This Agreement between the BOARD OF TRUSTEES OF THE LELAND STANFORD JUNIOR UNIVERSITY ("Stanford"), an institution of higher education having corporate powers under the laws of the State of California, and "Recipient", a corporation having a principal place of business, is effective as of the last date of signature below ("Effective Date").
Dr. Victor Henderson ("Principal Investigator") of Stanford plans to provide the data described in Exhibit A ("Data") to Recipient for a research project described in Exhibit A ("Research Program"). The parties hereby agree as follows:
1. LICENSE GRANT
1.1 License Grant. Subject to the terms and conditions of this Agreement, Stanford grants to Recipient a nonexclusive right to use the Data solely in the Research Program, during the Term of this Agreement as set forth in Exhibit A ("Term").
1.2 License Term. Principal Investigator will make the Data available to Recipient during the Term, which Term may be extended only by advance written agreement of both parties.
1.3 No Other Rights. This Agreement does not constitute, grant nor confer any license under any patents or proprietary interests of one party to the other, except as explicitly stated herein.
2. STANFORD DATA
2.1 Ownership. Stanford retains ownership of the Data. Stanford retains all rights to distribute the Data to other commercial or non-commercial entities.
2.2 De-identification. All individually identifiable health information has been removed from Data. Data does not include "Protected Health Information" ("PHI") as defined in 45 C.F.R. Section 160.103. Should Recipient inadvertently receive Data that has not been completely de-identified, or otherwise identifies a subject, Recipient shall notify Stanford immediately and shall follow Stanford's written instructions for handling, which may include return or destruction of the identifiable information.
3. RECIPIENT USE OF STANFORD DATA
3.1 Restrictions. Recipient will use Data only for the Research Program. If Recipient desires to use or disclose any Data for purposes other than the Research Program, Recipient must obtain prior written consent from Stanford, either by an amendment to this Agreement or a new agreement.
3.2 No Further Access or Transfer. Recipient will not disclose or transfer the Data to any third party without prior written consent from Stanford.
3.3 No Re-identification or Contact. Recipient acknowledges and agrees that: (1) Recipient will not attempt to re-identify or otherwise determine the identity of any human subject or other individual who may be the subject of the Data, and will not attempt to contact any such individuals for any purpose, and (2) considerable harm may ensue if Recipient (or any recipient of the Data) intentionally or negligently allows the disclosure, release or publication of information that identifies such individuals. In the event that Recipient inadvertently receives identifiable information or otherwise identifies an individual, Recipient will promptly notify Stanford and follow Stanford's reasonable written instructions, which may include return or destruction of the identifiable information.
3.4 Data Security. Recipient will follow data security best practices for receipt, storage and use of Data, and specifically agrees that it will:
(1) implement and maintain commercially reasonable and appropriate physical, technical, and organizational security measures designed to protect the Data against accidental or unlawful loss, destruction, alteration, unauthorized disclosure or access, and all other unlawful forms of collection or use, consistent with Stanford's Minimum Security Standards set forth at minsec.stanford.edu;
(2) assist Stanford as reasonably requested to respond to requests from government authorities, data subjects, or others to provide information (including details of the activities performed by Recipient) related to Recipient's processing of the Data;
(3) Only process the Data on its systems or facilities to the extent necessary to perform its obligations contemplated by the parties under this Agreement.
(4) maintain reasonably accurate and up-to-date logs and records of the processing of the Data;
(5) not lease, sell, distribute, or otherwise encumber the Data for any purpose; and
(6) promptly notify Stanford of any investigation, litigation, arbitrated matter, or other dispute relating to Recipient's security or privacy practices as it may directly and materially relate to Recipient's performance of its obligations to Stanford under this Agreement.
3.5 Notice of Data Incidents. Recipient shall without undue delay (within 48 hours of confirmation) notify Stanford if any of the following occur:
(1) any unmitigated, material security vulnerability, or weakness of which Recipient has actual knowledge, in either Stanford's or the Recipient's systems or networks that has compromised the Data;
(2) any successful, imminent or significant threat of unauthorized access, use, disclosure, breach, modification, theft, loss, corruption or destruction of information, or any interference with information technology or system operations, that negatively impacts the confidentiality, integrity, and availability of the Data; or
(3) any known failure or inability to maintain material compliance with requirements of this Agreement or any applicable law.
3.6 Reporting. In consideration of Stanford having provided Data, Recipient will report the results of its research with Data to Principal Investigator.
3.7 Compliance with Law and Policy. Recipient's use of Data will comply all applicable federal, state and local laws and regulations, including those of the NIH, FDA, or DHHS, and the Code of Federal Regulations for the protection of human subjects (45 CFR 46.102). In addition, Recipient represents and warrants that all relevant Recipient or institutional policies have been followed, including the completion of any IRB or ethics review or approval that may be required.
4. PUBLICATION
Any publication or presentation of results will appropriately cite the contributions of Stanford and the Stanford Alzheimer's Disease Reearch Center (ADRC, NIH grant P30 AG066515) using customary standards of scientific attribution. Each party will provide the other with publications or presentations of previously unpublished results thirty (30) days before submission for presentation or publication, to enable the other party to identify and request removal of its confidential information and to seek patent protection, if applicable.
5. GENERAL PROVISIONS
5.1 Publicity. Neither party will use the name or trademark of the other party, or the names of the other party's employees, students or agents in any publicity, advertising or announcement related to this Agreement without the prior written consent of the other party's authorized officials.
5.2 No Warranties. Data are provided by Stanford AS IS, WITHOUT ANY WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION ANY WARRANTY OF FITNESS FOR A PARTICULAR PURPOSE.
5.3 Liability. In no event shall Stanford be liable for any use by Recipient of Data or results or for any loss, claim, damage, or liability, of any kind or nature, that may arise from or in connection with this Agreement or Recipient's use, handling, or storage of Data. Recipient agrees to indemnify and hold harmless Stanford, its trustees, officers, employees, students, volunteers and agents from all liability, loss, or damage they may suffer as a result of claims, demands, costs or judgments against them arising out of the use, handling or storage of Data or results by Recipient.
5.4 Termination. Either party may terminate this Agreement at any time upon thirty (30) days prior written notice. Within thirty (30) days after the effective date of termination, Recipient will discontinue all use of the Data and related information, and return or destroy the Data in accordance with Stanford's instructions. Sections 2.1, 3.1 to 3.7, 4, 5.1, 5.2 and 5.3 will survive the termination or expiration of this Agreement.
5.5 Notice. All notices under this Agreement are deemed fully given when written, addressed, and sent as follows:
All notices to Recipient are e-mailed or mailed to: