These Terms and Conditions apply to the Agreement between You and CompuGroup Medical South Africa (Pty) Ltd (“CGM”)  regarding Your use of CGM’s CGM QURIS Services. You need to agree to these Terms and Conditions for CGM to provide CGM QURIS Services to You.  

1. DEFINITIONS   

 1.1 "Activation Date" means the day when You click to accept these Terms and Conditions.  

1.2 “AES’’ means an advanced electronic signature, which meets the requirements of section 13 of the Electronic Communications and Transactions Act (Act No.25 of 2002), and is the legal equivalent of a wet ink signature.   

1.3 “Agreement” means this agreement for the provision of CGM QURIS Services to You by CGM. 

1.4 “Autoscriber” means the module that allows You to automate the clinical note taking process. The application uses artificial intelligence (“AI”)  turns the conversation between You and your patient into a structured summary. 

1.5 “CLICKDOC” means CGM’s secure video consultation Service.  

1.6 “EMGuidance Script’’ means a module of CGM QURIS which is the proprietary software application developed and owned by EMGuidance Limited, registration number 15097468, which enables registered Users to create and issue an AES signed and legally compliant electronic prescription.  

1.7 “Enabled Pharmacy” means a pharmacy which has been enabled to receive CGM QURIS E-scripts.  

1.8 “Laboratory Results” means any clinical test results, reports, measurements, interpretations, or related data generated by a pathology or diagnostic laboratory, including but not limited to pathology, microbiology, haematology, biochemistry, and other diagnostic investigations, which are transmitted to, received by, stored within, or made available through the CGM QURIS Services in relation to a patient. 

This includes Laboratory Results received from one or more third-party laboratories or pathology service providers with whom You have a separate relationship or agreement. CGM is not responsible for the accuracy, completeness, timeliness, or clinical interpretation of any Laboratory Results, which remain the responsibility of the originating laboratory and the healthcare professional using such results. 

1.9 “Limited Dataset” means an anonymised dataset created from data generated by You via CGM QURIS, inclusive of Your Practice Data.  

1.10 “Module” means a self-contained, functional unit of code or a business application that performs a specific set of tasks within CGM QURIS. 

1.11 “Parties” means You and CGM, with “Party” referring to either of these two.  

1.12 “Practice Data” means Your name, HPCSA number, Identity number, practice number, practice address and contact details.  

1.13 “Routed Script” means an E-script where You have selected an Enabled Pharmacy chosen by Your patient, to which to route the E-script. You will enter Your AES on the E-script and the E-script will be delivered to the patient and or an Enabled Pharmacy through the eScripting Module in CGM QURIS. 

1.14 “Services” means the provision of CGM QURIS software for Your use during the Term. This is a cloud-based  modular application, accessed by You via a supported web browser. It includes CGM QURIS’s free modules and subscription-based modules.  

1.15 “Term” means the period from the day You click to accept these Terms and Conditions until the Agreement is terminated by one of the Parties, either by giving the other Party one month’s written notice (which You would email to accounts.za@cgm.com) or as specified in section 3, 11, or 12.  

1.16 “You” and “Your” refers to the individual who is entering into this agreement for CGM QURIS Services - being a licensed HPCSA healthcare practitioner who is authorised to script medicine for patients.  

1.17 “Your Data” means all text, files, images, graphics, illustrations, information, data (including Personal Information as defined in the Protection of Personal Information Act of 2013), audio, video, photographs, and other content and material in any format, provided by You or Your Patients that reside in, or run on or through, the Services environment.  

2. RIGHTS OF USE  

2.1 CGM hereby grants You the temporary, non-exclusive, non-transferable, non-sublicensable, personal right to use the CGM QURIS Service for the Term.  

2.2 You may only use CGM QURIS’s base functionally and subscription-based modules if You are registered with the HPCSA to prescribe medicine.   

2.3 You may only use CGM QURIS’s Autoscriber and E-scripting Service to generate clinical notes and route an E-script to an Enabled Pharmacy if the patient has consented to Your sharing their personal information for this purpose, and has chosen the pharmacy to which their E-script will be routed.  

2.4 Only the individual to whom an AES is issued is authorised to use it for generating E-scripts in CGM QURIS, and is solely liable for any use thereof. As that individual, You undertake:  

2.4.1 not to share Your AES password with anyone;  

2.4.2 to ensure Your AES certificate and personal computer containing the AES certificate are not compromised;    

2.4.3 to allow Your Practice Data to be processed and stored by CGM for the Term;  

2.4.4 to indemnify CGM against any claim for damages in relation to Your access to and use of an AES.  

