Legal

TERMS AND CONDITIONS

  1. Applicability. These ERT Standard Terms and Conditions (the “Terms”) accompany the purchase of goods (the “Goods”) as specified in a Purchase Order Agreement (the “Agreement”). These terms are hereby incorporated by reference into the applicable Agreement and constitute the sole and entire agreement of the parties with respect to the order, and supersede all prior or contemporaneous understandings, quotations, agreements, negotiations, representations and warranties, and communications, both written and oral, with respect to the subject matter of the order. These Terms prevail over any terms or conditions contained in any other documentation and expressly exclude any of Seller’s general terms and conditions of sale or any other document issued by Seller in connection with this order.
  2. Acceptance. The purchase is not binding on Buyer until Seller accepts the purchase order in writing. Buyer may withdraw the order at any time before it is accepted by Seller.
  3. Inventory Capacity. Throughout the term of this Agreement, Seller shall maintain the capacity and availability to supply Buyer’s peak weekly, monthly and annual requirements of Goods (as communicated by Buyer to Seller in Purchase Orders).
  4. Delivery Date. Seller shall deliver the Goods in the quantities and on the date(s) specified in this order or as otherwise agreed in writing by the parties (the “Delivery Date”). If no delivery date is specified, Seller shall deliver the Goods within seven to ten (7 to 10) business days of Seller’s receipt of the order. Timely delivery of the Goods is of the essence. If Seller fails to deliver the Goods in full on the Delivery Date, Buyer may terminate the order immediately by providing written notice to Seller and Seller shall indemnify Buyer against any losses, claims, damages, and reasonable costs and expenses directly attributable to Seller’s failure to deliver the Goods on the Delivery Date.
  5. Quantity. If Seller delivers more than or less than 100% of the quantity of Goods ordered Buyer may reject all or any excess Goods. Any such rejected Goods shall be returned to Seller at Seller’s risk and expense. If Buyer does not reject the Goods and instead accepts the delivery of Goods at the increased or reduced quantity, the Price for the Goods shall be adjusted on a pro-rata basis.
  6. Delivery Location. All Goods shall be delivered to the address specified in this order (the “Delivery Location”) during Buyer’s normal business hours or as otherwise instructed by Buyer.
  7. Shipping Terms. Delivery shall be made in accordance with the terms on the face of this order. Seller shall give written notice of shipment to Buyer when the Goods are delivered to a carrier for transportation. Seller shall provide Buyer all shipping documents, including the commercial invoice, packing list and any other documents necessary to release the Goods to Buyer within one (1) business day after Seller delivers the Goods to the transportation carrier. The order number must appear on all shipping documents, shipping labels, invoices, correspondence and any other documents pertaining to the order.
  8. Title and Risk of Loss. Title passes to Buyer upon delivery of the Goods to the Delivery Location. Seller bears all risk of loss or damage to the Goods until delivery of the Goods to the Delivery Location.
  9. Packaging. All goods shall be packed for shipment according to Buyer’s instructions or, if there are no instructions, in a manner sufficient to ensure that the Goods are delivered in undamaged condition. Seller must provide Buyer prior written notice if it requires Buyer to return any packaging material. Any return of such packaging material shall be made at Seller’s expense.
  10. Amendment and Modification. No change to this order is binding upon Buyer unless it is in writing, specifically states that it amends this order and is signed by an authorized representative of Buyer.
  11. Inspection and Rejection of Nonconforming Goods. Buyer shall have the right to inspect and test the goods ordered prior to delivery and at the time and place of receipt before paying for or accepting the goods. Defective goods or goods not in compliance with Buyer’s drawings, specifications or standards, if any, will, at Buyer’s choice, but at Seller’s sole risk and expense, either be held pending Seller’s reasonable instructions or be shipped to Seller at Seller’s address on the face of this Purchase order. Any such goods chosen by Buyer to be held, shall be held at Seller’s risk and expense pending Seller’s reasonable instructions for a period not exceeding thirty (30) days and, if Seller so instructs Buyer, will be returned to Seller at Seller’s risk and expense. Any such goods remaining in Buyer’s possession after the expiration of such thirty (30) day period may be destroyed or otherwise disposed of by Buyer at Seller’s risk and expense. If inspection or test discloses that any part of the goods received are defective or not in compliance with Buyer’s drawings, specifications or standards, Buyer shall have the right to cancel any unshipped portion of the Purchase order in addition to any rights or remedies it may have, whether under this Purchase order or otherwise. Buyer’s payment of goods prior to inspection shall not constitute acceptance thereof and is without prejudice to any and all claims Buyer may have against Seller or any other party. Seller shall remit to Buyer that portion, if any, of the price paid by Buyer for any defective goods together with any and all costs, expenses charges relating thereto including without limitation destruction and transportation costs. Buyer shall also be entitled to receive credit for any goods later rejected by Buyer as not being in compliance with this Purchase order and damaged goods that are later returned. Buyer shall also have the right to send one or more of its authorized representatives to inspect Seller’s business operations (including without limitation manufacturing and warehouse facilities) at any time during regular business hours. If for any reason Seller’s business operations do not comply with applicable laws, ordinances, rules and regulations, the Seller at its own cost and expense shall remedy any such deficiency.
  12. Price. The price of the Goods is the price stated in the order (the “Price”). If no price is included in the order, the Price shall be the price set out in Seller’s published price list in force as of the date of the order. Unless otherwise specified in the order, the Price includes all packaging, transportation costs to the Delivery Location, insurance, customs duties, fees and applicable taxes, including, but not limited to, all sales, use or excise taxes. No increase in the Price is effective, whether due to increased material, labor or transportation costs or otherwise, without the prior written consent of Buyer.
  13. Most Favored Customer. Seller represents and warrants that the price for the Goods is the lowest price charged by Seller to any of its external buyers for similar volumes of similar Goods. If Seller charges any other buyer a lower price, Seller must apply that price to all Goods under this order. If Seller fails to meet the lower price, Buyer, at its option, may terminate this order without liability pursuant to Section 23.
