii) reasonable archival records of payments, invoices and similar information for tax compliance, regulatory compliance, accounting, audit or similar purposes but only for the period of time required by this Agreement or applicable law; in each instance, all such retained Confidential information shall remain the Confidential information of the Disclosing Party and shall be subject to all of the restrictions contained in this Agreement.
9.3 Injunctive Relief. Each Party acknowledges that in the event of a breach of this Section 9 damages may not be an adequate remedy and the Disclosing Party may be entitled to seek, in addition to any other rights and remedies available under the Agreement or at law or in equity, injunctive relief to restrain any such breach, threatened or actual, without proof of irreparable injury and without the necessity of posting bond even if otherwise normally required.
10.INSURANCE.
10.1 Minimum Requirements. Castlight shall, at all times during the term of this Agreement keep in force with insurers with an A.M. Best rating of A- or better:
Software as a Service (SaaS) Agreement REV. December 2014 Page 18
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
10.1.1 Commercial General Liability insurance with a limit of $1,000,000 per occurrence and $2,000,000 in the aggregate for bodily injury and property damage to include personal injury and contractual liability coverage;
10.1.2 Business Automobile Liability insurance with a $1,000,000 per occurrence combined single limit for non-owned and hired automobiles;
10.1.3 Workers’ Compensation coverage with statutory limits and employers liability insurance with a $1,000,000 limit;
10.1.4 Errors and Omissions insurance with a $1,000,000 limit for each wrongful act and aggregate of $3,000,000, including an extended reporting period endorsement (“tail policy”) for the term of three years in the amount of not less than $1,000,000 per claim if professional services are being rendered;
10.1.5 Employee Fidelity Bond with a limit of $500,000; and
10.1.6 Network Security and Privacy liability coverage with a $1,000,000 aggregate limit if Castlight has access to Anthem systems or PHI or Personally Identifiable Information; and
10.1.7 Umbrella Liability Coverage with a $5,000,000 limit.
The forgoing coverage amounts, with the exception of the Umbrella Liability coverage, may be met in part by an appropriate umbrella or excess liability policy.
10.2 Any materials or equipment brought on jobsite shall be insured under an all risk property insurance policy and shall be the sole responsibility of Castlight.
10.3 Castlight agrees that any subcontractors coming on the jobsite shall maintain workers’ compensation insurance coverage. Castlight is solely responsible and liable for its subcontractors and any actions or inactions, damages or injuries by or to its subcontractors.
10.4 Proof of Insurance; Notice of Cancellation. Castlight shall, prior to execution of this Agreement, provide to Anthem certificates of insurance indicating the coverage required, naming Anthem as an additional insured under the commercial general liability, and containing a waiver of subrogation with respect to Anthem for commercial general liability and workers’ compensation. Also, when applicable, under its commercial crime coverage program, Castlight will name Anthem, Inc. as Loss Payee to the extent their interests may appear. Anthem shall be the certificate holder. Promptly upon Anthem’s written request for same, Castlight shall cause its insurers or insurance brokers to issue certificates of insurance evidencing that the coverages required under this Agreement are maintained and in force. In addition, Castlight will use reasonable efforts to give thirty (30) days prior written notice to Anthem prior to cancellation or non-renewal of any of the policies providing such coverage; provided, however that Castlight shall not be obligated to provide such notice if, concurrently with such cancellation or non-renewal, Castlight provides self-insurance coverage as described below or obtains coverage from another insurer meeting the requirements described above.
10.5 Castlight Right to Self-insure Coverage. Notwithstanding the foregoing, Castlight reserves the right to self-insure coverage, in whole or in part, in the amounts and categories designated
Software as a Service (SaaS) Agreement REV. December 2014 Page 19
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
above, in lieu of Castlight’s obligations to maintain insurance as set forth above, at any time. A qualified self-insurance program will include the following: Actuarially validated reserve adequacy for incurred claims, IBNR claims and future claims based on past experience; Designated Claim TPA or appropriately licensed and employed claims professional or attorney; Excess Insurance/Re-insurance above self insured layer; Self insured retention and insurance combined must meet minimum limit requirements; and Evidence of Surety Bond, Reserve or LOC as collateral for the self-insured limit. Promptly upon Anthem’s written request for same, Castlight shall deliver certificates of insurance to confirm what coverage is in place. This section does not replace or otherwise amend, in any respect, the limitations on Castlight’s liability as set forth elsewhere in this Agreement. Failure to maintain the required insurance coverage shall be deemed a material breach of the Agreement by Castlight. If Castlight fails to keep in effect the insurance coverage required, Anthem may, in addition to and cumulative with any other remedies available at law, equity, or hereunder, acquire such insurance and deduct the cost thereof from its payment of any amounts owed Castlight hereunder or terminate this Agreement for cause.
11.REPRESENTATIONS, WARRANTIES, AND COVENANTS.
11.1 General Warranties of Both Parties
11.1.1 Compliance with Laws. Each Party shall at all times comply with all applicable laws, rules and regulations in the performance of this Agreement.
11.1.2 Existence. Each party is duly organized and existing and is in good standing and is qualified to do business under the laws of any jurisdiction where the ownership of assets or conduct of its business require it to be so qualified, and each party possesses any and all licenses and/or governmental approvals required to perform the Services and/or to provide the Subscription Service contemplated by this Agreement, and is qualified to perform such Services and/or provide such Subscription Service.
11.1.3 Duly Authorized. Each party’s execution, delivery and performance of this Agreement has been duly authorized by all appropriate corporate action and this Agreement constitutes a valid, binding and enforceable obligation.
11.1.4 No Conflict. Neither the execution, delivery, nor performance of this Agreement will conflict with or violate any other agreement, license, contract, instrument or other commitment or arrangement to which either party is a party or is bound.
11.1.5 No litigation. There is no litigation, and neither Party knows of any material threat of litigation, in each case that will affect the performance of its obligations hereunder.
11.1.6 Compliance with Laws and Regulations. Each Party shall perform its obligations hereunder in accordance with all applicable law and regulations, and shall be responsible for obtaining all licenses, authorizations, permits and the like required by applicable laws and regulations, and any fees, costs or expenses incurred by such Party shall be borne solely by such Party. Each Party shall be solely responsible for any fines and penalties imposed on it or the other Party resulting from such Party’s failure to comply with any such applicable laws and regulations.
11.1.7 Data Quality Governance. Anthem and Castlight will establish a data quality governance and escalation process, to include senior technical leadership from each organization.
Software as a Service (SaaS) Agreement REV. December 2014 Page 20
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
11.2 Castlight’s Representations, Warranties and Covenants. Castlight hereby represents, warrants and covenants:
11.2.1 No Material Defects; Conformity with and Completeness of Documentation. The Castlight System, Subscription Service and/or Services to be provided shall be free from material errors or other material defects; and shall substantially conform to the Documentation. The Documentation and other materials describing the Services and/or Subscription Service hereunder completely and accurately reflect their operation and functionality.
11.2.2 All Rights; No infringement. Castlight has all rights and authorizations necessary to grant access and use rights to the Castlight System and the Subscription Service, and to perform any Services as contemplated herein. Further, if applicable, Castlight shall pass through to Anthem any software and third party end-user warranties and indemnities relating to the Subscription Services. To the extent Castlight is not permitted to so pass-through, Castlight agrees to enforce such warranties and indemnities on behalf of Anthem. The Castlight System, the Subscription Service, and all elements thereof to be provided by Castlight, and any Services performed by Castlight, will not violate, misappropriate or infringe upon any Intellectual Property right of any person or entity; and there are no claims of any third party against Castlight relating to any Intellectual Property that is the subject of, to be provided under, or to be used directly or indirectly pursuant to this Agreement.
11.2.3 Performance. To the extent Castlight is performing Services, at all times during the performance of such Services, Castlight has and will maintain the experience and skill to perform the Services required to be performed by it hereunder and will perform such Services in a timely, workmanlike manner. At a minimum, Castlight will maintain staffing levels and continuity of personnel consistent with its obligations to perform the Services hereunder and in the event of a delay or other problem, Castlight will train and staff additional personnel as needed.
11.2.4 Personnel Qualifications. Each of Castlight’s personnel assigned to perform Services or any other obligations under the Agreement shall have the proper skill, training and background so as to be able to perform in a competent and professional manner and all work will be so performed.
11.2.5 Castlight’s Employees. Castlight shall perform all obligations of an employer with respect to all personnel hired by Castlight in connection with any Services to be provided, if any, including, but not limited to the withholding and reporting of contributions, insurance deductions and applicable taxes (including payroll and unemployment insurance taxes) required by applicable law.
11.2.6 Subscription Service Functionality. The Subscription Service will accept input, perform processes, and provide output in a manner that is consistent with all applicable specifications.
11.2.7 Government Programs; Ineligible Persons. Neither Castlight nor its employees, subcontractors or agents providing Services or Products under this Agreement has been, nor shall be during the term of this Agreement, (i) excluded from participation in the Medicare, Medicaid and/or any state health care program; (ii) listed on any General Services Administration List of parties Excluded from Federal Procurement and Non-procurement Programs; (iii) sanctioned by the United States Department of Health and Human Services, Centers for Medicare and Medicaid Services, Office of Inspector General, or any other federal agency; and (iv) under a corporate integrity agreement with the United States
Software as a Service (SaaS) Agreement REV. December 2014 Page 21
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
Department of Health and Human Services, Office of Inspector General, or any other federal agency; in the event Castlight or any employees, subcontractors or agents thereof becomes an ineligible person after entering into this Agreement or otherwise fails to disclose its ineligible person status, Castlight has an obligation to (i) immediately notify Anthem of the person’s status as an ineligible person and (ii) within ten (10) days of Castlight receiving such notice, Castlight will remove such individual from responsibility for, or involvement with, Castlight’s business operations related to the federal government healthcare contracts. Anthem shall have the right to immediately terminate this Agreement or applicable Order Schedule in the event it receives notification of the person’s ineligible person status. Castlight also covenants and represents that it complies with the rules set forth by the Office of Foreign Assets Control of the United States Department of Treasury.
11.2.8 Criminal Convictions. Neither Castlight nor its employees, subcontractors or agents has been, nor shall be during the Term, convicted of a criminal offense related to the delivery of an item or service under Medicare, Medicaid and/or under any state health care program.
11.2.9 Location of Work. All such locations shall be in the United States and at no other location, unless otherwise agreed in writing by Anthem in advance in each instance. Anthem agrees to the locations set forth on Exhibit N.
11.2.10 Warranty against Harmful Code. Castlight warrants that it will use commercially reasonable efforts to ensure that the Subscription Service will not relay computer viruses or other harmful code to the network or computing environment of Anthem of its Affiliates. If the foregoing warranty is breached, then in addition to any other remedies available to Anthem, Castlight shall at its expense: (a) reimburse Anthem for all costs (including personnel costs) incurred by Anthem in restoring all data lost as a result of the breach and/or removing such harmful code; and (b) if requested by Anthem, provide and install a new copy of the Subscription Service without the presence of the code that caused the breach.
11.2.11 Electronic Self-Help. Except for termination by Castlight in accordance with Article 7 above or as provided in the last sentence of Section 17.4 (Continued Services; Enforcement) (and in either case this Section 11.2.11 shall not apply), Castlight agrees that in the event of any dispute with Anthem regarding an alleged breach of this Agreement or for any other reason, Castlight will not use any type of electronic means to prevent or interfere with Anthem’s use of the Castlight System or any Subscription Service under this Agreement or any Order Schedule without first obtaining a valid court order authorizing same. Anthem shall be given proper notice and an opportunity to be heard in connection with any request for such a court order. Castlight understands that a breach of this provision could foreseeably cause substantial harm to Anthem and to numerous third parties having business relationships with Anthem. No limitation of liability shall apply to a breach of this paragraph.
11.2.12 Compliance with Foreign Corrupt Practices Act. Castlight and its subsidiaries, affiliates, directors, officers, shareholders, employees, representatives and agents have not and shall not, during the term of this Agreement, in connection with the transactions contemplated by this Agreement or in connection with any other business transactions involving Anthem, make, or offer to make, payments of money or anything of value, directly or indirectly, to a Foreign Official, as that term is defined in the Foreign Corrupt Practices Act (FCPA), for the purpose of obtaining or retaining business in violation of the FCPA.
Software as a Service (SaaS) Agreement REV. December 2014 Page 22
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
11.2.13 Certain Employment Obligations. When Castlight provides services or goods to Anthem relating to one of its federal contracts, Castlight agrees to comply with the following federal regulations, as applicable: Castlight shall abide by the requirements of 41 CFR §§ 60-1.4(a), 60-300.5(a) and 60-741.5(a). These regulations prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities, and prohibit discrimination against all individuals based on their race, color, religion, sex, or national origin. Moreover, these regulations require that covered prime contractors and subcontractors take affirmative action to employ and advance in employment individuals without regard to race, color, religion, sex, national origin, protected veteran status or disability.
11.2.14 Website Accessibility Standards. To the extent that Castlight is providing development, design and/or maintenance of any electronic and information technology, including, without limitation, any consumer facing web and mobile experiences, Castlight shall ensure that all such electronic and information technology meets, to the extent possible, the accessibility requirements set forth in Section 508 of the Rehabilitation Act (29 USC 794(d)), the related Technical Standards issued by the Architectural and Transportation Barriers Compliance Board (aka the “Access Board”), success level AA or higher of the most current Web Content Accessibility Guidelines issued by the Worldwide Web Consortium, and any other federal or state law which requires specific design elements to accommodate disabled individuals.
11.2.15 Certification of Compliance. Once in each 12 month period, upon request by Anthem, Castlight shall provide Anthem with reasonable assurances of Castlight’s compliance with the terms of this Agreement and any Exhibit(s). Reasonable assurances may include, but are not limited to, Castlight’s signed certification of such compliance, as it applies to certain requirements, and/or the Agreement or Exhibit(s) generally.
11.3 Anthem’s Representations and Warranties. Anthem hereby represents and warrants that (i) it shall not modify, translate, reverse engineer, decompile or disassemble the Subscription Service, other than to the extent Castlight is required by law to permit Anthem to do so; and (iii) it shall use the Subscription Service in compliance with applicable laws, rules and regulations.
11.3.1 All Rights; No infringement. Anthem has all rights and authorizations necessary to grant access and use rights to Anthem Data, as contemplated herein. The Anthem Data and all elements thereof to be provided by Anthem, will not violate, misappropriate or infringe upon any Intellectual Property right of any person or entity; and to the best of Anthem’s knowledge, there are no claims of any third party against Anthem relating to any Anthem Data that is the subject of, to be provided under, or to be used directly or indirectly pursuant to this Agreement.
11.3.2 Anthem Data Quality. Anthem represents that Anthem Data shall be at least the same quality as the data that Anthem uses for its own internal purposes.
11.4 Disclaimer of Warranties. EXCEPT FOR THE EXPRESS WARRANTIES MADE OR REFERENCED IN THIS AGREEMENT, NEITHER PARTY MAKES ANY WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION ANY IMPLIED WARRANTY OF MERCHANTABILITY OR OF FITNESS FOR A PARTICULAR PURPOSE.
11.5 Certain Warranty Remedies. Should Anthem be prevented from using the Castlight System, Subscription Service or receiving any Service due to a breach of the aforementioned warranties by Castlight, and in addition to all other obligations and remedies herein, Castlight shall at its expense,
Software as a Service (SaaS) Agreement REV. December 2014 Page 23
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
and in addition to any other rights or remedies available to Anthem under the Agreement, at law or in equity, promptly remedy the non-compliance Should Castlight be prevented from providing the Castlight System, Subscription Service or providing any Service due to a breach of the aforementioned warranties by Anthem, and in addition to all other obligations and remedies herein, Anthem shall at its expense, and in addition to any other rights or remedies available to Castlight under the Agreement, at law or in equity, promptly remedy the non-compliance
12.INTELLECTUAL PROPERTY OWNERSHIP
12.1 Overview of Materials and Ownership. The performance of Castlight Services may require use of and/or access to intellectual property owned or created (a) by Anthem, (b) by Castlight independent of its obligations to Anthem, or (c) by Castlight (either independently or in cooperation with Anthem) pursuant to its obligations under this Agreement. This Section 12 - Ownership -sets forth the Party’s respective intellectual property rights of such materials.
12.2 Anthem Materials. In the course of Castlight’s provision of Castlight Services, Anthem may provide to Castlight Anthem’s proprietary information and/or Intellectual Property, including, but not limited to, technical data, creative designs and concepts, web designs, trade secrets and know-how, customer or vendor lists and information, business plans, software, algorithms, programming techniques, business rules, business methods, inventions, drawings, engineering, hardware configuration information, marketing and strategic plans, financial data, processes, technology and designs which it maintains (the “Anthem Materials”). As between the parties, Anthem shall own all rights, title, and interest in and to: (1) the Anthem Materials and (2) any and all Anthem Data. In addition, all Anthem Material shall be deemed Confidential Information subject to Section 8 (Security) Security and Section 9 (Confidentiality) - herein. Anthem hereby grants Castlight a perpetual (during the term of this Agreement), revocable (to the extent of termination rights in this Agreement), royalty-free (subject to any payment obligations herein), fully paid-up, non-transferable (except to permitted Castlight assignees hereunder), non-sublicensable, non-exclusive, worldwide license to use, the Anthem Data and Anthem Materials to the extent necessary in a manner consistent with its intended use as set forth in this Agreement and only during the term of this Agreement. Except in accordance with this Section 12.2 and Section 12.4 below, Anthem does not grant Castlight any interests in, or ownership of, any of the Anthem Data or Anthem Materials and all rights not expressly granted are reserved by Anthem in Anthem Data and Anthem Materials. The parties recognize that Castlight may provide services to other Castlight clients and may use or duplicate certain materials as templates or sources for other projects
12.3 Castlight Materials. The Parties acknowledge that materials provided by Castlight may incorporate technology or content previously developed by Castlight, or which Castlight has developed (i) without the use of any Anthem intellectual property, and (ii) for services unrelated to the Castlight Services (collectively, the “Castlight Materials”). In addition to the foregoing, for purposes of this Agreement, “Castlight Materials” shall include: (1) Castlight’s proprietary technology platform and system (including without limitation software, algorithms and proprietary and technical information therein) for gathering, analyzing, modifying and making available to users certain health-related user and provider data and related information, guidance and services (the “Castlight Platform”); and (2) Castlight’s technical data, creative designs and concepts, web designs, trade secrets and know-how, business plans, software, algorithms, programming techniques, business rules, business methods, inventions, drawings, engineering, hardware configuration information, marketing and strategic plans, financial data, processes, technology and designs which it maintains for purposes of providing its consumer transparency services, any pre-developed communication and marketing templates (the “Castlight Service”); and (3) all intellectual property rights within the foregoing. As between the parties,
Software as a Service (SaaS) Agreement REV. December 2014 Page 24
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
Castlight shall own all rights, title, and interest in and to the Castlight Materials, and all Castlight Materials shall be deemed Confidential Information subject to Section 8 (Security) and Section 9 (Confidentiality) - herein. Subject to the provisions of this Agreement , Castlight hereby grants to Anthem a perpetual (during the term of this Agreement), revocable (to the extent of termination rights in this Agreement), royalty-free (subject to any payment obligations herein), fully paid-up, non-transferable (except to Anthem Affiliates and assignees), sublicensable (only to Authorized Users, Anthem and its Affiliates’ employees, agents, contractors, consultants, suppliers and third-party service providers subject to Section 4.3) ), non-exclusive, worldwide license to use, reproduce, distribute, display and perform (whether publicly or otherwise), offer to sell the Buy-Up Products (in conjunction with Castlight) and otherwise use the Castlight Materials to the extent necessary to allow Anthem the right to fully enjoy the Castlight Services solely in a manner consistent with their intended use as set forth in this Agreement and an applicable SOF provided they are fully paid for by Anthem in accordance with this Agreement and only during the term of this Agreement. Nothing contained herein shall restrict Castlight’s use of materials, techniques and skills which are generic in nature and not specifically related to an Anthem project or do not incorporate Anthem Confidential Information. Unless otherwise agreed to in writing by the Parties and subject to Section 12.4 below, it is understood that Castlight shall own all modifications, improvement, enhancements, derivative works, additional modules or features made by Castlight to the Castlight Materials (collectively “Modifications”), whether or not such Modifications were made by Castlight on the basis of any feedback, ideas, suggestions, or information provided by Anthem.
12.4 Works. It is not anticipated by either Party that Castlight will ever create “Works” as defined below. Nonetheless, solely to the extent set forth in a subsequent writing executed by an authorized officer (or his designee) of each Party that the Parties intend for Castlight to create Works, the following provisions shall apply: excluding all Castlight Materials and any Modifications thereto (as those terms are defined in Section 12.3), “Works” shall mean all work product and related documentation, if any, in whatever stage of completion, created in connection with and during the performance of this Agreement. Works, in whatever stage of completion, shall be deemed a work-made-for-hire specially ordered and/or commissioned by Anthem. Anthem, its successors and assigns, shall exclusively own all now known or hereafter existing rights of every kind and nature throughout the universe (including, but not limited to, all copyrights, moral rights and mask-works; trademarks, service marks, trade names and similar rights; patents, design rights, algorithms and other industrial property rights; trade secret rights; all contract, assignment and licensing rights; and all rights in registrations, applications, renewals, extensions, continuations, divisions or reissues thereof now or hereafter in force in the foregoing), in perpetuity and in all languages, pertaining to the Works, tangible and intangible, for all now known or hereafter existing uses, and Castlight hereby irrevocably assigns and agrees to assign to Anthem, in perpetuity, without additional consideration, all such Works (to the extent and in the event they are not deemed work-made-for-hire). Castlight shall not have and shall not purport to have any rights in the Works. In the event Castlight has any rights in and to the Works (including, but not limited to, the “droit moral” or “moral rights of authors” or any similar rights in and/or to the Works) that cannot be assigned to Anthem as provided above, whether now known or hereafter to become known, Castlight hereby unconditionally waives such rights and the enforcement thereof, and all claims and causes of action of any kind with respect to any of the foregoing. In the event Castlight has any rights in and to the Works that cannot be assigned to Anthem and cannot be so waived, Castlight hereby grants to Anthem a perpetual, irrevocable, royalty-free, fully paid-up, transferable, sublicensable, exclusive, worldwide license to use, reproduce, distribute, display and perform (whether publicly or otherwise), prepare derivative works of and otherwise modify, make, sell, offer to sell, import and otherwise use and exploit such Works in a manner consistent with their intended use.
Software as a Service (SaaS) Agreement REV. December 2014 Page 25
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
12.5 Anthem Intellectual Property. Notwithstanding anything to the contrary contained in Article 12 above, as between Anthem and Castlight, Anthem is deemed to own the Intellectual Property embodied in the Anthem Data and Anthem Materials.
12.6 Castlight Intellectual Property. Notwithstanding anything to the contrary contained in Article 12 above, as between Anthem and Castlight, Castlight is deemed to own the Intellectual Property embodied in the Castlight Services, Castlight Materials and Castlight Platform.
