These Terms of Services, (the “Agreement”) is entered into by and between the Party accepting these Terms of Service (“Developer”) for and on behalf of its Affiliates and [Anthem, Inc.] for and on behalf of its Affiliates health benefit plan affiliates (“API PROVIDER”). Developer and API Provider may each be referred to as a “Party” or collectively as “Parties.”

Developer is interested in accessing certain APIs offered by API Provider along with associated documentation consistent with the following terms and conditions.

By accessing or using APIs and other developer documentation and services, Developer agrees to the terms below, as well as any applicable laws and regulations (collectively, Terms).

If Developer is using the API PROVIDER APIs or services on behalf of an entity, Developer represents and warrants that Developer has authority to bind that entity to the Terms and by accepting the Terms, Developer is doing so on behalf of that entity (and all references to “Developer” in the Terms refer to Developer and that entity).

In order to access the API PROVIDER APIs Developer may be required to provide certain information (such as identification or contact details) as part of the registration process for the APIs, or as part of your continued use of the APIs. Any registration information Developer gives to API PROVIDER must be accurate and up to date and Developer must inform API PROVIDER promptly of any updates so that we can keep Developer informed of any changes to the API PROVIDER APIs or the Terms, which may impact Developer’s use of the APIs.

Any Developer credentials (such as passwords, keys, tokens, and client IDs) issued to Developer by API PROVIDER are intended to be used only by Developer and to identify any software which Developer is using with the APIs. Developer agrees to keep its credentials confidential and make reasonable efforts to prevent and discourage other persons or entities from accessing or using its developer credentials. Developer credentials may not be embedded in open source projects. Developer is responsible to ensure access to and use of APIs is compliant with this agreement when such access and use is made with Developer’s credentials, whether or not such use is made by Developer.

Developer may only access (or attempt to access) the API PROVIDER APIs by the means described in the documentation of those APIs. If API PROVIDER assigns Developer credentials, Developer must use them with the applicable APIs. API PROVIDER may revoke a developer’s credentials for inappropriate use as determined by API PROVIDER in its sole discretion.

If Developer is granted production application credentials for the APIs, Developer may only use those credentials with the application that passed the production access review process. API PROVIDER may revoke production application credentials if Developer use or attempt to use them with another application or product that has not been reviewed and approved by API PROVIDER.

Developer may use the API PROVIDER APIs to develop and provide a service to search, display, analyze, retrieve, view and otherwise obtain certain information or data from API PROVIDER as specifically provided for in the specifications and documentation for the specific API (“Permitted Purposes”).

Information or data about individuals available from the API Provider APIs may be subject to the Health Insurance Portability and Accountability Act of 1996 (HIPAA), and other laws, and require special safeguarding. Developer must comply with all applicable laws regarding the protection, use and disclosure of information obtained through an API.

Developer further acknowledge that when records regarding an individual are obtained through an API, Developer has all required right, authorizations and consent from such individual, and Developer may not disclose any information or data regarding the individual to any other individuals or third parties without specific, explicit consent from the individual or his or her authorized representative, unless otherwise allowed by law.

When using content, data, documentation, code, and related materials associated with the API Provider APIs in developer’s own work, the API Provider requires that proper credit be given. All services that utilize or access the API Provider APIs or content, data, documentation, code, and related materials associated with the API Provider APIs must display the following notice prominently within the application:

“This product uses the [API Provider] APIs but is not endorsed or certified by [API Provider].”

Developer may use API PROVIDER’s name or logo in order to identify the source of API content subject to these Terms. Developer may not use the API PROVIDER name, logo, or the like to imply endorsement of any product, service, or entity, not-for-profit, commercial or otherwise.

Developer’s use of the API Provider APIs will be subject to certain limitations on access, calls, or use as set forth within these Terms or otherwise provided by API PROVIDER. These limitations are designed to manage the load on the system, promote equitable access, and prevent abuse, and these limitations may be adjusted without notice, as deemed necessary by API PROVIDER. If API PROVIDER reasonably believes that Developer have attempted to exceed or circumvent these limits, Developer’s ability to use the API Provider APIs may be temporarily or permanently blocked. API PROVIDER may monitor Developer’s use of the API Provider APIs to, for example, improve the service or to ensure compliance with these Terms.

