Retail Informatics Data and Services Agreement between NDC Health Information Services (Arizona) Inc. and NDCHealth Corporation

Contract Categories: Business Operations Services Agreements
Summary

This agreement, effective January 6, 2006, is between NDC Health Information Services (Arizona) Inc. (Provider) and NDCHealth Corporation. The Provider agrees to supply NDCHealth with access to specific retail pharmacy data and related services, maintaining a dedicated data repository and meeting certain service levels. NDCHealth is allowed to use this data for its informatics products but cannot alter the original data. The agreement outlines data access protocols, security restrictions, and conditions under which data delivery may change due to legal or contractual requirements.

Read More Arrow
EX-10.3 4 g99130exv10w3.txt EX-10.3 RETAIL INFORMATICS AND SERVICES AGREEMENT Exhibit 10.3 CONFORMED COPY RETAIL INFORMATICS DATA AND SERVICES AGREEMENT THIS RETAIL INFORMATICS DATA AND SERVICES AGREEMENT is made and entered into as of January 6, 2006 (the "Effective Date") by and between NDC Health Information Services (Arizona) Inc., a Delaware corporation ("Provider"), and NDCHealth Corporation, a Delaware corporation ("NDCHealth"). RECITALS Provider is in the business of the business of providing data, analytics and information management support solutions to pharmaceutical manufacturers, Biotechnology Firms, Medical Device Manufacturers, Wall Street investment and private equity firms (buy and sell side) for purposes of their pharmaceutical and biotechnology analysis and governmental payors, enabling them, among other things, to evaluate performance, develop strategies and optimize their marketing and sales efforts, rebate spend and clinical trial recruitment efforts (the "IM Business"). NDCHealth is in the business of (i) processing, editing and transmitting pharmacy and medical data between providers (pharmacy, physician, hospital) and payers (commercial, non-profit and government) and other parties (government reporting, etc.), (ii) the development, sale and maintenance of systems for the pharmacy, high volume (mail order, payers), hospital and physician markets and claims cash flow management systems for the hospital industry and (iii) the development, sale, license and conveyance of informatics products to the retail pharmacy industry, Medical Device Manufacturers (limited to utilization review) and third-party payers. Immediately prior to the Effective Date, Provider was a wholly owned subsidiary of NDCHealth. Upon the closing of the transactions contemplated by that certain Stock Purchase Agreement, dated as of August 26, 2005, by and among Wolters Kluwer Health, Inc. ("WKHI"), NDCHealth and Provider, WKHI is acquiring, as of the Effective Date, all of the issued and outstanding equity interests of Provider (the "Sale Transaction"). Simultaneously herewith Client and NDCHealth have entered into a Data Supply and Services Agreement (the "Data Supply Agreement"), a Transition Services Agreement (the "Transition Services Agreement") and a Contribution Agreement. Upon the closing of the transactions contemplated by that certain Agreement and Plan of Merger, dated as of August 26, 2005, by and among Per-Se Technologies, Inc., a Delaware corporation ("Patriot"), NDCHealth, and Royal Merger Co., a Delaware corporation and a wholly owned subsidiary of Patriot ("Purchaser"), Purchaser will merge with and into NDCHealth (the "Merger") such that NDCHealth will continue as the surviving corporation and a wholly owned subsidiary of Patriot following the Merger. Prior to consummation of the Sale Transaction, Provider provided to NDCHealth through intercompany arrangements access to discrete databases populated with aggregations of retail pharmacy data requested by NDCHealth, which aggregations were drawn from Provider's databases of retail pharmacy data and were used by NDCHealth in its development, sale and servicing of retail pharmacy and payer informatics products and services. Provider also provided NDCHealth with certain support services related to such databases. The parties are entering into this Agreement to set forth the terms and conditions pursuant to which Provider shall continue to provide NDCHealth with access to data and related services after consummation of the Sale Transaction. As an integral part of the long-term commercial relationship contemplated by this Agreement and as a partial inducement to Provider to enter into this Agreement, NDCHealth has agreed to contemporaneously enter into the Data Supply Agreement. Capitalized terms shall have the meanings ascribed to them in Section 13 of this Agreement. NOW, THEREFORE, for and in consideration of the above premises, the mutual promises contained herein and other good and valuable consideration, the receipt and sufficiency of which are hereby acknowledged, the parties hereto, intending to be legally bound, hereby agree as follows: 1. DATABASE ACCESS; SCRUBBING; PROVIDER CERTIFICATIONS; MONITORING (a) RI Data. Subject to the terms and conditions of this Agreement, during the Term, Provider shall provide NDCHealth with access to the RI Data