13.INDEMNIFICATION
13.1 Indemnification. Anthem and Castlight shall each indemnify, defend and hold harmless the other party, and its directors, officers, employees, agents, permitted subcontractors and assignees, subsidiaries, from and against any and all losses, claims, damages, liabilities, costs and expenses (including, without limitation, reasonable attorneys’ fees and costs up to one million dollars ($1,000,000.00) per claim) arising from third party claims resulting from (i) the indemnifying party’s failure to perform or negligent performance of its obligations under this Agreement, and/or (ii) the indemnifying party’s violation of any law, statute, ordinance, order, standard of care, rule or regulation, including Exhibits A (Business Associate Agreement), C (Medicare Compliance Specialty), F (Medicaid Requirements), Exhibit I (Qualified Health Plan), Exhibit J (BCBSA Requirements), Exhibit K (NCQA Requirements), and/or Exhibit P (Medicaid Medicare Dual Integration Regulatory Exhibits) hereunder, and/or (iii) the indemnifying party's breach of any promise, agreement or representation made in this Agreement, and/or (iv) in the case of Castlight, (a) any allegation that any portion of the Subscription Service, Castlight System, Documentation and/or Services, provided by Castlight to Anthem pursuant to this Agreement, infringes, misappropriates or violates any intellectual property right of any person or entity, (b) a breach of Castlight’s security obligations hereunder and/or (c) any act or conduct by a Castlight subcontractor based on a claim falling within the foregoing categories (i) through (iv)(b), inclusive; provided that in the event of a claim for infringement pursuant to this subclause (iv)(a), Castlight may, at its sole option and expense: (i) procure for Anthem the right to continue using the Service under the terms of the Agreement or (ii) replace or modify the Service to be non-infringing; and/or (v) in the case of Anthem, (a) any allegation that any portion of the Anthem Data provided by Anthem to Castlight pursuant to this Agreement, infringes, misappropriates or violates any intellectual property right of any person or entity, and (b) any act or conduct by an Anthem subcontractor based on a claim falling within the foregoing categories (i) through (iii) and (v)(a), inclusive.; provided that in the event of a claim for infringement pursuant to this subclause (v)(a), Anthem may, at its sole option and expense: (i) procure for Castlight the right to continue using Anthem Data under the terms of the Agreement or (ii) replace or modify Anthem Data to be non-infringing. The obligation to provide indemnification under this Agreement shall be contingent upon the party seeking indemnification (i) providing the indemnifying party with prompt written notice of any claim for which indemnification is sought, (ii) allowing the indemnifying party to control the defense and settlement of such claim, provided however that the indemnifying party agrees not to enter into any settlement or compromise of any claim or action in a manner that admits fault or imposes any restrictions or obligations on an indemnified party without that indemnified party’s prior written consent which will not be unreasonably withheld, and (iii) cooperating fully with the indemnifying party in connection with such defense and settlement.
13.2 In addition to the indemnification obligations set forth in this Section as well as any remedies under applicable law or set forth in this Agreement, including, without limitation, performance guarantees and performance penalties, in the event of a security breach as described in this Agreement and to the extent such breach was caused by Castlight and excluding any breach to the extent arising from the actions or inactions of Anthem, Castlight shall indemnify Anthem for all costs related to the
Software as a Service (SaaS) Agreement REV. December 2014 Page 26
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
investigation as well as, at Anthem’s election, furnishing notice to affected Covered Individuals and/or the offer of ongoing identity theft monitoring services to such affected Covered Individuals.
13.3 Notice and Participation. The indemnified Party may, at its own expense, assist in the defense of any indemnifiable claim described in this Section 13 if it so chooses, provided that, as long as indemnifying Party can demonstrate sufficient financial and legal resources, indemnifying Party shall control such defense and all negotiations relative to the settlement of any such claim, and further provided that any settlement intended to bind the indemnified Party or which may adversely affect the indemnified Party shall not be final without such indemnified Party’s prior written consent, not to be unreasonably withheld or delayed. Notwithstanding the foregoing, if the claim relates to a violation of governmental law or regulation or to a breach of Castlight’s obligations relating to PHI and NPFI under Exhibit A (Business Associate Agreement), and Anthem determines in its own discretion it has a compelling interest in conducting its own defense, then Castlight shall indemnify Anthem for Anthem’s reasonable costs of defense (including attorneys’ fees) and for any final award of damages, assessment of fines, penalties or other regulatory assessment, and/or settlement or compromise (and provided Anthem gives Castlight an opportunity to comment on any proposed settlement or compromise). The indemnified Party shall provide the indemnifying Party with reasonable written notice of any claim that such indemnified Party believes falls within the scope of this Section 13.3. Each Party shall use reasonable efforts to mitigate any potential damages or other adverse consequences arising from or related to the Services and/or Subscription Services.
14.LIMITATION OF LIABILITY
14.1 No Consequential Damages. Except as set forth in Section 14.3 below, in no event shall either Party be liable to the other or to any third party, whether in contract, tort (including negligence), warranty or otherwise, for any indirect, incidental, special, consequential, exemplary or punitive damages (including, without limitation, loss of profits) arising out of or relating to this Agreement, even if such Party has been advised of the possibility of such damages.
14.2 14.2 Limit on Direct Damages. Except as set forth in Section 14.3 below, in no event shall either Party’s aggregate liability exceed three (3) times the total amounts paid or payable by Anthem to Castlight hereunder. For the avoidance of doubt, amounts paid or payable include, but are not limited to, implementation and customization fees paid or payable by Anthem to Castlight. Any amount owed by Castlight to Anthem in the way of service credits based upon a failure to meet the Service Levels set forth on Exhibit G attached hereto, shall not count toward any calculation of damages under this section.
14.3 Exceptions to Limitation of Liability. The limitations of liability in Sections 14.1 and 14.2 shall not apply to (i) a Party’s indemnification obligations under this Agreement, (ii) a breach by a Party of its confidentiality obligations under this Agreement, (iii) claims relating to willful misconduct, gross negligence, personal injury or damage to property, (iv) abandonment by Castlight of the Agreement or a breach by Castlight of the paragraph entitled “Electronic Self-Help”, or (v) any fines or penalties arising from a Party’s acts or omissions in performing in accordance with this Agreement.
15.SUBCONTRACTORS
15.1 Subcontractors. Except as to the subcontractors listed in Exhibit N (Approved Subcontractors), Castlight shall not subcontract any of its obligations under this Agreement without (i) providing Anthem in writing the scope of the proposed subcontract and the identity and qualifications of the proposed subcontractor (and allowing Anthem a reasonable period of time to evaluate the
Software as a Service (SaaS) Agreement REV. December 2014 Page 27
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
subcontracting proposal), (ii) obtaining Anthem’s prior written approval; and (iii) causing the approved subcontractor to agree in writing to perform and be subject to all of Castlight’s obligations under this Agreement; and (iv) prohibiting the subcontractor from further subcontracting without Anthem’s prior written approval. Notwithstanding Anthem’s approval of a subcontracting arrangement, Castlight shall remain primarily liable for the performance of all subcontracted obligations and shall remain Anthem’s sole point of contact under this Agreement. At Anthem’s reasonable request, Castlight shall promptly remove and/or replace any subcontractor.
16.ROUTINE MODIFICATIONS AND ENHANCEMENTS
16.1 Castlight may implement routine enhancements to The Transparency Web Site and the Core Transparency Functionality when such enhancements are intended to improve user experience, provided that (i) such modifications and enhancements have no adverse material impact on the Services or on the security of the Anthem Data or of Anthem’s systems; and (ii) such modifications and enhancements cause no increase in fees or other costs chargeable to Anthem hereunder; and (iii) Anthem has received prior notification of the proposed implementation of such enhancements. Except for such routine enhancements and other modifications as may be necessary on an emergency basis as reasonably determined by Anthem, no changes, modifications or enhancements to the Transparency Web Site or the Core Transparency Functionality shall be made without Anthem’s prior written consent, which consent shall not be unreasonably withheld. Changes that are necessary for the security of the Services or for compliance with applicable laws, licenses, regulations, or government orders shall be deemed to be changes that are necessary on an emergency basis. As to any such changes made on an emergency basis, Castlight shall notify Anthem thereof as soon as practicable, and the parties shall work together in good faith to resolve any concerns, problems, or performance issues created by such changes.
If, after the execution of this SOF, Anthem determines that it desires Castlight to materially customize the Transparency Web Site Core Transparency Functionality, the parties shall negotiate in good faith and shall memorialize any further customization and associated cost in writing. Customizations undertaken by Castlight shall be billed to Anthem on a time and materials basis at a blended rate not to exceed $150 per hour.
17.DISPUTE RESOLUTION
17.1 Informal Dispute Resolution
17.1.1 Promptly after the Effective Date, the Parties will establish a Services Planning and Coordination Committee (“SPCC”). The SPCC will include qualified employees from each Party and will meet regularly as needed during the Term of the Agreement at a cadence to be mutually agreed upon by the Parties. The SPCC will consist of three representatives identified by Anthem and three representatives identified by Castlight, and will be responsible for establishing and periodically revising implementation timelines and roadmaps for the Services, that takes into account the requirements the Parties’ respective product development plans and customer needs. The SPCC will also be responsible for establishing and periodically revising a sales and marketing activity plan, for coordinating the Parties’ respective sales and marketing activities. The SPCC will attempt to reach all decisions on matters under the SPCC’s authority by unanimous agreement of the SPCC’s members, provided that if the SPCC cannot unanimously agree on a matter within the SPCC’s authority within ten (10) business days after a SPCC member has first raised such issue to the SPCC for a decision, then either Party may, by written or email notice to the other, have such issue be decided by in accordance with Section 17.1.2 (Good Faith Efforts) below. Each Party may designate
Software as a Service (SaaS) Agreement REV. December 2014 Page 28
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
and replace its representatives on the SPCC at any time, by written or email notice to the other Party. For the avoidance of doubt the SPCC has no authority to alter the terms and conditions of this Agreement and any such change must be in the form of an amendment to this Agreement signed by both Parties.
17.1.2 Good Faith Efforts The Parties agree that they will make a good faith attempt to resolve any dispute arising under this Agreement before instituting legal action. Such good faith attempt shall include, but not be limited to, elevating the issue to management personnel of each Party who have the power to settle the dispute on behalf of that Party and, failing that, to a vice president level executive for each Party, as noted in 16.1.2, below.
17.1.3 Escalation to Executives. To the extent any disagreements arising under this Agreement are not resolved by the management personnel of each party within a reasonable time after the occurrence of the disagreement, either Party may give to the other a Notice that a dispute has arisen. The Notice shall contain (i) a detailed description of the dispute and all relevant underlying facts, and (ii) a detailed description of the amount(s) in dispute and how they have been calculated. Within fourteen (14) days after the date of the Notice, such dispute shall be referred to a vice president level executive for each Party.
17.1.4 Failure of Informal Efforts. If such executive officers of both Parties are unable to resolve the dispute within fourteen (14) days of the referral to them, either Party shall be free to pursue any claim in court.
17.1.5 No Power to Alter Agreement. Either Party may seek interim measures of protection concerning any subject matter of the dispute subject to arbitration, including but not limited to interim injunctive relief, in a court of competent jurisdiction.
17.2 Disputes Involving Confidential information or Intellectual Property. Notwithstanding the foregoing, in any dispute concerning Confidential information and Intellectual Property, a Party may elect to have the dispute resolved by a court of competent jurisdiction in Marion County, Indiana, and upon a Party’s commencement of any such action, any informal resolution then pending shall be stayed, insofar as it concerns Confidential information or intellectual property. Without limiting the generality of the foregoing, each Party acknowledges that irreparable injury may result to a Party in the event that the other Party fails to perform its obligations under this Agreement with respect to Confidential information or Intellectual Property and each Party agrees that, in such event, each Party shall be entitled, in addition to any other remedies and damages available to it, to seek interim injunctive relief to restrain the breach or compel the performance of this Agreement.
17.3 Waiver of Jury Trial. Each of the parties hereby unconditionally waives any right to a jury trial with respect to and in any action, proceeding, claim, counterclaim, demand, dispute or other matter whatsoever arising out of this agreement.
17.4 Continued Services; Enforcement. Notwithstanding any dispute, Castlight shall continue timely performance of the Services or its other obligations under this Agreement (including the continued provisions of all rights of access and use to Anthem, its Affiliates and their Authorized Users) and, if it discontinues or does not timely perform such obligations, Anthem may seek a temporary and/or permanent injunction or similar order in any state or federal court within the State of Indiana for the sole purpose of compelling continued and timely performance of Castlight’s obligations hereunder. The
Software as a Service (SaaS) Agreement REV. December 2014 Page 29
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
provisions of this Section may be enforced by any court of competent jurisdiction, and the prevailing Party in any such action shall be entitled to an award of all costs, fees and expenses, including attorneys’ fees. Notwithstanding the foregoing, nothing in this section 17.1 shall prohibit Castlight from suspending Services under an Order Schedule in the event Anthem has failed to pay any undisputed amounts that are outstanding more than ninety (90) days under such Order Schedule after Anthem’s receipt of an invoice and notice of failure to pay on a timely basis from Castlight.
18.MISCELLANEOUS
18.1 Assignment. Neither Party may assign its rights or obligations under the Agreement to any third party without the prior written consent of the other Party; provided however, that (i) Anthem may assign this Agreement to any Affiliate (provided that Anthem shall remain fully liable for the performance of all obligations hereunder) and (ii) either Party may assign this Agreement without the consent of the other Party, in the case of a merger or acquisition of all or substantially all of the assigning Party’s assets. The Agreement shall be binding upon and inure to the benefit of the Parties and their respective successors and permitted assigns.
18.2 NCQA Certification. Castlight shall make reasonable efforts to obtain the NCQA certification applicable to the Castlight Services, shall commence such efforts within 30 days following the Effective Date of this Agreement, and shall periodically provide progress updates to Anthem upon request. Castlight shall also comply with Exhibit K - NCQA Division of Responsibilities, attached hereto.
18.3 Trademarks and Branding/No Publicity.
18.3.1 Except as may be explicitly set forth in this Agreement (or otherwise expressly approved in writing by Anthem in advance, neither Party shall use the name, logo, service marks, domain names, symbols or any other name or mark of the other Party or the other Party’s Affiliates, without the prior written consent of the other Party (which may be via email). Except: (a) as may be explicitly set forth in this Agreement; (b) otherwise expressly approved in writing by Anthem in advance; or (c) as may be required by applicable law or legal process, Castlight shall not at any time either during the Term or at any time after any expiration or termination of this Agreement: (i) disclose in advertising campaigns, public relation campaigns or otherwise publicize or disclose the existence of this Agreement, or any terms or conditions of this Agreement, or Anthem’s or its Affiliates’ status as a customer of Castlight or (ii) provide a hyperlink from any Internet site that it maintains to any Internet site maintained by Anthem or any Anthem Affiliate. The Parties shall periodically meet to discuss necessary and appropriate disclosures in connection with the Parties’ obligations under this Agreement, and agree on talking points and/or other communications acceptable by the Parties without the need for further approvals, provided content of and usage parameters for the approved talking points and communications are not altered prior to re-use. Castlight shall not extract any information or other data from any Internet site maintained by Anthem or any Anthem Affiliate, including framing and deep linking, without the express written consent of Anthem.
18.3.2 In addition, Castlight has no license to use the Blue Cross and/or Blue Shield names, symbols, or derivative marks (the “Brands”) and nothing in the Agreement shall be deemed to grant a license to Castlight to use the Brands. Any references to the Brands made by Castlight in its own materials are subject to review and approval by Anthem.
Software as a Service (SaaS) Agreement REV. December 2014 Page 30
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
18.3.3 Castlight shall have the sole right to label and brand its services and products (including all Buy-Up Products, except to the extent that such Buy-Up Products are co-branded at such time and in such a manner as to be mutually-acceptable by the Parties and compliant with all then-applicable BCBSA Requirements) and shall have the sole right to use its service and product names and brands. Anthem shall have the sole right to label and brand its services and products that are provided by Castlight or that use Castlight Intellectual Property as permitted under this Agreement.
18.4 Governing Law and Consent to Jurisdiction. The Agreement shall be governed by and construed in accordance with the laws of the State of Indiana, without giving effect to its conflict of laws principles. The Parties consent and agree to the exclusive jurisdiction of the tribunals Marion County, Indiana and waive any and all objections to such forums, including but not limited to objections based on improper venue or inconvenient forum. Notwithstanding the foregoing, the Parties agree that the Uniform Computer Information Transactions Act (UCITA) as enacted in any Commonwealth or State of the United States shall not apply to this Agreement or any performance hereunder and the Parties expressly opt-out of the applicability of UCITA to this Agreement.
18.5 Notices. All notices, requests, claims, demands, and other communications (each a “Notice”) under the Agreement shall be in writing and shall be given or made by delivery in person, by facsimile, by courier service, or by certified mail (postage prepaid, return receipt requested) to the respective Party at the following address set forth below or at such other address as such Party may hereafter notify the other Party in accordance with this Section. Each such Notice will be effective as follows: (a) as of the day transmitted by facsimile if receipt has been electronically confirmed; (b) as of the date emailed if receipt has been electronically confirmed or so long as a duplicate copy is contemporaneously provided by another Notice methodology set forth in this Section; (c) as of the date actually delivered if sent by a recognized commercial express delivery service that uses delivery tracking technology; (d) four (4) business days after the date actually deposited with the U.S. mail if sent postage-paid First Class; and (e) as of the date actually delivered if delivered by personal courier to the office location of the recipient during normal business hours.
For Anthem:
Anthem, Inc.
120 Monument Circle
Indianapolis, IN 46204
Attention: General Counsel
With a mandatory copy to:
Anthem, Inc.
120 Monument Circle
Indianapolis, IN 46204
Attention: Procurement - Contract Administration
For Castlight:
Castlight Health, Inc.
Two Rincon Center
Software as a Service (SaaS) Agreement REV. December 2014 Page 31
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
121 Spear Street, Suite 300
San Francisco, CA 94105
Attention: CEO
Fax number:
With a courtesy copy to:
Castlight Health, Inc.
Two Rincon Center
121 Spear Street, Suite 300
San Francisco, CA 94105
Attention: Legal
18.6 Modification; Waiver.
18.6.1 No modification to the Agreement shall be valid unless in writing and signed by each Party. No delay or omission by either Party to exercise any right or power it has under this Agreement shall impair or be construed as a waiver of such right or power. A waiver by any Party of any breach or covenant shall not be construed to be a waiver of any succeeding breach or any other covenant. All waivers must be in writing and signed by the Party waiving its rights.
18.6.2 Nothing on any invoice, purchase order acknowledgment, click wrap, shrink wrap license or any other “boilerplate” or standard terms issued by Castlight at any time during the Term shall contradict, vary or amend the terms of this Agreement and any contrary or differing term shall have no force or effect.
18.7 No Gratuities or Kickbacks. Anthem may, by written notice to Castlight, terminate the Agreement, any SOW, and some or all rights of Castlight hereunder, if Anthem has a reasonable cause to believe that gratuities (in the form of entertainment, gifts or otherwise that are of inappropriate value and/or not in accordance with Anthem’s policies in excess of that which is reasonable and customary in Anthem’s industry, or which would not be considered in good taste if publicly scrutinized) were offered or given by Castlight, or any employee, subcontractor, agent or representative of Castlight, to an officer or employee of Anthem or any Anthem Affiliate in a position to secure or influence the awarding of, or amendment to, the entire Agreement or any SOW, or any determination with respect to Castlight’s performance hereunder, or any decision or action favorable to Castlight.
18.8 Force Majeure.
18.8.1 General. A delay by a Party in the performance of its obligations under this Agreement shall not be deemed a default of this Agreement to the extent that such delay is attributable to a Force Majeure Event and could not have been prevented or minimized by the non-performing Party by means of the exercise of reasonable precautions, or cannot reasonably be circumvented by the non-performing Party in a commercially reasonable manner, including through the use of alternate sources or work-around plans. Notwithstanding the foregoing, Castlight acknowledges and agrees that this Section 18.8 shall not limit Castlight’s obligation to initiate and provide timely and effective disaster recovery or business continuity for the Services described in this Agreement, the applicable Statement of Work, or any Exhibits and schedules thereto.
18.8.2 Right to Terminate. If a Force Majeure Event prevents, hinders or delays a Party's ability to perform for more than 45 days and materially and adversely affects the other Party,
Software as a Service (SaaS) Agreement REV. December 2014 Page 32
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
then in such event the other Party may, in its reasonable discretion, choose to terminate the applicable Statement of Work upon written notice.
18.8.3 Force Majeure Event. The term “Force Majeure Event” shall mean a fire, flood, earthquake, terrorism, or similar act beyond the reasonable control of a Party. A strike, lockout or similar labor dispute by a Party’s personnel shall be deemed to be within such Party’s reasonable control. In addition, if Castlight reasonably believes that an act of war, riot, civil disorder, or rebellion is likely, either Party may request that certain changes to the Services be proposed in light of such Force Majeure Event. Unless otherwise mutually agreed by the Parties, if Anthem agrees to changes initiated by Castlight due to an act of war, riot, civil disorder, or rebellion, Castlight shall bear all costs and expenses to perform and implement the changes. If Anthem does not agree to so change the Services, or if the event of war, riot, civil disorder, or rebellion occurs, such event shall be deemed to be a Force Majeure Event.
18.8.4 Allocation of Resources. If a Force Majeure Event causes Castlight to allocate limited resources between or among Castlight’s customers, and if the Services are disrupted by such Force Majeure event, Castlight shall not treat any other customer better than Anthem nor reduce process capacity or performance below the business continuity requirements stipulated above. If a Force Majeure Event causes Castlight to allocate limited resources between or among Castlight’s customers, and if the Services are not disrupted by such Force Majeure Event, Castlight shall not reduce process capacity or performance below the level of the process capacity and performance immediately prior to the Force Majeure Event. In addition, Castlight shall not redeploy or reassign any key personnel to another Castlight account in the event of a Force Majeure Event without Anthem’s prior written consent.
18.9 Severability. If any provision of the Agreement is held to be invalid, illegal or unenforceable in any respect under applicable law, such provision shall be excluded from the Agreement and the balance of the Agreement shall be interpreted as if such provision were so excluded and shall be enforceable in accordance with its terms.
18.10 Relationship of Parties. The Parties intend to be, are, and shall at all times be independent contractors with respect to this Agreement and all performance under this Agreement. Under no circumstances shall Castlight, any Castlight personnel, or any other of Castlight’s employees, subcontractors, agents, or representatives be considered to be employees or agents of Anthem or any of Anthem’s Affiliates, or be entitled to participate in any of Anthem’s or its Affiliates’ employee benefit programs including workers compensation and disability insurance, group health, dental and vision insurance, unemployment insurance, retirement plans, or stock-based benefits or plans. Neither Party is an agent, partner or employee of the other Party, or its Affiliates, and neither Party has any right or any other authority to enter into any agreements or undertaking in the name of or for the account of the other Party or to create or assume any obligations of any kind, express or implied, on behalf of the other Party nor will the act or omissions of either create any liability for the other Party. No form of joint employer, joint venture, partnership, or similar relationship between the Parties, or between either Party and any Affiliate of the other Party, is intended or hereby created. This Agreement shall in no way constitute or give rise to a partnership or joint venture between the Parties.
18.11 Titles and Subtitles. The titles and subtitles used in the Agreement are used for convenience only and are not to be considered in construing or interpreting the Agreement.
Software as a Service (SaaS) Agreement REV. December 2014 Page 33
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
18.12 Counterparts. The Agreement and any Agreement may be executed in two or more counterparts, each of which shall be deemed an original, but all of which, when taken together, shall constitute one and the same instrument.
18.13 Electronic Signatures. The Parties agree electronic signatures may be utilized for execution of this Agreement and any attachments hereto, including but not limited to, Statements of Work. The Parties acknowledge and agree that (i) the issuance of an electronic signature shall be valid and enforceable as to the signing Party to the same extent as an inked original signature; and (ii) these documents shall constitute “original” documents when printed from electronic files and records established and maintained by either Party in the normal course of business. Unless otherwise agreed to by the Parties, the purchase order number (issued by Anthem) shall constitute Anthem’s electronic signature and consent to any purchase order and the Castlight’s invoice number shall constitute Castlight’s electronic signature and consent to provide the Subscription Service and/or other related services. Each Party agrees that the Anthem purchase order number or the Castlight invoice number, as issued by the respective Party, shall be sufficient to verify that such Party originated the document. Neither Party shall disclose to any unauthorized person the purchase order Number or the invoice number.
18.14 Deficit Reduction Act Notification to Castlight. Section 6032 of the Deficit Reduction Act of 2005 (“DRA”) and state laws enacted pursuant to the DRA require certain entities such as Anthem to establish policies and procedures to help the entity, and its contractors and agents, detect and prevent fraud, waste and abuse relating to services provided for certain government funded programs, including Medicaid. The DRA and state laws also require certain entities to make their suppliers aware: (a) of the provisions of the False Claims Act and similar state statutes prohibiting anyone from knowingly submitting or causing another person or entity to submit false claims for payment of government funds; and (b) that any person in violation is potentially liable for three times the damages or loss to the government plus substantial civil penalties (currently $5,500 to $11,000). In addition, the False Statements Act prohibits anyone from making false statements or withholding material information in connection with the delivery of services to, or payments from, the government. Violations of these acts can also result in criminal convictions and imprisonment of up to five (5) years. As part of Anthem’s policies designed to prevent fraud, waste and abuse, Anthem does not retaliate against personnel who report violations (or suspected violations) of state of federal False Claims Acts. .