If Developer wishes to terminate this agreement with these Terms, Developer may do so by refraining from further use of the APIs. API PROVIDER reserves the right (though not the obligation) to: (1) refuse to provide the API Provider APIs to Developer, if API PROVIDER determines that use violates any API PROVIDER policy, including these Terms; or (2) terminate or deny Developer access to and use of all or part of the API Provider APIs at any time for any other reason which in its sole discretion it deems necessary in order to prevent abuse. Developer may petition API PROVIDER to regain access to the API Provider APIs through the support email address provided by API PROVIDER for the APIs. If API PROVIDER determines in its sole discretion that the circumstances which led to the refusal to provide the API Provider APIs or terminate access to the API Provider APIs no longer exist, then API PROVIDER may restore Developer’s access. All provisions of these Terms, shall survive termination, including, without limitation, warranty disclaimers, and limitations of liability.

The API platform is provided “as is” and on an “as-available” basis. While API PROVIDER will do its best to ensure the service is available and functional, API PROVIDER hereby disclaims all warranties of any kind, express or implied, including without limitation the warranties of merchantability, fitness for a particular purpose, and non-infringement. API PROVIDER makes no warranty that data will be error free or that access thereto will be continuous or uninterrupted.

In no event will API PROVIDER be liable with respect to any subject matter of this Agreement under any contract, negligence, strict liability or other legal or equitable theory for: (1) any special, incidental, or consequential damages; (2) the cost of procurement of substitute products or services; or (3) for interruption of use or loss or corruption of data.

Any disputes arising out of this Agreement and access to or use of the API Provider APIs shall be governed by the laws and common law of the State of Indiana, including without limitation such regulations as may be promulgated from time to time by API PROVIDER, without regard to any conflict of laws statutes or rules. Some API Provider APIs may have API-specific terms of use. If there is a conflict between these Terms and additional terms applicable to a specific API, the terms applicable to the specific API will control.

Developer agrees to indemnify and hold harmless API PROVIDER, its contractors, employees, agents, and the like, from and against any and all claims and expenses, including attorney’s fees, arising out of Developer’s use of the APIs, including but not limited to violation of these Terms, to the extent allowed by law.

API PROVIDER’s failure to exercise or enforce any right or provision of these Terms shall not constitute a waiver of such right or provision.

Developer agrees to use the API Provider APIs in a manner consistent with the following framework unless otherwise required by applicable law or as specified above:

• Transparency: The existence of record-keeping systems and databanks containing data about individuals used or maintained by Developer should be disclosed to individuals and publicly known, along with a description of the main purposes and uses of the data collected by Developer.
• Consent: There should be limits to the collection of personal data and it should be collected by lawful and fair means. Where data are collected on behalf of an individual data subject that data be collected, solely with the knowledge and consent of the authenticated individual data subject or their authenticated legal personal representative. Developer is solely responsible for its compliance with all applicable laws and regulations.
• Use and Disclosure: There should be limits to the internal uses of personal data about individuals and the data should be used primarily the purposes specified at the time of collection. Personal data accessed by Developer from API Provider must not be used or further disclosed by Developer without the consent of the individual or as otherwise permitted by applicable law.
• Individual Access: Each individual should have a right to see any data about him or herself and to annotate any data that is not timely, accurate, relevant, or complete where the application has the ability to do so.
• Security: Personal data should be protected by reasonable security safeguards against such risks as loss, unauthorized access, destruction, use, modification, or disclosure.
• Data Quality: Personal data should be relevant to the purposes for which they are to be used, and should be independently confirmed to be accurate, complete, and timely before being relied upon.
• Accountability: Developer is accountable for complying with fair information practices and requirements of all applicable laws and regulations.