-
Introduction and Acceptance
These Terms of Service (“Terms”) are a binding agreement between MedRegis Inc. (“MedRegis”, “we”, “us”, or “our”) and the organisation that subscribes to or uses the Service (the “Subscriber”, “you”, or “your”). They govern access to and use of the MedRegis website at https://medregis.com, the MedRegisEHR web and mobile applications, and all related products, features, and documentation (together, the “Service”).
The Service is a clinical and administrative tool intended for use by licensed healthcare organisations and their personnel. By creating an account, accepting these Terms electronically, or accessing or using the Service, you confirm that you have authority to bind the Subscriber and that the Subscriber agrees to these Terms, the MedRegis Privacy Policy, and the MedRegis Data Processing Addendum, which are incorporated by reference. If you do not agree, you must not access or use the Service.
-
Definitions
(a) “Authorized User” means an individual who is a member of the Subscriber’s own workforce (such as an employed or contracted clinician, nurse, pharmacist, or administrative staff member) whom the Subscriber permits to access the Service solely for the Subscriber’s internal healthcare and business operations.
(b) “Administrator” means an Authorized User whom the Subscriber designates to manage its account, including the creation, modification, and removal of other Authorized Users.
(c) “Subscriber Data” means all data the Subscriber or its Authorized Users submit to or generate within the Service, including Patient Data.
(d) “Patient Data” means personal data and sensitive personal data relating to the Subscriber’s patients, including medical records, that is processed within the Service.
(e) “Confidential Information” means non-public information disclosed by one party to the other, including the non-public features, functionality, user interfaces, workflows, screens, design, and know-how of the Service, which are the Confidential Information of MedRegis.
(f) “Documentation” means the user guides and materials MedRegis makes available for the Service.
-
Accounts, Authorized Users, and Access Control
3.1 Authorized Users only. The Subscriber may permit access to the Service only to its own Authorized Users. Each Authorized User must be assigned unique credentials tied to a named individual. The Subscriber’s Administrators are responsible for creating, modifying, and removing Authorized Users and for maintaining an accurate and current record of them.
3.2 No third-party or competitor access. The Subscriber must not create accounts or profiles for, share credentials with, or otherwise grant access to the Service to any person or entity that is not an Authorized User. Without limiting the foregoing, the Subscriber must not grant access to, or create any account or profile for, any competitor of MedRegis or any developer, operator, or agent of a product or service that competes with the Service. Any such grant is a material breach of these Terms.
3.3 Credential security. The Subscriber is responsible for maintaining the confidentiality of all account credentials, for restricting access to authorised devices, and for all activities that occur under its account, whether or not authorised by the Subscriber. The Subscriber must not permit credential sharing among individuals.
3.4 Notification. The Subscriber must notify MedRegis immediately at privacy@medregis.com upon becoming aware of any actual or suspected unauthorised access to, disclosure of, or use of the Service or of any Subscriber Data.
3.5 Accuracy and age. The Subscriber warrants that account information is accurate and current, and that all Authorized Users are at least eighteen (18) years of age and authorised by the Subscriber to use the Service.
-
Licence and Permitted Use
Subject to these Terms, MedRegis grants the Subscriber a limited, non-exclusive, non-transferable, non-sublicensable licence to access and use the Service and Documentation solely for the Subscriber’s internal healthcare and business operations during the subscription term. All rights not expressly granted are reserved by MedRegis.
-
Restrictions
The Subscriber must not, and must not permit any Authorized User or third party to:
(a) use the Service other than for the Subscriber’s internal healthcare and business operations, or for the benefit of any third party;
(b) reverse engineer, decompile, disassemble, or otherwise attempt to derive the source code, structure, or underlying ideas of the Service, except to the extent this restriction is prohibited by applicable law;
(c) access or use the Service to build, train, support, or improve a competing or similar product or service, or to benchmark or evaluate the Service for a competitor;
(d) copy, reproduce, screenshot, record, or recreate the features, functionality, user interfaces, workflows, or design of the Service, in whole or in part;
(e) use any robot, spider, scraper, or manual process to monitor, index, or copy any part of the Service without MedRegis’s prior written consent;
(f) circumvent, disable, or interfere with any access control, security, or authentication feature of the Service;
(g) attempt to gain unauthorised access to the Service or to any server, network, or database connected to it;
(h) introduce any virus, worm, or other harmful code, or take any action that impairs the integrity or performance of the Service;
(i) remove or obscure any proprietary notice; or
(j) use the Service in any way that violates any applicable law or regulation, or infringes the rights of any person.
-
Confidentiality
6.1 Obligations. Each party must protect the other’s Confidential Information using at least reasonable care, must not disclose it except to personnel with a need to know who are bound by confidentiality obligations, and must use it only to perform under these Terms. The Subscriber acknowledges that the non-public elements of the Service are the Confidential Information of MedRegis and must not be disclosed to, or made accessible by, any third party or competitor.