18.15 Covenant Not to Trade on Insider Knowledge. Each Party acknowledges that the other Party is a publicly traded corporation. Each Party agrees that it will not purchase or sell any stock of the other Party based on the other Party’s Confidential information. Each Party further agrees that, if it discloses the other Party’s Confidential information to any other person or entity in accordance with this Agreement, it will advise that other person or entity of the duty not to trade based on such Confidential information.
18.16 Cumulative Remedies. Except as otherwise expressly provided in this Agreement, all remedies provided for in this Agreement shall be cumulative and in addition to, and not in lieu of, any other remedies available to either Party at law, in equity or otherwise.
18.17 No Third Party Beneficiaries. This Agreement shall not benefit, or create any right or cause of action in or on behalf of, any person or entity other than Anthem, its Affiliates and assignees, or Castlight; provided that if either Party’s Affiliates’ has a cause of action under this Agreement against the other Party, such action must be initiated by a Party to this Agreement against the other Party, and not against such Party’s Affiliates directly.
Software as a Service (SaaS) Agreement REV. December 2014 Page 34
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
18.18 Entire Agreement. This Agreement sets forth the entire agreement of the Parties with respect to the subject matter of such Agreement, and except as set forth in the following sentence, supersedes any and all prior proposals, agreements, understandings, and contemporaneous discussions, whether oral or written, between the Parties with respect to the subject matter of this Agreement. Notwithstanding the foregoing, that certain Confidentiality Agreement entered into by the Parties effective March 24, 2011 (the “Confidentiality Agreement”) shall remain in effect and shall continue to govern Castlight’s uses and disclosures of Anthem’s Proprietary and Confidential Information when released thereunder via Data Release Specifications Forms associated with and incorporated into such Confidentiality Agreement. In addition, the following other agreements entered into by the Parties (as amended) shall remain in effect: (1) the Reference-Based Benefits Collaboration Agreement effective as of January 18, 2013; (2) the Amended and Restated Transparency Data Agreement effective as of August 31, 2015; (3) the Data Mining and Analytics Services Agreement effective as of March 1, 2013; (4) the Vendor Agreement effective as of September 12, 2013; and (5) the Blue Cross and Blue Shield Association Data Access Agreement for Transparency Services effective as of July 18, 2014.
IN WITNESS WHEREOF, the undersigned have read, understood and executed this Agreement and agree to be bound by its provisions as of the Effective Date.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Castlight Health, Inc.
|
|
Anthem, Inc.
|
Anthem, Inc.
|
|
Castlight
|
|
Anthem, Inc.
|
Anthem, Inc. (Procurement)
|
|
|
|
|
|
|
By: /s/ Gio Collela
|
|
By: /s/ Brian Griffin
|
By: /s/ Shane O’Reilly
|
|
Signature
|
|
Signature
|
Signature
|
|
|
|
|
|
|
Gio Collela
|
|
Brian Griffin
|
Shane O’Reilly
|
|
Printed Name
|
|
Printed Name
|
Printed Name
|
|
|
|
|
|
|
Co-Founder and CEO
|
|
President NY and Pharmacy
|
Staff VP Strategic Sourcing
|
|
Title
|
|
Title
|
Title
|
|
|
|
|
|
|
10/28/2015
|
|
10/29/2015
|
10/28/2015
|
|
Date
|
|
Date
|
Date
|
Software as a Service (SaaS) Agreement REV. December 2014 Page 35
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
EXHIBIT E
Diversity Supplier Compliance
The Castlight agrees to comply fully with Anthem’s Castlight Diversity Initiative, as further described in the Guidelines for Prospective Suppliers (found at http://www.Anthem.com/prodcontrib/groups/Anthem/@wp_suppliers/documents/wlp_assets/pw_d015001.pdf) and any participation plan that may have been submitted to Anthem. The following certified diverse suppliers will be participating in this Contract.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Diverse Suppliers
|
Phone
|
Email
|
Anthem Name
|
Scope of Goods and/or Services
|
Utilization Date
|
Amount or Percent
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
The Castlight must obtain the approval of Anthem’s Supplier Diversity Director before changing any Castlight Diversity participation plan submitted in connection with this Agreement.
Software as a Service (SaaS) Agreement REV. December 2014 Page 36
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
EXHIBIT F
Medicaid Requirements
The following Attachments are applicable to all of the services performed by Castlight for any member enrolled in a Medicaid program in the particular state to which the Attachment pertains. Notwithstanding the foregoing, all provisions contained in the Attachments may not be applicable to certain services provided by administrative services Castlight as certain provisions are applicable solely to providers of medical services. Only those provisions applicable to the specific services provided by Castlight shall be deemed to be incorporated into the Agreement. State-specific requirements may be added from time to time without need for additional amendment when an existing program is expanded to include a new Affiliate or a new program encompasses a new Affiliate. In the following documents, “subcontractor”, “Vendor” and “Supplier” refer to the “Castlight” under the Agreement.
Exhibit F-1 California Medicaid Subcontract Exhibit
Exhibit F-2 Medicaid Exhibit Indiana HHW HIP HCC
Exhibit F-3 Massachusetts Medicaid Requirements for Vendors
Exhibit F-4 New York Medicaid Requirements - Vendors
Exhibit F-5 Medicaid Exhibit South Carolina
Exhibit F-6 Medicaid Exhibit Texas (Anthem)
Exhibit F-7 Virginia Medicaid Requirement
Exhibit F-8 West Virginia Medicaid Requirements - Vendor
Exhibit F-9 Medicaid Exhibit Wisconsin
Exhibit F-10 Florida Medicaid Subcontract Exhibit
Exhibit F-11 Kansas Medicaid Subcontract Exhibit
Exhibit F-12 Medicaid Exhibit Louisiana
Exhibit F-13 Medicaid Exhibit Maryland
Exhibit F-14 New Jersey Medicaid Subcontract Exhibit
Exhibit F-15 Medicaid Exhibit Nevada
Exhibit F-16 Medicaid Exhibit Tennessee
Exhibit F-17 Medicaid Tennessee BAA – Utilize for all TN Vendors
Exhibit F-18 Medicaid Exhibit Texas (Amerigroup)
Exhibit F-19 Medicaid Exhibit Kentucky
Exhibit F-20 Medicaid Exhibit Washington
Exhibit F-21 Georgia Medicaid Exhibit
Software as a Service (SaaS) Agreement REV. December 2014 Page 37
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
EXHIBIT G
SERVICE LEVELS
I. Castlight Service Levels. Castlight’s performance shall be measured against the Performance Standards set forth in this Exhibit G and Castlight shall be assessed penalties, if applicable, as stated below. Performance Standard measurements and Castlight’s obligation to achieve the Performance Standards set under this Exhibit G are in addition to any and all other rights and remedies provided under the Agreement and/or applicable law.
A.Definitions. The capitalized terms used herein shall have the meanings ascribed to them in this Section A or, if not defined below, in Section 1 of the Agreement.
1. “Uptime” shall mean all times when the Castlight System is running and is available to be accessed by Authorized Users.
2. “Available Time” shall mean the number of hours in any given calendar month less the amount of Downtime (excluding Standard Maintenance Window hours) related to events outside of Castlight’s control, such as force majeure events, internet-wide disruptions or denial of service attacks.
3. “Downtime” shall mean all times in which the Castlight System fails HTTP checks, content verification checks and a service check
4. “Standard Maintenance Window” shall mean a biweekly maintenance period between 1:00 a.m. and 5:00 a.m. Eastern Time, every second and fourth Friday of each month. Twice annually this maintenance period may be six hours between 12:00 a.m. and 6:00 a.m. Eastern Time, provided Anthem is notified at least ten days in advance of the period.
5. “End Users” shall mean Authorized Users for which there is an effective SOF in place and for which a Launch Date has occurred.
6. “Emergency Maintenance Window” means emergency updates as result of vendor recommended patches to deal with high risk security threats as well as hardware replacement, which maintenance Castlight will use commercially reasonable efforts to perform maintenance during periods of low usage (such as evenings) and to promptly notify customers of emergency maintenance. Anthem would be notified within 90 minutes of determination that the emergency maintenance will occur and before the actual emergency maintenance would begin. Thereon, Anthem would be updated regularly throughout the time period through resolution.
B.Measurements and Reporting
Software as a Service (SaaS) Agreement REV. December 2014 Page 38
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
1. Throughout the Term of the Agreement, Castlight shall measure its performance of Services against the Performance Standards set forth below.
2. Castlight shall report such performance results, and any applicable penalties incurred, to Anthem via a “Performance Standards Report,” shall be provided in a template in a format mutually agreed to by the Parties Such Castlight Reporting shall, when applicable, contain in writing the cause of any performance failure(s) and the steps taken by Castlight to remediate. With respect to each Castlight failure to provide the Services in accordance with the applicable Service Levels, Castlight shall, as soon as reasonably practicable but not later than five (5) days after such failure unless otherwise agreed to:
a. perform a root-cause analysis to identify the cause of such failure;
b. provide Anthem with a written report detailing the cause of such failure, and procedure for correcting such failure
c. correct the problem and begin meeting the Service Level; and
d. to the extent within Castlight’s ability to control, take appropriate preventive measures so that the problem does not reoccur.
Castlight agrees it will inform Anthem of its corrective procedures, and Anthem can provide input into such procedures. For the avoidance of doubt, if the root-cause analysis cannot conclusively prove whether Castlight was not the cause of or responsible for a Service Level failure, then the Parties shall discuss an appropriate resolution to such failure. As part of such efforts, the Castlight Personnel shall work in a collaborative environment (including within reliability meetings and by coordinating with Anthem): (i) to identify offending system(s) contributing to such failures or outages, and (ii) to determine the singular point of failure and reason for that failure.
3. Performance Standards Reports shall be furnished to Anthem on a monthly basis within two (2) weeks after the end of the month (the “Monthly Report Date”), for results for the preceding month and a year-end review.
C.Calculation and Payment of Penalties
1. If at any time Castlight fails to meet any Performance Guarantee, Castlight shall calculate the applicable Performance Guarantee Penalty as identified below.
2. Castlight shall remit the total Performance Guarantee Penalty amount to Anthem on a quarterly basis following the quarter to which the Penalty applies.
3. If Castlight fails to meet an applicable Performance Standard two (2) times within a quarter or for two (2) consecutive months, Castlight shall provide Anthem with a corrective action plan, subject to Anthem’s review, collaboration and provision of input, which shall include, at a minimum, root cause analysis, scheduled meetings with Anthem to report on progress, weekly reporting to Anthem with associated backup information, and service level performance monitoring to remedy any failures.
Software as a Service (SaaS) Agreement REV. December 2014 Page 39
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
4. Notwithstanding anything herein or in the Agreement to the contrary, the Parties agree that the Performance Guarantee Penalties described in this Exhibit G payable by Castlight in any month, shall not exceed [***].
D.Adverse Performance Trends
1. If, during the course of any month (e.g., by reviewing performance data), Anthem becomes aware of adverse performance trends (e.g., trends indicating Castlight may not meet the Performance Standards for the month and provided the adverse trend is not the result of data being received in an incorrect format, incomplete or not timely), at Anthem’s request, Castlight shall promptly prepare corrective action plans to address such adverse performance trends, and with Anthem’s approval, promptly implement such plans, even though the applicable measurement period has not been completed and, accordingly, there has not yet been a Performance Standard default.
2. Nothing herein is meant to waive Anthem’s rights to demand corrective action plans or take any other action that is permitted by the terms of the Agreement.
E.Material Breaches
1. In the event of a material breach of the Agreement by Castlight, Anthem in its sole discretion may elect to impose a Performance Guaranty Penalty, which shall be in lieu of any other remedy for such material breach.
2. To make such election, Anthem shall provide written notice to Castlight that:
a. identifies the material breach,
b. provides Castlight with a reasonable cure period or not less than fifteen (15) calendar days, and
c. informs Castlight of the Performance Guaranty Penalty that will be imposed at the end of the cure period if the material breach has not been cured.
F.Performance Guarantee Data Requirements. Notwithstanding any provision herein, the failure by Anthem to provide data to Castlight as set forth in the Agreement, as applicable, and as required for the Performance Guarantees contained in this Exhibit G, shall \relieve Castlight of those guarantees under this Exhibit G that are dependent on Anthem’s provision of such data, for the period of such failure by Anthem, and only if the lack of or late delivery of data materially impacts Castlight’s ability to comply with such Performance Guarantees.
G.Reporting Timeliness Performance Guarantee. The following specifications shall apply to the timeliness of Castlight’s satisfaction of the reporting requirements set forth in the Agreement and in this Attachment, including its Addendum B:
1. Performance Guarantee Standards
a. Monthly Reports – All reports received by Anthem within two (2) weeks after the end of the month.
Software as a Service (SaaS) Agreement REV. December 2014 Page 40
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
b. Root Cause Analysis Reports – As specified in Section B.2., above.
c. Severity1 Impact Reports – Summarizing the event shall be distributed to the Anthem Business Lead and IT Lead within one (1) business day of the event.
2. Performance Guarantee Penalty –[***].
H.User Satisfaction Survey Results Performance Guarantee
1.Performance Guarantee Standards. Castlight shall satisfy the following elements:
a. Evaluate User satisfaction with the Services, using sound mechanisms for data collection and reliable methodologies for evaluating and analyzing satisfaction data, including documentation of areas of dissatisfaction. Anthem shall have reasonable input into the content of the satisfaction survey, if Anthem so requests.
b. Take actions that Anthem and Castlight mutually agree are likely to improve the identified areas of dissatisfaction.
2.Performance Guarantee Penalty –[***] .
I.Escalated Issue Response Performance Guarantee. The following specifications shall apply to the timeliness of Castlight’s response to issues raised by Anthem Customer Service and Account Management:
1. Performance Guarantee Standards. Except for Severity 1 issues, which must be reported upon discovery, Castlight must respond to 95% of issues within one (1) business day after receiving notification thereof, measured monthly. For ordinary questions, Castlight shall respond in no less than three (3) business days. In the event Escalation is required for a Severity 1, 2 or 3, Castlight will escalate the Incident to its management and Castlight’s Anthem account team for further action, resolution and/or escalation, as necessary to resolve the Incident. In addition, once the Time Allowed Prior to Escalation has passed, Anthem may escalate an Incident to the following Castlight personnel, contacting each escalation point in the order they appear below:
Castlight Account Representative: [***]
email: [***], Phone: m: [***]
Castlight Executive: [***]
email: [***], Phone: m: [***]
2. Performance Guarantee Penalty – [***].
J.System Availability Performance Guarantee. The following specifications shall apply to the availability of the Castlight Web Site other than during normally scheduled maintenance and downtime:
Software as a Service (SaaS) Agreement REV. December 2014 Page 41
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
1. Performance Guarantee Standard. In each month during the Term of the Agreement, Uptime shall constitute at least – 99.9% of Available Time; and
2. Castlight shall remedy Severity 1 defects in an average Mean Time to Recover (“MTTR”) of 1.68 hours per incident. This shall be measured by dividing the total number incidents by the total time to recover for all incidents during the measuring period, excluding any such incidents for which the root cause was determined as arising from Anthem Data or Anthem systems and services.
3. Performance Guarantee Penalty – [***].
K.Application Maintenance Performance Guarantees.
1. The following specifications shall apply:
Software as a Service (SaaS) Agreement REV. December 2014 Page 42
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
|
|
|
|
|
|
|
|
|
|
|
Priority
|
Description
|
Castlight Response Times
|
|
Severity 1
Critical
Anthem
Support
Incidents
|
Critical Business Impact. A critical problem with the Castlight Services in which any of the following occur: the Castlight Services are down, inoperable, inaccessible or unavailable, or otherwise materially cease operation; or the performance or nonperformance of the Castlight Services prevents useful work from being done. Complete loss of service or resources & work cannot reasonably continue, or PHI or sensitive data breaches.
|
• Within 45 minutes of discovery
• Castlight to provide regular updates (minimum hourly) to Anthem on the issue identification and resolution status.
• Web Support tool updated as information is available
• Castlight contact will notify the Anthem contact, who will then join Castlight’s open conference bridge line, and Castlight will provide Anthem regular updates to Anthem on the issue identification and resolution status.
|
|
Severity 2
High
Urgent
Anthem
Support
Incidents
|
Serious Business Impact. A problem with the Castlight Services in which any of the following occur: the Castlight Services are severely limited or degraded, major functions are not performing properly, the situation is causing a significant impact to certain portions of Customer and/or Castlight Services users’ operations or productivity; or the Castlight Services have been interrupted but recovered, and in Customer’s opinion there is high risk of reoccurrence.
|
• If via Phone Hotline: 8 Hours
• If via Web Support: 1 Business Day
• Web Support tool updated as information is available
|
|
Severity 3
Medium
Service
Impacting
|
Minor Business Impact. A minor or cosmetic problem with the Castlight Services in which any of the following occur: the problem is an irritant, affects non-essential functions, has minimal impact to business operations; the problem is localized or has isolated impact; the problem is an operational nuisance; the problem results in documentation errors; or the problem is any other problem that is not a Severity 1 or a Severity 2, but is otherwise a failure of the Castlight Services to conform to its Specifications
|
• If via Phone Hotline: 5 Business Days
• If via Web Support: 5 Business Days
• Web Support tool updated as information is available
|
a. Performance Guarantee Penalty – For Severity 1, [***].
b. Performance Guarantee Penalty – For Severity 2, [***].
c. Performance Guarantee Penalty – For Severity 3, [***].
2. Eligibility Loading Performance Guarantee
a. Performance Guarantee Standard – Castlight must load 100% of the incremental changes in Eligibility Data within 85% will be 24 hours (15% at 48 hours) hours after receipt of such changes from Anthem, measured monthly provided that this metric shall not apply to the extent that the data is not received in the agreed-upon format or is incomplete.
Software as a Service (SaaS) Agreement REV. December 2014 Page 43
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
b. Performance Guarantee Penalty – [***].
3. Claim Loading Performance Guarantee
a. Performance Guarantee Standard – Castlight must load 100% of the incremental changes in Claim Data within 72 hours after receipt of such changes from Anthem, measured monthly; provided that this metric shall not apply to the extent that the data is not received in the agreed-upon format or is incomplete. As part of the monthly reporting package, Castlight shall provide Anthem a file loading report, including such items as the timestamp of receipt of each file, timestamp of load of each file, count of records received, updated, and with errors in each file, and the file identification information. In addition, Castlight shall notify Anthem within 24 hours of receipt of files for any data formatting issues or with 24 hours if the file is not received by Castlight from the time agreed for exchange.
b. Performance Guarantee Penalty –[***] .
L.Client Support. Castlight shall provide the following services in support of their product:
1.Support Hours: Castlight shall provide Anthem support from 3:00 PM Sunday through 9:00 PM Friday EST for all Severity levels indicated in Section 1 above.
2.Access to Support; Response Times. Anthem may report Downtime at any time (“24x7x365”) by telephoning Castlight at [***]for live issue reporting which shall be staffed with a live individual at Castlight’s Network Operations Center (“NOC”), or submitting an incident through Castlight’s web-based customer support portal.
3.Account Support. Castlight will assign an individual to serve as the sole point of contact for the purposes of minimizing the impact of downtime and upgrades and maximizing support response times. In addition, Castlight shall not implement upgrades or migrations during the fourth quarter of any calendar year that would exceed the maximum duration of any scheduled downtime, unless the Parties mutually agree in advance prior to such event.
4.Maintenance and Technical Standards. Castlight agrees to maintain the accessibility and performance of the Hosting Services in a manner consistent with capacity and performance standards set forth herein and current telecommunications and Internet industry standards, as the same may change from time to time. For measurements required herein, Castlight may assume a stable, standard T1 connection to the Internet and measurements made at random times throughout the day. Upon request, Castlight will provide Anthem with a list of minimum recommended and technical PC standards for access to and use of the Castlight System, and Anthem acknowledges that optimal performance will not be available if recommended standards are not met by users of the Castlight System.
Software as a Service (SaaS) Agreement REV. December 2014 Page 44
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
5.Hosting Location. The Hosting Services will be rendered in a facility that is consistent with high industry standards for fireproofing, power and backup generation, structural integrity, seismic resistance and resistance to other natural and man-made disruptions (the “Facility”). In addition, the Facility shall be secured against physical and electronic intrusion in a manner consistent with high industry standards. Castlight shall provide Anthem with at least ninety (90) days written notice of a change in the location from which Castlight delivers the Hosting Services. Upon ten (10) days prior notice, Anthem may inspect the Hosting location to assess compliance with requirements set forth in this Agreement.
6.Multiple Telecommunications Providers. The Facility shall be served by no less than two separate high-speed telecommunications providers and Castlight shall have the ability to switch between telecommunications providers to reduce outages.
7.No Commingling. Castlight prevents the co-mingling of data through the use of logical and technical controls. Anthem Confidential Data from Castlight production systems shall not be exported for any reasons and shared with any customers/vendors for any purposes.
8.Performance Guarantee Penalty. Failure to comply with the requirements of this Section more than one time per calendar month shall result in a penalty of [***] .
M.Data Load, Back Up and Retention.
1.Back-Up of Anthem Data. Castlight will perform back-up and archiving of Anthem Data, which includes transactional data (tasks, activities) and documents (files) according to the schedule set forth in the table below:
|
|
|
|
|
|
|
|
|
|
|
Type of Back-Up
|
Description
|
When does back-up occur?
|
|
Daily Incremental Back-Up
|
All Anthem Data
|
Daily
|
|
Full Back-Up
|
Full server backup
|
Monthly
|
2.Back-Up Retention: Castlight will retain data files and full back-up copies of the Anthem Data at a secure storage location set forth below and in accordance with the retention periods set forth in the following table:
Software as a Service (SaaS) Agreement REV. December 2014 Page 45
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
|
|
|
|
|
|
|
|
|
|
|
Type of Back-Up
|
Retention Period
|
Storage Location
|
|
Daily Incremental Files
|
60 days
|
(i) DData centers: production and DR/BCP
|
|
Full Back-Up
|
60 days
|
(ii) DData centers: production and DR/BCP
|
3.Recovery of Archived Data: Castlight will restore data files from archived copies as quickly as reasonably practicable, as necessary as a result of system failure or data corruption or losses. Anthem acknowledges that the amount of time required to restore archived data files is dependent upon numerous factors, including, but not limited, severity or the relevant data corruption or loss. Notwithstanding the foregoing, per Castlight’s disaster recovery plan, Castlight shall have systems and processes in place to resume business within forty eight (48) hours.
4.Data Load Timeliness. Castlight warrants it will load new Anthem Data (excluding the Data already specified in K(2) and K(3) above) into the Castlight System within a mutually agreed upon timeline of receipt of Anthem Data pursuant to a Services Order Form.
5.Performance Guarantee Penalty. Failure to comply with the requirements of this Section more than one time per calendar month shall result in a penalty of [***] .
N. Latency Performance Index.
1. Web Page Response Time. Castlight further agrees that Castlight also warrants to Customer that the monthly average Web Page Response Times for login and basic search will be under five (5) seconds. “Web Page Response Times” shall mean the time measured once the Web transaction of simulated user requests and Web page refresh requests are within a test account deployed in the production environment of the Castlight online service and are within Castlight firewall delivery of corresponding Web pages to users.
2. Performance Guarantee Penalty. [***] .
O. Data Quality Assurance.
Software as a Service (SaaS) Agreement REV. December 2014 Page 46
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
1.Castlight agrees that except as needed to provide the Castlight Services or except as necessary to correct incomplete data or data provided in an incorrect format, it will not impair, degrade or otherwise change the data sent to it by Anthem or by BCBSA on behalf of Anthem for the performance of the Services. Anthem shall have the right to audit such data upon reasonable notice to Castlight. Should the data deviate from the source data sent to Castlight other than as needed to provide the Castlight Services, Castlight shall be in violation of this provision, unless such deviation is approved or requested by Anthem, or Anthem otherwise consents to such change.
2.Performance Guarantee Penalty. [***] .