  14. Payment Terms. Payment terms are 2% 15 net 60 unless otherwise negotiated and agreed to in writing by both Buyer and the Seller. Buyer shall receive the 2% 15 standard or negotiated discount regardless of whether the discount is shown on Seller’s invoice. Unless freight and other charges, where applicable, are itemized, discount will be taken on the full invoice amount. Seller shall issue a separate invoice (in duplicate) for each shipment made against this Purchase order. Each invoice must contain this Purchase order number, Buyer’s Part Number(s), if any, and quantities shipped. Unless otherwise specified, no invoice shall be issued prior to shipment of Goods and no payment will be made prior to receipt and acceptance of Goods and a correct invoice. A delay in receiving an invoice, invoicing for Goods shipped ahead of the specified schedule or invoices received with errors or omissions will be considered just cause for Buyer to withhold payment, without losing discount privileges. Payment terms, including without limitation discount privileges, will apply from the date of receipt of the Good(s) or the correct invoice, whichever is later. Buyer shall pay all properly invoiced amounts due to Seller within sixty (60) days after Buyer’s receipt of such invoice, except for any amounts disputed by Buyer in good faith. All payments hereunder must be in US dollars. In the event of a payment dispute, Buyer shall deliver a written statement to Seller no later than fifteen (15) days prior to the date payment is due on the disputed invoice listing all disputed items and providing a reasonably detailed description of each disputed item. Amounts not so disputed are deemed accepted and must be paid, notwithstanding disputes on other items, within the period set forth in this Section 14. The parties shall seek to resolve all such disputes expeditiously and in good faith. Seller shall continue performing its obligations under the order notwithstanding any such dispute.
  15. Set-off. Without prejudice to any other right or remedy it may have, Buyer reserves the right to set off at any time any amount owing to it by Seller against any amount payable by Buyer to Seller under the order.
  16. Warranties. Seller warrants to Buyer that for a period of twenty-four (24) months from the Delivery Date, all Goods will: (a) be free from any defects in workmanship, material and design; (b) conform to applicable specifications, drawings, designs, samples and other requirements specified by Buyer; (c) be fit for their intended purpose and operate as intended; (d) be merchantable; (e) be free and clear of all liens, security interests or other encumbrances; and (f) not infringe or misappropriate any third party’s patent or other intellectual property rights. These warranties survive any delivery, inspection, acceptance or payment of or for the Goods by Buyer. These warranties are cumulative and in addition to any other warranty provided by law or equity. Any applicable statute of limitations runs from the date of Buyer’s discovery of the noncompliance of the Goods with the foregoing warranties. If Buyer gives Seller notice of noncompliance with this Section, Seller shall, at its own cost and expense, promptly replace or repair the defective or nonconforming Goods and pay for all related expenses, including, but not limited to, transportation charges for the return of the defective or nonconforming goods to Seller and the delivery of repaired or replacement Goods to Buyer.
  17. Seller shall maintain appropriate documentation necessary to demonstrate Seller’s compliance with this Agreement and as otherwise necessary to comply with Law. Upon reasonable notice and during normal business hours, Seller shall provide to Buyer and its internal and external auditors (“Buyer Auditors”) and regulators access to any facility or part of a facility at which Seller is providing the Goods, or at which the books and records relating to the Goods are located, for the purposes of performing audits and inspections of Seller and examination of the systems and infrastructure. The foregoing audit rights shall include, when applicable, audits of (i) practices and procedures, (ii) systems and infrastructure, (iii) security practices and procedures, (iv) disaster recovery and backup procedures, and (v) other areas necessary to enable Buyer to comply with applicable laws and quality assurance. Upon reasonable notice from Buyer, Seller shall provide Buyer Auditors with access to financial records and supporting documentation to the extent necessary to ascertain the correctness of charges to Seller hereunder. Such Buyer Auditors may audit the fees charged to Buyer to determine if such fees are accurate and in accordance with this Agreement. Seller shall be obligated to notify Buyer of any overcharges of which Seller becomes aware. In the event that any such audit reveals an overcharge of 5% or more of a particular fee category or a breach by Seller of any of its obligations or representations hereunder, Seller shall pay to Buyer an amount equal to, or at Buyer’s option, issue to Buyer a credit against fees payable in an amount equal to, the reasonable cost of such audit. Seller shall cooperate with Buyer or Buyer Auditors in connection with audit functions. For the avoidance of doubt, audit cooperation is included as part of the purchasing of the Goods (including participation by Seller accountants) and shall not be counted against resource utilization and shall be provided at no cost to Buyer.
  18. Material Change Notice. Buyer shall provide Seller thirty (30) days prior written notice before performing any material changes to the Goods. Material changes include but are not limited to: (i) any major modification to any Goods, specifications, or any other requirement set out in this Agreement or purchase order; or (ii) any change to the Good’s software, operating systems, processes, controls, interfaces, or hardware that could affect or require Seller to make changes to the processes, controls, interfaces, hardware, software or systems of Seller (including any operating, network or security standards).
  19. General Indemnification. Seller shall defend, indemnify and hold harmless Buyer and Buyer’s subsidiaries, affiliates, successors or assigns and their respective directors, officers, shareholders and employees (collectively, “Indemnitees”) against any and all loss, injury, death, damage, liability, claim, deficiency, action, judgment, interest, award, penalty, fine, cost or expense, including reasonable attorney and professional fees and costs, and the cost of enforcing any right to indemnification hereunder and the cost of pursuing any insurance providers (collectively, “Losses”) arising out of or occurring in connection with the products purchased from Seller or Seller’s negligence, willful misconduct or breach of the Terms. Seller shall not enter into any settlement without Buyer’s or Indemnitee’s prior written consent.
  20. Intellectual Property Indemnification. Seller shall, at its expense, defend, indemnify and hold harmless Buyer and any Indemnitee against any and all Losses arising out of or in connection with any claim that Buyer’s or Indemnitee’s use or possession of the Goods infringes or misappropriates the patent, copyright, trade secret or other intellectual property right of any third party. In no event shall Seller enter into any settlement without Buyer’s or Indemnitee’s prior written consent.
  21. Insurance. Prior to commencement of this Agreement, each Party shall, at its sole expense, maintain the following insurance on its own behalf, and furnish to the other Party, upon prior written request, Certificates of Insurance evidencing same.

 

Type of Coverage Amount
Automobile liability covering all vehicles owned, non-owned, hired and leased Not less than $1,000,000.00 per claim (combined single limit for bodily injury and property damage)
Commercial general liability insuring against bodily injury, property damage, premises liability, contractors’ completed operations, and contractual liability (including covering Provider’s indemnification obligations contained herein) · General Aggregate: $3,000,000

· Products/Completed Operations Aggregate: $1,000,000

· Each Occurrence: $1,000,000

· Personal and Advertising Injury: $1,000,000

Professional liability and errors and omissions insurance Not less than $ 10,000,000.00 per claim and $10,000,000.00 in the aggregate
Umbrella coverage (including commercial general liability coverage) Not less than $ 10,000,000 per occurrence or $10,000,000 in aggregate (where applicable)
Workers Compensation and Employer’s Liability coverage. Statutory limits. Employer’s Liability coverage in an amount not less than $100,000 Each Accident; $100,000 Each Employee and $500,000 Policy Limit
  1. Compliance with Law. Seller is in compliance with and shall comply with all applicable laws, regulations and ordinances. Seller has and shall maintain in effect all the licenses, permissions, authorizations, consents and permits that it needs to carry out its obligations under the order. Seller shall comply with all export and import laws of all countries involved in the sale of Goods under this order. Seller assumes all responsibility for shipments of Goods requiring any government import clearance. Buyer may terminate this order if any government authority imposes antidumping duties, countervailing duties or any retaliatory duties on the Goods.
  2. Termination. Buyer may terminate this order, in whole or in part, at any time with or without cause for undelivered Goods on fifteen (15) days’ prior written notice to Seller. In addition to any remedies that may be provided under these Terms, Buyer may terminate this order with immediate effect upon written notice to the Seller, either before or after the acceptance of the Goods, if Seller has not performed or complied with any of these Terms, in whole or in part. If the Seller becomes insolvent, files a petition for bankruptcy or commences or has commenced against it proceedings relating to bankruptcy, receivership, reorganization or assignment for the benefit of creditors, then the Buyer may terminate this order upon written notice to Seller. If Buyer terminates the order for any reason, Seller’s sole and exclusive remedy is payment for the Goods received and accepted by Buyer prior to the termination.
  3. Limitation of Liability. Nothing in this order shall exclude or limit (a) Seller’s liability under Sections 16, 19, 20 and 22 hereof, or (b) Seller’s liability for fraud, personal injury or death caused by its negligence or willful misconduct. Each party’s maximum liability to the other party shall not exceed the greater of $100,000.00 or the aggregate amount actually paid or payable under this order.
  4. Waiver. No waiver by any party of any of the provisions of the order shall be effective unless explicitly set forth in writing and signed by the party so waiving. Except as otherwise set forth in the order, no failure to exercise, or delay in exercising, any rights, remedy, power or privilege arising from the order shall operate or be construed as a waiver thereof, nor shall any single or partial exercise of any right, remedy, power or privilege hereunder preclude any other or further exercise thereof or the exercise of any other right, remedy, power or privilege.
  5. Confidential Information. All non-public, confidential or proprietary information of the Buyer, including, but not limited to, specifications, samples, patterns, designs, plans, drawings, documents, data, business operations, customer lists, pricing, discounts or rebates, disclosed by Buyer to Seller, whether disclosed orally or disclosed or accessed in written, electronic or other form or media, and whether or not marked, designated or otherwise identified as “confidential,” in connection with the order is confidential, solely for the use of performing the order and may not be disclosed or copied unless authorized by Buyer in writing. Upon Buyer’s request, Seller shall promptly return all documents and other materials received from Buyer. Buyer shall be entitled to injunctive relief for any violation of this Section. This Section shall not apply to information that is: (a) in the public domain; (b) known to the Seller at the time of disclosure; or (c) rightfully obtained by the Seller on a non-confidential basis from a third party.
  6. Force Majeure. Neither party shall be liable to the other for any delay or failure in performing its obligations under the order to the extent that such delay or failure is caused by an event or circumstance that is beyond the reasonable control of that party, without such party’s fault or negligence, and which by its nature could not have been foreseen by such party or, if it could have been foreseen, was unavoidable (Force MajeureEvent”). Force Majeure Events include, but are not limited to, acts of God or the public enemy, government restrictions, floods, fire, earthquakes, explosion, epidemic, war, invasion, hostilities, terrorist acts, riots, strike, embargoes or industrial disturbances. Seller’s economic hardship or changes in market conditions are not considered Force Majeure Seller shall use all diligent efforts to end the failure or delay of its performance, ensure that the effects of any Force Majeure Event are minimized and resume performance under the order. If a Force Majeure Event prevents Seller from carrying out its obligations under the order for a continuous period of more than twenty (20) business days, Buyer may terminate this order immediately by giving written notice to Seller.
  7. Assignment. Seller shall not assign, transfer, delegate or subcontract any of its rights or obligations under the order without the prior written consent of Buyer. Any purported assignment or delegation in violation of this Section shall be null and void. No assignment or delegation shall relieve the Seller of any of its obligations hereunder. Buyer may at any time assign or transfer or subcontract any or all of its rights or obligations under the order to an affiliate without Seller’s prior written consent.
  8. Relationship of the Parties. The relationship between the parties is that of independent contractors. Nothing contained in the order shall be construed as creating any agency, partnership, joint venture or other form of joint enterprise, employment or fiduciary relationship between the parties and neither party shall have authority to contract for or bind the other party in any manner whatsoever. No relationship of exclusivity shall be construed from this order.
  9. No Third-Party Beneficiaries. This order is for the sole benefit of the parties hereto and their respective successors and permitted assigns and nothing herein, express or implied, is intended to or shall confer upon any other person or entity any legal or equitable right, benefit or remedy of any nature whatsoever under or by reason of these Terms.
  10. Governing Law. All matters arising out of or relating to this order shall be governed by and construed in accordance with the internal laws of the State of Pennsylvania without giving effect to any choice or conflict of law provision or rule (whether of the State of Pennsylvania or any other jurisdiction) that would cause the application of the laws of any jurisdiction other than those of the State of Pennsylvania.
  11. UCC Applicability. Except to the extent that the provisions of these Terms and Conditions are clearly inconsistent therewith, this Agreement shall be governed by any applicable provisions of Article 2 of the Uniform Commercial Code (UCC) in effect in the State of Pennsylvania. To the extent that this contract entails delivery or performance of services, such services shall be deemed “goods” within the meaning of the Uniform Commercial Code, except where to deem such services as “goods” would result in an absurdity.
  12. Governmental Sanction. Buyer will immediately cease conducting business if Seller’s name or identification number appears on any government sanction list and will not resume until rectified to the satisfaction of Buyer, with no penalty to Buyer.
  13. Cumulative Remedies. The rights and remedies under this order are cumulative and are in addition to and not in substitution for any other rights and remedies available at law or in equity or otherwise.
  14. Notices. All notices, request, consents, claims, demands, waivers and other communications hereunder (each, a “Notice”) shall be in writing and addressed to the parties at the addresses set forth on the face of this order or to such other address that may be designated by the receiving party in writing. All Notices shall be delivered by personal delivery, nationally recognized overnight courier (with all fees pre-paid), facsimile (with confirmation of transmission) or certified or registered mail (in each case, return receipt requested, postage prepaid). Except as otherwise provided in this order, a Notice is effective only (a) upon receipt of the receiving party, and (b) if the party giving the Notice has complied with the requirements of this Section.
  15. Severability. If any term or provision of this order is invalid, illegal or unenforceable in any jurisdiction, such invalidity, illegality or unenforceability shall not affect any other term or provision of this Agreement or invalidate or render unenforceable such term or provision in any other jurisdiction.
  16. Survival. Provisions of this order which by their nature should apply beyond their terms will remain in force after any termination or expiration of this order including, but not limited to, the following Sections: 16, 19-20, 22, 24-26 and 28-37.