6.2 Exclusions and survival. These obligations do not apply to information that is or becomes public through no fault of the receiving party, or that is independently developed without use of the Confidential Information. The obligations in this clause survive termination.
-
Intellectual Property
7.1 Ownership. The Service, and all intellectual property in it, including its original content, features, functionality, and design (but excluding Subscriber Data), are and remain the exclusive property of MedRegis and its licensors, and are protected by the laws of Barbados and other jurisdictions. Nothing in these Terms transfers any ownership of the Service to the Subscriber.
7.2 Feedback. If the Subscriber or its Authorized Users provide suggestions, ideas, or other feedback about the Service, MedRegis may use that feedback to operate, improve, and develop the Service without restriction or obligation. This does not transfer to MedRegis any pre-existing intellectual property of the Subscriber.
-
Subscriber Data and Data Protection
8.1 Ownership. As between the parties, the Subscriber owns all Subscriber Data, including Patient Data.
8.2 Roles and Data Processing Addendum. For the purposes of the Data Protection Act, 2019-29 of Barbados (the “DPA”) and any other applicable data protection law, the Subscriber is the data controller of Patient Data and MedRegis is the data processor. The MedRegis Data Processing Addendum governs that processing, forms part of these Terms, and satisfies the DPA requirement for a written contract between controller and processor.
8.3 Subscriber responsibilities. The Subscriber warrants that it has a lawful basis to process Patient Data, that it has provided all required notices and obtained all required consents, and that its grant of access to Authorized Users complies with applicable law. The Subscriber is responsible for any exposure of Subscriber Data that results from its own acts or omissions, including the provisioning of access in breach of clause 3.
8.4 Security. MedRegis maintains administrative, technical, and physical safeguards designed to protect Subscriber Data, including role-based access controls, encryption of data in transit and at rest, and audit logging of access to Patient Data, as further described in the Privacy Policy and the Data Processing Addendum.
8.5 Incident notification. MedRegis will notify the Subscriber without undue delay after becoming aware of a personal data breach affecting the Subscriber’s Patient Data, and will provide reasonable assistance to enable the Subscriber, as controller, to meet its obligation to notify the Data Protection Commissioner without undue delay and, where feasible, within 72 hours, and to notify affected data subjects where required under the DPA.
8.6 Licence to process Subscriber Data. The Subscriber grants MedRegis a limited, non-exclusive, worldwide licence to host, store, process, and transmit Subscriber Data solely to provide, maintain, secure, and support the Service, and to comply with the Subscriber’s documented instructions and applicable law. MedRegis acquires no other rights in Subscriber Data.
-
Subscriptions, Fees, and Renewal
9.1 Billing. Parts of the Service are billed on a subscription basis in advance on a recurring monthly or annual cycle, as selected at purchase. A valid payment method is required, and the Subscriber authorises MedRegis to charge all applicable fees.
9.2 Automatic renewal. Each subscription renews automatically for a further term of the same length under the then-current Terms and fees, unless cancelled before the end of the current term through the account management page or by contacting MedRegis support.
9.3 Fee changes. MedRegis may modify fees effective at the start of the next renewal term, on reasonable prior notice. Continued use after a fee change takes effect constitutes acceptance of the change.
9.4 Refunds. Except where required by law, fees are non-refundable.
-
Suspension and Termination
10.1 Suspension. MedRegis may suspend access to the Service immediately, in whole or in part, where it reasonably believes there is a security risk, unauthorised or third-party access, or a breach of clause 3 or clause 5, or as necessary to protect Subscriber Data or the Service.
10.2 Termination. Either party may terminate for material breach that remains uncured 30 days after written notice. MedRegis may terminate or suspend immediately for a breach of clause 3 (Access Control) or clause 5 (Restrictions), or where required by law.
10.3 Effect and data export. On termination, the Subscriber’s right to use the Service ends. Before the termination date, MedRegis will make the Subscriber Data available for export in a commonly used format, whether through self-service tools or by performing the export at the Subscriber’s request within a reasonable period. For sixty (60) days after termination (the “Retention Period”), MedRegis will retain the Subscriber Data and continue to apply the protections of these Terms and the Data Processing Addendum, during which the Subscriber may request a final export. On expiry of the Retention Period, MedRegis may delete the Subscriber Data, subject to any legal retention requirement and to the return-or-deletion terms of the Data Processing Addendum. The Subscriber remains solely responsible for retaining patient and medical records for the periods required by applicable law. Clauses that by their nature should survive termination will survive.