Software as a Service (SaaS) Agreement REV. December 2014 Page 47
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
EXHIBIT H
Required Information Security Controls
Anthem requires all third parties to comply with the goals and objectives of its Information Security Program, as set forth in this addendum. These are minimum requirements of Anthem’s Information Security Program. Depending upon the nature of the engagement or the services provided, other requirements may be added in a Statement of Work or Master Services Agreement. These requirements are in addition to any other security requirements specified within the Master Services Agreement or a Statement of Work. We recognize that sound practices require continual assessment of evolving risks, technology and relevant issues related to information security. In the event that our Chief Information Security Officer deems it necessary to modify these Required Controls in order to continue to reasonably protect Anthem Confidential Information, then Supplier will be notified and a remediation plan and timeframe will be mutually agreed upon.
SECTION 2. COMPLIANCE
2.1 Supplier will comply with all applicable state and federal data security regulations and shall abide by all required security controls as stated herein, based upon the nature of the Services provided, the data involved and/or the location where such Services are rendered.
SECTION 3. INFORMATION SECURITY PROGRAM
3.1 Supplier shall maintain a written Information Security Program including documented policies, standards, and operational practices that meet or exceed the applicable requirements, and controls set forth in this Exhibit to the extent applicable to the Services, and identify an individual within the organization responsible for its enforcement. Supplier shall ensure that any of its subcontractors having greater than incidental access to Anthem Confidential Information shall also be contractually bound to meet or exceed these information security provisions. If at any time during the Agreement, Supplier becomes aware that it or any of its subcontractors will or do not meet the obligations described within this Exhibit, Supplier will immediately notify Anthem Information Security at AnthemVendorInfoSec@anthem.com.
SECTION 4. AUDIT PLAN
4.1 Supplier will maintain an audit plan designed to validate compliance with the controls documented in its Information Security Program by an independent qualified third party at least annually.
SECTION 5. RIGHT TO ASSESS
5.1 Upon reasonable request, Supplier may be asked to complete a security assessment questionnaire and/or attestation document designed to assist Anthem in understanding and documenting Supplier’s security procedures and compliance with the requirements contained herein. Supplier shall provide Anthem with information concerning the safeguards detailed in this Exhibit and/or other information security practices as they pertain to the protection of Anthem Confidential Information. If Supplier seeks Common Security Framework (CSF) Certified status performed by
Software as a Service (SaaS) Agreement REV. December 2014 Page 48
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
an approved CSF assessment third party and is awarded certification from the Health Information Trust Alliance (HITRUST) for the services and/or applications in scope for the engagement, then that HITRUST certification will be accepted in lieu of the Anthem assessment.
5.2 From time to time Supplier may be requested to respond to, advise and provide updates on the specific security gaps or exposures that exist for new or emerging security vulnerabilities that are made known for systems, applications, hardware devices, etc. In all instances Supplier will provide a response to any inquiry within 5 business days, and will provide specific details as to the questions asked to ensure that Anthem can appropriately evaluate the risk or exposure to Anthem Confidential Information.
SECTION 6. ENCRYPTION
6.1 Approved Encryption must be used for (i) the electronic transmission of Anthem Confidential Information to Anthem and/or to any other third party, as directed by Anthem or permitted in accordance with this Agreement and (ii) on all workstations, communications or convergence devices, portable media and backup tapes containing Anthem Confidential Information. The integrity and confidentiality of Anthem Confidential Information in transit over an open communication network will be protected through the use of Approved Encryption.
6.2 The following may be used as Anthem Approved Encryption for cryptographic hash functions:
iSHA-2
iiSHA-3
6.3 The following may be used as Anthem Approved Encryption for symmetric encryption:
aAdvanced Encryption Standard (AES) - AES 256 or higher.
6.4 The following may be used as Anthem Approved Encryption for public-key asymmetric encryption:
a. Rivest-Shamir-Adelman (RSA) with a 2048-bit key or higher
bElliptic Curve Cryptosystem (ECC) with a 256-bit key or higher
cEl Gamal with a 2048-bit key or higher
dDiffie-Hellman with a 2048-bit key or higher
6.5 The following may be used as Anthem Approved Encryption for in-transit encryption:
a128-bit Transport Layer Security (TLS) Version 1.0+
bSecure-HTTP(S)
cIPSec
Software as a Service (SaaS) Agreement REV. December 2014 Page 49
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
dSecure Shell (SSH) Version 2.0+.
SECTION 7. NETWORK AND SYSTEMS SECURITY
7.1 Supplier shall utilize and maintain a commercially available, industry standard malware detection program which includes an automatic update function to ensure detection of new malware threats.
7.2 An Intrusion Detection or Prevention System which detects and/or prevents unauthorized activity traversing the network will be maintained.
7.3 Data Loss Prevention tools will be implemented to detect and prevent the unauthorized movement of data from Supplier’s control.
7.4 At a minimum, Supplier shall engage a qualified third party to perform annual penetration testing of Supplier’s networks containing Anthem Confidential Information. The scope of the penetration testing will include all internal/external systems, devices and applications that are used to process, store, transmit Confidential Data, physical security controls for all applicable facilities, and social engineering tests. Upon request Supplier will provide Anthem with summary results and a remediation plan if security flaws are discovered.
7.5 Networks or applications that contain Anthem Confidential Information must be separated from public networks by a firewall to prevent unauthorized access from the public network.
7.6 Only authorized services and protocols will be permitted access to such computing devices. All unnecessary protocols and services must be denied.
SECTION 8. SYSTEM AND APPLICATION CONTROLS
8.1 All Anthem Confidential Information must be securely stored at all times to prevent loss and unauthorized access or disclosure.
8.2 Laptop and workstation systems that access Anthem Confidential Information will have encryption at rest and anti-malware protection.
8.3 Operating systems and application software used must be currently supported by the manufacturer.
8.4 Current versions of operating system and application software must be maintained, and patches applied in a timely manner for all systems and applications that receive, maintain, process or otherwise access Anthem Confidential Information.
8.5 At least quarterly vulnerability scanning will be performed. Medium and high risk vulnerabilities identified during the scanning will be promptly remediated.
8.6 Anthem Confidential Information must not be used in any non-production environment such as testing or quality assurance unless de-identification of the data has been performed. In the event that de-identification is not practical or feasible compensating controls must be in place protecting the data to the same level of protection as afforded to production environment.
Software as a Service (SaaS) Agreement REV. December 2014 Page 50
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
8.7 Anthem Confidential Information must be logically or physically segregated from other data controlled by Supplier or other clients of Supplier in such a way that the data may be identified as Anthem data and access controls implemented so that only those users authorized to access the data will be permitted to do so.
SECTION 9. DATA DESTRUCTION
9.1 All Anthem Confidential Information, whether such information is in paper, electronic or other form, requires secure disposal or destruction when no longer required, when requested by Anthem or upon the termination or expiration of the Agreement. These measures should, at a minimum, include: (i) burning, pulverizing or cross-cut shredding to a size equal or smaller to 5/8-inch by 2-inches papers or print media so that the information cannot practicably be read or reconstructed; (ii) ensuring the destruction or erasure of floppy disk, magnetic tape, tape cartridges, hard drives or other electronic or optical media so that the information recorded or contained cannot practicably be read, recovered or reconstructed; and, (iii) ensuring that any third party who performs the activities described in (i) and (ii) on Supplier’s behalf does so in a manner consistent with these requirements.
SECTION 10. PHYSICAL CONTROLS FOR THE PROTECTION OF ANTHEM CONFIDENTIAL INFORMATION
10.1 All Anthem Confidential Information received or created in paper form must be stored in lockable containers.
10.2 A clean desk policy will be enforced to ensure proper safeguarding of all hard copy Anthem Confidential Information.
10.3 Supplier must retain visitor logs documenting all individuals who are not employed by Supplier who gain access to the facility where services are performed.
10.4 Anthem Confidential Information will not leave control of the Supplier without the written approval of Anthem.
10.5 Servers, enterprise data storage devices, backup tapes and media, and other computing devices that contain Anthem Confidential Information used to support network communications must be located in a secure and restricted access location within the facility.
10.6 All workstations, portable devices and removable media containing Anthem Confidential Information or accessing Anthem networks must be encrypted.
SECTION 11. ACCESS CONTROL
11.1 Prior to gaining access to Anthem Confidential Information, workforce members will have appropriate background checks completed in compliance with state and federal law with no breach of trust crimes reported.
11.2 Physical and logical access to Anthem Confidential Information and the systems and workspaces used to support Anthem, will only be granted as a result of a demonstrated and legitimate need to know based upon job responsibilities.
Software as a Service (SaaS) Agreement REV. December 2014 Page 51
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
11.3 Security awareness training will be completed prior to access being granted to Anthem Confidential Information, and then completed on an annual basis going forward so long as access to Anthem Confidential Information continues.
11.4 Physical and logical access will be granted to the minimum Anthem Confidential Information necessary to meet the requirements of the user’s scope of responsibilities.
11.5 Access reviews will be performed at least quarterly for privileged user and twice annually for non-privileged user accounts.
11.6 Only those individuals providing services to Anthem, or those who are responsible for administering or managing systems that contain Anthem Confidential Information shall be authorized to access systems containing Anthem Confidential Information.
11.7 All users that are no longer required or authorized to access Anthem Confidential Information or systems that contain Anthem Confidential Information must have access promptly disabled.
11.8 Access to Anthem Confidential Information and systems that contain Anthem Confidential Information must be access controlled through the use of individual user IDs and passwords.
11.9 All user passwords must be changed at least every ninety (90) days at a minimum, or sooner if there is reasonable cause to believe that an unauthorized person has learned the password.
11.10 Processes must be in place to create the appropriate audit trails to determine who has accessed Anthem Confidential Information and/or systems that contain Anthem Confidential Information.
11.11 Remote access to systems or networks that contain Anthem Confidential Information must use multi-factor authentication and a connection with Approved Encryption.
11.12 A report listing all individuals who have access to Anthem Confidential Information and/or systems that contain Anthem Confidential Information and the level of access granted shall be provided to Anthem within 48 hours upon request.
11.13 A report listing activity associated with any user ID who has access to Anthem Confidential Information shall be provided to Anthem within 48 hours upon request.
SECTION 12. OFFSHORE SECURITY REQUIREMENTS
12.1 Anthem Confidential Information is not permitted to be hosted or stored offshore. Offshore locations may be utilized for the processing of data. However, all data must reside on servers located in the United States for the duration of the processing.
12.2 Backup processes at offshore locations will not receive, maintain, process, or otherwise access Anthem Confidential Information.
12.3 Offshore workstation computers must adhere to baseline system security requirements defined by the organization which enforce the most restrictive mode consistent with operational requirements. All unnecessary services, features and networks must be disabled on workstations used to support Anthem operations, including:
Software as a Service (SaaS) Agreement REV. December 2014 Page 52
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
aDisabling workstations from simultaneously connecting to the Anthem network and other networks (split tunneling)
bDisabling user access to local workstation storage or supplier network storage (such as that to which Anthem Confidential Information) by employing the following technical controls:
cPlatform - external and internal firewalls configured for least port access, traffic load balancing for server masking, network switching with VLAN segregation, network intrusion detection systems (NIDS), host intrusion detection systems (HDS), application firewalls (WAF), data leakage protection (DLP) installed on all servers where Customer data reside and bastion host configured in blocking mode, server function segregation (web/application, database), encryption in transit and rest. Privileged access is controlled by a bastion host gateway, multi-factor access for user identity and authentication with unique user id’s with a least access utilizing RSA 2F and centralized LDAP. Access for running privileged activities is authorized using privileged management tools (sudo) and logged centrally for verification and auditing including keystroke logging. Change control is strictly enforced for operational and application code changes with four-eyes principle in review, tracking and approval.
dCastlight has a formal monitoring policy and procedure for all systems that process or store Anthem data that employs centralized logging of systems, network and security devices and keystroke logging.
eWorkstation – Full disk encryption at rest, 10 minute screen lock, DLP, Anti-Virus, offshore workstations restrict administrators access and read-only capability for external devices (USB, I/O ports etc)
•For offshore locations, Supplier shall employ a bastion host which includes technical controls that act as a traditional Citrix environment where the end user is limited to screen refreshes and the endpoint can do nothing more than view the information. All read write and elevated access by the user shall be initiated within the bastion host user environment.
•No one at any offshore location will access any Anthem systems.
12.4 All work from offshore locations must be performed in facilities that have received prior written approval. As of the date of the Agreement, Anthem has approved the subcontractors and locations set forth on Exhibit N of the Agreement. Any offshore subcontractors that access Anthem Confidential Information outside of an approved location, would need to be approved by Anthem Information Security prior.
SECTION 13. CLOUD COMPUTING
Anthem bases the decision of whether a service is considered a cloud based technology on several factors including the five essential characteristics defined by the National Institute of Standards and Technology (NIST), Note that the absence of one or more of these characteristics is not viewed as a final deciding factor when determining if a service is Cloud based. Cloud Computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources that can be rapidly provisioned and released with minimal management effort or service provider interaction. Castlight warrants that it does not utilize or place Anthem Confidential Information into an environment that meets the definition of Cloud Computing described herein to provide services to Anthem. Castlight
Software as a Service (SaaS) Agreement REV. December 2014 Page 53
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
will not utilize or place Anthem Confidential Information into a Cloud Computing environment unless the solution complies with applicable Anthem Workforce Information Security Policy.
The use of a multi-tenant environment is prohibited for hosting Confidential Information, unless a risk assessment has been performed and the appropriate Anthem Information Security approved risk mitigating controls are in place.
Logical controls, virtual machine zoning, virtualization security and segregation must be in place to help prevent attacks and exposure in multi-tenancy environments.
Anthem Confidential Information must not be stored on removable or mobile media with other non- Anthem information (e.g. shared backup tapes).
Anthem Confidential Information included in a cloud computing-based environment must be protected with Anthem Approved Cryptographic Controls in transit, storage, and at rest. Appropriate Encryption key management must also be provided.
All Anthem data hosted in a cloud environment must remain on US-based systems and may not be stored outside of the United States.
The Cloud Service Provider (CSP) must provide a detailed mechanism for how litigation holds will be implemented. This will include how metadata will be created, accessed, and stored in the cloud environment.
Cloud Service Providers must undergo an annual independent audit by an accredited auditing firm covering the scope of Anthem data. Results of this audit must be provided to Anthem along with associated remediation decisions and activities, if applicable.
Key application components must have interoperability and portability requirements outlined that would allow Anthem to assume these items if needed.
Incident response roles and responsibilities must be clearly outlined between the cloud service provider and Anthem.
Security-related reports including vulnerability scans, intrusion detection, identity management must be performed and provided to Anthem on all systems and components that handle, process, or store Anthem data. This can be accomplished by the cloud service provider or Anthem performing the scans and generating the reports. For scans performed by the Cloud Service Provider, the results must be delivered quarterly to the Anthem Information Security team representatives.
When virtual machines or instances are no longer used, moved from one physical server to another, or have been decommissioned, all data must be zeroed or destroyed using Information Security approved techniques.
Identity management for cloud computing-based services and platforms will be in place establishing the identity of the user and providing for authentication and authorization.
The CSP must have a system able to enforce or allow Anthem appointed personnel to enforce the account management capabilities, such as account lockouts for unsuccessful logon attempts, defined inactivity
Software as a Service (SaaS) Agreement REV. December 2014 Page 54
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
times, remote access allowances, specific success and failure events, and management of elevated privilege accounts.
All identity credentialing, authentication, authorization, and access control events must be logged and those logs are subject to periodic audit. At a minimum, the CSP must produce logs of all specified success and failure events associated with identity and access management in the cloud environment it manages. These logs must then be archived for at least twelve months. These archived logs must be searchable and or discoverable.
The CSP must conduct access reviews quarterly for privileged user accounts and twice yearly for non-privileged user accounts.
Technology Steering Board If upon review by Anthem’s Technology Steering Board, items are identified for remediation, such remediation must be completed in agreed upon timeframes.
SECTION 14. CONTINGENCY PLANNING
14.1 Supplier will have documented Business Continuity and Disaster Recovery plans in place. Such plans will be tested at least annually.
SECTION 15. INCIDENT RESPONSE
15.1 Supplier will have documented Incident Response Plan. Such plan will be tested at least annually.
SECTION 16. PAYMENT CARD INDUSTRY DATA SECURITY STANDARD
To the extent that Supplier stores, processes or transmits cardholder Nonpublic Personal Financial Information as part of the Services, Supplier shall at all times be compliant with the Payment Card Industry Data Security Standard.
Software as a Service (SaaS) Agreement REV. December 2014 Page 55
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
EXHIBIT I
Qualified Health Plan
Regulatory Exhibit
The following Qualified Health Plan terms and conditions shall be incorporated into the Agreement. These provisions shall only apply to services provided by Vendor to or for Health Plan’s “Qualified Health Plans” as defined in and in accordance with 45 CFR Parts 155 and 156, and any subsequent amendments or relevant provision in the regulations.
Federal Requirements - Applicable to all Health Plans that are Qualified Health Plans
1.Qualified Health Plans. Vendor acknowledges that payments Vendor receives from Health Plan may be used to provide services to Qualified Health Plan Covered Individuals. Therefore, Vendor and any of its subcontractors may be subject to certain laws that are applicable to individuals and entities providing services to Qualified Health Plans, including but not limited to, 45 CFR §§155.1210 and 156.340. Vendor agrees to comply with the requirements of 45 CFR §§155.1210 and 156.340, including but not limited to those set forth in the following sections of this Exhibit.
2.Maintenance of Books and Records. In accordance with 45 CFR §§155.1210 and 156.340, Vendor agrees that it will maintain all books and records related to its provision of services to Qualified Health Plans for ten (10) years.
3.Inspection of Books and Records. In accordance with, 45 CFR §§155.1210 and 156.340, Vendor acknowledges that the State where Health Plan is located, the Department of Health and Human Services (HHS), the Office of Inspector General, State regulatory agencies, or their designees have the right to timely access to inspect, evaluate and audit any books, contracts, medical records, patient care documentation, and other records of Vendor, or its first tier, downstream and related entities, including but not limited to subcontractors or transferees involving transactions related to Health Plan’s Qualified Health Plans through ten (10) years from the final date of the contract period or from the date of the completion of any audit. For the purposes specified in this provision, Vendor agrees to make available Vendor’s premises, physical facilities and equipment, records relating to Health Plan’s Covered Individuals, including access to Vendor’s computer and electronic systems and any additional relevant information that the State, HHS, OIG or their designees may require.
Software as a Service (SaaS) Agreement REV. December 2014 Page 56
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
4.Subcontractors. In accordance with, 45 CFR §§155.1210 and 156.340, Vendor agrees that if Vendor enters into subcontracts to perform services under the terms of the Agreement, Vendor’s subcontracts shall include an agreement by the subcontractor to comply with all of the Vendor obligations in this Qualified Health Plan Regulatory Exhibit and applicable terms in the attached Agreement. Such subcontract shall specify the delegated activities and reporting requirements.
5. Termination-Regulatory Issues. In accordance with 45 CFR §§155.1210 and 156.340, if during the term of the Agreement, the Health Plan concludes that it is necessary to cancel any of the activities to be performed under this Agreement in order to comply with Federal or State laws, regulations, or policies applicable to Qualified Health Plans, Health Plan may, at its discretion, cancel the activity and be relieved of any related obligations under the terms of the Agreement. If Health Plan or Vendor concludes that it is necessary to reorganize or restructure any of the activities to be performed under this Agreement in order to comply with Federal or State laws, regulations, or policies applicable to Qualified Health Plans, Health Plan or Vendor may request to renegotiate such terms.
6. Revocation. Vendor agrees that Health Plan has the right to revoke this Agreement for its Qualified Health Plans if HHS, the applicable State regulatory agency or Health Plan determines that Vendor or any of its independent contractors or subcontractors has not performed the services satisfactorily and/or if requisite reporting and disclosure requirements are not otherwise fully met in a timely manner. Such revocation shall be consistent with the termination provisions of the Agreement.
State-Specific Requirements
The following additional provisions apply if and only to the extent that Vendor provides services to or for Qualified Health Plans in the specified state.
Connecticut - If Vendor is a “Material subcontractor”, Vendor will comply with all of the applicable provisions of the contract between Health Plan and the State Exchange Board. “Material subcontractor” means “any entity from which Health Plan procures or re-procures, or proposes to subcontract with for the provision of, all or part of its administrative services for any major program area or function that relates to the delivery of care including but not limited to behavioral health, claims processing, or pharmacy benefit and/or actuarial support.”
Nevada - Vendor agrees that if it receives from or creates for Health Plan, as a Qualified Health Plan in the State of Nevada, any PHI (protected health information) or PII (personally-identifiable information), Vendor will implement reasonable and appropriate safeguards to protect such PHI or PII. Prior to any Vendor employee or agent receiving or having access to any PHI or PII, Vendor must first have entered into a business associate agreement with Health Plan.
New York - Vendor agrees that all work performed by it for Health Plan must be in accordance with the terms of this contract between Health Plan, as a Qualified Health Plan, and the State of New York (the “QHP Contract”), including, without limitation, the confidentiality provisions set
Software as a Service (SaaS) Agreement REV. December 2014 Page 57
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
forth therein. Under no circumstances shall Vendor subcontract any of its duties or obligations under the Agreement without the prior written approval and knowledge of the Health Plan and New York Department of Health.
Vendor shall promptly notify Health Plan in writing of any inquiry, audit, investigation, litigation, claim, examination or other proceeding involving Vendor, or any of its personnel, that is threatened or commenced by any regulatory agency or other party that a reasonable person might believe could materially affect the ability of Vendor to perform in accordance with the terms set forth in the Agreement or in the QHP Contract. Vendor shall provide such notice within ten (10) days of the date when Vendor learns of such action/event. Vendor acknowledges that Health Plan is obligated to notify the State of New York of such actions/events under the terms of the QHP Contract. Vendor shall comply with the State of New York's reasonable requests for information relating to the reported action/event; provided, however than any such exchange of information shall be subject to compliance with law and shall not occur to the extent prohibited by order of the court, administrative agency, or other tribunal or regulatory authority having jurisdiction over the matter or by the laws and regulations governing the action.
Software as a Service (SaaS) Agreement REV. December 2014 Page 58
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
EXHIBIT J: BCBSA REQUIREMENTS
BCBS AXIS REQUIREMENTS and BCBSA CO-BRANDING REQUIREMENTS
EXHIBIT J-1
BCBS AXIS REQUIREMENTS
The use of data by Castlight is restricted as set forth below. The alteration of Network Data or BCBS AXIS Data in any manner is prohibited, except as outlined below.
Network Data
Network Data must only be used for the following:
•Account-specific geographic analyses
•Account-specific disruption analyses
•Provider finder applications
•Call center applications
•UM/UR
Network Data may only be supplemented and used in an integrated display as follows:
•When Anthem has executed an agreement to supplement the Network Data with each Non-Anthem Blue Plan; or
•By providing a link to the third party data source. (The source of the data must be clearly identified in the presentation of the data.)
BCBS AXIS Data
BCBS AXIS Data may only be used for the following:
•Blue Distinction analysis reporting
•Savings opportunity reports provided to national accounts
•Establishing benefit differentials based on the setting of service
•Integrate multiple physician office visit costs for member display
•Member out-of-pocket estimates
BCBS AXIS Data must follow the data use and display standards as outlined by BCBSA and communicated by Anthem. General categories include:
Software as a Service (SaaS) Agreement REV. December 2014 Page 59
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
•Access and Security
•Overlapping Service Areas
•Procedure Volume
•Treatment Category
•Provider Specific Display
•Office Visit Display
•Out-of-Pocket
•Messages
•Hover Text
In addition, a disclaimer/disclosure statement must be displayed to Anthem Blue Members or Non-Anthem Blue Members when accessing the BCBS AXIS Data. The disclosure/disclaimer statement must be present to clarify what the BCBS AXIS Data is what it is not. Key points must include:
•Explanation of how estimates were developed
•Estimates are a guide
•Estimates vary and actual cost may change
•Coverage, benefits and authorization for services must be checked.
•A statement that the information does not indicate medical advice, actual costs, guarantee of payment, prior approval for the service or represent an adjudicated claim.