Repository, that will be populated by Provider with RI Data and Purchased Data. Provider shall populate the RI Data Repository with aggregations of RI Data requested by NDCHealth as more fully set forth in the Service Level Commitments. The parties acknowledge that Provider shall maintain the RI Data Repository separate and apart from Provider's other databases and data storage. (b) Access to and Population of Databases. i. Provider shall provide NDCHealth with access to the RI Data and RI Data Repository in accordance with the RI Data Access Protocols. NDCHealth's access to the RI Data Repository shall be subject to reasonable security restrictions, including restrictions that prohibit NDCHealth from accessing data elements to the extent such access is prohibited by the terms of Provider Data Agreements. NDCHealth shall not be permitted to modify any data located in the RI Data Repository, provided that NDCHealth shall be permitted to extract data from the RI Data Repository and copy such data to a separate database for purposes of developing and delivering Certified Products. Access to the RI Data Repository shall be sufficient, in all cases, to permit NDCHealth to 2 perform the analyses with respect to the RI Data Products and to create and deliver the RI Data Products in accordance with the Service Level Commitments and RI Data Access Protocols. Provider shall, at its expense, maintain the RI Data Repository in a manner sufficient to provide NDCHealth with such access to and use of the RI Data in accordance with the Service Level Commitments and RI Data Access Protocols. ii. Provider shall populate the RI Data Repository with the RI Data with the aggregations requested by NDCHealth and shall refresh the RI Data included in the RI Data Repository in accordance with the Service Level Commitments. Provider shall retain no less than twenty four (24) data months of history (on a rolling basis) of RI Data in the RI Data Repository. Provider shall make the RI Data available to NDCHealth within the RI Data Repository in the format specified in the Service Level Commitments. iii. Provider covenants and agrees that during the Term, the RI Data made available to NDCHealth will consist of (a) at least forty percent (40%) of the Retail Prescription Data (unless otherwise agreed by the parties) and (b) at least seventy-five percent (75%) of the IM Prescription Data. (c) Alterations to Covered Data and Delivery. i. Notwithstanding the terms of this Agreement, Provider retains the right at any time during the Term to alter the content, format, method or timing of delivery of, the RI Data if Provider determines, in its reasonable discretion exercised in accordance with Provider's policies and procedures (applied in a non-discriminatory manner with respect to similar circumstances), that such alteration is required as a result of (i) changes in the Act or other Applicable Laws, (ii) the passage of any new Applicable Laws, (iii) the issuance of a published interpretation of the Act or any other Applicable Law by a Governmental Body, or (iv) the terms of the Provider Data Agreements (each of the enumerated items are hereinafter referred to as a "Data Alteration Event"). If Provider determines any such alteration is required, Provider will notify NDCHealth as soon as reasonably practicable and provide NDCHealth with an explanation of the reasons for the alteration. ii. Provider covenants and agrees that it shall use commercially reasonable efforts to cause the terms of the IM Business Agreements to permit or, in the case of Provider Data Agreements that are executory as of the Effective Date, to continue to permit, Provider to license the data to NDCHealth in the manner described in this Agreement. 3 iii. Provider covenants and agrees that it shall use commercially reasonable efforts to ensure that any IM Business Agreements also constitute Provider Data Agreements. iv. Provider shall use commercially reasonable efforts to provide NDCHealth with sixty (60) days (or such shorter period as is practicable under the circumstances) advance notice of any termination or non-renewal of a Provider Data Agreement. (d) Repopulation; Retention of Data. i. If any RI Data is damaged or unreadable and NDCHealth notifies Provider thereof in writing within five (5) days after NDCHealth is provided access to such RI Data, Provider shall re-populate the RI Data Repository with replacement RI Data within two (2) days of its receipt of written notice from NDCHealth. ii. Provider shall retain the RI Data on computer magnetic tapes or other media deemed appropriate by Provider for the RI Data for a period of the longer of six (6) years or such period as may be required by the Act or other Applicable Laws. If NDCHealth desires that Provider retain the RI Data for longer periods, NDCHealth shall provide Provider with such a request and Provider shall provide NDCHealth with an estimate of the resulting increase in costs to Provider. If NDCHealth agrees in writing to reimburse Provider an amount equal to the lesser of such estimated increase in costs and Provider's actual increase in costs pursuant to Section 6(b) of this Agreement, Provider