Business Associate Contract/HIPAA

The following contract terms are intended to specify VIOPSYS Inc.’s obligations to you as a Business Associate under the Health Insurance Portability and Accountability Act of 1996 ("HIPAA"). Under HIPAA, health care providers have certain obligations to protect information about their patients. This kind of information is called "Protected Health Information." These obligations are spelled out in regulations issued by the United States Department of Health and Human Services ("HHS").

These provisions are intended to be interpreted consistently with HIPAA and all regulations issued by HHS under it. They are also intended to incorporate by reference all other terms and conditions and agreements which apply to the services provided by VIOPSYS Inc. (the “Program”).

Most eye care providers are required to comply with HIPAA. The question whether you must comply with HIPAA and what your compliance program should include is one only you can answer. However, VIOPSYS Inc. will comply with the following conditions with every eye care provider which uses the Services, whatever their status under HIPAA.

One HIPAA requirement is that every health care provider must enter into a "Business Associate Contract" with any other party which obtains or uses Protected Health Information from or on behalf of the health care provider. This kind of party is called a HIPAA "Business Associate." A Business Associate Contract is intended to require the Business Associate to preserve the confidentiality of Protected Health Information. The required terms for every Business Associate Contract have been specified in HIPAA privacy regulations published by HHS.

When you use the Program, you frequently need to provide VIOPSYS Inc. with Protected Health Information, such as for ordering goods or services, or transmitting claims for payment. This makes VIOPSYS Inc. your Business Associate for purposes of HIPAA. VIOPSYS Inc. therefore agrees to protect any Protected Health Information it obtains from you or on your behalf when using the Services as follows:

VIOPSYS Inc. will only use or disclose Protected Health Information it obtains from you or on your behalf for purposes of providing the Services to you, or as otherwise provided in this Agreement.

VIOPSYS Inc. may use and disclose Protected Health Information as necessary for its proper management and administration, or to carry out its legal responsibilities.

At its reasonable discretion, VIOPSYS Inc. may use Protected Health Information to perform data aggregation services on behalf of eye care providers, manufacturers, distributors, and optical laboratories.

VIOPSYS Inc. will not use or disclose Protected Health Information it obtains from you or on your behalf for any other activity or purpose, unless you have authorized VIOPSYS Inc. to do so in writing and such use or disclosure is otherwise permitted by law. VIOPSYS Inc., 10 Knightsbridge Rd, Middletown, DE 19709 T e l 800. 656. 7630 w w w. Retail Eyewear.com

VIOPSYS Inc. will establish and maintain administrative and technical safeguards which it determines are reasonably necessary to protect any Protected Health Information it obtains from you or on your behalf.

If VIOPSYS Inc. becomes aware of any use or disclosure of Protected Health Information obtained from you or on your behalf which is not authorized under these Business Associate Terms and Conditions, VIOPSYS Inc. will take such action as it determines is reasonably necessary to stop such use or disclosure, prevent its recurrence, and mitigate any harm it may have caused. VIOPSYS Inc. will also report any such unauthorized use or disclosure to you.

If VIOPSYS Inc. contracts with or otherwise uses any other person to process, transmit, store or otherwise use or disclose Protected Health Information obtained from or on behalf of you, VIOPSYS Inc. shall ensure that such person agrees to the same restrictions and requirements with respect to such information that apply to VIOPSYS Inc..

If one of your patients asks you to review or copy Protected Health Information which VIOPSYS Inc. maintains for you or on your behalf, upon your written request to our Privacy Officer, VIOPSYS Inc. will provide reasonable access to or copies of such information to you, which you may provide to your patient. If necessary, VIOPSYS Inc. will also make available any such information from any other person which has obtained it on VIOPSYS Inc.’s behalf.

If you have agreed to a request from one of your patients to amend Protected Health Information which VIOPSYS Inc. maintains for you or on your behalf, VIOPSYS Inc. will add that amendment to its own records of that Protected Health Information upon your written request to our Privacy Officer. To the extent reasonable and feasible, VIOPSYS Inc. will notify any other person to which VIOPSYS Inc. has disclosed such information of the amendment. However, amendments cannot be made to previously lab and product orders.

If one of your patients has requested you to provide an accounting of disclosures of his or her Protected Health Information, you will have access to your previously submitted claims and lab and product orders. If you cannot access these transactions on the web site, upon your written request to our Privacy Officer, VIOPSYS Inc. will promptly provide such an accounting of previously sent transactions to you to provide to your patient.

Under HIPAA, HHS may from time to time investigate the compliance of any health care provider with the HIPAA regulations. If you should become the subject of such an investigation, VIOPSYS Inc. will make its internal practices, books and records concerning its use and disclosure of Protected Health Information obtained from you or on your behalf available to HHS, at reasonable times and places and upon proper evidence of the investigator's legal authority.

Consistent with the termination provisions of the Services agreement, you may terminate your use of the Services at any time if you are not satisfied with VIOPSYS Inc.’s compliance with these Business Associate contract terms.

If you terminate your use of the Services for any reason, VIOPSYS Inc. will stop using and disclosing all Protected Health Information it has obtained from you or on your behalf, except in order to (a) complete any transactions VIOPSYS Inc., 10 Knightsbridge Rd, Middletown, DE 19709 T e l 800. 656. 7630 w w w. Retail Eyewear.com

or services which had not been completed as of the termination, or (b) if needed as evidence in regulatory or law enforcement investigative or enforcement proceedings, and administrative or judicial proceedings pertaining to VIOPSYS Inc.’s compliance with these provisions, the Eye Care Provider, and/or any individual(s) to whom the Protected Health Information pertains.

VIOPSYS Inc. may amend these Business Associate contract terms from time to time if VIOPSYS Inc. determines amendment is reasonably necessary to ensure compliance with amendments to or changes in the interpretation of HIPAA or any regulations issued under it, or to accommodate changes in policies, processes or procedures used by VIOPSYS Inc. to protect Protected Health Information. Any such amendment shall be effective upon the publishing of the amended Business Associate Terms and Conditions on the VIOPSYS Inc. website and the notification of those changes on the main page of the web site. If you choose to use the Services after the date on which such amendment is effective, you will be considered to have agreed to the amended terms and conditions.

These Business Associate Contract terms incorporate VIOPSYS Inc.’s Terms and Conditions posted on www.VIOPSYS Inc..com by reference In case of any conflict between these Business Associate Contract terms and the Terms and Conditions on www.VIOPSYS Inc..com when applied to the use, disclosure or protection of Protected Health Information by VIOPSYS Inc., these Business Associate Contract terms will supersede the Terms and Conditions. The Terms and Conditions will supersede these Business Associate Contract terms in case of any other conflict.

PLEASE SIGN THE LINE BELOW INDICATING THAT YOU UNDERSTAND THE TERMS OF THE BUSINESS ASSOCIATE CONTRACT. YOU DO NOT NEED TO RETURN THIS CONTRACT TO US. PLEASE SAVE IN YOUR FILES TO COMPLY WITH HIPAA.

____________________________

Your Signature Date

____________________________

VIOPSYS Inc. Date