BCBS Data Access
BCBS data assets must be accessed only via the following methods:
•Transactional web services
•Staged structured data built in a secure BCBSA environment
•Data extracts
Data Aggregation
Until and unless a change in BCBSA Policy permits such aggregation and Anthem has communicated such change to Castlight in writing, Castlight is prohibited from aggregating account-specific claims data with data from other BCBS and non-BCBS accounts for the purpose of consumer transparency solutions.
Software as a Service (SaaS) Agreement REV. December 2014 Page 60
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
EXHIBIT J-2
BCBSA SUMMARY CO-BRANDING REQUIREMENTS
A.Definitions
1.Support Company: a company that the Licensee (Anthem) hires to help deliver products and services that a Licensee offers under the Blue Cross and Blue Shield names and symbols (each a “Blue Product”), or services in support of the Licensee’s Blue Products. For purposes of the Core Transparency Services, Castlight is a Support Company.
2.Account Vendor: a company that provides its own product or services to the account or individual without involvement by the Licensee; may have a joint marketing arrangement with the Licensee. In providing the Castlight Buy-Up Products under direct contracts with customers, Castlight acts as an Account Vendor.
2. Requirements
Software as a Service (SaaS) Agreement REV. December 2014 Page 61
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
|
|
|
|
|
|
|
|
|
|
|
Co-Branding Requirement Categories
|
Support Company
Requirement
|
Account Vendor
Requirement
|
|
Logo Prominence
|
Licensee symbol/logo must appear to the left of Support Company logo; Support Company logo may not exceed the height of the Licensee symbol/ logo (i.e. the Licensee and Support Company logos are permitted to be the same size)
|
Licensee symbol/logo must appear to the left of Account Vendor logo; Account Vendor logo may not exceed the height of the Licensee symbol/ logo (i.e. the Licensee and Account Vendor logos are permitted to be the same size)
|
|
Content/ Format
|
Support Company co-branded content may not promote or include information about “other products” of Support Company. Support company co-branded content cannot display brands of National Competitors or entities in litigation with BCBSA regarding use of Blue marks. In the course of providing its services, Support Company may make a factual reference in its materials that it is providing services in connection with Licensee’s Blue Product(s).
|
Account Vendor co-branded content must include Account Vendor’s name (i.e. “blind references” are not permitted except as specifically permitted on ID cards.); Account Vendor co-branded content cannot display brands of National Competitors or entities in litigation with BCBSA regarding use of Blue marks.
Co-branded communications and information about Account Vendor’s products must be presented in a segregated format such that a potential or existing Customer can discern that the Castlight Buy-Up Product is not a Blue Product.
|
|
Disclosures
|
Co-branded communications must state that Support Company is an independent or separate company; co-branded communications must elaborate on nature of services provided by Support Company in supporting Blue product; e.g., X, is a separate company that provides xxx services on behalf of Anthem
|
Co-branded communications must state that Account Vendor is an independent or separate company; co-branded communications must explicitly state that product is NOT a BlueCross and/or BlueShield product. Co-branded communications must state that Account Vendor is solely responsible for product.
|
3. Castlight’s Role.
Anthem and Castlight acknowledge that Castlight’s activities related to the overall arrangement contemplated by the Agreement encompass activities of both a Support Company and Account Vendor. Anthem and Castlight will develop a framework to determine whether Castlight activity should be governed by BCBSA Support Company or Account Vendor co-branding communication requirements. For example:
Software as a Service (SaaS) Agreement REV. December 2014 Page 62
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
|
|
|
|
|
|
|
|
|
|
|
Castlight activity:
|
Definition of Castlight in relation to Anthem for activity:
|
Rationale
|
|
Sales collateral about the directly-contracted Castlight Buy-Up Products
|
Account vendor
|
Castlight is selling. No blue branding
|
|
Transparency Web Site
|
Support Company
|
Castlight is acting as Anthem’s enterprise transparency vendor in this instance.
|
|
Castlight Web Site (when/if accessed by Users of groups that have purchased one or more directly-contracted Castlight Buy-Up Products
|
Account vendor
|
Castlight is entering into a direct agreement with the group for the Castlight Buy-Up Product(s). No blue branding
|
|
Member communications about the directly-contracted Buy-Up Products
|
Account vendor
|
Castlight is the entity responsible for Member engagement activities with respect to the Buy-Up Products No blue branding
|
EXHIBIT J-3
Patient User Review Requirements
A.PRP Requirements. The following requirements apply to the Patient Review of Physicians (“PRP”) program:
1.Members must be offered a patient review tool s providing them the ability to read and write reviews about their experiences with providers.
2.Adherence to the Patient Review standards in accordance with the BCBSA Inter-Plan Programs Manual is required.
3.Participating providers must be educated about the potential for members of other Blue Plans to read and write reviews about their patient experience.
4.Patient review data must be supplied to the BCBSA in accordance with the BCBSA Inter-Plan Programs Manual.
5.Patient Review data must be displayed in accordance with the Inter-Plan Programs Manual.
Software as a Service (SaaS) Agreement REV. December 2014 Page 63
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
B.PRP Standards. Compliance with the PRP standards for consistent collection of patient review data is required. The four PRP standards are common questions, authentication, validation, and moderation.
1. Common Questions. All User Review (PRP) tools must include a minimum set of common questions in their display to Members that cover the following aspects of the patient encounter with the provider. Other questions in addition to this set may be included, but only response data on the common question set or supplemental question categories are aggregated in the BCBSA’s National Patient Review Database. The text does not have to be worded exactly the same as the common question set but must be consistent in meaning with the required topic categories in order to allow for aggregation of response data from all Plans.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#
|
Topic
|
Question
|
Response Type
|
Plan
|
Member
|
|
1
|
Overall Experience
|
"How would you rate your overall experience and satisfaction with this doctor?"
|
Point Scale
(e.g., five-point scale)
|
Display all six Questions to Member in tool is required.
|
Member required to respond to Questions 1 and 2 in order to submit their review
|
|
2
|
Recommend
|
"Would you recommend this doctor to your friends/ family?"
|
Yes/No
|
|
|
|
3
|
Communication
|
"How well did the doctor communicate with you about your health concerns?"
|
Point Scale
|
|
Optional for Member to respond
|
|
4
|
Availability
|
"How would you rate the doctor's availability for your appointment?"
|
Point Scale
|
|
Optional for Member to respond
|
|
5
|
Environment
|
"How would you rate the doctor's overall practice environment?"
|
Point Scale
|
|
Optional for Member to respond
|
|
6
|
Text Comments
|
"Have additional comments to make about this doctor?"
|
Open Text Field
|
|
Optional for Member to respond
|
2. Authentication. To ensure validity and integrity, members must be authenticated through the Anthem portal in order to write a review on a provider.
3. Validation. Validation that the member writing a review has seen the provider and determine the encounter validation method for their members is required (member attestation or claim verification are acceptable methods).
Software as a Service (SaaS) Agreement REV. December 2014 Page 64
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
4. Moderation. Reviews that contains text (non-numeric content such as comments or screen name) must be moderated (i.e., reviewed by a person) to ensure appropriateness for display. Additionally, the Restricted Terms list identifies terms that cannot be submitted to the National PRP Database. Attempting to submit reviews containing Restricted Terms will cause a data submission error.
Software as a Service (SaaS) Agreement REV. December 2014 Page 65
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
EXHIBIT K
NCQA REQUIREMENTS – DIVISION OF RESPONSIBILITIES
Castlight Health, Inc.
Division of Responsibilities for Online directory services, cost estimation, and provider quality / review
In scope for: NCQA RR4 and MEM 5A
Please note: The Health Plan retains responsibility for all functions unless designated below.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Basic Compliance Activity Standard
|
Compliance Activity Performance Measurement
|
Party Responsible For Compliance Activity
|
|
|
|
|
Health
Plan
|
Vendor
|
Physician directory Data
NCQA RR4A]
|
The organization has a Web-based physician directory that includes the following physician information:
1.Name
2.Gender
3.Specialty
4.Hospital affiliations
5.Medical group affiliations, if applicable
6.Board certification
7.Accepting new patients
8.Languages spoken by the physician or clinical staff
9.Office locations
|
|
|
Software as a Service (SaaS) Agreement REV. December 2014 Page 66
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Physician and Hospital Directories Physician Directory Updates [NCQA RR4B]
|
The organization updates the physician directory within 30 calendar days of receiving new information from the physician.
Call out timeframe of both parties to meet the 30 days turnaround timeliness
|
Anthem is responsible for the intake
|
X
Vendor is responsible for display and timeliness
|
Physician Information Validation [NCQA RR4C]
|
In each physician listing in its Web-based directory, the organization provides an explanation of the item, its source, the frequency of validation and limitations with each of the following:
10.Name
11.Gender
12.Specialty
13.Hospital affiliations
14.Medical group affiliations
15.Board certification
16.Accepting new patients
17.Languages spoken by the physician or clinical staff
18.Office locations
Physician information is accessible from each listing and may be layered (e.g. pop-up or pull-down windows)
|
Anthem owns the content
|
X
They need to provide a location and accept updates as needed.
|
Software as a Service (SaaS) Agreement REV. December 2014 Page 67
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
|
|
|
|
|
|
|
|
|
|
|
|
|
searchable Physician Web-Based Directory
NCQA RR4D]
|
The organization's web-based physician directory includes search functions with instructions on how to find the following physician information:
19.Name
20.Gender
21.Specialty
22.Hospital affiliations
23.Medical group affiliations
24.Accepting new patients
25.Languages spoken by the physician or clinical staff
26.Office locations
|
|
|
Hospital Directory Data
NCQA RR4E]
|
The organization has a web-based hospital directory that includes the following information to help members and prospective members choose a hospital:
27.Hospital name
28.Hospital location
29.Hospital accreditation status
30.Hospital quality data from recognized sources
|
Factor 4:
Anthem owns the content- Hospital Quality Data
|
Factor 4:
They need to provide a location and accept updates as needed.
|
Hospital Directory Updates [NCQA RR4F]
|
The organization updates its hospital directory information within 30 calendar days of receiving new information from the hospital.
Call out timeframe of both parties to meet the 30 days turnaround timeliness
|
Anthem is responsible for the intake
|
X
Vendor is responsible for display and timeliness
|
Software as a Service (SaaS) Agreement REV. December 2014 Page 68
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
EXHIBIT L
[***]
Software as a Service (SaaS) Agreement REV. December 2014 Page 69
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
EXHIBIT M
JOINTLY DEVELOPED PRODUCTS
i.Rights and Responsibilities of the Parties. The Parties may elect during the term of the Agreement to collaboratively develop new products (each a “Jointly-Developed Product” and collectively the “Jointly-Developed Products”). Except as set forth in this Agreement, the development responsibilities, pricing and contracting arrangements, data requirements, ownership and intellectual property rights, and other terms associated with each Jointly-Developed Product shall be as mutually agreed by the Parties and memorialized in a writing signed by both Parties and incorporated herein by reference upon execution by the Parties.
ii.Exclusivity. During the Exclusivity Period associated with each Jointly-Developed Product created during the term of the Agreement, the Jointly-Developed Product shall be made available only to: (a) Plan Sponsors whose group health plans are administered or insured by Anthem; (b) Anthem, for any of its customer segments; and (c) customers of Non-Anthem Blue Plans. For purposes of this provision, “Exclusivity Period” shall mean, with respect to a Jointly-Develop Product, a period of two (2) years beginning on the date on which the Parties mutually agree that the Jointly-Developed Product has passed all quality and testing regimens and is generally ready for production use.
iii.Revenue Share on Jointly-Developed Products. Anthem shall be entitled to an incentive in the form of a revenue share in the amount of 10-25% of revenue for Jointly-Developed Products purchased by Anthem clients, including the purchase of any Jointly-Developed Product(s) by Anthem for any of its customer segments. The Parties will mutually agree on the revenue share percentage on an Order basis.
Software as a Service (SaaS) Agreement REV. December 2014 Page 70
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
EXHIBIT N
APPROVED SUBCONTRACTORS AND SERVICE LOCATIONS
The subcontractors utilized by Castlight in the performance of Castlight’s services and approved by Anthem are listed in this Exhibit N and such list may only be modified in accordance with the terms and conditions of the Agreement:
•Persistent Systems - Pune India
•Telerex - Horsham Pennsylvania
•Indmax - Hyderabad India
•Imaginea - Hyderabad India
•AASON - Consulting Chicago, Illinois
•SunGard - Aurora Colorado and Phoenix Arizona
•DatAvail - Broomfield Colorado
•Imperva - Redwood Shores, California
•Mimecast - Watertown, Massachusetts
•Birst - San Francisco, California
Software as a Service (SaaS) Agreement REV. December 2014 Page 71
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
.
EXHIBIT O
COMPETITORS
▪.UnitedHealth Group, Inc. and its subsidiaries and affiliates
▪.Aetna Life Insurance Company and its subsidiaries and affiliates
▪.Cigna and its subsidiaries and affiliates
Software as a Service (SaaS) Agreement REV. December 2014 Page 72
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
EXHIBIT P
Medicare Medicaid Dual Integration Regulatory Exhibits
§ Exhibit P -1: New York Dual Integration Regulatory Exhibit
§ Exhibit P-2: Texas Dual Integration Regulatory Exhibit
§ Exhibit P-3: Virginia Dual Integration Regulatory Exhibit
Software as a Service (SaaS) Agreement REV. December 2014 Page 73
AMENDMENT 7 TO THE SAAS AGREEMENT
This Amendment 7 to the SaaS Agreement (this “Amendment”) is made as of October 19, 2019 (“Amendment Effective Date”) and amends that certain SaaS Agreement executed on November 1, 2015, as amended (the “Agreement”), by and between Castlight Health, Inc. (“Castlight”) and Anthem, Inc. on behalf of itself and its Affiliates (collectively, “Anthem”).
The Parties agree as follows:
1.Conflict of Terms, Definitions. In the event of a conflict between the terms of this Amendment and the terms of the Agreement, the terms of this Amendment shall control. Unless otherwise specified in this Amendment, all capitalized terms shall have the meaning given to them in the Agreement.
2.Amendment to Section 14.2 Limit on Direct Damages. Section 14.2 of the Agreement is hereby replaced in its entirety with the following:
“14.2. Limit on Direct Damages. Except as set forth in Section 14.3 below, in no event shall either Party’s aggregate liability exceed $20,000,000 (Twenty Million Dollars). Any amount owed by Castlight to Anthem in the way of service credits based upon a failure to meet the Service Levels set forth on Exhibit G attached hereto, shall not count toward any calculation of damages under this section.”
3.Amendment to Exhibit G: Service Levels. Exhibit G: Service Levels of the Agreement is hereby amended as follows:
a. Each reference to “Authorized User” in Exhibit G is hereby replaced by a reference to “User” as defined in the Services Order Form 5 to the Agreement.
b. The definition of “End Users” in Exhibit G is hereby replaced in its entirety by the following definition of “Impacted Users”. Each reference to “End Users” in Exhibit G shall be read as a reference to “Impacted Users”.
“Impacted Users” shall mean the Users whose Service was actually affected by the failure to meet the performance standard in question.”
c. For the avoidance of doubt, where a payment that is due under Exhibit G is expressed as a percentage of fees, such payment shall be a percentage of the monthly fee amount unless expressly stated otherwise in Exhibit G.
4.Deletion of Exhibit L: Pricing: Exhibit L of the Agreement is hereby deleted in its entirety.
5.No Other Modifications. Except as provided herein, the terms and conditions of the Agreement shall remain the same, and in full force and effect.
IN WITNESS WHEREOF, the parties have caused this Amendment to be duly executed as of the Amendment Effective Date indicated above.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Castlight Health, Inc.
|
|
Anthem, Inc.
|
|
By:
|
/s/ Siobhan Nolan Mangini
|
By:
|
/s/ Jim Ardell
|
|
Name:
|
Siobhan Nolan Mangini
|
Name:
|
Jim Ardell
|
|
Title:
|
President & CFO
|
Title:
|
VP, Corporate Real Estate and CPO
|
|
Date:
|
10/19/2019
|
Date:
|
10/19/2019
|
|
Address:
|
150 Spear St. Floor 4
San Francisco, CA 94105
|
Address:
|
220 Virginia Ave
Indianapolis, IN 46204
|
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
SERVICES ORDER FORM 5
TO SOFTWARE AS A SERVICE (SaaS) AGREEMENT
ENTERPRISE SERVICES
This Services Order Form (“SOF 5”) is made effective as of January 1, 2020 (“Effective Date”). The terms and conditions of that Software as a Service Agreement (including all Exhibits attached thereto the “SaaS Agreement”) executed by and between Castlight Health, Inc. (“Castlight”) and Anthem, Inc., on behalf of itself and its Affiliates (each an “Anthem Company” and collectively, “Anthem”), dated November 1, 2015, as amended by Amendments 1 to 6, shall apply herein. The duties and obligations of the Parties set forth elsewhere in the SaaS Agreement, together with the terms of this SOF 5 and any of its Addenda shall collectively define the duties and obligations of the Parties. Anthem and Castlight may be referred to herein each as a “Party” and collectively as the “Parties.”
Notwithstanding anything to the contrary in Section 1.3 of the SaaS Agreement, in the event of any inconsistency or conflict between the terms and conditions of this SOF 5 and the SaaS Agreement, then the terms and conditions of this SOF 5 shall prevail.
I.DEFINITIONS.
For purposes of this SOF 5, the following terms shall have the meanings set forth below, and additional capitalized terms appearing in this SOF 5 shall be defined as set forth in the SaaS Agreement:
A.“Administrator” means Customer’s third party administrator of health services other than Anthem, pharmacy benefit manager, dental benefit manager, and other certain third parties that provide services (such as employee benefit portals) and/or data to Customer, and in connection with such provision of services to Customer will be providing information to Castlight in connection with the SaaS Agreement and this SOF 5, as set forth in an Attachment.
B.“Administrative Services Agreement or ASA” means that definitive agreement executed by and between an Anthem Company and a Customer for provision of health services.
C.“Anthem Data” means the data that Anthem shall provide to Castlight as needed for Castlight to provide the Enterprise Services, which Data shall consist of the following:
1.Plan Design Data. “Plan Design Data” means the plan design specifications about the Customers’ benefit plans needed by Castlight to enable its display of out-of-pocket cost estimates to Members as part of the Enterprise Services.
2.Accumulator Data. “Accumulator Data” means information provided via an electronic real-time process in the form of HIPAA 270/271 transaction data for use by Castlight in identifying deductible accumulations and other information necessary for Castlight’s display of out-of-pocket cost estimates to Members as part of the Enterprise Services.
3.Claims Data. “Claims Data” means historical and ongoing data extracts consisting of the minimum amount of Customer patient-identified paid claims data needed by Castlight to provide the Enterprise Services.
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
4.Eligibility Data. “Eligibility Data” means the minimum amount of identifying information about the Customers’ eligible Members needed by Castlight to provide the Enterprise Services. Castlight acknowledges and agrees that as to any Member for whom a Confidentiality Flag is included in the eligibility file provided by Anthem, no communications, whether via email or otherwise will be provided for such Member (and his or her covered family members) on a going forward basis. For purposes of this provision, “Confidentiality Flag” shall mean an indicator included in the eligibility file to designate each Member for whom access and communications must be suppressed in order to comply with applicable privacy laws and regulations.
5.Network Data. “Network Data” means data pertaining to the composition of an Anthem contracted network, if and to the extent needed by Castlight to provide the Enterprise Services.
D.“Anthem Website” means the Anthem consumer portals: anthem.com, anthem.com/ca; empireblue.com; and any client-specific microsites that Anthem has custom-built for particular Anthem clients.
E.“BCBS Axis” means the proprietary databases of health care cost and national provider network information compiled and maintained by BCBSA.
F.“BCBS Axis Data” means consumer cost information and national provider network information made available to Castlight by BCBSA under the terms of Data Access Agreement entered into among BCBSA, Anthem, and Castlight.
G.“BCBS Axis Service” means a Covered Service for which the Provider Reimbursement Rates are available through BCBS Axis.
H.“Care & Cost Finder Services” means the integration of the Care & Cost Finder Transparency Website with the Anthem Website as described in Addendum A hereto, including (i) any routine modifications and enhancements made pursuant to Section 16 of the SaaS Agreement, and (ii) other upgrades, modifications and enhancements thereto made by Castlight during the Term of this SOF 5 as mutually agreed by the Parties. For the avoidance of doubt, improvements or enhancements to Castlight’s Care Guidance product shall not be deemed an enhancement of the Care & Cost Finder Services unless documented in a writing signed between the Parties.
I.“Care & Cost Finder Transparency Website” means the website in which the Care & Cost Finder Services are offered to Users in accordance with the terms and conditions of the SaaS Agreement and this SOF 5.
J.“Castlight Services” means Castlight’s enhanced transparency services, which shall be provided by Castlight to Customer on Anthem’s behalf using the Information.
K.“Contract Year 1” means the period commencing on January 1, 2020 and ending on December 31, 2020.
L.“Contract Year 2” means the period commencing on January 1, 2021 and ending on December 31, 2021.
M.“Contract Year 3” means the period commencing on January 1, 2022 and ending on June 30, 2022.
N.“Customer” means an employer providing Health Benefit Plans pursuant to self-administered or self-insured programs to Members, as identified in the applicable Attachments, who has signed an Administrative Services Agreement with Anthem for the purchase of Enterprise Services.
O.“DBM” means dental benefits manager.
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
P.“EAP” means Customer’s Employee Assistance Program.
Q.“Embedded Population” means a local group population of reasonable size in each state or market segment in which Anthem determines to provide Engage Basic.
R.“Employee” means a Customer employee who receives health care coverage under the applicable rules of the Plan as identified by Castlight based on information provided by Customer.
S.“Engage APIs” means the application programming interfaces that offer the features and functionalities described in Addendum D hereto.
T.“Engage Services” means the integration of the Castlight Services and Anthem Clinical Programs, including (i) any routine modifications and enhancements made pursuant to Section 16 of the SaaS Agreement, and (ii) other upgrades, modifications and enhancements thereto made by Castlight during the Term of this SOF 5 as mutually agreed by the Parties. The Engage Services are offered in four (4) different categories: Engage Basic, Engage Standard, Engage Elite and Engage Elite Plus (as such terms are defined herein). The Parties agree that the Engage Services do not include any Jointly Developed Products (as defined in Section 1.1.9 of the SaaS Agreement).
U.“Engage Basic” means the category of Engage Services that offers the features and functionalities described in Addendum B hereto.
V.“Engage Elite” means the category of Engage Services that offers the features and functionalities described in Addendum C hereto.
W.“Engage Elite Plus” means the category of Engage Services that offers the features and functionalities described in Addendum C hereto.
X.“Engage Standard” means the category of Engage Services that offers the features and functionalities described in Addendum B hereto.
Y.“Enterprise Services” means, collectively, the Engage Services, the Engage APIs, the Care & Cost Finder Services and the Essentials Services.
Z.“Essentials Services” means the services that offer the features and functionalities described in Addendum E hereto including (i) any routine modifications and enhancements made pursuant to Section 16 of the SaaS Agreement, and (ii) other upgrades, modifications and enhancements thereto made by Castlight during the Term of this SOF 5 as mutually agreed by the Parties. The Essentials Services are offered in two (2) different categories: Essentials and Essentials Plus.
AA.“Existing Agreements” means, as applicable: (1) the Amended and Restated Transparency Data Agreement entered into by the Parties effective August 31, 2015; (2) the Reference-Based Benefits Collaboration Agreement entered into by the Parties effective January 18, 2013; (3) the Data Mining and Analytics Services Agreement entered into by the Parties effective March 1, 2013; (4) the Vendor Agreement entered into by the Parties effective September 12, 2013; and (5) the Data Access Agreement for Transparency Services entered into by the Parties and the BCBSA effective July 18, 2014.
AB.“FSA” means flexible spending account.
AC.“HSA” means healthcare savings account.
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
AD.“Health Benefit Plan” means the document(s) describing partially or wholly: (1) insured, (2) underwritten, and/or (3) administered, marketed health care benefits, or services program.
AE.“Information” means the data Anthem shall release to Castlight so Castlight can provide the Enterprise Services to Customers and may include, as applicable, any of the types of data listed in Section VI of this SOF 5.
AF.“MBHO” means Customer’s managed behavioral health organization, if any.
AG.“Member” means a participant or beneficiary covered under Customer’s group health plan administered by an Anthem Blue Plan, regardless of where such participant or beneficiary resides.
AH.“Network Provider” means an applicable Provider under contract with an Anthem Blue Plan or a non-Anthem Blue Plan to provide Covered Services to Anthem Blue Members, or under contract with a Non-Anthem Blue Plan, to the extent consent has been granted by such Non-Anthem Blue Plan.
AI.“Non-Axis Provider Reimbursement Data” means the Provider Reimbursement Rates associated with certain Covered Services that are not Axis Services.
AJ.“Non-Network Provider” means a Provider other than a Network Provider.
AK.“PBM” means Customer’s Pharmacy Benefit Manager.
AL.“Playbook” means Castlight’s set of best practice communications developed for Customer’s use. Each Playbook shall include a variety of print, digital, and interactive communications.
AM.“Plan” means (1) Health Plan; and/or (2) entity: (a) which utilizes Health Plan’s networks or programs, including without limitation, other Blue Cross and/or Blue Shield Plans that are not Affiliates, or employees providing Health Benefit Plans pursuant to self-administered or self-insured programs; and (b) which Health Benefit Plan and Castlight have agreed is subject to Enterprise Services under this SOF 5.
AN.“Plan Sponsor” means any company acting as the plan sponsor of a group health plan administered or insured by an Anthem Blue Plan and under which such company’s employees are offered access to the Enterprise Services by Anthem pursuant to the terms hereof.
AO.“Provider” means a hospital, physician, or other medical practitioner or provider of Covered Services.
AP.“Provider Reimbursement Rate” means the reimbursement rate attributable to a specific Network Provider for a Covered Service.
AQ.“Source Code” means computer programs written in higher-level programming languages, sometimes accompanied by English language comments. Source Code is intelligible to trained programmers and may be translated to machine readable (i.e. object code) for operation on computer equipment through the process of compiling.
AR.“User” means a Member, provided that if such Member is a covered dependent, such dependent must be at least 18 years of age.
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
II.LICENSE; BRANDING, SINGLE-SIGN-ON.
A. License. Subject to the terms and conditions of the SaaS Agreement and this SOF 5, Castlight hereby grants Anthem, during the Term of this SOF5, a limited, revocable and non-exclusive license to (i) access and use the Enterprise Services and all related Documentation for Anthem’s normal business purposes, and (ii) offer, market, demo and re-sell the Enterprise Services to prospective Customers.
B. Scope of Enterprise Services License. With respect to Engage Elite and Engage Elite Plus, the license granted herein is limited to up to two million (2,000,000) Employees in the aggregate (“Maximum Number of Employees”). Access to and use of Engage Elite and Engage Elite Plus by Employees, in the aggregate, in excess of the Maximum Number of Employees will be subject to the payment of additional fees by Anthem to Castlight pursuant to Section III.B of this SOF 5. For the avoidance of doubt, no limitation on the number of Users or Employees will apply with respect to Engage Standard, Engage Basic, Care & Cost Finder Services and Engage APIs. Subject to the payment of the fees set forth in Section III.C of this SOF 5 by Anthem to Castlight, no limitation on the number of Users or Employees will apply with respect to the Essentials Services.
C. Anthem Programs License. Anthem grants Castlight a limited, revocable, non-exclusive license during the Term of this SOF 5 to use the Anthem Clinical Programs (as defined in Section V.B below and detailed in Addendum G hereto) in connection with developing and providing the Enterprise Services. Anthem further grants Castlight a limited, revocable and non-exclusive license during the Term of this SOF 5 to (i) create content (which Anthem shall approve promptly and which such approval may be via email) in the form of written descriptions of Anthem Clinical Programs; and (ii) to use such content in the Enterprise Services so that Users can better understand such Anthem Clinical Programs. Anthem represents and warrants to Castlight that any information Anthem provides to Castlight regarding Anthem Clinical Programs shall be accurate and correct.
D. Single-Sign-On. Each Party shall support the integration of the other Party’s website and link to the other party’s website via single-sign-on (“SSO”), which shall allow Users a seamless SSO from the Anthem Website to the Enterprise Services. In addition to the Indemnification obligations set forth in Section 13 of the SaaS Agreement, each Party shall indemnify, defend and hold harmless the other Party against any claims, losses, liabilities, costs, damages, penalties, actions, demands, suits, expenses, and fees (including reasonable attorneys’ fees), solely with respect to third party claims arising out of or resulting from the other Party’s negligent or incorrect identification, verification, and/or authentication of an User during SSO.
E. Engage Services Branding. With respect to the Engage Services, the Parties agree that “Anthem Engage” and Anthem’s specified style guidelines shall be the preferred branding and style guidelines marketed to prospective Customers. Anthem agrees to provide Castlight with all specifications and artwork necessary for Castlight to configure the Engage Services in accordance with the Anthem branding and style guidelines, which shall be substantially similar to the branding specifications provided in Addendum H hereto. The parties further agree that, upon mutual agreement, the Enterprise Services can be: (i) Castlight branded, at the request of a Customer or (ii) private labeled in accordance with a Customer’s specifications (if a Customer requests such private labeling and both Anthem and Castlight agree in writing to deliver such private labeling).
III.PAYMENT AND INVOICING.
A. Annual Fees. Subject to Sections III.B and III.C, in consideration for the license and rights granted by Castlight hereunder, Anthem shall pay Castlight the following fees (“Annual Fees”):
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
i. For Contract Year 1, total Annual Fee in the total amount of Fifty-Eight Million Dollars ($58,000,000);
ii. For Contract Year 2, total Annual Fee in the amount of Seventy-Four Million Dollars ($74,000,000); and
iii. For Contract Year 3, which consists of six months, total Annual Fee in the amount of Thirty-Six Million Dollars ($36,000,000).
B. Additional Engage Fees. If at any time during the Term of this SOF 5, Anthem exceeds the Maximum Number of Employees with respect to Engage Elite and Engage Elite Plus, Anthem shall pay Castlight the following additional fees per Employee that exceeds the Maximum Number of Employees (“Additional Engage Fees”):
[***]
C. Essentials Services Fees. With respect to the Essentials Services, Anthem shall pay Castlight the following fees per Employee per month (“Essentials Fees”):
[***]
D. Payment Terms. Notwithstanding anything to the contrary in the SaaS Agreement, Anthem shall pay Castlight as follows:
1. Annual Fees. Anthem shall pay Castlight on a monthly basis the pro-rated Annual Fees within thirty (30) days after the date on which Anthem receives Castlight’s invoice; provided, however, that Anthem shall have no obligation or liability to pay any invoices received later than six (6) months after the month in which the Services were performed unless otherwise agreed to by the Parties in writing. Invoices will be issued monthly in advance.
2. Additional Engage Fees and Essentials Fees. Anthem shall pay Castlight the Additional Engage Fees and the Essentials Fees on a monthly basis, within thirty (30) days after the date on which Anthem receives Castlight’s invoice; provided, however, that Anthem shall have no obligation or liability to pay any invoices received later than six (6) months after the month in which the Services were performed unless otherwise agreed to by the Parties in writing. Invoices will be issued monthly in advance.
3. Interest. If Anthem fails to remit any payment within thirty (30) days of its receipt of an undisputed invoice, then such unpaid balance shall accrue interests at the rate of 1½% monthly.
E. MFN. The fees set forth in this Section III, in the aggregate, and the fees set forth in Section III(B)(i) and (ii) and Section IV(B)(iii) are and will be during the Term of this SOF 5, at least as favorable to Anthem as the fees offered by Castlight to any health plan of equal or lesser size, for services substantially similar to the Enterprise Services at substantially similar volumes and on substantially similar terms and conditions. If Castlight offers such more favorable fees to any such health plan, Castlight shall promptly make such more favorable fees available to Anthem.
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
F. Tax. Anthem shall pay all taxes in accordance with Section 6.8 of the SaaS Agreement.
IV.CUSTOMER ATTACHMENTS.
A. Customer Attachments. The Parties shall agree on an attachment substantially in the form of Addendum F hereto (“Attachment”) for each Customer to which Anthem resells one or more Enterprise Services. Anthem shall submit each Attachment to Castlight via e-mail to Anthem_Engage_Notices@castlighthealth.com (or to such other e-mail address as may be specified by Castlight to Anthem in writing), and Castlight’s confirmation of its receipt of such Attachment shall be provided via e-mail. Castlight shall provide the applicable Enterprise Services for each such Customer in accordance with the Customer-specific Attachment. Anthem shall be free to determine the prices charged to each Customer for access to and use of the Enterprise Services, and shall not be required to meet any minimum sales volume or annual recurring revenue. In the event of a conflict between the terms of the SaaS Agreement or this SOF5 and the terms of a Customer-specific Attachment, the terms of the SaaS Agreement and this SOF 5 shall control. For clarity, for purposes of executing and terminating Customer Attachments in accordance with this Section IV, the provisions of Section 18.5 of the SaaS Agreement shall not apply.
B. Termination of Customer Attachments. Anthem shall provide written notice to Castlight (to the same e-mail specified in Section IV.A above) in order to terminate any Customer. Upon termination or expiration of this SOF 5 for any reason, all Attachments will automatically terminate. Notwithstanding the foregoing, upon written notice to Castlight before the actual termination or expiration date of this SOF 5 and payment of the fees set forth herein by Anthem, Castlight shall continue providing the applicable Enterprise Services to Customers(s) pursuant to the respective Attachment(s) for six (6) months following termination or expiration of this SOF 5 (“Post-Termination Period”). In consideration for the provision of the Enterprise Services during the Post-Termination Period, Anthem shall pay to Castlight:
i. [***]
Anthem shall pay Castlight the fees set forth herein in accordance with Sections III(D)(1) and (2) above.
C. Failure of Administrator(s) to Provide Data for Engage Elite, Engage Elite Plus, or Essentials Services. For each Customer receiving access to Engage Elite, Engage Elite Plus, or Essentials Services under an Attachment, Anthem shall communicate to such Customer in writing the need for Customer or its applicable Administrator(s) to provide Castlight with data needed by Castlight to provide the services on Anthem’s behalf. The communication shall inform the Customer that if the data is not provided, Castlight will be relieved of the obligation to provide access to Engage Elite, Engage Elite Plus, or Essentials Services as applicable until such time as the data is received by Castlight. The failure of Customer or Customer’s applicable Administrator to provide the necessary data to Castlight shall, during any period in which such necessary data is not provided, relieve Castlight of: (1) its obligation to provide access to such Customer to Engage Elite, Engage Elite Plus, or Essentials Services as applicable; and (2) any report timeliness standards set forth in the SaaS Agreement or this SOF 5 related to the due date of any report that requires such data, and any other obligations with respect to provision of access to such Customer to Engage Elite, Engage Elite Plus, or Essentials Services as a applicable.
V.MODIFICATIONS; OWNERSHIP; SUPPORT.
A. Changes, Modifications, and Enhancements. Castlight may implement routine enhancements to the Enterprise Services when such enhancements are intended to improve User experience,
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
provided that (i) such modifications and enhancements have no adverse material impact on the Enterprise Services or on the security of the Anthem Data or of Anthem’s systems; and (ii) such modifications and enhancements cause no increase in fees or other costs chargeable to Anthem hereunder. Except for such routine enhancements and other modifications as may be necessary on an emergency basis as reasonably determined by Anthem, no changes, modifications or enhancements to the Enterprise Services shall be made without Anthem’s prior written consent, which consent shall not be unreasonably withheld. Changes that are necessary for the security of the Enterprise Services or for compliance with applicable laws, licenses, regulations, or government orders shall be deemed to be changes that are necessary on an emergency basis. As to any such changes made on an emergency basis, Castlight shall notify Anthem thereof as soon as practicable, and the parties shall work together in good faith to resolve any concerns, problems, or performance issues created by such changes.
B. Ownership. Pursuant to Section 12.2 of the SaaS Agreement, Anthem Health Guide, Clinical, and LiveHealth Online, and all other programs detailed in Addendum G hereto (“Anthem Clinical Programs”) shall be considered Anthem Materials. Anthem shall own all modifications, improvement, enhancements, derivative works, or features made by Anthem or Castlight to the Anthem Clinical Programs. Furthermore, any member-identification completed by Anthem or Castlight and/or analytics completed by Anthem for the Anthem Clinical Programs will be the sole property of Anthem, and Castlight shall not reverse engineer, decompile, disassemble or otherwise use such Anthem Clinical Programs or any other Anthem Material or Anthem Data, except as necessary to deliver the Enterprise Services, notwithstanding anything to the contrary in Section 12.2 of the SaaS Agreement. Pursuant to Section 12.3 of the SaaS Agreement, the Castlight Services, the Enterprise Services and the Source Code Materials (as defined below) shall be considered Castlight Materials. The Parties agree that Castlight will not be performing any analytics on Anthem Data, Anthem Clinical Programs or any other Anthem Material as part of the Enterprise Services contemplated by this SOF 5.
C. Anthem Service Support. Anthem shall provide all direct support to Members. With Castlight’s reasonable assistance, Anthem shall provide all training necessary for Anthem customer service associates who will provide support for Members on the Enterprise Services to enable such associates to appropriately respond to Member inquiries regarding the Enterprise Services and its functionalities. Castlight shall be available to assist Anthem Monday through Friday (excluding holidays) from eight (8) AM until nine (9) PM eastern time to support Anthem service staff only with technical questions or issues (such as, without limitation, difficulty accessing the Enterprise Services, application error messages, accumulators not updating, etc.); provided that Anthem shall first research and resolve access issues where the root cause is source system and/or data issues. Castlight shall provide reasonable assistance in resolving any Member issues in accessing the Enterprise Services and its content in the following areas: (i) technical support including bug reporting; and (ii) answering questions and providing an explanation of how to use the Enterprise Services.
VI.ACCESS TO AND PROVISION OF DATA
i.Existing Agreements. In relation to data, the Existing Agreements shall remain in effect and applicable to this SOF 5.
ii.Access to and Provision of Data.
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
1.Access to BCBS Axis Subject to Castlight’s compliance with all applicable BCBSA Requirements summarized in Exhibit J of the SaaS Agreement, Anthem shall cooperate with BCBSA and Castlight to facilitate Castlight’s web access to the BCBS Axis Data. Such access to the BCBS Axis Data shall be subject to BCBSA approval and shall be carried out pursuant to the terms of a separate agreement among Castlight, BCBSA, and Anthem. The Parties acknowledge that certain restrictions on the use of data imposed by BCBSA may limit the ability of Anthem and Castlight to offer and provide more enriched or enhanced transparency services. Anthem agrees to make reasonable good-faith efforts to work with BCBSA to the extent mutually discussed to enable expanded data use for the purpose of improving and upgrading the Enterprise Services.
2.. Subject to Castlight’s timely performance of its obligations under the DM&A Agreement, Anthem shall make the applicable Non-Axis Provider Reimbursement Data generated as a deliverable under such DM&A Agreement available to Castlight for purposes of the Enterprise Services. The Non-Axis Provider Reimbursement Data shall constitute Health Plan Confidential Information for purposes of the SaaS Agreement.
3.Provision of Data and Data Format. Anthem shall provide:
1. Plan Design Data through an automated file delivery and loading process;
2. Accumulator Data via an electronic real-time process in the form of HIPAA 270/271 transaction data until such time as an alternative mutually agreed-upon data exchange solution is implemented.
3. Claims Data via a single daily file feed.
4. Eligibility Data via a daily file feed.
5. Network Data in a single weekly or on such more frequent basis as may be mutually agreed to by the Parties.
4.Anthem Clinical Program Data. Anthem shall provide to Castlight the Anthem Clinical Programs’ data via real-time Anthem’s APIs to support provision of clinical program information, gaps-in-care, and seamless access to clinical resources.
5.Data Quality.
a.Eligibility Data Issues. If Castlight experiences issues with Eligibility Data (such as incomplete data that prevents members from accessing the Enterprise Services), Castlight may report such issues to Anthem through the Anthem helpdesk [(# TBD)] where issues will be handled pursuant to Anthem’s policy and procedures (each such issue an “Eligibility Data Issue”).
a. Urgent Eligibility Data Issues. “Urgent Eligibility Data Issues” are issues which prevent 5% or more of a Plan Sponsor’s members (groups with 1,000 or more members) or the entire user base of Plans under 1000 members ability to access the Enterprise Services (whether sold prior to or subsequent to the Effective Date). The Parties agree that the following procedure shall be followed for Urgent Eligibility Data Issues:
1) Within 24 hours of Castlight’s report, Anthem shall respond to Castlight acknowledging the issue, which includes confirming the receipt of the issue by email or web support tool and providing any known initial guidance on path to resolution. Anthem will then provide regular updates or provide self service capabilities to Castlight on the issue root cause evaluation and resolution.
2) As soon as reasonably practicable after each report of an Urgent Eligibility Data Issue Anthem shall, unless otherwise agreed to,
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
triage the issues to determine the root of failure - Anthem controlled issue or Plan Sponsor caused. Thereafter, Anthem shall:
a. Either mutually agree with Castlight on a path to resolution or close Plan Sponsor issues with the root cause noted in the ticket;
b. Perform a root-cause analysis to identify the cause of such Urgent Eligibility Data Issue; and
c. To the extent within Anthem’s ability to control, take appropriate preventive measures so that the problem does not reoccur.
b. Non-Urgent Eligibility Data Issues. With regard to Eligibility Data Issues that are not Urgent Eligibility Data Issues (each such issue, a “Non-Urgent Eligibility Data Issue”), unless otherwise mutually agreed by the Parties, Anthem shall:
1) Within 5 days of Castlight’s report, Anthem shall respond to Castlight acknowledging the issue which includes confirming the receipt of the issue by email or web support tool and providing any known initial guidance on path to resolution. Anthem will then provide regular updates on Castlight on the issue root cause evaluation and resolution;
2) Perform a root-cause analysis to identify the cause of such Eligibility Data Issue; and
3) to the extent within Anthem’s ability to control, take appropriate preventive measures so that the problem does not reoccur.
c. Eligibility Data Issues Not Attributable to Anthem. If the root-cause analysis cannot conclusively prove whether Anthem was the cause of or responsible for an Eligibility Data Issue, then the Parties shall discuss an appropriate resolution to such Eligibility Data Issue. As part of such efforts, the Anthem personnel shall work in a collaborative environment (including within reliability meetings and by coordinating with Castlight): (1) to identify offending system(s) contributing to such failures or outages, and (2) to determine the singular point of failure and reason for that failure.
b.Data Quality Improvement. Anthem shall use its reasonable efforts to continuously improve Anthem Data quality.
6.Waiver of Data Cost Reimbursement. Notwithstanding the Cost Reimbursement Terms of the Existing Agreements, during the Term of this SOF 5, Anthem shall not require Castlight to: (a) reimburse Anthem for the costs of providing the Anthem Data, including but not limited to any fees charged by Anthem’s pharmacy benefits manager vendor, or (b) pay any applicable BCBSA data access fees.
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
a.Enriched Data. Castlight will provide to Anthem user-level enriched Member data in similar format as current raw data sharing, including Member activities, key wellness data, Member searches, null search results, session duration, Member journey through the tool, and channel application traffic. Ongoing expansion of user-level enriched Member data will be jointly agreed upon by the Parties pursuant to the roadmap to be agreed upon by the Parties, and delivered via regular file.
VII.SOURCE CODE ESCROW.
A. Source Code Escrow. Within thirty (30) days of the Effective Date, Castlight shall (a) enter into a separate agreement with a third party escrow agent for the escrow of the Source Code of the Enterprise Services, provided that Anthem agrees to pay all fees charged by the escrow agent under such agreement; and (b) deposit the Source Code of the Enterprise Services along with all documentation necessary for the use of such Source Code (“Source Code Materials”) with the escrow agent under the escrow agreement.
B. Source Code Release. Anthem shall have the right to obtain the Source Code Materials from the escrow agent (or directly from Castlight) if one of the following events occurs: (a) if Castlight ceases to provide the Enterprise Services to Anthem under this SOF 5 for fifteen (15) consecutive days; (b) if the court appoints a receiver for Castlight; (c) if a bankruptcy court terminates the SaaS Agreement and this SOF 5; or (d) if the authorized spokesperson of Castlight makes a public written statement that Castlight will no longer support the Enterprise Services for Anthem; provided that Anthem is not then in material default under this SOF 5 (each of (a) - (d) a “Release Event”). Upon occurrence of a Release Event, the escrow agent (or Castlight, as applicable) shall provide to Anthem, at no additional cost to Anthem and within ten (10) business days after the escrow agent’s (or Castlight's, as applicable) receipt of Anthem's written request, one complete copy of the Source Code Materials (and of the two (2) prior versions, if requested by Anthem), along with all documentation necessary for the use of such Source Code. Upon Anthem’s receipt of the Source Code Materials, Anthem shall have a paid-up, royalty-free, nonexclusive, non-transferable license to use, copy, modify and make enhancements to the Source Code Materials to modify and maintain the Software for the uses permitted by this Agreement for the sole purpose of enabling Anthem to continue to use the Enterprise Services as permitted by this SOF 5, but only until the expiration of the Term of this SOF 5. Upon expiration of the Term of this SOF 5, Anthem shall cease using and delete, destroy, or return, to Castlight all copies of the Source Code Materials and, upon request, certify in writing to Castlight that all copies of Source Code Materials have been deleted, destroyed or returned, provided that Anthem may keep one read-only archive copy of the Source Code Materials within a secured location solely as required for purposes of complying with applicable laws and regulations. Anthem will not disclose any Source Code Materials to any third party, except, subject to Anthem’s compliance with its confidentiality obligations in the SaaS Agreement, solely to Anthem’s employees and contractors who need to use the Source Code Materials for Anthem’s exercise of the license granted under this Section VII.B and as necessary for integration of features and functionality of the Enterprise Services.
C. Modifications. Subject to Castlight’s rights (including all intellectual property rights) in any portion of the Source Code Materials, Anthem shall own all right, title and interest in and to the modifications or enhancements Anthem makes to the Source Code Materials (the “Anthem Modifications”), including without limitation all intellectual property rights in and to the Anthem Modifications.
VIII.ADDITIONAL OBLIGATIONS OF THE PARTIES.
A. Go to Market Strategy. Castlight agrees to use commercially reasonable efforts to assist Anthem with the commercial roll-out of engagement and go to market strategies for the Enterprise Services, as mutually agreed upon by the Parties from time to time during the Term of this SOF 5.
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
B. Engage Elite and Elite Plus Go-to-Market Collaboration. Castlight and Anthem hereby agree to collaborate in good faith on a go-to-market strategy for the Engage Elite and Engage Elite Plus services. This collaboration will include rules of engagement for client interaction where Castlight agrees not to contact Anthem clients for the purposes of selling directly without prior Anthem agreement, alignment on the price point charged by Anthem for the Engage Elite and Engage Elite Plus services, commercially reasonable support by Castlight of Anthem’s sales efforts including standard marketing and demo materials, materials for client presentations at conferences and events, and any other mutually agreed upon collaboration in the marketplace.
C. Product Support. Castlight agrees to make available to Anthem ongoing support on an Annual Basis each Contract Year to provide innovation and enhancement product support for the Enterprise Services as Anthem deems reasonably necessary ensure that the ongoing viability of the Enterprise Services is maintained. Castlight agrees to meet with Anthem personnel regularly and participate in Anthem planning on at least a quarterly basis to discuss the ongoing support opportunities . This product support may include support for the Engage Services, Care & Cost Finder Services, or Engage APIs.
D. Reporting Castlight shall comply with the reporting requirements as defined in the SaaS Agreement and Addendum I hereto. If Anthem requires a report not listed in the SaaS Agreement or Addendum I hereto, the Parties agree to negotiate in good faith with respect to the definition of such non-standard reports, the creation and administration of which shall be subject to the rates set forth in Addendum J hereto.
E. Restriction on Use of Engage Mark. Castlight acknowledges and agrees that it will solely use the “Engage” mark in connection with the provision of the Enterprise Services and other services for Anthem, unless otherwise permitted by Anthem in writing. This Section VIII.E will survive termination or expiration of this SOF 5 and the SaaS Agreement.
