Exhibit 10.11
Template: PRV01-1 VID: 3
Privacy, Confidentiality, and Security of Customer and
Patient Confidential Information Agreement
Business Record
As a condition of your employment, retainer as a consultant or contractor by Mevion Medical Systems (“Mevion Medical Systems,” “Mevion,” or the “Company”), and in consideration of your employment or business relationship with Mevion Medical Systems and your receipt of the compensation now and hereafter paid to you by Mevion Medical Systems, you agree to the following:
A. Employment or Consulting Relationship
You understand and acknowledge that this Agreement does not alter, amend, or expand upon any right(s) you may have to continue in the employ of, or in a business relationship with, or the duration of your employment or business relationship with Mevion Medical Systems under any other existing agreements between you and Mevion Medical Systems or under applicable law. Any employment or business relationship between you and Mevion Medical Systems, whether commenced prior to or upon the date of this Agreement, shall be referred to herein as the “Relationship.”
B. Position of Trust
As part of your Relationship with Mevion Medical Systems, you will likely have access to confidential information including, but not limited to, certain records and/or information systems containing legally protected health information, financial and operating data, and physician and medical staff information, found in customers’ information system(s) or through other activities relating to your Relationship with Mevion Medical Systems. Privacy, confidentiality, and security is a matter of concern for all persons who have access to or control over customer or patient data, whether accessed at a customer site or within Mevion Medical Systems’ information management systems. When you access customer or patient data or resources, you hold a position of trust relative to this information and must recognize the responsibilities entrusted to you in preserving the privacy, confidentiality, and security of this information. The purpose of this agreement is to ensure that you understand your duties, both as legal matter and as a matter of Mevion Medical Systems’ policy, regarding the privacy, confidentiality, and security of customers’ and patients’ confidential information.
C. Your Responsibilities
As a condition of your employment and/or business relationship with Mevion Medical Systems, you have a responsibility to maintain the privacy, confidentiality, and security of all customer and patient confidential information. You shall not access, use, or disclose
|Mevion Medical Systems
|Page 1 of 4
|Business Management System
Privacy, Confidentiality, and Security of Customer and Patient Confidential Information Agreement
any customer or patient confidential information in any manner not consistent with your specific job function and requirements of laws or regulations. Further, you will not permit any person to access, use, or disclose any such confidential information, except as otherwise may be required to perform your job function.
Confidential information and data is valuable, sensitive, and protected by law and strict Mevion Medical Systems operational policies and procedures. All Mevion Medical Systems employees, contractors, consultants, and advisors who have access to confidential information must read, understand, and comply with all Mevion Medical Systems Business Management System (BMS) policies and procedures related to the privacy, confidentiality, and security of Customer and patient confidential data. The intent of these laws, policies, and procedures is to ensure that confidential information will remain confidential and that Mevion Medical Systems and Mevion Medical Systems employees, contractors, and consultants will access, use, and disclose the confidential information only as necessary to accomplish the organization’s objectives and responsibilities for each particular customer. You are required to conduct yourself in strict conformance to applicable laws, policies, and procedures governing confidential information. You are required to read all applicable policies and procedures, complete all identified training requirements, and record successful completion of these requirements applicable to your position and responsibilities in your Training Record, as applicable.
D. Your Duty to Protect Privacy, Confidentiality, and Security of Confidential Information
Accordingly, as a condition of and in consideration of your Relationship with Mevion Medical Systems, you agree that:
|1.
|You will use confidential information only as needed to perform your legitimate duties with Mevion Medical Systems. To that end, you will:
|a.
|access only the minimal amount of information for which you have a need to know or access;
|b.
|not in any way divulge, copy, release, sell, loan, review, alter, or destroy any confidential information except as authorized within the scope of your professional activities with Mevion Medical Systems; and
|c.
|not misuse confidential information or engage in intentional, reckless, or careless access, use, or distribution of the information.
|2.
|You will safeguard and not post, share, or disclose personal and organizational access codes, passwords, or other methods of identification authentication.
|3.
|You acknowledge that access code(s), password(s), and/or user ID(s) are equivalent to an electronic signature to authenticate entries into Mevion Medical Systems information management systems and customer information management systems to which Mevion Medical Systems has been granted access.
|Mevion Medical Systems
|Page 2 of 4
|Business Management System
Privacy, Confidentiality, and Security of Customer and Patient Confidential Information Agreement
|4.
|You are responsible for all activities undertaken using your personal access codes and other authorization, unless the access code or authorization information was obtained by owner through no fault of your own.
|5.
|You are responsible for any unprivileged access, misuse, or wrongful disclosure of confidential information and for failure to adequately safeguard access codes or passwords.
|6.
|You will promptly notify Mevion Medical Systems’ VP of Regulatory Affairs and Quality Systems if you have reason to believe that the privacy, confidentiality, or security of personal or organizational access codes, passwords, and/or other methods of identification authentication have been compromised or if you have reason to believe that the privacy, confidentiality, or security of confidential information has been breached.
|7.
|You acknowledge that you have no right or ownership interest in confidential information referred to in this Agreement. Mevion Medical Systems and/or any of Mevion Medical Systems’ customers may at anytime revoke applicable access codes, passwords, user identifications, or other authorization or access to confidential information.
|8.
|You will review and follow all applicable Mevion Medical Systems Quality System policies and procedures.
|9.
|You will review and comply with all privacy, confidentiality and security policies, instructions and requirements issued by Mevion Medical Systems’ VP of Regulatory Affairs and Quality Assurance.
E. DISCIPLINARY ACTION
Violations of the privacy, confidentiality, and security provisions set forth above may result in disciplinary action up to, and including, immediate termination of the Relationship. Intentional violations shall result in disciplinary action up to, and including, immediate termination of the Relationship. Violation may also result in personal civil liabilities and/or criminal penalties, and may be pursued by Mevion Medical Systems, Customers, patients, government administrative agencies, and/or other law enforcement organizations.
F. AGREEMENT SURVIVES TERMINATION OF RELATIONSHIP
Your obligations pertaining to privacy and security of protected health information described in this Agreement shall continue indefinitely after termination of your Relationship with Mevion Medical Systems.
|Mevion Medical Systems
|Page 3 of 4
|Business Management System
Privacy, Confidentiality, and Security of Customer and Patient Confidential Information Agreement
G. READ AND UNDERSTOOD
YOU ACKNOWLEDGE THAT, IN EXECUTING THIS AGREEMENT, YOU HAVE READ AND UNDERSTOOD ALL OF THE TERMS AND PROVISIONS OF THIS AGREEMENT. You certify and acknowledge that you have carefully read all of the provisions of this Agreement and understand and will fully and faithfully comply with such provisions.
Reviewed, understood, and agreed:
|/s/ Michael S. Cogswell
|2-3-12
|Employee Signature
|Date
|Michael S. Cogswell
|Printed Name
|Mevion Medical Systems
|Page 4 of 4
|Business Management System