e-RESEARCH TECHNOLOGY INC.
 WEB SITE TERMS OF USE

By accessing and using the eResearchTechnology Inc. web site, ert.com (the “Web Site”), you are agreeing to be legally bound by these Terms of Use. By using the eResearchTechnology Inc. Web Site, you represent that you are 16 years or older and agree to abide by the following Terms of Use. If any of these terms are unacceptable to you, you may not access the eResearchTechnology Inc. Website until agreement has been reached between you and eResearchTechnology Inc. as to the applicable terms of use. The terms “you” and “User” refer to anyone who accesses the eResearchTechnology Inc. Web Site. As you browse through the eResearchTechnology Inc. sites you may access other web sites that are subject to different terms of use. When you use those sites, you will be legally bound by the specific terms of use posted on such sites. If there is a conflict between these Terms of Use and the other terms of use, the other terms of use will govern with respect to use of such pages. eResearchTechnology Inc. (ERT) may change these Terms of Use at any time without notice. Changes will be posted at www.ert.com under “Terms of Use”. Your use of the Web Site after any changes have been posted will constitute your agreement to the modified Terms of Use and all of the changes. Therefore, you should read these Terms of Use from time to time for changes. It is advised that you also read the eRT Customer Privacy Policy. 1. Use of the eResearchTechnology Inc. Web Site eResearchTechnology Inc. hereby grants you a non-exclusive, non-transferable, limited license to access and use the Web Site for the fees, if applicable, and under the terms set forth below. The Web Site and the content, including, but not limited to, text, data, reports, ratings and other opinions, images, photos, graphics, graphs, charts, animations and video (the “Content”), displayed on the Web Site, may be used only for your personal and non-commercial use. Except as otherwise permitted under these Terms of Use, you agree not to copy, reproduce, modify, create derivative works from, or store any Content, in whole or in part, from the Web Site or to display, perform, publish, distribute, transmit, broadcast or circulate any Content to anyone, or for any commercial purpose, without the express prior written consent of eResearchTechnology Inc.. The Content is the property of eResearchTechnology Inc. or its licensors, and is protected by copyright and other intellectual property laws. All trade names, trademarks, service marks and other product and service names and logos on the Web Site and within the Content are proprietary to their respective owners and are protected by applicable trademark and copyright laws. Any of the trademarks, service marks or logos (collectively, the “Marks”) displayed on the Web Site may be registered or unregistered marks of eResearchTechnology Inc. or others. Nothing contained on this Web Site should be construed as granting any license or right to use any of the Marks displayed on the Web Site without the express written permission of eResearchTechnology Inc. or a third party owner of such Marks. Any unauthorized uses of the Marks or any other Content are strictly prohibited. You may, on an occasional and irregular basis, reproduce, distribute, display or transmit an insubstantial portion of Content, for a non-commercial purpose and without charge, to a limited number of individuals, provided you include all copyright and other proprietary rights notices with such portion of the Content in the same form in which the notices appear on the Web Site, the original source attribution, and the phrase “Used with permission from sandp.com, a web site eResearchTechnology Inc.”. However, you may not post any Content from the Web Site to forums, newsgroups, list serves, mailing lists, electronic bulletin boards, or other web sites, without the prior written consent of eResearchTechnology Inc.. To request consent for other matters, you may contact eResearchTechnology Inc. at info@ert.com. You may not use the Web Site for any unlawful purpose. You shall honor all reasonable requests by eResearchTechnology Inc. to protect eResearchTechnology Inc. proprietary interests in the eResearchTechnology Inc. website. 2. Limitation On eResearchTechnology Inc. Warranties And Liability You are entirely liable for activities conducted by you or anyone else in connection with your browsing and use of the Web Site. If you are dissatisfied with the Content or the Web Site or with these Terms of Use, your sole and exclusive remedy is to stop using the Content and the Web Site. eResearchTechnology Inc. will not pay you any damages in connection with your browsing or use of the Web Site. THE CONTENT AND THE WEB SITE ARE PROVIDED “AS IS”, WITHOUT ANY WARRANTIES. NEITHER eResearchTechnology Inc. MAKES ANY GUARANTEES OR WARRANTIES AS TO THE ACCURACY OR COMPLETENESS OF OR RESULTS TO BE OBTAINED FROM, ACCESSING AND USING THE eResearchTechnology Inc. WEBSITE, THE eResearchTechnology Inc. WEBSITE’S OWN CONTENT, THE OTHER CONTENT, NOR ANY MATERIAL THAT CAN BE ACCESSED (VIA A DIRECT OR INDIRECT HYPERLINK OR OTHERWISE) THROUGH THE eResearchTechnology Inc. WEBSITE. eResearchTechnology Inc. HEREBY DISCLAIMS ANY AND ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE AND OF NONINFRINGEMENT. eResearchTechnology Inc. SHALL NOT BE LIABLE TO THE USER OR ANYONE ELSE FOR ANY INACCURACY, DELAY, INTERRUPTION IN SERVICE, ERROR OR OMISSION, REGARDLESS OF CAUSE, OR FOR ANY DAMAGES RESULTING THEREFROM. IN NO EVENT WILL eResearchTechnology Inc., NOR ANY OF ITS THIRD PARTY LICENSORS BE LIABLE FOR ANY INDIRECT, SPECIAL OR CONSEQUENTIAL DAMAGES, INCLUDING BUT NOT LIMITED TO, LOST TIME, LOST MONEY, LOST PROFITS OR GOOD WILL, WHETHER IN CONTRACT, TORT, STRICT LIABILITY OR OTHERWISE, AND WHETHER OR NOT SUCH DAMAGES ARE FORESEEN OR UNFORESEEN WITH RESPECT TO ANY USE OF THE eResearchTechnology Inc. WEBSITE. NEITHER eResearchTechnology Inc. NOR ANY OF ITS AFFILIATES, AGENTS OR LICENSORS WILL BE LIABLE TO YOU OR ANYONE ELSE FOR ANY LOSS OR INJURY RESULTING FROM USE OF THE WEB SITE, IN WHOLE OR PART, WHETHER CAUSED BY NEGLIGENCE, CONTINGENCIES BEYOND ITS CONTROL IN PROCURING, COMPILING, INTERPRETING, REPORTING OR DELIVERING THE WEB SITE AND ANY CONTENT AT THE WEB SITE OR OTHERWISE. IN NO EVENT WILL eResearchTechnology Inc., ITS AFFILIATES, AGENTS OR LICENSORS BE LIABLE TO YOU OR ANYONE ELSE FOR ANY DECISION MADE OR ACTION TAKEN BY YOU IN RELIANCE ON SUCH CONTENT OR THE WEB SITE. 3. Links To Other Web Sites You may, through hypertext or other computer links, gain access to web sites operated by persons other than eResearchTechnology Inc.. Such hyperlinks are provided for your reference and convenience only, and are the exclusive responsibility of such web sites’ owners. You agree that eResearchTechnology Inc. is not responsible for the content or operation of such web sites, and that eResearchTechnology Inc. shall have no liability to you or any other person or entity for the use of third party web sites. A hyperlink from this Web Site to another web site does not imply or mean that eResearchTechnology Inc. endorses the content on that web site or the operator or operations of that site. You are solely responsible for determining the extent to which you may use any content at any other web sites to which you link from eResearchTechnology Inc. Web Site. eResearchTechnology Inc. assumes no responsibility for the use of third party software on the eResearchTechnology Inc. site and shall have no liability whatsoever to any person or entity for the accuracy or completeness of any outcome generated by such software. 4. Timeliness Of Content The Content displayed on the Web Site, including, but not limited to, reports and other opinions, are current as of the date appearing on the report and are subject to change without notice. Unless indicated otherwise, ratings are updated periodically by eResearchTechnology Inc. to reflect changes in the market and other criteria. eResearchTechnology Inc. does not guarantee or warrant the accuracy, timeliness, or completeness of any ratings you receive using the Web Site. 5. Additional Legal Terms This Agreement will continue until terminated by either eResearchTechnology Inc. or you. Either party can terminate the Agreement by notifying the other party by telephone or electronic mail of the decision to terminate. eResearchTechnology Inc. may discontinue or change the eResearchTechnology Inc. Website, or its availability to you, at any time. This Agreement constitutes the entire agreement between the parties relating to the eResearchTechnology Inc. Website and supersedes any and all other agreements, oral or in writing, with respect to the eResearchTechnology Inc. Website. The failure of eResearchTechnology Inc. to insist upon strict compliance with any term of this Agreement shall not be construed as a waiver with regard to any subsequent failure to comply with such term or provision. This Agreement is personal to you, and you may not assign your rights or obligations to anyone. If any provision in this Agreement is invalid or unenforceable under applicable law, the remaining provisions will continue in full force and effect. This Agreement, your rights and obligations, and all actions contemplated by this Agreement shall be governed by the laws of the United States of America and New York State, as if the Agreement was a contract wholly entered into and wholly performed within New York State. All rights not expressly granted herein are reserved. 6. Anti-Hacking Provision You may not, nor may you allow others to, directly or indirectly, attempt or actually disrupt, impair or interfere with, alter or modify the Web Site or any Content. You may not, nor may you allow others to, directly, or indirectly, collect or attempt to collect any information about others, including passwords, account or other information.

COPYRIGHTS AND TRADEMARKS

This material contains proprietary information of eResearchTechnology, Inc. The reproduction of this material, in whole or in part, without the express written consent of eResearchTechnology is strictly prohibited. The information contained in this material is subject to change without notice. While every effort is made to ensure the accuracy of the information in this material, eResearchTechnology, Inc. offers no warranty, expressed or implied, concerning the contents of this material. ®2012 eResearchTechnology, Inc. and subsidiaries All rights reserved. ERT, GETTING IT DONE. RIGHT., and associated logos and designs are registered trademarks of eResearchTechnology, Inc. EXPERT Technology Platform, Cardiac Safety Solutions, ePRO Solutions, Clinical Research Consulting Group, ERT WebService™ are trademarks of eResearchTechnology, Inc. EXPERT, EXPERT Direct, EXPERT ePRO, and My Study Portal are proprietary software applications of eResearchTechnology, Inc., and are protected under copyright law. All rights reserved. EXPERT is a registered trademark of eResearchTechnology, Inc. All other marks noted are trademarks of eResearchTechnology, Inc. AM1™, AM1+™, AM2+™, AM3™, AMOS, AsthmaMonitor™, BioSigna™, Clean Peak Flow™, , CorLab™, CorPC™, CorSafe™, CorScope™, CorScreen, CorWeb™, ERT WebService™, FLOWSCREEN, HC™, HC1™, HES™, HES EKG Systeme™, MasterScope™, MasterScope CT™, SpiroPRO, Tele-AM™, VIAPAD™, and VIAPEN™ are trademarks of eResearchTechnology, Inc., or its subsidiaries. DIARYpro® Mobile, DIARYpro® Web, SITEpro® Tablet, EPX™, and EasyCharge™ are trademarks of eResearchTechnology, Inc., or its subsidiaries. Adobe, Acrobat, and Adobe JRun are registered trademarks of Adobe, Inc. Copyright © 2009 Adobe Systems Incorporated. All rights reserved. AM12™, Ambulo™, Custom ID™, ELI-PC™, ELI10, ELI100, ELI150, ELI™ 150c, ELI200, ELI250, ELI™ 250c, E-Scribe™, H12+24H and H12+48H, H-Scribe™, Positive ID™, Surveyor™, VERITAS™, and WAM™ are trademarks of Mortara Instruments, Inc. AutoCode CS is a trademark of TRW Inc. BarTender is a registered trademark of Seagull Scientific, Inc. Bluetooth® is a registered trademark of Bluetooth SIG. All rights reserved. CalECG, AMPS FDAEcg Suite, FAT-QT and ECGScan are trademarks of A.M.P.S, LLC. Digital ECG XML Viewer is a copyright  2003 of A.M.P.S, LLC. CardioDay®, CardioRead® and CardioMem® are registered trademarks of Getemed AG. Crystal Reports® is a registered trademark of Business Objects, S.A. HP and HP-UX are trademarks of the Hewlett Packard Company. IBM® and Cognos® are trademarks or registered trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. JIRA® and Atlassian Crucible®. Copyright © 2012 Atlassian. All rights reserved. Kodak Image Pro is a trademark of the Eastman Kodak Company. MAC 1200 Resting ECG System, MAC 5000 Resting ECG System, GE Healthcare MAC™ 800 ECG Analysis System, GE Healthcare MAC™ 1600 ECG Analysis System, MONOGRAM™, MUSE®, TONOPORT™ V, and 12SL™ are registered trademarks of GE Medical Systems, Inc. Microsoft Internet Information Server, Windows, and Windows NT are registered trademarks of Microsoft Corporation. Oracle, PL/SQL, Pro*C, SQL*DBA, SQL*Forms, SQL*Net, SQL*Script, and SQL*Plus are trademarks of Oracle Corporation. pdfFactory is a copyright © FinePrint Software, LLC 1995-2008. RS6000/AIX is a trademark of the IBM Corporation. Salesforce.com is a copyright © 2000-2010 of salesforce.com, inc. Web-based Customer Relationship Management (CRM) Software-as-a-Service (SaaS). SAS is a registered trademark of the SAS Institute, Inc. Sun Solaris, JAVA, Sun JRE, and Sun JDK are trademarks of Sun Microsystems, Inc. WIBU is a registered trademark of WIBU Systems AG. This Proprietary and Confidential Software is derived in part from the SSLava Toolkit, which is a copyright 1996-2000 by Phaos Technology Corporation. All rights reserved. All other products, services, or company names mentioned herein are claimed as trademarks and/or trade names of their respective owners.

CODE OF ETHICS AND BUSINESS CONDUCT

This Code of Ethics and Business Conduct (this “Code”) applies to all directors, officers and full-time, part-time, temporary/intermittent and contract employees (collective, “Employee or Employees”) of Explorer Holdings, Inc., eResearchTechnology, Inc. and its subsidiaries (collectively, “ERT”). We require the highest standards of professional and ethical conduct. Our reputation for honesty and integrity among our customers, employees, vendors, and stockholders is key to the success of our business. This Code reflects our commitment to a culture of honesty, integrity and accountability and outlines the basic principles and policies with which all employees, officers and directors are expected to comply. Please read this Code carefully. Your cooperation is necessary to the continued success of our business and the cultivation and maintenance of our reputation as a good corporate citizen. Any questions or concerns regarding anything contained in or referenced by this Code should be directed to eResearchTechnology, Inc.’s Vice President, Human Resources (”VP-HR”) or your local office designee who is responsible for administering the Code. You may have an employment agreement with ERT, or have otherwise signed confidentiality or other agreement with ERT (collectively, the “Agreements”). You have been provided an employee handbook, policies and standard operating procedures from ERT (collectively, the “Documents”). This Code does not replace the Agreements or Documents, and the Agreements and Documents remain in full force and effect. If anything contained in the Agreements or Documents conflict with this Code, this Code shall govern. Click here for ERT’s Code of Ethics and Business Conduct.

PRIVACY AND INTEGRITY POLICY

Objective

eResearchTechnology (ERT/ERT GmbH and its subsidiaries and affiliates, “ERT”) are committed to protecting the privacy of those who entrust us with their personal/clinical information. Our employees, and all those who do business with us, trust and expect that we will protect the privacy and integrity of their personal and clinical information in accordance with the promises we make and with applicable laws and regulations.

Scope
This Policy establishes ERT principles and processes for protecting privacy and for ensuring the security and integrity of information that it handles in all aspects of its business worldwide. The Company respects the ethical basis of the EU Privacy Shield Framework, HIPAA, the EU Privacy Directives, ICH E6 GCP, world regulatory authorities, and the Helsinki accords applicable to research with human subjects. Our eligibility as a US organization, commitment and adherence to Privacy Shield principles is to establish processes and develop systems for use worldwide that comply with all these regulations and principles. We recognize that competent authorities may enact requirements from time to time that alter privacy protection and the underlying security processes, and ERT shall make reasonable efforts to become aware of such changes and to disclose the extent to which ERT products and services conform to them.

This broad policy document does not specify precisely how such objectives shall be attained, but does reference the pertinent Policies, Standard Operating Procedures (SOPs) and Reference Documents [see Internal References, TABLE 1, below] that set forth how ERT preserves both data integrity and privacy. This policy covers subjects and patients, site investigators and physicians, study staff, ERT employees, and visitors to ERT’s external website where this Policy is available (www.ERT.com). This policy does not pertain to the provisions concerning confidentiality that are established in agreements or contracts such as non-disclosure agreements.

Categories of Privacy Protection

Subjects in Clinical Trials Using ERT Systems: Patients and controls managed by the Site Investigators for whom patient privacy shall be protected subject to provisions of the Sponsor protocols and Informed Consent. ERT shall preserve the confidentiality of patients (subjects) participating in clinical trials and will do so while fulfilling regulatory requirements for disclosure of authorship and attribution of data, including circumstances where patients themselves act directly on electronic records in clinical research.

Site staff, ERT staff, Sponsor users, and other study personnel who use any ERT product/solution and whose privacy protection is subject to regulations concerned with the use of electronic systems for eCommerce, medical care, and/or clinical research.

ERT Personnel: individuals who work for ERT, including contractors, and whose personnel records are entitled to protection.

Public at Large: Those who may visit www.ERT.com, the corporate website.

Disclosure and Notice

To Sponsors of Clinical Investigations and Site Investigators

ERT serves both Sponsors and Site Investigators who must comply with regulations pertaining to clinical research and eCommerce and who have the ultimate responsibility under FDA 21CFR 312 subpart D for data integrity in clinical trials for medical products. In order for Sponsors and Sites to rely on ERT to help fulfill their responsibilities in using ERT systems, ERT shall disclose to such Sponsors and to Site Investigators the information defined within ERT Internal References (TABLE 1 REF 907 and REF 908):

  • Information concerning the protection of patient information and the processes undertaken to ensure that data and actions during the collection (preparing), editing, maintaining, and archiving of clinical trial data meet current regulations.
  • Information explaining our system controls and processes established by ERT to ensure that data content (measurements, and values selected or transcribed) is securely controlled by clinical entities responsible for its validity. Generally, these are Sites and Investigators rather than Sponsors. In all cases, the system controls on data integrity shall be clear-cut, validated, and auditable.

To All Categories of Persons with Whom ERT Has Privacy Obligations

As per the above commitments, ERT shall provide a written statement that describes to individuals in each category how ERT complies with the seven principles and 16 supplemental principles established under the Privacy Shield Framework: Notice, Choice, Accountability & Onward Transfer (Transfers to Third Parties), Information Security, Data Integrity & Purpose Limitation, and Recourse, Enforcement & Liability. (See TABLE 1 – Internal References, REFs 121 – 124)

Privacy Shield Framework Principles Adopted Worldwide

ERT complies with the EU-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries. ERT has certified that it adheres to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability. If there is any conflict between the policies in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/.

ERT is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC). ERT may also be required to disclose an individual’s personal information in response to a lawful require by public authorities, including to meet national security or law enforcement requirements.

US-Swiss Safe Harbor

ERT complies with the US-Swiss Safe Harbor framework as set forth by the US Department of Commerce regarding the collection, use and retention of personal information from Switzerland. ERT has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access and enforcement. If there is any conflict between the policies in this privacy policy and the Safe Harbor Privacy Principles, the Safe Harbor Privacy Principles shall govern.

To learn more about the US-Swiss Safe Harbor and to view our certification page, please visit http://www.export.gov/safeharbor/

Definitions
The following terms are used throughout this document and are defined here for clarification.

Agent
“Agent” means a third party that processes personal data solely on behalf of and under the instructions of the study Sponsor. Additionally and alternatively, “Agent” means any ERT Corporate representative or contractor that collects/processes personal data for the purposes of ERT employee management including third party processers.

Personal/Clinical Information
“Personal/Clinical Information or Data” means any information or set of information that identifies or can reasonably be used to identify an individual. Personal/Clinical information does not include information that is encoded or anonymized, or publicly available information that has not been combined with non-public personal information. “Personal data” and “personal information” are data about an identified or identifiable individual that are within the scope of the Directive, received by a U.S. organization from the European Union, and recorded in any form. The European Union’s comprehensive privacy legislation, the Directive on Data Protection (the Directive), became effective on October 25, 1998 [from the US EU framework].

Sensitive Personal Data
“Sensitive Personal Data” means personal information that reveals race, ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, or that concerns health or sex life. Additionally, information will be treated as sensitive personal data where it is received from a third party that treats and identifies it as sensitive.

Privacy Principles for ERT Employees

All Personal /Clinical Information pertinent to ERT employees shall be subject to privacy and security protection in keeping with the principles of the Privacy Shield Framework and this Information Privacy and Integrity Policy [See TABLE 1: REF 0123]. ERT collects employee Personal /Clinical Information and/or Sensitive Personal Data for the following reasons, which include but are not limited to: employee management and administration generally (including both during and after employment), employment verification, administering employee benefits, administering personal short or long term compensation programs or benefits, evaluating performances, managing corporate programs, conducting disciplinary proceedings, addressing labor relations issues, processing health insurance claims. ERT also contracts with third party providers to render related services, including payroll processors and support services.

ERT will handle employee personal data transferred from both foreign and domestic office locations to ERT Corporate headquarters located in the United States of America. ERT collects only directly relevant information considered to be “sensitive personal data” for ERT employees both foreign and domestic (for example, race statistics for US Affirmative Action Plans). ERT shall ensure that its systems, processes and products that handle Personal/ Clinical Information pertaining to ERT employees shall conform to the HIPAA privacy provisions [TABLE 1: POL COR-009]. ERT employees will be able to access this policy via ERT’s external website where this Policy is available (www.ERT.com) or through ERT’s internal employee training management system (TMS Web – http://tmsweb.ert.com/tms/) where the policy will be distributed to all employees as a read & understood training activity.

Privacy Principles for Sites, Subjects and Sponsors
All Personal/Clinical Information captured from patients and/ or trial subjects during the conduct of clinical research activities shall be subject to privacy and security protections set forth in this Policy and the associated Internal References (TABLE 1). For Sponsors, the patient information is anonymized (i.e. the study information/ data do not include the patient name or other PI other than an ID code that is not publicly available). Sponsors shall NOT have access to protected Personal Clinical Information from trial subjects beyond that defined by study protocol and informed consent disclosure. For Site Investigators, who have clinical responsibility for the patients in a trial, it is necessary for administrative, regulatory, medical and ethical reasons for the clinical staff to be able to identify a particular patient and to review the clinically relevant information pertaining to that patient. In serving the Investigator Sites, ERT therefore may collect identifying information on their behalf. Such information is subject to the privacy and security protections specified in the Internal References (TABLE 1: POL COR-009), and is not accessible or transferred to Sponsors.

Activities performed by ERT in the context of a trial are subject to ERT’s Quality Management System but also subject to the Sponsor’s instructions and written agreements. ERT does not share personal information about patients, site-staff, or sponsor personnel with third parties (e.g. contractors, etc.) unless those parties are contractually bound to adhere to these same quality procedures and the terms of such instructions and written agreements.

All personal information captured from patients in the course of clinical trials shall be protected as Sensitive Personal Data.

The integrity of Personal Information is an important adjunct to the privacy of such information. Personal Information is expected to be correct, accessible, and in conformance with 21 CFR Part 11/Annex 11 controls. In addition to tracking all actions on electronic records, a key element of Personal Information/ Data integrity concerns control of the content of data in a clinical trial, and this policy establishes ERT’s intent to act as a third party to ensure that Site Investigators can fulfill their regulatory obligations to maintain and retain records obtained using ERT systems about subjects in a clinical investigation. ERT shall also ensure that Sites shall have the tools and documentation in order to provide the access for subjects to personal information about them during and after a clinical investigation.

Primary Principles Set Forth in the Privacy Shield Framework

Notice

ERT will, as required by law, notify individuals about the purposes for which it collects and uses Personal Information [See TABLE 1: REF 0121-0124], how to contact ERT, the types of third parties with which it shares that information, and the choice and means ERT offers individuals for limiting the use and disclosure of Personal Information about them. Through ERT’s controlled document management system, ERT will issue, as a training requirement, notification regarding ERT’s intended use of Personal Information. This information will be provided as soon as practicable and, in any event, before ERT may use the information for a purpose other than that for which it was originally obtained.

ERT will not issue notice when contracted to acquire, process and report data received during the active status of Sponsor defined clinical trials. ERT considers the protocol and trial specific training to constitute sufficient notice about what ERT collects in a trial and why.

Choice

ERT will, as required by law, offer individuals the opportunity to choose whether Personal Information about them is processed for purposes other than those for which the information was originally obtained or was subsequently authorized by the individual (“opt-out”). Unless required by law, ERT will not Process Sensitive Personal Information about individuals for purposes other than those for which the information was originally obtained or subsequently authorized by the individual unless the individual affirmatively and explicitly consents to the processing (“opt-in”).

ERT will not offer choice when contracted to acquire, process and report data received during the active status of Sponsor defined clinical trials. ERT does not have the authority or responsibility to undertake direct interaction with any study subject concerning the medical history or case history of that subject. ERT does have access to source records, and is responsible under contract for the accuracy of certain metadata such as timestamps, for protection of records against undetected tampering, and for the attribution of any actions undertaken on the electronic records that it creates and holds as eSource records on behalf of the site investigators. However, ERT is not responsible for verifying study subject identity. ERT shall maintain the records on which site investigators rely for attribution of actions on electronic records that such identified subjects may author or alter. ERT does not hold contracts with Investigators selected by the Sponsor to recruit study subjects nor is ERT independently responsible for ensuring Informed Consent or IRB approval of the protocol and documentation pertaining to the conduct of a study. Even if ERT provides a system or process for capturing informed consent and/or recruiting study subjects, these activities remain the responsibility of the study Sponsor.

Accountability and Onward Transfer

ERT will only transfer Personal Information about individuals to an agent where the agent has provided adequate assurances to ERT that it will protect the information consistently with this Policy. Where ERT has knowledge that an agent is Processing Personal Information in a manner contrary to this Policy, ERT will take reasonable steps to prevent or stop the Processing.

ERT will NOT transfer clinical/personal data captured/received beyond that defined by protocol/informed consent from identified subjects in a clinical trial to a Sponsor or a Sponsor approved third party “Agent” as required by authorized business contracts. Instead, ERT will transfer the data items set forth in the protocol as relevant to the trial objectives linked only to a subject ID code for which there is no public access or any access by the Sponsor except through the authorized Site Investigators. ERT will only subcontract to firms which conform to or otherwise appropriately address ERT security, integrity and privacy protection standards, privacy pledges, confidentiality agreements, authority controls, training requirements and etc. “Subcontractor” shall mean a person or entity that has been retained to perform all or a portion of ERT’s obligations; particularly those services directly related to the processing of clinical trial data. The Sponsor will be notified of the use of any subcontractors utilized which requires the transfer of clinical/personal information. In cases of onward transfer to third parties of clinical data of EU individuals received pursuant to the EU-US Privacy Shield, ERT is potentially liable.

ERT will only transfer personal data to a non-agent third party in a manner consistent with the principles described within the “Notice” and “Choice” sections of this Policy.

Information Security
ERT will take reasonable precautions to protect personal data in its possession from loss, misuse and unauthorized access, disclosure, alteration and/or destruction.

ERT’s Cardiac Safety, Respiratory, eCOA, Clinical Insights and Consulting Service systems employ role based functionality metadata that reside behind ERT’s firewall. Individual user roles are defined by management personnel and require the use of an active User ID and complex password combination to gain access to the system. Also, ERT’s clinical systems incorporate a defined workflow for the processing of clinical data received during the active status of any contracted study. Additional security measures include: daily backups which are retained on-site in a fireproof safe, weekly backups that are sent off-site for 5 weeks thus allowing for the monthly back up to be completed for indefinite off-site storage. ERT’s systems physically reside at an off-site data center with all system maintenance managed by ERT personnel. Data replication to a warm failover instance occurs during regularly scheduled intervals. Routine audits of these processes ensure adherence to ERT Standard Operating Procedures. [See TABLE 1:: SOP 760; SOP 763]

Information Integrity & Purpose Limitation
ERT will only use and share clinical/personal data in a way that is consistent with the purposes for which the data were collected or as subsequently authorized by the individual to whom such data pertain. ERT seeks to collect Personal Information that is adequate, relevant and not excessive for the purposes for which it is to be processed. ERT employees have a responsibility to assist ERT in maintaining accurate, complete and current Personal Information collected and Processed in the course of conducting human resource and related activities.

ERT will only use and share Clinical/Personal Data in a way that is consistent with the purposes for which the data were collected as specified by the Sponsor, authorized by the Site Investigator and agreed by the subject or employee in keeping with all the Privacy Shield Principles described in this Policy. To the extent necessary for those purposes, ERT will take reasonable steps to ensure that the data are accurate, complete, and current.

In the case of clinical data captured as electronic records for clinical investigations for submission or review by regulatory authorities, any actions on such data shall be tracked using a computer generated audit trail. (See TABLE 2, 21CFR Part 11 and Listed Guidance). To the extent that ERT may transcribe data from paper source records into electronic records, ERT shall preserve scanned electronic files so that the original information on the paper record can be reviewed. The preservation of any paper source documents that are part of the case history shall rest with Site Investigators in accordance with 21 CFR 312.62 (c). In addition to tracking all actions on electronic records, a key element of data integrity concerns control of the content of data in a clinical trial, and this policy establishes ERT’s intent to act as a third party to enable Site Investigators to fulfill their regulatory obligations to prepare and maintain any data obtained using ERT systems about subjects in a clinical investigation. ERT relies on Sites to serve as the agents who may provide the access of subjects to personal information about them during and after a clinical investigation.

Access

ERT acknowledges EU individuals’ right of access to data. ERT will provide individuals, e.g. employees or study staff, with reasonable access to their own Personal Information upon request, subject to exemptions permitted by law or by written agreement. ERT will also take reasonable steps to allow individuals to review Personal Information about them for the purposes of correcting such information.

ERT will not offer access to clinical trial participants to the information such subjects have supplied using ERT systems or products. ERT believes that such access is appropriately provided by the Site Investigator and ERT shall supply the Site Investigator or other entity with responsibility for the preparation and maintenance of source documents that are included in the case history, with access to individual subject records that the Site Investigator may share with the proper subject. Such access may be restricted in connection with the masking or other procedures in a particular study, and ERT shall incorporate controls on sharing to assist the investigator in such cases. Upon completion of the contracted study ERT delivers as contractually required and specified in the protocol or data transfer agreements all final clinical data received and processed to the study Sponsor. Where applicable, ERT delivers the eSource case histories and trial documentation needed for study reconstruction for retention to Site Investigators. Access by patients after the conclusion of a study is enabled through these records under the control of the Site Investigator.

Information Received
As a standard for during the execution of contracted clinical trials, ERT does not require, receive or collect clinical or sensitive personal identifying information such as study subject name or medical record number for transfer to such Sponsors. ERT shall transfer only blinded, encoded, pseudonymised and anonymised study subject study subject identifiers (demography) to confirm uniqueness as may be defined by the study Sponsor (e.g. Date of Birth, gender, etc.) and approved by the IRB / Ethical Committees. However, ERT shall provide systems and products whereby the Site Investigator can identify records as pertaining to a particular known subject and to be included in the case history for each patient. Additionally, ERT may receive identifying information during the recruiting and screening of participating study subjects, completion of interviews with subjects, and/or collecting paper questionnaire data from subjects during the execution of internal research studies.

ERT collects employee personal information at its various business locations for purposes of employee management. In connection with the authorization and participation of study site and sponsor staff ERT may collect contact information and professional credentials from individuals who collaborate to conduct clinical studies.

Recourse, Enforcement, Liability
ERT has established internal mechanisms to verify ongoing adherence to this Policy [See TABLE 1: SOP 104 – Confidentiality; ERT encourages individuals covered by this Policy to raise any concerns they have regarding the Processing of Personal Information.

It is the policy of ERT neither to tolerate nor ignore possible misuse of Personal/Clinical Information or Data received. All employees are responsible for reporting any suspected cases of misuse or disclosure of clinical/personal data to ERT Quality Management or an ERT Corporate Officer. ERT’s Quality Assurance department is responsible for the oversight of the formal investigation to review initial evidence and/or data and then conclude if Breach Notification is required or not. In both cases the QA Department must document the actions taken or the reasons why there is not a need for further action. [See TABLE 1: POL COR-003]

ERT will take reasonable steps to ensure protection of our employees, study subject safety and to protect the integrity of the data being collected. In cases of substantiated evidence of suspected personal information misuse or disclosure the study sponsor and/or the third party contracted for the management the sponsor’s clinical trial(s) will need to be informed, in writing upon confirming conclusions. [See TABLE 1: POL COR-003;] Misuse or disclosure of personal/clinical information found to be committed by ERT personnel is considered grounds for disciplinary action, including the possibility of termination, as well as legal prosecution.

Privacy and Breach

In addition to the above principles specified in the Privacy Shield Framework, ERT conforms in activities worldwide to the principles and requirements set forth in the US HIPAA. [See TABLE 1: POL COR-009; Identification of a breach begins with reporting a suspected privacy and security incident for assessment. Not all privacy or security incidents are a breach. It is critical for employees, business associates and business associates contractor to follow the formal incident reporting procedures so that a breach assessment can be performed. Use DOC COR-009_01 – HIPAA – Protected Health Information – Accounting of Disclosures as the initial step in reporting incidents.

ERT employees must execute Incident Handling/Customer Care Support SOP0407/SOP 1418 to assign, track and resolve any study related incident that may also affect privacy and security so that a full breach risk assessment can be performed and documented.

Training Requirement

All ERT employees shall execute the privacy pledge and shall be trained to identify a security and/or privacy breach [POL COR-003]. All employees shall be trained in the process of reporting such a breach and in the escalation to senior management [DOC COR-009_01 – HIPAA – Protected Health Information – Accounting of Disclosures]. Such training shall be refreshed annually and a basic understanding of security and privacy protection shall be evidenced.