-
Clinical Responsibility
The Service is a tool to assist licensed healthcare providers and does not provide medical advice or clinical recommendations. All clinical decisions — including diagnosis, treatment, prescribing, and the interpretation of information within the Service — are the sole responsibility of the Subscriber and its qualified providers. MedRegis is not liable for any clinical decision, act, omission, or patient outcome arising from use of the Service.
-
AI-Assisted Features
Certain features of the Service use artificial intelligence, including AI-assisted transcription and documentation. AI-generated output may contain errors, omissions, or inaccuracies, is provided as a draft aid only, and must be reviewed and verified by a qualified provider before it is relied upon or entered into a patient record. The Subscriber and its providers remain solely responsible for the accuracy, completeness, and clinical appropriateness of any content derived from AI-assisted features. MedRegis does not warrant the accuracy of AI-generated output and is not liable for any decision made or action taken in reliance on it.
-
Service Availability and Changes
13.1 Changes to the Service. MedRegis may modify, update, add, or discontinue features of the Service from time to time. Where a change would materially reduce core functionality, MedRegis will provide reasonable prior notice.
13.2 Third-party dependencies. The Service relies on third-party services outside MedRegis’s control, including hosting, connectivity, clearinghouses, messaging channels, payment processors, and AI providers. MedRegis is not liable for failures, delays, or interruptions caused by such third-party services, though it will use reasonable efforts to address them.
-
Disclaimer of Warranties
Except as expressly stated in these Terms, the Service is provided “as is” and “as available”, and MedRegis disclaims all warranties, whether express, implied, or statutory, including warranties of merchantability, fitness for a particular purpose, and non-infringement, to the fullest extent permitted by law. MedRegis does not warrant that the Service will be uninterrupted or error-free. This clause does not exclude any warranty that cannot be excluded under applicable law.
-
Limitation of Liability
15.1 General limitation. To the fullest extent permitted by law, neither party will be liable for any indirect, incidental, special, consequential, or punitive damages, or for any loss of profits, revenue, or data, arising out of or relating to these Terms, even if advised of the possibility. Except for the Subscriber’s payment obligations, a party’s indemnification obligations, and either party’s breach of confidentiality, each party’s total aggregate liability arising out of or relating to these Terms will not exceed the fees paid by the Subscriber to MedRegis in the twelve (12) months preceding the event giving rise to the liability. Nothing in these Terms limits liability that cannot be limited under applicable law, including liability to data subjects or the Commissioner under the DPA.
15.2 Customer-caused incidents. MedRegis is not liable for any security incident, unauthorised access, data exposure, or loss arising from the Subscriber’s own acts or omissions, including the sharing of credentials, failure to manage or revoke Authorized User access, or the granting of access to any person in breach of clause 3.
-
Indemnification
The Subscriber will defend, indemnify, and hold harmless MedRegis and its officers, directors, employees, and agents from and against any claims, damages, losses, and reasonable expenses arising out of or relating to: (a) the Subscriber’s breach of clause 3 or clause 5; (b) any access to the Service granted by the Subscriber to a third party or competitor; (c) the Subscriber’s Patient Data or its instructions for processing it; or (d) the Subscriber’s violation of any law or of the rights of any person.
-
Force Majeure
Neither party is liable for any failure or delay in performance (other than payment obligations) caused by events beyond its reasonable control, including acts of God, natural disasters, power or internet failures, acts of government, or third-party service failures. The affected party will use reasonable efforts to mitigate and resume performance.
-
Governing Law and Dispute Resolution
These Terms are governed by the laws of Barbados, without regard to conflict-of-law principles. The parties submit to the exclusive jurisdiction of the courts of Barbados. Before commencing proceedings, the parties will attempt in good faith to resolve any dispute through discussion between senior representatives.
-
Changes to These Terms
MedRegis may amend these Terms by posting the revised Terms and updating the “Last updated” date, and, for material changes, by providing reasonable notice by email or in-Service notice. Continued use of the Service after the revised Terms take effect constitutes acceptance. If the Subscriber does not agree, it must stop using the Service and may cancel in accordance with clause 9.
-
General
20.1 Entire agreement and non-reliance. These Terms, together with the Privacy Policy and Data Processing Addendum, are the entire agreement between the parties regarding the Service and supersede prior agreements on that subject. The Subscriber acknowledges that, in entering into these Terms, it has not relied on any statement, representation, or assurance that is not expressly set out in these documents.
20.2 Assignment. The Subscriber may not assign these Terms without MedRegis’s prior written consent. MedRegis may assign to an affiliate or in connection with a merger or sale of assets.
20.3 Waiver and severability. A failure to enforce a provision is not a waiver. If any provision is held unenforceable, it will be limited to the minimum extent necessary and the remaining provisions will remain in effect.
20.4 Notices. Notices to MedRegis must be sent to legal@medregis.com; notices to the Subscriber may be sent to the account’s registered contact.
-
Contact
Email: legal@medregis.com