2.5 All intellectual property rights to CGM QURIS are owned exclusively by CGM.  

2.6 You may not, and You may not allow any third party to access the source code of  CGM QURIS, to alter CGM QURIS in any way, or to attempt to extract Your Data from CGM QURIS. Doing so may result in accidental damage to or deletion of Your Data.  

 3. TERMINATION  

 3.1 The termination of Your CGM QURIS Service does not affect any existing Agreement You may have for any other CGM Service.  

3.2 The termination must be in writing and can be sent via e-mail to accounts.za@cgm.com.  

3.3 A termination issued by CGM becomes effective when it is sent to the last e-mail address given by You.  

3.4 The termination of this Agreement for any reason shall not affect CGM’s right to retain the anonymised datasets collected by CGM during the Term.   

3.5 CGM reserves the right to revoke Your AES and terminate all rights granted in terms of this Agreement with immediate effect from the giving of a termination notice if CGM becomes aware that Your AES and/or CGM QURIS software is being abused by You or any other person.  

3.6 CGM reserves the right to decommission CGM QURIS at any time on three months’ written notice to You.  

4. INFRASTRUCTURE REQUIREMENTS AND SET-UP  

 4.1 Your connection to the Internet, maintenance of the network connection, as well as the procurement and provision of the hardware and software required by You to use the Services is Your responsibility, unless You have explicitly contracted with CGM for provision of any such infrastructural support.   

4.2 You must ensure that You have adequate data capacity and data speed to access the Services.   

4.3 You accept that You alone are responsible for the content, integrity, and security of Your own patients’ data that is stored on Your personal computer systems.   

4.4 You accept responsibility to ensure that only virus-free data and content are transmitted by You.   

4.5 You accept responsibility for ensuring that Your database security and Cybersecurity software is up to date and functioning correctly on Your personal computer systems. In this instance, Cybersecurity means all physical and electronic measures designed to protect electronic data from malicious attack from third parties, including the employment of anti-virus, anti-malware, and encryption software.  

4.6 If You wish to use CLICKDOC Your computer system will need to have a camera, headset, and speakers.   

5. ABOUT CLICKDOC  

 5.1 The CLICKDOC consultation takes place via an encrypted connection directly between You and Your patient, or between You and other healthcare practitioners with an active QURIS  or separate CLICKDOC Service account with CGM.  

5.2 CGM is not responsible for the contents of the communication between You and any other participant in any session.  

5.3 Your CLICKDOC virtual waiting room and CLICKDOC video consultations can only be accessed via the unique secure personal access codes generated for each participant for every session.  

5.4 CLICKDOC is merely a secure conduit for the sessions. Sessions are not recorded or saved. CGM also cannot access or store any documents (for example images, x-rays, or medical reports) exchanged between Parties during a session.  

6. GENERATION OF LIMITED DATASETS IN E-SCRIPTING SERVICE  

 6.1 You grant CGM permission to extract, process, and commercialise a Limited Dataset generated during the Term from E-scripts sent by You to Enabled Pharmacies, to be used for data analytics, quality assurance, market research, and other campaigns.   

6.2 Your Practice Data will be included in the Limited Dataset.  

6.3 All patient personal information will be irreversibly anonymised.  

6.4 You irrevocably assign the copyright for this Limited Dataset to CGM.  

6.5 Your provision of this Limited Dataset is a material term of this Agreement.  

7. MAINTENANCE AND MONITORING  

 7.1 CGM regularly carries out maintenance work (“General Maintenance Work”) on its servers to ensure the security of network operations, to maintain network integrity, interoperability of Services, and data security.   

7.2 If possible, CGM will carry out General Maintenance Work during periods of low usage (i.e., at night and on weekends).   

7.3 CGM has strict service level agreements with its internet service provider to ensure best possible uptime of its Cloud Services and protection from cyber-attacks.  

7.4 CGM will notify Authorised Users of its plans to carry out the General Maintenance Work - as far as possible - with appropriate advance notice.  

7.5 The availability of the Services will average over 95% per annum.   

8. SUPPORT  

 8.1 All logged support requests to the CGM Helpdesk at help.za@cgm.com or +27 (0)86 1633 334 will receive a response based on assigned priority.   