Advanced Training and Compliance Policy for Access to Data in Production Environments

ERT employees and/or contractors with access to data in production environments (the authoritative eSource data, not protected copies thereof) have a particularly important responsibility for the protection of data integrity and for protection of privacy. Automated and validated controls on data review may not be in place for experts who may be granted administrative access to the data in production environments. Any such access must be Requested, temporary, justified, logged and explained by individuals who have been authorized and trained. In accordance with ERT SOP 759 – Access Controls and in coordination with Production Access Request Form must be completed prior to a grant of access and shall be included in documentation for review by the Privacy Officer, line manager or designee so that the authorization and conformance with applicable policies and procedures can be confirmed.

Dispute Resolution and Enforcement for EU and Swiss Individuals

ERT has put in place mechanisms to verify our ongoing adherence to these privacy principles. In compliance with the EU-US Privacy Shield Principles, ERT commits to resolve complaints about your privacy and our collection or use of your personal information. European Union individuals with inquiries or complaints regarding this privacy policy should first contact ERT at:

eResearchTechnology, Inc.
1818 Market Street, Suite 1000
Philadelphia, PA 19103
215-972-0420
qadept@ert.com

eResearch Technology GmbH
ERT Data Protection Officer
Sieboldstr. 3
97230 Estenfeld, Germany
datenschutz@ert.com

ERT will reply within 45 days to any concern raised.

If such reply is not deemed satisfactory, any complaints may be brought, free of charge, to the following organizations:

  • ERT commits to cooperate with the EU Data Protection Authorities with respect to any questions or complaints regarding its handling of employee data.
  • As ERT has an operational facility in Geneva, Switzerland, ERT commits to cooperate with the Swiss Federal Data Protection and Information Commissioner with respect to any questions or complaints regarding its handling of employee data.
  • ERT has further committed to refer unresolved privacy complaints under the EU-US Privacy Shield Principles BBB EU Privacy Shield, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgement of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint.

As a last resort, under certain conditions (in particular prior exhaustion of certain other redress possibilities), complaints may be brought by individuals to arbitration before the privacy shield panel. The privacy shield panel may impose individual-specific, non-monetary equitable relief in case of non-compliance with the privacy shield principles.

Arbitration by the privacy shield panel may not be invoked if a data protection authority is competent to resolve the complaint, i.e. in the case of complaints related to human resources data collected in the employment context.

In compliance with the US-Swiss Safe Harbor Principles, ERT commits to resolve complaints about your privacy and our collection or use of your personal information. Swiss citizens with inquiries or complaints regarding this privacy policy should first contact ERT at:

eResearchTechnology, Inc.

1818 Market Street, Suite 1000
Philadelphia, PA 19103
215-972-0420
qadept@ert.com

eResearch Technology GmbH
ERT Data Protection Officer
Sieboldstr. 3
97230 Estenfeld, Germany
datenschutz@ert.com

ERT has further committed to refer unresolved privacy complaints under the US-Swiss Safe Harbor to an independent dispute resolution mechanism operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/us/safe-harbor-complaints for more information and to file a complaint.

External References

The following documents provide important background information for this instruction:

Reference Document Name Location
21 CFR Part 11: Electronic Records; Electronic Signatures, August 1997 FDA web site
Data Protection (EU Directive 95/46/EC), October 1995 Data Protection Commissioner web site
· Directive 2000/31/EC on electronic commerce

 

http://ec.europa.eu/internal_market/e-commerce/directive/index_en.htm
EU GCP Directive 2005/28/EC, April 2005 EurLex web site
Guidance for Industry – 21 CFR Part 11; Electronic Records; Electronic Signatures — SCOPE AND APPLICATION (August 2003) FDA web site
Guidance for Industry: Computerized Systems Used In Clinical Investigations, May 2007 FDA web site
Guidance for Industry: E6 Good Clinical Practice, April 1996 ICH web site
ERT Privacy Shield Certification Please reference US Department of Commerce website.
HIPAA Security and Privacy Rule, 45 CFR Part 164 Electronic Code of Federal Regulations (e-CFR) web site
U.S.-EU Privacy Shield Framework

A Guide to Self-Certification. Including the full text of the official declaration of the Privacy Shield Privacy Principles, as announced on July 12, 2016

US Dept. of Commerce web site.http://www.export.gov
US Better Business Bureau http://www.bbb.org/EU-privacy-shield/)
U.S.-Swiss Safe Harbor Framework

A Guide to Self-Certification. Including the full text of the official declaration of the Safe Harbor Privacy Principles, as announced on July 21, 2000

US Dept. of Commerce web site. http://www.export.gov/safeharbor/

 

Definitions Pertaining to this Policy:

Term Definition
Data integrity A dimension of data contributing to its trustworthiness and pertaining to the systems and processes for data capture, correction, maintenance, transmission, and retention. Key elements of data integrity include security, privacy, access controls, a continuous pedigree from capture to archive, stability (of values, of attribution), protection against loss or destruction, ease of review by users responsible for data quality, proper operation and validation of systems, training of users. NOTE: In clinical research the FDA requires that data relied on to determine safety and efficacy of therapeutic interventions be trustworthy and establishes guidance and regulations concerning practices and system requirements needed to promote an acceptable level of data integrity. [FDA, CSUICI, IEEE].
Data quality A dimension of data contributing to its trustworthiness and pertaining to accuracy, sensitivity, validity and suitability to purpose. Key elements of data quality include attributability, legibility (decipherable, unambiguous), contemporaneousness, originality (i.e. not duplicated), accuracy, precision, completeness, consistency (logical, not out of range). NOTE: Scientists may reasonably trust data that are accurate (high quality) that have also been reviewed by investigators and protected from unauthorized alteration (high integrity). [CDISC]
Data security Degree to which data are protected from the risk of accidental or malicious alteration or destruction and from unauthorized access or disclosure. [CDISC]
eCommerce Use of electronic systems and networks by consumers, sellers and other entities to conduct business activities. NOTE: The Electronic Commerce Directive, adopted in 2000, sets up an Internal Market framework for electronic commerce, which provides legal certainty for business and consumers alike. It establishes harmonised rules on issues such as the transparency and information requirements for online service providers, commercial communications, electronic contracts and limitations of liability of intermediary service providers. [EU Electronic Commerce Directive 2000/31/EC]
ERT Systems and Processes Devices and applications for capture of trial data, transmission technologies, software applications for storage and review of information, registrations for users, processes for identification, qualification and training of users, including generally all actions on electronic (and related paper records) that rely on security and authenticity protections provided by ERT for conducting clinical investigations, diagnostic evaluations and other services delivered to clients.
Fraud Fraud, in the context of this Policy, includes the deliberate reporting of clinical data that are known to be false as well as the non-reporting of relevant information. It does not include unintentional mistakes made through simple error. Fraud may thus occur by acts of omission or commission
Patient Person under a physician’s care for a particular disease or condition. NOTE: A subject in a clinical trial is not necessarily a patient, but a patient in a clinical trial is a subject. See also subject, Although often used interchangeably as a synonym for subject, a healthy volunteer is not a patient.
Privacy The right of an individual to control the collection, use, and disclosure of personal information. [Privacy Shield Principles]
Privacy Protection The appropriate use of personal information under specific circumstances. What is appropriate will depend on context, law, and the individual’s expectations. [from Privacy Shield Guide, Glossary],
Scientific misconduct Fabrication, falsification, plagiarism, or other practices that seriously deviate from commonly accepted standards within the scientific community for proposing, conducting, or reporting research. It does not include honest error or honest differences in interpretations or judgments of data.
Subject An individual who participates in a clinical trial, either as recipient of the investigational product(s) or as a control. [ICH]

Limitation on Scope of Principles
Adherence by ERT to these privacy principles may be limited to the extent required to meet any legal, governmental, national security or public interest obligation.