7615 - NDA Executed
DocuSign Transmittal Coversheet
File Name
Purchasing Contact
Contract Expiration
Legal Approval
Dept Approval
DocuSign Envelope ID: 56CE23D6-304A-474C-992B-421AD6CBACAF
NA
7615 NDA
Lori Hewell
1
NONDISCLOSURE AND DATA USE AGREEMENT (2/21)
NONDISCLOSURE AND DATA USE AGREEMENT
This Nondisclosure and Data Use Agreement (this “Agreement”) is entered into as of __________, 2021, (the
“Effective Date”) by and among the following parties:
▪ United HealthCare Services, Inc. (“United”)
▪ City of Denton (“Customer”) and
▪ BMI Audit Services, LLC (“Vendor”)
Customer, Vendor and United are referred to individually as a “Party” and collectively as the “Parties.” Any Party
who receives Confidential Information, as defined below, is referred to as a “Receiving Party.”
1. Purpose of Data Release; Services. United and Customer have entered or intend to enter into an agreement under
which United provides or will provide benefits administration and other related services to Customer or Customer’s
employee welfare benefit plan (the “Plan”). On behalf of the Customer or the Plan, the Receiving Parties will provide
the services set forth below (the “Services”):
(a) Vendor will perform a transactional claims audit. Confidential Information disclosed to Vendor will solely be
used for purposes of selection of a sample of claims and subsequent determination of the accuracy of those sample
claims transactions selected for audit.
United may release certain Confidential Information to the Receiving Parties to perform the Services.
2. Confidential Information. “Confidential Information” means all information that is disclosed or made available by
United or its affiliates in connection with the Services under this Agreement, regardless of form or the manner in
which it is furnished. The definition of Confidential Information includes, without limitation: (a) pricing, discounts,
reimbursement terms, payment methodologies and payment processes, compensation arrangements and any similar
commercial information and (b) data, information, statistics, trade secrets and any information about business, costs,
operations, techniques, know-how or intellectual property. Any material that is derived from or developed from
Confidential Information will be deemed Confidential Information for purposes of this Agreement, regardless of the
person creating, disclosing or making available such material. Any Confidential Information included in preparations,
proposals, scope documents, discussions, findings, summaries, reports and conclusions remains Confidential
Information.
Confidential Information does not include: (a) information that is or becomes generally available to the public other
than as a result of a disclosure by a Receiving Party in violation of this Agreement or other agreement between the
Receiving Party and United, (b) information either obtained from a third party other than United or already in a
Receiving Party’s possession before receipt from United, if the Receiving Party can demonstrate such information
was lawfully obtained and not subject to another obligation of confidentiality, and (c) information independently
developed without reference to Confidential Information, if the Receiving Party can demonstrate such independence
through contemporaneous written records.
3. Conditions for Release. United will require Customer authorization prior to the release of certain Confidential
Information. Each Receiving Party agrees that it has entered into and shall maintain any agreements with Customer
as required under applicable law and regulations, which may include, without limitation, a business associate
agreement as contemplated by the Health Insurance Portability and Accountability Act of 1996 and its implementing
regulations, as amended (“HIPAA”). The content, means and frequency of disclosure of Confidential Information are
at the sole discretion of United.
United may stop its release of Confidential Information and may withdraw its consent for any Receiving Party to
disclose, or its permission for any Receiving Party to use, Confidential Information at any time.
4. Nondisclosure. Unless specifically authorized in this Section 4 or permitted under Section 5, a Receiving Party shall
not disclose Confidential Information to any other person or entity without United’s prior written consent. Only the
following disclosures are permitted:
(a) a Receiving Party may disclose Confidential Information to an Authorized Employee. An “Authorized Employee”
means an employee of the Receiving Party who is required to have access in order to perform the Services and is
bound by the strict confidentiality standards and related obligations in this Agreement. An Authorized Employee
must only access Confidential Information to the extent necessary for his or her duties directly relating to the Services.
An Authorized Employee may not be any individual who has responsibility for or is involved in (i) provider or network
development or contracting activities or (ii) negotiating pricing or contract terms for products or services on behalf of
any coalition or collective.
(b) Any Receiving Party may release Confidential Information to Customer in connection with the Services, but only
after any Confidential Information that directly or indirectly identifies Rate Information has been removed or Blinded.