8.2 The following response times are for queries which require support relating to the Authorised Users use of CGM QURIS: 

Please note that CGM reserves the right to change the criticality and priority level of a reported issue. CGM may decide to split an initial issue into several components or to group similar issues to be resolved in a timeline appropriate to that categorisation.   

Response time: Once CGM is contacted, this is the time within which CGM will take to engage with You to get clarification regarding the issue that has been reported, so that CGM can work on resolving it. This could be an email or in-app notification when it is a general issue for all users.  

Feedback time: This is the time within which CGM will revert to You regarding the plan for resolution, further feedback, and an initial estimate of resolution time. This could be an email or in-app notification when it is a general issue for all users.  

Resolution time: The time within which CGM will endeavour to resolve the issue that has been reported. Should this timeline not be achievable, CGM will communicate the reason for this and give regular feedback.    

9. DUTY TO CO-OPERATE  

 9.1 You agree to co-operate with CGM to make Yourself available for any agreed configuration, activation, and training relating to the Services.  

9.2 If You encounter a problem with the application and contact CGM for support, You must be willing to allow a CGM support staff member to access Your computer in share screen mode for the purpose of resolving the problem. You must be willing to co-operate with the CGM support staff member in the active session and follow instructions where necessary.  

9.3 If a third party asserts against You that CGM QURIS violates his/her rights, You are obliged to inform CGM of this immediately and to hand over the documents on which this claim is based to CGM. Insofar as this is permissible, You shall leave it to CGM to address the asserted claims at its own expense.  

10. RISK AND LIABILITY  

 10.1 You agree that You use CGM QURIS at Your own risk, to the maximum extent allowed by law.  

10.2 CGM QURIS is provided to You “as is”, and CGM provides no warranty as to its being fault free or fit for purpose.  

10.3 CGM provides no warranty regarding availability of CGM QURIS at any time, whether the suspension of service is caused by breakdown, maintenance, upgrades, or any other event.  

10.4 CGM is not liable if third parties assert claims against You because You have not obtained any required declaration of consent from a patient. If damage is claimed by third parties in this respect, You shall indemnify CGM in this respect. 10.5 Liability of CGM in relation to this Agreement is limited to wilful and grossly negligent behaviour by CGM, its legal representatives, and vicarious agents, to a limit of R50,000.00 (fifty thousand rands).   

10.6 You are aware and hereby acknowledge that complete protection against harmful data is not possible.   

10.7 If a risk to the system cannot be eliminated technically and/or economically in any other way, CGM is entitled to delete any data with damaging content, including Your Data.  

11. PRIVACY AND DATA SECURITY  

 11.1 All definitions in this section are found in the Protection of Personal Information Act 4 of 2013 (“POPIA”).   

11.2 Consent to process Personal Information   

11.2.1 By entering into this Agreement, You appoint CGM as an Operator to capture, store, and otherwise process Personal Information relating to You and Your patients (collectively “Data Subjects”). Such processing will be done only to provide the Services to You and Your practice’s patients in terms of this Agreement, as governed by sections 19 – 21 of POPIA.    

11.2.2 To provide the Services CGM will need to process Your Practice Data, including storing it on the CGM Group’s secure central servers in Germany via CGM’s secure international network, and on the CGM Group’s private iteration of SAP. The CGM Group is subject to GDPR, the European Union equivalent of POPIA.   

11.2.3 CGM may process a patient’s name, medical aid name and number, dependant name, gender, age, ID number, diagnosis, treatment information, and general health records whilst providing the Services. If any of this data is transferred outside South Africa, it will only be transferred using a secure channel to a location governed by GDPR, which is the European equivalent of POPIA.   

11.3 Consent for Sharing of Personal Information   

11.3.1 Delivery of some Services requires CGM sharing elements of Your and Your patients’ Personal Information with third parties who participate in provision of the Services, in this case, pharmacies.    

11.3.2 CGM shares the minimum amount of Personal Information necessary to serve the particular purpose.   

11.3.3 CGM has written agreements in place with all such third parties to protect the processing of Your and Your patients’ Personal Information.    

11.3.4 By entering into this Agreement, You agree to such limited sharing of Personal Information.     

11.4 CGM Personal Information security measures   

11.4.1 CGM warrants that its software Services are supplied to You virus-free.   

11.4.2 CGM will use encryption techniques to prevent unauthorized access to Your data when it is stationary and in transit, as far as this is possible with reasonable economic and technical effort.    

