Last updated: January 21, 2026
This page contains the Provider SaaS Terms & Conditions and Business Associate Agreement for healthcare practices using SnapShot Health's platform.
Governing access to and use of the SnapShot Health technology platform
These Provider SaaS Terms & Conditions ("SaaS Terms") govern access to and use of the SnapShot Health Inc technology platform by healthcare practices and professional entities ("Provider").
By executing an Order Form or using the Services, Provider agrees to these SaaS Terms.
SnapShot provides a technology and administrative services platform only. SnapShot does not provide medical advice, diagnosis, treatment, clinical decision-making, clinical monitoring, clinical oversight, or patient care services.
Provider retains sole responsibility for:
SnapShot has no obligation to monitor, triage, escalate, or respond to patient data.
Provider authorizes SnapShot to make patient-facing applications available to Provider's patients.
Provider is solely responsible for:
Patient-submitted data may be inaccurate or incomplete. SnapShot has no duty to validate such data.
Fees are due as specified in the Order Form and are not contingent on reimbursement, outcomes, or patient adherence.
SnapShot acts solely as a Business Associate under the Business Associate Agreement set forth in Part II below. Provider retains patient relationships and clinical records.
SnapShot retains all rights to the platform and to aggregated, de-identified data.
Provider shall defend, indemnify, and hold harmless SnapShot from all claims arising out of:
THE SERVICES ARE PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT.
SnapShot's total aggregate liability shall not exceed the fees paid by Provider in the twelve (12) months preceding the claim.
All disputes shall be resolved by confidential binding arbitration in Dallas County, Texas.
Texas law governs these SaaS Terms.
Indemnification, liability limits, arbitration, and IP provisions survive termination.
HIPAA-compliant terms for Protected Health Information
This Business Associate Agreement ("BAA") is entered into by and between SnapShot Health Inc, a Texas corporation ("Business Associate"), and the healthcare provider or entity identified in an applicable Order Form or Provider SaaS Terms ("Covered Entity"), and is effective as of the date services commence.
This BAA is intended to satisfy the requirements of the Health Insurance Portability and Accountability Act of 1996, as amended, and its implementing regulations, including the HIPAA Privacy Rule, Security Rule, and Breach Notification Rule (collectively, "HIPAA").
Terms used but not otherwise defined in this BAA shall have the meanings set forth in HIPAA.
Business Associate may use and disclose Protected Health Information ("PHI") solely as necessary to perform services for Covered Entity as described in the Provider SaaS Terms and applicable Order Forms, and as permitted or required by HIPAA.
Business Associate may use PHI for proper management and administration of its business and to carry out its legal responsibilities, provided that disclosures are required by law or subject to reasonable assurances of confidentiality. Business Associate may de-identify PHI in accordance with 45 C.F.R. ยง164.514(a)-(c). Once de-identified, such data is no longer PHI and may be used and disclosed by Business Associate for analytics, benchmarking, security, platform improvement, and other lawful business purposes.
Business Associate is expressly authorized to make patient-facing applications available to Covered Entity's patients for the purpose of viewing health information and submitting patient-generated health data on behalf of Covered Entity.
Business Associate shall implement appropriate administrative, physical, and technical safeguards to protect the confidentiality, integrity, and availability of PHI in accordance with the HIPAA Security Rule.
Business Associate may use subcontractors that create, receive, maintain, or transmit PHI on its behalf, provided that such subcontractors agree in writing to the same restrictions and conditions that apply to Business Associate under this BAA.
Business Associate shall notify Covered Entity without unreasonable delay, and in no event later than sixty (60) days after discovery, of any breach of unsecured PHI as defined by HIPAA. Business Associate shall also notify Covered Entity without unreasonable delay of any material Security Incident involving PHI, subject to reasonable investigation and mitigation efforts.
Business Associate shall make PHI available to Covered Entity as necessary to satisfy Covered Entity's obligations under HIPAA with respect to access, amendment, and accounting of disclosures.
Business Associate shall make its internal practices, books, and records relating to the use and disclosure of PHI available to the Secretary of the U.S. Department of Health and Human Services as required by HIPAA.
This BAA shall remain in effect until terminated by either party. Either party may terminate this BAA upon material breach by the other party if such breach is not cured within thirty (30) days of written notice.
Upon termination, Business Associate shall return or destroy PHI if feasible, or continue to protect such PHI if return or destruction is not feasible.
Business Associate shall not sell PHI or use PHI for marketing or advertising purposes.
This BAA is governed by the laws of the State of Texas, to the extent not preempted by federal law.
This BAA may be amended as necessary to comply with changes in applicable law.
In the event of a conflict between this BAA and the Provider SaaS Terms or any Order Form, this BAA shall control with respect to PHI.
If you have any questions about this Agreement, please contact us:
SnapShot Health Inc
Dallas, Texas
Email: support@snapshothealth.io
Phone: (469) 342-3753