DocuSign Envelope ID: 56CE23D6-304A-474C-992B-421AD6CBACAF
04/20/2021
2
NONDISCLOSURE AND DATA USE AGREEMENT (2/21)
“Rate Information” means pricing, discounts, reimbursement terms, payment methodologies, and payment processes,
compensation arrangements and any similar commercial information, between or on behalf of United (including its
affiliates) and a healthcare provider (including without limitation physicians, group practices, hospitals, ambulatory
surgical centers or other facilities), drug manufacturer, drug wholesaler or pharmacy.
“Blinded” means that information has been sufficiently de-identified and aggregated such that the resulting
information cannot be used to identify, directly or indirectly, any Rate Information, or any healthcare provider or
member.
5. Compelled Disclosure. If a Receiving Party is requested or required to disclose Confidential Information by
subpoena, legal process or applicable law, including public records acts, the Receiving Party shall (to the extent
permitted by law), provide United with immediate written notice of that request or requirement. Failure to provide
this notice to United will constitute a material breach of this Agreement. The Receiving Party shall reasonably
cooperate in any efforts by United to seek an appropriate protective order or other remedy or otherwise challenge or
narrow the scope of that disclosure request or requirement. If a protective order or other remedy is not obtained, the
Receiving Party shall furnish only that portion of the Confidential Information that is legally required.
6. Permitted Uses. A Receiving Party shall use Confidential Information solely to perform Services for Customer as
identified in Section 1.
7. Restrictions on Use. A Receiving Party and its Authorized Employees shall not use Confidential Information for any
purpose other than to perform the Services for Customer as identified in Section 1. Without limiting the generality of
the preceding sentence, each Receiving Party and its Authorized Employees shall not, directly or indirectly, for itself
or another person:
(a) sell, license or grant any other rights to Confidential Information.
(b) derive any Rate Information not provided by United.
(c) use or contribute Confidential Information for the creation, operation or improvement of any product, service or
database for external or commercial use.
Notwithstanding anything to the contrary contained in this Agreement, Customer shall not be prohibited from:
(1) providing provider-specific cost or quality of care information or data, through a consumer engagement tool or
any other means, to referring providers, the plan sponsor, enrollees, or individuals eligible to become enrollees of the
plan or coverage;
(2) electronically accessing de-identified claims and encounter information or data for each enrollee in the plan or
coverage, upon request and consistent with the privacy regulations promulgated pursuant to section 264(c) of HIPAA,
the amendments made by the Genetic Information Nondiscrimination Act of 2008 (“GINA”), and the Americans with
Disabilities Act of 1990 (“ADA”), including, on a per claim basis:
(a) financial information, such as the allowed amount, or any other claim-related financial obligations included
in the provider contract;
(b) provider information, including name and clinical designation;
(c) service codes; or
(d) any other data element included in claim or encounter transactions; or
(3) sharing information or data described in subparagraph (1) or (2), or directing that such data be shared, with a
business associate as defined in section 160.103 of title 45, Code of Federal Regulations (or successor regulations),
consistent with the privacy regulations promulgated pursuant to section 264(c) of HIPAA, the amendments made by
GINA, and the ADA. Before Customer shares data with a business associate pursuant to this subsection, such business
associate must sign a mutually agreed-upon confidentiality agreement with United.
8. Additional Agreements.
(a) Each Receiving Party shall have in place sufficient administrative, physical and technical security safeguards and
firewalls to prevent Confidential Information from unauthorized use, access or disclosure, and shall demonstrate such
sufficiency if requested by United. If a Receiving Party becomes aware of any information indicating an actual or
likely breach of any provision of this Agreement, the Receiving Party shall immediately, not to exceed 3 business
days, inform United and cooperate with United to address the issue. Each Receiving Party shall comply with all
applicable laws and regulations governing the use and disclosure of Confidential Information.
(b) A Receiving Party may use a third party to host and store United’s Confidential Information (“Host Provider”).
United may revoke this consent for any reason. In the event of such revocation, the Receiving Party will have fifteen
days to effectuate the removal of United’s Confidential Information from Host Provider’s information systems and
certify to United that it was removed. A Receiving Party is liable for the acts and omissions of the Host Provider. A
DocuSign Envelope ID: 56CE23D6-304A-474C-992B-421AD6CBACAF
3
NONDISCLOSURE AND DATA USE AGREEMENT (2/21)
Receiving Party shall bind Host Provider in writing to terms and conditions outlining the protections and security of
United’s Confidential Information substantially similar to the terms and conditions in this Agreement.