11.4.3 Any CGM staff who process Your and Your patients’ Personal Information have been trained in the protection of personal information, and have signed Personal Information security agreements. All their interactions with Your and Your patients’ Personal Information will be governed by these agreements. All electronic transmission of Personal Information by CGM occurs within the CGM Group’s secure network, in either password protected or encrypted form to ensure security.    

11.4.4 CGM’s staff will only ever have access to Your computer system when actively granted access by You for the specific purpose of maintenance or support. Any copies of Your data may only be retained by CGM in a personally identifiable form for as long as required to satisfy the purpose of its sharing or as required by law.    

11.4.5 To ensure that its record of Your Personal Information is accurate, up to date, complete, clear, and consistent, CGM may periodically check its records against those held by third parties like Medpages – a verified healthcare information provider with whom CGM has a Data Processing Agreement.   

11.4.6 Should Your contract with CGM end, CGM will delete all identifiable Personal Information relating to You and Your patients that it has in its possession other than that which it is required to retain in an identifiable form for legal reasons for any period, a record of the fact that information has been deleted.   

11.4.7 CGM’s Deputy Information Officer is: Paula Kingham   

Phone: 0214921167   

E-mail: paula.kingham@cgm.com   

11.5 Informed consent from patients   

11.5.1 It is Your responsibility to obtain Your patients’ informed consent for You, and for CGM (as a Data Operator appointed by You) to process their Personal Information. CGM will only process their Personal Information or share it with third parties for the purpose of transmitting their E-scripts to pharmacies in terms of this Agreement. CGM may also process patients’ Personal information while providing customer support to You.   

11.6 Requests for access to Personal Information   

11.6.1 CGM will not comply with any requests by third parties to CGM for the sharing of Personal Information relating to You or Your patients which is not specifically required to provide the Services without obtaining the express, prior, specific consent of the Data Subject unless compelled to do so by law.  

11.6.2 CGM will notify You immediately of any request by a patient of Yours for access to Personal Information held by CGM about them, and will only provide such Personal Information after ascertaining the identity of the applicant, and as required by the Promotion of Access to Information Act.   

11.7 Personal Information breaches   

11.7.1 The Parties must inform each other immediately in the event of any breach of Personal Information that comes to their attention. The Parties much provide each other with as much information regarding the breach as they can to allow the other Party to meet any obligations to report such a breach to the Information Regulator and to affected Data Subjects. Each Party must also cooperate in taking reasonable steps on request to assist the other with the investigation, mitigation, and remediation of such a Personal Information breach.   

11.7.2 You must notify CGM of any breach of Personal Information at Your practice on a system using CGM Services, and cooperate with CGM to investigate and mitigate the consequences of any such breach.   

11.7.3 CGM’s Privacy Notice and PAIA Manual can both be found at the bottom of the landing page of CGM’s website at https://www.cgm.com.zaf_en.  

12. ALTERNATIVE DISPUTE RESOLUTION  

12.1 Should any dispute arise between the Parties (called hereafter “the Dispute”), the Parties will try to resolve the Dispute by negotiation. Either Party may invite the other in writing to a meeting to attempt to resolve the Dispute within seven days from date of written invitation.   

12.2 If the Dispute has not been resolved by such negotiation within seven days of the written invitation, the Dispute shall be submitted to mediation, which shall be administered by the Arbitration Foundation of South Africa (“AFSA”) in terms of the AFSA Mediation Rules. Either Party may refer the Dispute to mediation.   

12.3 If the Parties are unable to resolve the Dispute through mediation, the Dispute, if arbitral by law, shall be finally resolved in accordance with the AFSA Commercial Rules.   

12.4 Nothing contained in this clause shall prevent either Party from seeking relief of an interim or urgent nature in any Court with jurisdiction.   

12.5 This clause is severable from the rest of the Agreement and shall therefore remain in effect even if this Agreement is terminated.   

13. BREACH  

13.1 If You breach this Agreement and remain in breach for ten days after written notice from CGM requiring You to remedy the breach, or if You repudiate this Agreement, CGM can:   

13.2 Terminate this Agreement immediately and suspend Your use of the Services. Termination will occur on the date CGM sends You written notice of Termination.   

13.3 Address the dispute in terms of section 11 above.