F. Anthem’s Third-Party Vendors. Anthem shall use their best efforts to ensure that the vendors with which Anthem has a current relationship (“Anthem Vendors”) work with Castlight to integrate such Anthem Vendor’s services into the Enterprise Services. The Parties agree that if an Anthem Vendor does not agree to work with Castlight and/or does not provide Castlight the requisite data necessary for such third-party integration, then Castlight shall not be obligated to provide the functionality of the Enterprise Services associated with such Anthem Vendor. As of the Effective Date of this SOF 5, the Anthem Vendors (and the corresponding type of service each Anthem Vendor provides) are listed in the table below. As mutually agreed upon by the Parties in writing (which may be via email), the list below may be amended to add or delete any Anthem Vendors.
[***]
IX.TERM AND TERMINATION OF SOF 5. The term of this SOF 5 shall commence on the Effective Date and shall continue thereafter through June 30, 2022 (“Term”). The provisions of Section 7.7 of the SaaS Agreement shall not apply to this SOF 5.
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
X.GENERAL PROVISIONS. This SOF 5, including the Addenda attached hereto and the SaaS Agreement, sets forth all of the agreements and understandings between the Parties with respect to the subject matter hereof, and, as of the Effective Date, it fully supersedes and terminates the following Services Order Forms to the SaaS Agreement: (i) Services Order Form 1 dated November 1, 2015, as amended; (ii) Services Order Form 2 dated March 31, 2017, as amended; and (iii) Services Order Form 3 dated June 1, 2017, as amended (collectively, “Terminated SOFs”). All Customer-specific Attachments entered into by the Parties pursuant to the Terminated SOFs that are in effect on the Effective Date shall remain in full force and effect, except for the terms and conditions related to fees or any other financial terms contained therein, which terms and conditions shall be terminated as of the Effective Date (except in the case of the Essentials Services). Notwithstanding the foregoing, the pricing terms and conditions and term of the Customer-specific Attachments for the Essentials Services that are in effect on the Effective Date shall remain in full force and effect after the Effective Date. From the Effective Date, all Customer-specific Attachments shall be governed by this SOF 5, including the Addenda attached hereto and the SaaS Agreement.
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
IN WITNESS WHEREOF, the Parties hereto have executed this Services Order Form 5 including its applicable Addenda on the dates set forth below.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Castlight Health, Inc.
|
|
Anthem, Inc.
|
|
By:
|
/s/ Siobhan Nolan Mangini
|
By:
|
/s/ Jim Ardell
|
|
Name:
|
Siobhan Nolan Mangini
|
Name:
|
Jim Ardell
|
|
Title:
|
President & CFO
|
Title:
|
VP, Corporate Real Estate and CPO
|
|
Date:
|
10/19/2019
|
Date:
|
10/19/2019
|
|
Address:
|
150 Spear St. Floor 4
San Francisco, CA 94105
|
Address:
|
220 Virginia Ave
Indianapolis, IN 46204
|
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
ADDENDUM A TO SOF 5
CARE & COST FINDER SERVICES
The Care & Cost Finder Services provide the following features and functionalities:
A. Core Transparency Functionality
1. Provision of the Care & Cost Finder Transparency Website for Core Transparency Functionality; Integration with the Anthem Website. The following terms apply to the Care & Cost Finder Transparency Web Site with respect to the Core Transparency functionality:
a. The Care & Cost Finder Transparency Website shall be accessed only through the Anthem Website by Anthem’s Members.
b. The Care & Cost Finder Transparency Website, as integrated into the Anthem Website, shall display to Members the Core Transparency Functionality information.
c. The Care & Cost Finder Transparency Website for Core Transparency Functionality shall be provided through a custom branded web site that will be Anthem branded. Anthem grants Castlight license to use Anthem’s name and logo in creating the custom branded Care & Cost Finder Transparency Website.
e. Anthem and Castlight will work together in good faith to ensure the most effective integration between the Anthem Website and the Core Transparency Functionality so that the Core Transparency Functionality is available within the Anthem experience.
f. Member Services Emulation Support. Castlight will not prohibit Anthem Member service representatives from accessing the Core Transparency functionality via Anthem’s existing or future emulation technology, but shall have no obligation to develop any technology or tools to enable Anthem member service representatives to access the Care & Cost Finder Services. The Parties may agree on mutually-acceptable alternative methods of enabling Anthem’s member service representatives access to the Care & Cost Finder Services, such as by the use of Castlight’s “poser” technology.
g. With Anthem’s cooperation and assistance, Castlight shall create secure sign-on connectivity from the Anthem Website necessary to authenticate a Customer’s Members and permit them to access: (i) the Care & Cost Finder Transparency Website for the delivery of the Care & Cost Finder Services; and (ii) via appropriate links to the Anthem Website. Castlight will not provide any User account creation or maintenance services without Anthem’s prior approval. Anthem shall retain the right to perform such functionality.
h. The Care & Cost Finder Transparency Website will provide information in compliance with the Security and HIPAA requirements defined in the SaaS Agreement and in the Business Associate Agreement entered into by the Parties on September 12, 2013.
2. Core Transparency Functionality Features. The Core Transparency functionality will include the following features:
a. Comprehensive health plan transparency experience, including but not limited to:
(1) Navigation, search and compare functionality;
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
(2) Provider directory including Network Provider search and provider detail, with facility and physician quality as may be available;
(3) Provider and facility-level pricing via BCBS Axis only;
(4) Member-level and family-level configuration to determine specific price for the particular Member or family;
(5) To the extent that Anthem has secured approval from BCBSA enabling Castlight’s inclusion of this feature, and at such time as shall be mutually agreed by the Parties, User-generated reviews; provided that (a) this feature shall be provided in a manner that is compliant with the applicable requirements of the BCBSA’s Patient Review of Physicians (PRP) program, which requirements shall be provided to Castlight by Anthem; (b) this feature shall include, but not be limited to, collecting reviews from Members, moderating reviews, and aggregating and submitting reviews to BCBSA on Anthem’s behalf; and (c) to the extent necessary to provide this feature, Anthem shall assist Castlight in gaining access to any applicable additional BCBSA data or database.
(6) Upon the agreement of Anthem and, as applicable, its Pharmacy Benefits Manager vendor, Castlight shall provide Pharmacy Functionality for Plan Sponsors that “carve-in” and receive pharmacy benefits management services from Anthem. Castlight shall not charge additional fees (for Castlight’s requirements of providing such Pharmacy Functionality is substantially similar to what Castlight is required to do with existing customers (such as the front-end look and feel or the back-end requirements); provided that if material new processes, technologies or connections related to the scale and/or volume of data to be received under this SOF 5 are required, Castlight may charge appropriate implementation costs to Anthem) to Anthem for such Pharmacy Functionality, provided, however, that Anthem will pay for any data access fees and/or pharmacy development fees that may be charged to Castlight by its Pharmacy Benefits Manager vendor to make such information available. “Pharmacy Functionality” shall include drug information, estimated out-of pocket drug pricing and pharmaceutical savings options and pharmaceutical claims history, standard global communications content to encourage awareness of programs, standard global content for email and print marketing communications, and standard global email notification of program launch to registered Users.
b. Basic education content – Castlight’s standard Castlight developed information concerning certain procedures and/or what to expect for a provider or other type of medical visit.
c. Basic mobile web experience including, on a date to be mutually agreed upon by the Parties, access to the Care & Cost Finder Transparency Website through, and full integration with, the Anthem mobile application on supported mobile devices.
d. Secure provider directory to be displayed on the Anthem Website, which will auto-default to the network associated with the User’s benefit plan.
e. Integration and support for Anthem and BCBSA-provided network and benefit programs including but not limited to Blue Distinction programs, Enhanced Personal Health Care (also known as Blue Distinction Total Care), and tiered networks, where such information is a component of the benefit design.
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
ADDENDUM B TO SOF 5
ENGAGE BASIC AND ENGAGE STANDARD
Engage Basic
Engage Basic provides the following features and functionalities:
a. Light Wellbeing Functionality:
i. Tracking and device integration for fitness, sleep, and nutrition consumer trackers
ii. Device store where Users can purchase devices and apps for fitness, sleep, and nutrition tracking
iii. Ability to award incentives for fitness, sleep, and nutrition with tracking of incentives in the Users app (incentives described in more detail in subsection A.f below)
iv. Rewards store, which Anthem may configure for each Embedded Population, where a User can redeem earned points throughout the year, including through gift cards, raffles/sweepstakes, credit to the device store, or contributions to the HSA, HRA, or FSA for Anthem’s approved vendors.
v. Anthem may choose to run up to four (4) challenges per year for each Embedded Population instance, such as the single market or state.
vi. Users will have access to Anthem-specified health-risk assessment (“HRA”) capabilities via single-sign-on or a seamless link and, depending on the capability of the HRA vendor, Castlight will establish a custom integration with such vendor to track which Users complete the HRA and award incentive for completion. Should Anthem choose to switch the main HRA vendor used for Engage Basic (“HRA Vendor Switch”), there shall be a one-time fee of $25,000.00 for the implementation of such switch, invoiceable by Castlight upon Anthem’s notice to Castlight of such switch. If a specific Embedded Population chooses to have a (i) custom new HRA vendor not already integrated into Engage Basic, or (ii) an existing HRA vendor that requires a different integration process, Castlight shall charge Anthem a one-time fee of $10,000.00 for such customization (“Customer HRA Vendor Implementation”), invoiceable by Castlight upon Anthem’s notice to Castlight of such custom HRA vendor.
vii. Users will have access to Anthem-specified biometric screening capabilities via single-sign-on or a seamless link and, depending on the capability of the Anthem’s designated biometric screening vendor(s), Castlight will establish a custom integration with such vendor(s) to track which Users complete their biometric screening and award incentive for completion. Should Anthem choose to switch the main biometric screening vendor used for Engage Basic (“Biometric Vendor Switch”), there shall be a one-time fee of $25,000.00 for the implementation of such switch, invoiceable by Castlight upon Anthem’s notice to Castlight of such switch. If a specific Embedded Population chooses to have (i) a custom, new biometric vendor not already integrated into Engage Basic, or (ii) an existing biometric vendor that requires a different integration process, Castlight shall charge Anthem a one-time fee of $10,000.00 for such customization (“Custom Biometric Vendor Implementation”), invoiceable by Castlight upon Anthem’s notice to Castlight of such custom biometric vendor.
viii. Health Library. Users will have access to Anthem’s health library via single sign-on or a seamless link.
b. Benefits:
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
i. Users will have access via the mobile app to an electronic version of their Anthem insurance card, which shall provide a view of both the front and back of such User’s Anthem insurance card and the ability to email or fax to physician’s office, and via the website in order to print a temporary copy, if needed. Insurance card shall be in a standard ID Card format.
ii. Users will have access to customer service via click-to-call functionality.
iii. Users will be able to see their medical account accumulators, and view their specific HSA/HRA/MIA/HIA account balances and link to accounts.
iv. Users will have access to key Anthem benefits, including LiveHealth Online, the 24/7 Nurseline, and MyStrength. This will include promotion of these benefits and integration of these benefits in the following way
1. LiveHealth Online integration will be program promotion, and link provided such functionality is supported by Anthem and LiveHealth Online. Castlight agrees to initiate SDK functionality at a mutually agreed to future date.
2. 24/7 Nurseline integration will be program promotion and click-to call.
3. MyStrength integration will be program promotion and a SSO, provided such functionality is supported by Anthem and MyStrength.
4. Users will have access to Anthem’s special offers through promotion and via SSO or seamless-link.
c. Care Management and Clinical Integration:
i. Secure messaging from Anthem’s Clinical Programs, including MyHealth Advantage, ConditionCare, ComplexCare, Case Management, Health Coaching, IHM, Future Moms, will be offered in-application, and, with Anthem’s consent (and User consent contained in the End User License Agreement to be accepted by the User ), via email or push notifications. Such messaging will be driven by triggers provided by the Anthem Clinical Programs, and will be provided only to Users identified by such triggers.
ii. Users receiving secure Anthem Engage outreach from Anthem Clinical Programs will be connected to the Anthem Clinical Program through click-to-call, SSO, or other mutually agreed upon means.
d. Transparency:
i. Users will have access to cost and quality transparency services, including the ability to find a doctor and estimate cost, via single-sign on or a seamless link to Anthem’s Transparency Functionality (Care & Cost Finder Services or legacy Estimate Your Cost and Find a Doctor solutions).
e. User Preferences:
i. Users will have the ability to opt-out of communications through a preference center.
ii. Users will not be compelled to participate in any functionality, such as challenges.
iii. For each Embedded Population, Anthem will be provided the opportunity to include specific compliance and regulatory information in the End User License Agreement to be accepted by the User.
iv. Users will have access to a secure messaging inbox.
v. Anthem will be able to access and/or leverage the tool through emulation, including but not limited to Anthem member and clinical associates.
f. Incentive Management:
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
i. For each Embedded Population, Anthem will have the ability to configure incentives related to HRA completion, biometric completion, and fitness, nutrition, sleep tracking. If needed, Anthem and Castlight can expand the kinds of incentive activities available if mutually agreed upon.
ii. An offering of up to six (6) standard incentive packages
iii. Incentive capabilities include the integration with Anthem’s financial/tracking systems to ensure appropriate billing and reconciliation.
iv. If Anthem requests more than six (6) standard incentive packages, the additional configurations will be mutually agreed by and between the parties.
g. Messaging
i. Anthem will have the ability to message users within the application per each embedded instance. These messages can be administered by Anthem. Castlight will include prelaunch and launch member campaigns in coordination with Anthem.
Engage Standard
Engage Standard provides all features and functionalities of Engage Basic, plus the following features:
a. Per-Standard Buy-Up Customer Incentive Options
i. Anthem will have the ability to designate up to ten (10) different incentive plans for Engage Standard, where the incentive plans will include different allocations across the incentivizable activities and different monetary commitments from the Engage Standard Customer.
ii. Each Engage Standard Customer will choose a total of one (1) incentive plan out of the ten (10) different incentive plans designated by Anthem. Anthem shall inform Castlight which incentive plan each Engage Standard Customer chooses.
iii. Engage Standard does not preclude Customers from choosing a custom incentive plan if absolutely necessary. However, Castlight and Anthem agree that would never be a first option and would develop a mutually agreed upon exception process to manage volume.
iv. Incentive capabilities include the integration with Anthem’s financial/tracking systems to ensure appropriate billing and reconciliation.
b. Client Integrations
i. Customers are allowed to post links to five (5) third party benefit vendors as part of the product features. Members access through benefits page.
c. Client Reporting
i. Includes self-service reporting for Customers with participation rates that meet identified HIPAA-compliant thresholds.
ii. Includes access to reporting for Customers to administer their own premium differential programs.
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
ADDENDUM C TO SOF 5
ENGAGE ELITE AND ENGAGE ELITE PLUS
Engage Elite and Elite Plus provide the following features and functionalities:
(a) Summary Description for Engage Elite Plus (available to clients >5000 members)
•Complete Health & Wellness hub, inclusive of full corporate wellbeing offering and healthcare navigation across Anthem & carve-out services
•Healthcare navigation includes personalized health decision support (search, price estimates, clinical quality, steerage), integrated carve-outs / 3rd party programs (e.g., carve-out PBM/Dental, carve-out point solutions, client-contracted networks), and hub for personal health information (Health fund balances, plan status, claims, insurance card)
•Wellbeing includes comprehensive support for corporate wellness programs and customer incentive designs, including support of 30 ecosystem partner integrations, custom integrations for clients to award incentives, and native functionality (Health Assessment, Fitness/Sleep/Nutrition programs, Company Fitness Challenges, etc.)
•Employer Self-Service “Communications Suite” with targeted messages, events & surveys to population, segmented by the client (e.g., location-based Open Enrollment messages)
(b) Summary Description for Engage Elite (available to clients >1,000 members)
◦Health & Wellness hub, inclusive of lightweight wellbeing features and healthcare navigation across Anthem & carve-out services
◦All of the same healthcare navigation & carve-out / 3rd party integration support as Engage Elite Plus
◦Wellbeing features limited to native functionality (Health Assessment, Fitness/Sleep/Nutrition programs, Company Fitness Challenges, etc.)
◦Employer Self-Service “Communications Suite” limited to segmentation available from Anthem eligibility data
Full Services Description
I. ENGAGE ELITE PLUS– may include the following modules/functionalities described in the sections below:
A. Universal Platform Features
B. Engagement Hub Features
C. Care Guidance Features
D. Wellbeing Features
E. Ecosystem and custom integrations (if purchased and specified in the applicable Attachment)
F. Included Services
G. Implementation Services
A. UNIVERSAL PLATFORM FEATURES
i. Employer Branding: A Customer-branded user experience. Customer can select logo for display within the Engage Platform, color to control key application elements, and standard onboarding screens that can vary by User segment
ii. Education Content: Consumer-oriented education content on a variety of conditions and health and wellness topics
iii. Reporting Dashboard: Self-serviced reports for the Customer’s benefits personnel to access on a twenty-four (24) hour basis via a web based dashboard. Dashboard has ability to filter data. Certain reports require a minimum number of participating Users. Dashboard includes reporting in the following areas:
•Registration
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
•Returns
•Visits
•Mobile usage
•Store, incentives and Rewards Center, budget tracking
•Program reporting: Program adoption and behavior funnel
•Challenges reporting: Adoption & behavior reporting tailored to each Challenge type
•Search activity
iv. Product Communications: Automated communications delivered to registered and unregistered eligible Users via multiple channels that provide tips on using the Engage Platform (via web or mobile)
B. ENGAGEMENT HUB FEATURES
i. Benefits Tab: A list of benefit programs available to the User, including details and contact information for each
ii. Personalized Recommendations: Recommendations based on Castlight’s personalization engine which connects Users to the targeted benefit program, behavior, care option, content, or incentive
iii. Communications Suite: A centralized, easy-to-use toolkit to create and deliver communications to Users (i.e. events, messages, and surveys)
C. CARE GUIDANCE FEATURES
i. Guided Search features:
•Provider and services search box
•Out-of-pocket estimates, based on Customer or Administrator provided plan details and applicable data feeds, for select inpatient and outpatient services/providers (available list of supported inpatient and outpatient services is at Castlight’s discretion and may vary over time or by geography). If Customer’s TPA is a Blue Cross Blue Shield plan, Customer understands that Castlight’s provision of such estimates is dependent upon such TPA obtaining consent to display data from the host Blue Cross Blue Shield plan(s), as applicable, and the Blue Cross Blue Shield Association.
•Sort results by estimated out of pocket costs and distance
•Provider information (e.g. provider specialty, quality ratings, board certification) for select providers
•Explanation and educational content on pricing and/or coverage for select outpatient services
ii. Care Team:
•Ability for Users to establish a “Care Team” of providers and facilities, make notes about those providers, and view tips about their Care Team
iii. Medical Claims History features:
•History of past medical services with costs (subject to applicable Administrator permissions and Castlight’s specifications)
•Periodic email notices and push notifications based on claims and eligibility information
•Out of network alerts
iv. Insurance plan and coverage features for all supported medical plans:
•Key medical policy features
•Accumulator snapshots
v. User Reviews: (provided in a matter that is compliant with the applicable requirements of the BCBSA’s Patient Review of Physicians (PRP) program)
•Ability for Users to submit User Reviews
•Access by Users to User Reviews submitted by other Users, and by Castlight’s other customers’ Users, as aggregated and displayed in de-identified form by Castlight in the Engage Platform and modified and edited by Castlight pursuant to Castlight’s policies
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
vi. Rollover of Standard Medical Plans
•Direct carry-forward of existing medical plans without changes, creation of up to the same number of medical plans similar to existing plans in regards to network, benefits, and special designations
•Update of existing medical plans with minor changes including plan name, contact information, or other descriptive text; update deductible amounts, coinsurance, or out of pocket maximum
vii. Pharmacy (Available based on Customer’s PBM)
•Drug information
•Estimated out-of-pocket drug pricing and pharmaceutical savings options
•Pharmaceutical claims history
•Care guidance for specialty drugs
•Formulary messaging for non-covered drugs
•Rollover of Customer’s pharmacy plan, including: updating formulary, network and benefit design for the same number of pharmacy plans as the existing number of pharmacy plans; updating layout, or delivery type, as applicable, due to change in population through open enrollment or post-rollover eligibility file
viii. Dental (Available based on Customer’s DBM)
•Search feature for dental services
•Displays out-of-pocket dental pricing, dental claims history and past care
•Dental educational content
•Displays dental insurance plan design and accumulators
ix. Engagement-Based Rewards
•Incentives for registration and/or application-based action(s) undertaken by Users
•Displays Users’ incentive balance in both web and mobile applications
•Standard content on the Homestream and on the rewards webpage to encourage awareness of Engagement-Based Rewards program
•Standard email notification of Engagement-Based Rewards program launch to registered Users
D. WELLBEING FEATURES
i. Incentives: Ability to offer points for specific actions, behaviors, or outcomes in different benefits programs or within the Engage Platform that can be redeemed for rewards in the Rewards Center.
ii. Reward Center: A marketplace for redeeming points for rewards
iii. Store: A marketplace for purchasing third party consumer tracking devices and other health related items
iv. Challenges: Immersive and time-bound experiences designed to encourage healthy behaviors and habits through a fun and engaging participant experience
•Customers may launch up to two (2) Challenges company-wide on an annual basis.
E. ECOSYSTEM INTEGRATION
Two-Way Data Exchange Integration: Bi-directional integration of selected third party partners where Castlight sends contextual User data about Users to partners and Users are rewarded in real-time for completing progressive actions in real-time within the Engage Services platform. The resale of such third-party products must be documented in an executed Attachment. Programs are either “Platform Service Provider” programs or “Custom Integrations.”
i. Platform Service Provider (“PSP”) Integrations: Based on a product-level integration between Castlight and the PSP who is part of Castlight’s partner ecosystem. PSP programs include a pre-
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
defined set of objectives which can be used to measure User progress and award incentive points. Castlight will guide Customer through the configuration options for each Castlight PSP program.
ii. Custom Integrations: Allows Customer to include vendors outside the Castlight partner ecosystem. Custom programs prescribe a specific User flow and data intake format to facilitate a consistent and straightforward integration. Customer is required to assist with facilitating data integration discussions with the vendor, receiving commitment from vendor to complete integration, and ensuring that the vendor meets its obligations in completing the integration.
Any two-way data exchange integration must be specifically documented in an Attachment or separately executed written instrument between the parties.
SSO and Health Fund Integration:
Customer may elect up to five (5) total SSO and Health Fund Integrations.
Inbound/Outbound Single-Sign-On Integration
i. Single sign on capabilities utilizing the SAML 2.0 standard from/to the Customer’s portal into/from the Engage Platform
ii. Single sign on capabilities utilizing the SAML 2.0 standard from/to the Customer’s third party vendor into/from the Engage Platform
I.Embedded User Interface Integration
i. Health Fund Integration: Integration of FSA, HSA, or HRA (as selected in the applicable Attachment) balance information from Customer’s third party provider of such information for display in the Castlight Service. (Health fund integration subject to: (i) Castlight entering into a valid agreement with Customer’s FSA, HSA, or HRA provider for receipt of data necessary for Castlight’s provision of the health fund integration; and (ii) Castlight’s receipt of such data in a format acceptable to Castlight)
ii. Anthem Blues Networks – Available for Blue Distinction Centers, AltNet and other Blue Cross Blue Shield Networks where Anthem is able to provide data in a standard file format mutually agreed to by the Parties.
a. Allows Users to search for facilities performing select inpatient procedures
b. Displays average surgery and out-of-pocket estimates, and COE education content
c. Identifies providers and facilities in the applicable narrow network
d. Ability to discretely send these distinctions in the provider directory file, or a supplemental provider file and where applicable, benefit differentials will be configured in network
iii. Custom Network Add On - Available for (i) Anthem supported networks where information cannot be sent today through standard data files or (ii) for non-Anthem supported Networks - at an additional cost as set forth in a Service Order Form.
a. Identifies providers and facilities in the applicable narrow network
b. Dependent on Customer’s TPA’s ability to discretely send these distinctions in the provider directory file, or a supplemental provider file and where applicable, benefit differentials will be configured in network
iv. Benefits Enrollment and Portal Integration - Promotion within a Benefits Portal or Benefits Enrollment tool, which may include embedded registration where available
II. Program Linkout - Embedded web link within the Engage Services platform to a third party site designated by Customer
Consumer Program Integration - One-way integration of third party consumer apps, devices, and services available in the Store where Users are rewarded in real-time for completing progressive actions in the Engage Services platform.
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
Education Program Integration - Allows Customer to guide participants through a program which rewards activities completed or self-attested directly within the Engage Services platform. No external data integration is implemented.
F. INCLUDED SERVICES
i. Customer Success Support: Ongoing consultative support focused on strategy, engagement, and growth delivered by the Customer’s Customer Success manager.
ii. Engage User Support: Telephonic and chat support in addition to email support as described in the Included Services section. Telephonic and chat support is available in English and Spanish, as well as language line support for one hundred seventy (170) languages, for eligible Users, Monday through Friday (excluding holidays) 8AM – 9PM Eastern Time. Additionally, registered Users shall be entitled to third party support, outreach and communication as mutually agreed by Castlight and Customer.
iii. Engagement Strategy Playbook and Launch Support: Castlight will provide to Customer launch and campaign toolkits, registration support, playbook of email and print marketing content, print and digital launch communications, leadership team communications, incentive and reward program tied to registration or usage of the Engage Platform.
iv. Customer Analytics: Annual reviews led by Castlight’s analytics team to help Customer understand and showcase its population’s engagement within the Engage Platform and Customer’s cost savings.
v. Incentives Administration: Regular reporting on reward redemption to Customer and to Castlight’s incentive fulfillment partner(s).
vi. Incentive Reporting: Upon Customer’s written request, Castlight will provide User platform activity reporting to Customer’s incentive vendor(s).
vii. User Account Management:
o User registration using social security number or another secure, Castlight-approved identifier or process that is enabled by information contained in Customer’s eligibility file
o User password change/reset
o User e-mail address change
o User communication opt out options
G. IMPLEMENTATION SERVICES
Implementation support from kickoff through launch of the Engage Services platform, delivered by an implementation team.
i. Castlight’s implementation of Engage Elite Plus:
•Eligibility data management: scoping, data inclusion and business rules definition, testing, file approval
•Platform configuration and testing
•Program vendor management: data transfer scoping and configuration
•Demonstration and/or Test Account: provision of Demonstration and/or Test Accounts to Customer as agreed to in writing between the parties
•Eligibility Feeds: integration of a Customer-provided eligibility data file in accordance with Castlight’s specifications
•Benefits Information: provision by Customer of all Plan information, open enrollment materials, and TPA, PBM, MBHO or DBM key contacts (as applicable)*
•Customer Claims Feed: setting up a data feed for Customer’s TPA, PBM, MBHO or DBM (as applicable) to the Engage Platform to enable regular imports of Customer’s claims information into the Engage Platform per Castlight’s specifications*
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
•Provider Directory: setting up a feed for Customer’s TPA, MBHO or DBM so that such TPA, MBHO or DBM can transmit one (1) provider directory for that TPA, MBHO, or DBM and provide Castlight with all necessary information for Castlight to set up providers in the Castlight Service and identify and configure any narrow or specialty networks (provided that any narrow or specialty network deductible differential may require an additional Services Order Form)*
•Plans implemented: implementation of up to five (5) plans per TPA, PBM, MBHO or DBM (as applicable) so long as Customer provides to Castlight accurate summary plan description(s) and promptly reviews such implemented plans*
•Accumulator Set Up: setting up an ongoing feed with the TPA, MBHO, DBM or other third party to support display of year-to-date spending and accrual towards plan limits*
*Only applicable to Engage Elite Plus
H. INCLUDED COMMUNICATIONS AND ENGAGEMENT SERVICES
Customer can create and deliver in-app communications via the Communication Suite.
I. SERVICE EXCLUSIONS
Subject to change from time to time at Castlight’s sole discretion, Engage Elite and Engage Elite Plus exclude:
i. Additional customizations of the Castlight Services including, but not limited to, customizations to the data required to support the Castlight Services (i.e. data used to process eligibility, provider network data, or data in claims files that are not mapped to Castlight's standard specifications), or customizations to the content display that require additional data feeds not included in Castlight’s standard implementation
ii. Customizations to text or other content in the Castlight Services outside of targeted messages and the configurable sections of the Your Plan page
iii. Customized reporting or data analytics, which includes any reporting that requires adding fields to the eligibility file outside of the two (2) included with standard reporting
iv. Additional customer support services (e.g. claims dispute resolution)
v. Single sign on capabilities, unless such specific capabilities are purchased and meet Castlight’s technological requirements of SAML 2.0
vi. Supporting a change to or an addition of Customer’s Administrators, including but not limited to receiving data feeds from Administrators other than those providing services to Customer as of the Effective Date of SOF 5
vii. Supporting data feeds in addition to the specified data feeds from the Administrators or as otherwise specified above (such as feeds from HSA/FSA/HRA vendors or wellness vendors)
viii. Delivery of outbound files other than incentive files which are in accordance with Castlight’s specifications
ix. Provision of Engage Elite or Engage Elite Plus to persons other than Users unless otherwise agreed to by the Parties in writing
x. Printing and distribution of printed communications materials for Engagement Strategy related services set forth above
xi. Any additional services associated with rollover of plans beyond the rollover services provided through implementation services above, including but not limited to Administrator changes, vendor changes, new networks, broadening of an existing COE program and/or inclusion of on-site clinic benefits. Such additional services shall be provided on a then-current Castlight professional services time and materials basis.
Provision of any of these additional services requires a separate Services Order Form under the SaaS Agreement, including terms and conditions and additional fees to be mutually agreed to by the parties in writing.
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
ADDENDUM D TO SOF 5
ENGAGE APIS
Castlight shall expose Application Programming Interfaces (“APIs”), to the extent necessary to enable Anthem to make use of certain components of the Engage Services. APIs shall be made available for the delivery of such services as the parties may agree from time to time, including for provider recommendation and personalization services.
Castlight shall provide documentation to Anthem on the APIs as well as basic support for Anthem on use of the APIs.
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
ADDENDUM E TO SOF 5
ESSENTIALS SERVICES
Engage Essentials and Essentials Plus provide the following features and functionalities:
(c) Summary Description for Engage Essentials Plus (available to clients >5000 members)
•Complete Health & Wellness hub, inclusive of full corporate wellbeing offering
•Wellbeing includes comprehensive support for corporate wellness programs and customer incentive designs, including support of 30 ecosystem partner integrations, custom integrations for clients to award incentives, and native functionality (Health Assessment, Fitness/Sleep/Nutrition programs, Company Fitness Challenges, etc.)
•Employer Self-Service “Communications Suite” with targeted messages, events & surveys to population, segmented by the client (e.g., location-based Open Enrollment messages)
(d) Summary Description for Engage Essentials (available to clients >1,000 members)
◦Health & Wellness hub, inclusive of lightweight wellbeing features
◦Wellbeing features limited to native functionality (Health Assessment, Fitness/Sleep/Nutrition programs, Company Fitness Challenges, etc.)
Full Services Description
II. ENGAGE ESSENTIALS PLUS– may include the following modules/functionalities described in the sections below:
H. Universal Platform Features
I. Engagement Hub Features
J. Wellbeing Features
K. Ecosystem and custom integrations (if purchased and specified in the applicable Attachment)
L. Included Services
M. Implementation Services
F. UNIVERSAL PLATFORM FEATURES
v. Employer Branding: A Customer-branded user experience. Customer can select logo for display within the Engage Platform, color to control key application elements, and standard onboarding screens that can vary by User segment
vi. Education Content: Consumer-oriented education content on a variety of conditions and health and wellness topics
vii. Reporting Dashboard: Self-serviced reports for the Customer’s benefits personnel to access on a twenty-four (24) hour basis via a web based dashboard. Dashboard has ability to filter data. Certain reports require a minimum number of participating Users. Dashboard includes reporting in the following areas:
•Registration
•Returns
•Visits
•Mobile usage
•Store, incentives and Rewards Center, budget tracking
•Program reporting: Program adoption and behavior funnel
•Challenges reporting: Adoption & behavior reporting tailored to each Challenge type
•Search activity
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
viii. Product Communications: Automated communications delivered to registered and unregistered eligible Users via multiple channels that provide tips on using the Engage Platform (via web or mobile)
G. ENGAGEMENT HUB FEATURES
iv. Benefits Tab: A list of benefit programs available to the User, including details and contact information for each
v. Personalized Recommendations: Recommendations based on Castlight’s personalization engine which connects Users to the targeted benefit program, behavior, care option, content, or incentive
vi. Communications Suite: A centralized, easy-to-use toolkit to create and deliver communications to Users (i.e. events, messages, and surveys)
H. WELLBEING FEATURES
v. Incentives: Ability to offer points for specific actions, behaviors, or outcomes in different benefits programs or within the Engage Platform that can be redeemed for rewards in the Rewards Center.
vi. Reward Center: A marketplace for redeeming points for rewards
vii. Store: A marketplace for purchasing third party consumer tracking devices and other health related items
viii. Challenges: Immersive and time-bound experiences designed to encourage healthy behaviors and habits through a fun and engaging participant experience
•Customers may launch up to two (2) Challenges company-wide on an annual basis.
I. ECOSYSTEM INTEGRATION
Two-Way Data Exchange Integration: Bi-directional integration of selected third party partners where Castlight sends contextual User data about Users to partners and Users are rewarded in real-time for completing progressive actions in real-time within the Engage Services platform. The resale of such third-party products must be documented in an executed Attachment. Programs are either “Platform Service Provider” programs or “Custom Integrations.”
iii. Platform Service Provider (“PSP”) Integrations: Based on a product-level integration between Castlight and the PSP who is part of Castlight’s partner ecosystem. PSP programs include a pre-defined set of objectives which can be used to measure User progress and award incentive points. Castlight will guide Customer through the configuration options for each Castlight PSP program.
iv. Custom Integrations: Allows Customer to include vendors outside the Castlight partner ecosystem. Custom programs prescribe a specific User flow and data intake format to facilitate a consistent and straightforward integration. Customer is required to assist with facilitating data integration discussions with the vendor, receiving commitment from vendor to complete integration, and ensuring that the vendor meets its obligations in completing the integration.
Any two-way data exchange integration must be specifically documented in an Attachment or separately executed written instrument between the parties.
SSO and Health Fund Integration:
Customer may elect up to five (5) total SSO and Health Fund Integrations.
Inbound/Outbound Single-Sign-On Integration
iii. Single sign on capabilities utilizing the SAML 2.0 standard from/to the Customer’s portal into/from the Engage Platform
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
iv. Single sign on capabilities utilizing the SAML 2.0 standard from/to the Customer’s third party vendor into/from the Engage Platform
III. Embedded User Interface Integration
v. Health Fund Integration: Integration of FSA, HSA, or HRA (as selected in the applicable Attachment) balance information from Customer’s third party provider of such information for display in the Castlight Service. (Health fund integration subject to: (i) Castlight entering into a valid agreement with Customer’s FSA, HSA, or HRA provider for receipt of data necessary for Castlight’s provision of the health fund integration; and (ii) Castlight’s receipt of such data in a format acceptable to Castlight)
vi. Benefits Enrollment and Portal Integration - Promotion within a Benefits Portal or Benefits Enrollment tool, which may include embedded registration where available
IV. Program Linkout - Embedded web link within the Engage Services platform to a third party site designated by Customer
Consumer Program Integration - One-way integration of third party consumer apps, devices, and services available in the Store where Users are rewarded in real-time for completing progressive actions in the Engage Services platform.
Education Program Integration - Allows Customer to guide participants through a program which rewards activities completed or self-attested directly within the Engage Services platform. No external data integration is implemented.
F. INCLUDED SERVICES
viii. Customer Success Support: Ongoing consultative support focused on strategy, engagement, and growth delivered by the Customer’s Customer Success manager.
ix. Engage User Support: Telephonic and chat support in addition to email support as described in the Included Services section. Telephonic and chat support is available in English and Spanish, as well as language line support for one hundred seventy (170) languages, for eligible Users, Monday through Friday (excluding holidays) 8AM – 9PM Eastern Time. Additionally, registered Users shall be entitled to third party support, outreach and communication as mutually agreed by Castlight and Customer.
x. Engagement Strategy Playbook and Launch Support: Castlight will provide to Customer launch and campaign toolkits, registration support, playbook of email and print marketing content, print and digital launch communications, leadership team communications, incentive and reward program tied to registration or usage of the Engage Platform.
xi. Incentives Administration: Regular reporting on reward redemption to Customer and to Castlight’s incentive fulfillment partner(s).
xii. Incentive Reporting: Upon Customer’s written request, Castlight will provide User platform activity reporting to Customer’s incentive vendor(s).
xiii. User Account Management:
o User registration using social security number or another secure, Castlight-approved identifier or process that is enabled by information contained in Customer’s eligibility file
o User password change/reset
o User e-mail address change
o User communication opt out options
G. IMPLEMENTATION SERVICES
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
Implementation support from kickoff through launch of the Engage Services platform, delivered by an implementation team.
ii. Castlight’s implementation of Engage Essentials Plus:
•Eligibility data management: scoping, data inclusion and business rules definition, testing, file approval
•Platform configuration and testing
•Program vendor management: data transfer scoping and configuration
•Demonstration and/or Test Account: provision of Demonstration and/or Test Accounts to Customer as agreed to in writing between the parties
•Eligibility Feeds: integration of a Customer-provided eligibility data file in accordance with Castlight’s specifications
H. INCLUDED COMMUNICATIONS AND ENGAGEMENT SERVICES
Customer can create and deliver in-app communications via the Communication Suite.
I. SERVICE EXCLUSIONS
Subject to change from time to time at Castlight’s sole discretion, Engage Essentials and Engage Essentials Plus exclude:
xii. Additional customizations of the Castlight Services including, but not limited to, customizations to the data required to support the Castlight Services (i.e. data used to process eligibility, provider network data, or data in claims files that are not mapped to Castlight's standard specifications), or customizations to the content display that require additional data feeds not included in Castlight’s standard implementation
xiii. Customizations to text or other content in the Castlight Services outside of targeted messages and the configurable sections of the Your Plan page
xiv. Customized reporting or data analytics, which includes any reporting that requires adding fields to the eligibility file outside of the two (2) included with standard reporting
xv. Additional customer support services (e.g. claims dispute resolution)
xvi. Single sign on capabilities, unless such specific capabilities are purchased and meet Castlight’s technological requirements of SAML 2.0
xvii. Supporting a change to or an addition of Customer’s Administrators, including but not limited to receiving data feeds from Administrators other than those providing services to Customer as of the Effective Date of SOF 5
xviii. Supporting data feeds in addition to the specified data feeds from the Administrators or as otherwise specified above (such as feeds from HSA/FSA/HRA vendors or wellness vendors)
xix. Delivery of outbound files other than incentive files which are in accordance with Castlight’s specifications
xx. Provision of Engage Essentials or Engage Essentials Plus to persons other than Users unless otherwise agreed to by the Parties in writing
xxi. Printing and distribution of printed communications materials for Engagement Strategy related services set forth above
xxii. Any additional services associated with rollover of plans beyond the rollover services provided through implementation services above, including but not limited to Administrator changes, vendor changes, new networks, broadening of an existing COE program and/or inclusion of on-site clinic benefits. Such additional services shall be provided on a then-current Castlight professional services time and materials basis.
Provision of any of these additional services requires a separate Services Order Form under the SaaS Agreement, including terms and conditions and additional fees to be mutually agreed to by the parties in writing.
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
ADDENDUM F TO SOF 5
EMAIL ATTACHMENT TEMPLATE
This Attachment to SOF 5 of the SaaS Agreement (the “Attachment”) is made as of [ENTER DATE] (“Attachment Effective Date”) and shall pertain only to the customer identified below (for purposes of this Attachment, “Customer”). The terms and conditions of SOF 5 to the SaaS Agreement effective as of January 1, 2020 (together with the SaaS Agreement, the “Agreement”) by and between Castlight Health, Inc. (“Castlight”) and Anthem, Inc. on behalf of itself and its Affiliates (each an “Anthem Company” and collectively, “Anthem”) shall apply herein. The duties and obligations of the Parties set forth elsewhere in the Agreement, together with the terms of this Attachment, shall collectively define the duties and obligations of the Parties with respect to Customer. Anthem and Castlight may also be referred to herein each as a “Party” and collectively as the “Parties.” All terms not otherwise defined herein shall have the meanings as assigned to them in the Agreement.
1.CUSTOMER INFORMATION
|
|
|
|
|
|
|
|
Customer Legal Name:
|
|
|
Intended Service Start Date:
|
|
|
Anthem Account Executive
|
|
|
Name of TPA:
|
Anthem
|
|
Name of DBM:
|
|
|
Name of PBM:
|
|
|
Name of HSA Vendor (if applicable):
|
|
|
Name of HRA Vendor (if applicable):
|
|
|
Name of FSA Vendor (if applicable):
|
|
|
Total Number of Employee Users:
|
|
2.SERVICES:
A. [Add applicable Enterprise Service, either Engage Elite, Engage Elite Plus, Essentials or Essentials Plus (including pricing and term) or Platform Service Providers (including pricing and term)], which will include the functionalities set forth in the applicable Addendum to SOF 5.
3.TERM AND TERMINATION OF THIS ATTACHMENT
A. The term of this Attachment shall commence on the Attachment Effective Date and shall continue until it is terminated in accordance with Section IV.B of SOF 5.
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
ADDENDUM G TO SOF 5
ANTHEM CLINICAL PROGRAMS
AND RELATED ANTHEM MATERIALS AND ANTHEM DATA
Anthem may provide data and integration opportunities for the following Care Management and/or Wellness Programs: Complex Care, Condition Care: Core, Condition Care Asthma, Condition Care Diabetes, Condition Care COPD, Condition Care CAD, Condition Care Heart Failure, Condition Care Health Support Programs (include Vascular-at-Risk, Low Back Pain, and Musculoskeletal), Case Management, High Risk Maternity Case Management, Future Moms, MyHealth Coach, EAP (Basic or Enhanced), Behavioral Health Products (Standard CM, or BH Resource), Integrated Health Model (National or Local), Mercer Health Advantage, MyHealth Advantage (Gold, Silver, CDH, Platinum), Towers Watson Care Advocacy, and any new programs developed. Also to be noted: any new programs developed on the Healthy Returns (HRS) platform could be included in the data for current or future capabilities. Anthem’s Care Management and Wellness programs are constantly evolving, requiring coordination across our partners. The Parties may add new programs by agreement via email. New programs could include, but are not limited to: health coaching programs, new IHM models, new case management or disease management.
Data that could be provided to Castlight to help Anthem manage their membership through their proprietary care management and wellness programs include, but is not limited to: case status, condition, program goals, incentives milestones, program phone numbers, program names, care gaps, AHG triggers, program triggers and referrals, assessments and assessment data.
Periodically, Anthem updates its Healthy Returns System (HRS) to ensure clinical and programmatic relevancy. Anthem and Castlight should coordinate efforts to ensure any new clinical or programmatic guidelines are met across all programs.
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
ADDENDUM H TO SOF
BRANDING SPECIFICATIONS
User Interface Design for the Engage Services when branded “Anthem Engage”
The Parties will work together to design the user interface for “Anthem Engage” based on the Anthem Reimagined User Interface Library: https://anthemuxd-a18049.sites.us2.oraclecloud.com/ari/
Anthem may from time to time update branding specifications impacting the UID to be consistent with its Enterprise Platform Strategies.
Specifications for Use of Anthem Health Plan Logos
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
ADDENDUM I TO SOF 5
REPORTING
Part 1 - Care & Cost Finder Services
Reports and Reporting related to the Care & Cost Finder Services shall be as described in this Part 1 of this Addendum I, and otherwise shall be subject to all the terms and conditions of the SaaS Agreement.
A. Timing of Reports. At all times during the term of this SOF 5, Castlight shall make periodic Reports as set forth in Part 1, Section B of this Addendum I available to Anthem on following schedule; provided that if the due date falls on a weekend or non-business day, Castlight shall provide the reports on the next business day.
1. Monthly Reports – to be received by Anthem within 2 weeks after the end of the month.
2. Annual Reports – to be received by Anthem within 30 days after the end of the year.
B. Reports. Except as the Parties may otherwise agree and document in an amendment, Castlight shall provide the following reports to Anthem, based on specifications as to the design, structure, layout, and frequency of the reports:
1. Utilization of all Transparency Web Site pages, to be provided at least monthly.
a. Web Utilization extracts with the same data structure being used by Anthem’s existing Estimate Your Cost, Find a Doctor, and Patient Ratings and Reviews features.
b. Final utilization tracking details to be defined; e.g., visitors, visits, public, secure, abandons, page usage, errors experienced, ratings/reviews activity, search result.
2. User satisfaction survey results, to be provided at least monthly -- Evaluate User satisfaction using sound mechanisms for data collection and reliable methodologies for evaluating and analyzing satisfaction data, including documentation of areas of dissatisfaction.
3. All files/data exchange reporting as mutually agreed -- Error reports, file counts, load errors, balance and controls, etc.
4. Performance reporting to be provided at least monthly:
a. System availability by day, with details on availability issues, duration and root cause
b. Site response time by day, with details on response issues
c. Defect reporting to follow the following: severity 1’s to be reported daily until resolution; severity 2’s within 15 days of issue identification and monthly reporting for severity 3’s along with a summary from the month.
d. In the event of high levels of outages, unique reporting on request by Anthem to confirm performance as applicable
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
5. Analytics and savings information including Customer reporting, the development and provision of which shall be considered custom work for which Castlight may charge fees to Anthem.
6. Raw data file for use in Anthem performed analytics, including member usage and application usage (i.e. search behavior) delivered monthly.
7. Roadmap/planned enhancement reporting, to be provided at least monthly.
Part 2 – Engage Services
Reports and Reporting related to the Engage Services shall be as described in this Part 2 of this Addendum I, and otherwise shall be subject to all the terms and conditions of the SaaS Agreement.
Castlight shall provide the following:
i. Offering shall include self-service reporting for Customer with participation rates that meet identified HIPAA-compliant thresholds.
ii. Castlight shall provide quarterly reports on the last day of the first (1st) month following the completion of each reporting quarter. The focus of quarterly reporting is to provide a summary of key activities within the quarter, and to begin to profile behavior change impact drivers that will lead to successful program outcomes. Program Reporting shall encompass any currently available reporting on the platform.
iii. Ad Hoc Reports.
For any Customer who requests more than two (2) ad hoc reports, Three Hundred Fifty Dollars ($350.00) will be billed per existing report produced. For any non-existing reports that need to be created, there will be a Ten Thousand Dollar ($10,000.00) fee to create the new report. These reports should be able to be re-used for future Customers.
iv. Continuous Improvement
1. Anthem and Castlight will collaborate in continuous improvement and roadmap management activities.
vii. Customer reporting to be provided monthly and will include the number of Customers using the Engage Services monthly in the aggregate and by lines of business.
The reports identified above will be determined and mutually agreed by Anthem and Castlight as part of the Reporting workstream in the Anthem Engage program. However, the metrics included will contain:
• Registration
• MAU – Monthly Active Logins
• Usage activity, including such items as:
• Page clicks
Clicks to 3rd party links
• Clicks to Call Utilization 3rd party links
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
• Tracker/Program activity
• Challenge activity
• Program activity
• Sleep
• Physical Activity
• Nutrition
• HRA Completions
• Biometric Screening Completions
• Incentive Dollars Earned
• # of Members Earning Incentive Dollars
• Points Earned
• Points Redeemed
• # of Members Earning Points
• Book of business reports must be able to be broken out by segment, line of business, or state
CERTAIN CONFIDENTIAL INFORMATION CONTAINED IN THIS DOCUMENT, MARKED BY [***], HAS BEEN OMITTED BECAUSE IT IS NOT MATERIAL AND WOULD LIKELY CAUSE COMPETITIVE HARM TO THE COMPANY IF PUBLICLY DISCLOSED.
ADDENDUM J TO SOF 5
RATES
|
|
|
|
|
|
|
|
Service
|
Fee/Hour
|
|
Engineering
|
$240/hour
|
|
Non-Engineering
|
$180/hour
|