(c) A Receiving Party must promptly notify United after it is subject to a merger, change of control or sale of
substantially all its assets so that United may assess the ongoing disclosure and use of Confidential Information. A
Receiving Party shall not disclose, or grant access, to Confidential Information to any other entity or person in
connection with a merger, change of control or sale of substantially all its assets without United’s prior written
approval.
(d) Confidential Information is made available as is. United makes no express or implied representation or warranty
regarding fitness for any purpose.
(e) To the extent permitted by law, Customer shall indemnify, release and hold harmless United and its affiliates and
each of their officers, directors, employees and agents from and against any claim, cause of action, liability, damage,
cost, or expense (including attorneys’ fees) arising out of or in connection with (i) the release and use of Confidential
Information under this Agreement and (ii) a breach of this Agreement by the Receiving Party.
9. Termination of Rights.
(a) A Receiving Party’s right to use Confidential Information will terminate on the earliest of (i) conclusion of the
Services performed by the Receiving Party or termination of the relationship between a Receiving Party and Customer,
(ii) termination of the services provided under the agreement(s) between United and Customer, or (iii) United
withdrawing its consent to use Confidential Information.
(b) Following the termination of rights set forth in Subsection 9(a), each Receiving Party will destroy or delete all
Confidential Information in its possession and instruct its Authorized Employees to destroy or delete all Confidential
Information in their possession. The Receiving Party will certify such destruction or deletion to United upon request.
To the extent full destruction or deletion is infeasible, a Receiving Party may retain Confidential Information on a
limited basis (i) to the extent required by applicable law, including public records act obligations, or the professional
standards of the Receiving Party’s professional governing body, and (ii) to the extent Confidential Information has
been electronically archived and cannot be reasonably extracted, and (iii) to defend its work product as it relates to
the Services. Notwithstanding the foregoing, healthcare provider contracts or extracts from those documents may
never be retained. Confidential Information retained pursuant to this Subsection 9(b) will remain subject to the terms
of this Agreement.
10. General Provisions.
(a) Remedies. A Party shall be responsible for a breach of the terms of this Agreement whether breached directly by
such Party or through its affiliates, directors, officers, employees or agents. A Party shall have the right, in addition
to any other rights and remedies it may have, at law, in equity or otherwise, to injunctive relief in any court of
competent jurisdiction to restrain any breach of this Agreement or otherwise to specifically enforce any provision of
this Agreement. No failure or delay by a Party in exercising any right hereunder will operate as a waiver thereof.
(b) Assignment. A Receiving Party may not assign any of its rights or obligations under this Agreement without
United’s prior written approval.
(c) Entire Agreement. This Agreement contains the entire agreement between the Parties concerning the
confidentiality and use of Confidential Information, and no modification of this Agreement or waiver of the terms and
conditions hereof shall be binding upon a Party, unless approved in writing by such Party.
(d) Governing Law. This Agreement shall be governed by, construed and enforced in accordance with the laws of
the State of Texas, without regard to the conflict of laws, rules or principles thereof.
(e) Counterparts; Electronic Signatures. This Agreement may be executed in any number of counterparts
(including counterparts by any form of electronic communication) and all such counterparts taken together shall be
deemed to constitute one and the same instrument. The Parties shall be entitled to rely upon delivery of an executed
facsimile or similar executed electronic copy of this Agreement (including by means of an electronic signature), and
such facsimile or similar executed electronic copy shall be legally effective to create a valid and binding agreement
among the Parties.
DocuSign Envelope ID: 56CE23D6-304A-474C-992B-421AD6CBACAF
4
NONDISCLOSURE AND DATA USE AGREEMENT (2/21)
The Parties have entered into this Agreement effective as of the Effective Date.
United HealthCare Services, Inc.
By: __________________________________________
Name:
Title:
Date:
BMI Audit Services, LLC City of Denton
By __________________________________________ By __________________________________________
Name: Name:
Title: Title:
Date: Date:
00063610.0 (03/2021)
DocuSign Envelope ID: 56CE23D6-304A-474C-992B-421AD6CBACAF
04/20/2021
Sara Hensley
Interim City Manager
Certificate Of Completion
Envelope Id: 56CE23D6304A474C992B421AD6CBACAF Status: Completed
Subject: Please DocuSign: NDA 7615
Source Envelope:
Document Pages: 5 Signatures: 3 Envelope Originator:
Certificate Pages: 2 Initials: 0 Lori Hewell
AutoNav: Enabled
EnvelopeId Stamping: Enabled
Time Zone: (UTC-06:00) Central Time (US & Canada)
901B Texas Street
Denton, TX 76209
lori.hewell@cityofdenton.com
IP Address: 198.49.140.104
Record Tracking
Status: Original
4/5/2021 11:47:06 AM
Holder: Lori Hewell
lori.hewell@cityofdenton.com
Location: DocuSign
Signer Events Signature Timestamp
Lori Hewell
lori.hewell@cityofdenton.com
Purchasing Manager
City of Denton
Security Level: Email, Account Authentication
(None)
Completed
Using IP Address: 198.49.140.104
Sent: 4/5/2021 11:50:58 AM
Viewed: 4/5/2021 11:51:10 AM
Signed: 4/5/2021 11:51:24 AM
Electronic Record and Signature Disclosure:
Not Offered via DocuSign
Marcella Lunn
marcella.lunn@cityofdenton.com
Deputy City Attorney
City of Denton
Security Level: Email, Account Authentication
(None)
Signature Adoption: Pre-selected Style
Using IP Address: 68.185.202.16
Signed using mobile
Sent: 4/5/2021 11:51:26 AM
Viewed: 4/5/2021 11:51:42 AM
Signed: 4/5/2021 11:53:08 AM
Electronic Record and Signature Disclosure:
Not Offered via DocuSign
tiffany thomson
tiffany.thomson@cityofdenton.com
Director of Human Resources
City of Denton
Security Level: Email, Account Authentication
(None)
Signature Adoption: Pre-selected Style
Using IP Address: 47.4.22.147
Sent: 4/5/2021 11:53:09 AM
Viewed: 4/5/2021 2:39:33 PM
Signed: 4/5/2021 2:39:42 PM
Electronic Record and Signature Disclosure:
Not Offered via DocuSign
Cheyenne Defee
cheyenne.defee@cityofdenton.com
Contract Administrator
City of Denton
Security Level: Email, Account Authentication
(None)
Completed
Using IP Address: 198.49.140.104
Sent: 4/5/2021 2:39:44 PM
Viewed: 4/21/2021 8:26:39 AM
Signed: 4/21/2021 8:27:01 AM
Electronic Record and Signature Disclosure:
Not Offered via DocuSign
Signer Events Signature Timestamp
Sara Hensley
sara.hensley@cityofdenton.com
Interim City Manager
City of Denton
Security Level: Email, Account Authentication
(None)
Signature Adoption: Pre-selected Style
Using IP Address: 198.49.140.10
Sent: 4/21/2021 8:27:02 AM
Viewed: 4/21/2021 8:31:23 AM
Signed: 4/21/2021 8:31:30 AM
Electronic Record and Signature Disclosure:
Not Offered via DocuSign
In Person Signer Events Signature Timestamp
Editor Delivery Events Status Timestamp
Agent Delivery Events Status Timestamp
Intermediary Delivery Events Status Timestamp
Certified Delivery Events Status Timestamp
Carbon Copy Events Status Timestamp
Cheyenne Defee
cheyenne.defee@cityofdenton.com
Contract Administrator
City of Denton
Security Level: Email, Account Authentication
(None)
Sent: 4/5/2021 11:51:25 AM
Electronic Record and Signature Disclosure:
Not Offered via DocuSign
Sherri Thurman
sherri.thurman@cityofdenton.com
City of Denton
Security Level: Email, Account Authentication
(None)
Sent: 4/5/2021 2:39:44 PM
Electronic Record and Signature Disclosure:
Not Offered via DocuSign
Gretna Jones
gretna.jones@cityofdenton.com
Legal Secretary
City of Denton
Security Level: Email, Account Authentication
(None)
Sent: 4/5/2021 2:39:44 PM
Viewed: 4/5/2021 3:05:23 PM
Electronic Record and Signature Disclosure:
Not Offered via DocuSign
Witness Events Signature Timestamp
Notary Events Signature Timestamp
Envelope Summary Events Status Timestamps
Envelope Sent Hashed/Encrypted 4/5/2021 11:50:58 AM
Certified Delivered Security Checked 4/21/2021 8:31:23 AM
Signing Complete Security Checked 4/21/2021 8:31:30 AM
Completed Security Checked 4/21/2021 8:31:30 AM
Payment Events Status Timestamps