shall extend its retention of the RI Data for such longer period. (e) De-Identification and Encryption of Covered Data. Before delivering RI Data to NDCHealth, Provider shall de-identify the RI Data to Level 1 De-Identification and shall utilize the Encryption Engine to encrypt the RI Data. (f) Provider Certifications. Provider shall provide NDCHealth with an annual RI Data Certification, an annual Level I Certification, an annual Level II Certification and an annual Security Certification, in each case in accordance with the Data Security Requirements. Each RI Data Certification, Level I Certification, Level II Certification and Security Certification shall be in the form set forth in the Data Security Requirements and shall be signed by a Qualified Statistician reasonably acceptable to NDCHealth. All fees and expenses incurred by Provider in obtaining such Certifications shall be borne by Provider. (g) DISCLAIMER. NDCHEALTH ACKNOWLEDGES THAT THE COMPLETENESS OF THE DATA ELEMENTS INCLUDED IN THE RI DATA IS DEPENDENT UPON THE DATA ELEMENTS INCLUDED IN THE CLAIMS DATA RECEIVED BY PROVIDER FROM THE PHARMACIES 4 PROVIDING SUCH DATA. PROVIDER MAKES NO REPRESENTATIONS OR WARRANTIES REGARDING THE RI DATA, AND HEREBY DISCLAIMS ALL IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, COMPLETENESS, AND ACCURACY. (h) Discovery of PHI. NDCHealth shall notify Provider immediately if NDCHealth becomes aware of any PHI included in the RI Data. Following such notice, NDCHealth shall consult with Provider regarding treatment and handling of the RI Data determined to contain PHI and shall destroy all RI Data including PHI in NDCHealth's possession in a manner satisfactory to Provider and shall certify such destruction to Provider in writing. 2. LICENSE TO USE RI DATA; PROHIBITED USES; OWNERSHIP (a) Licenses. Subject to the restrictions set forth in this Agreement and any limitations imposed by Applicable Laws, Provider hereby grants to NDCHealth (i) an exclusive (even as to Provider), world-wide, transferable, fully-paid, royalty-free, irrevocable license to the RI Data for use by NDCHealth in the NDC Field, for a period of ten (10) years commencing on the Effective Date, and (ii) a non-exclusive, world-wide, transferable, fully-paid, royalty-free, irrevocable license to the RI Data for all other lawful uses, except the IM Field during the Term, each in accordance with the terms and conditions of this Agreement. (b) Scope of Use. Subject to the restrictions set forth in this Agreement, NDCHealth shall be permitted to use, copy, extract, compile, assimilate, manipulate, analyze and otherwise process and modify the RI Data for purposes of incorporating the RI Data into Certified Products, and may license, sublicense, transmit and distribute the RI Data, as incorporated into Certified Products, to third parties in accordance with the terms of this Agreement, in each case for purposes of, or in connection with, the development, sale, license or other conveyance of Certified Products to the Retail Pharmacy Industry, Health Care Providers, non-governmental third party payers and consumers. (c) Certain Covenants. Notwithstanding the licenses granted pursuant to this Section 2 or any other term of this Agreement, NDCHealth covenants and agrees that it shall not engage, and shall not cause or permit any Person acting on its behalf or at its direction to engage, at any time in any Prohibited Use of the RI Data. Provider covenants and agrees that it shall not (i) for a period of ten (10) years beginning on the Effective Date, use the RI Data to create, sell or deliver to Health Care Providers, non-governmental third party payers or consumers those NDC Products Provider is restricted from providing to each of Health Care Providers, non-governmental third party payers or consumers pursuant to Section 11 of the Data Supply Agreement and Schedule 11(b) to the Data Supply Agreement, or (ii) during the entire Term, use the RI Data (1) to create, sell or deliver to customers in the Retail Pharmacy Industry those NDC Products 5 Provider is restricted from providing to customers in the Retail Pharmacy Industry pursuant to Section 11 of the Data Supply Agreement and Schedule 11(b) to the Data Supply Agreement or (2) to provide network services. (d) Survival. The licenses granted pursuant to this Section 2 shall survive the expiration or earlier termination of this Agreement with respect to RI Data provided to NDCHealth before the effective date of such expiration or termination, provided NDCHealth remains in compliance with all terms and conditions of this Agreement applicable to such RI Data and provided further that any such surviving license shall, in respect of RI Data initially licensed exclusively, revert to a non-exclusive license six years after the date of purchase but in any event not sooner than the end of the Term. (e) Ownership of Purchased Data. As between the parties, (i) all rights in and to the Purchased Data (including, but not limited to, all intellectual property rights therein) shall remain the property of Provider or such other licensor of the Purchased Data to Provider and (ii) all rights in and to the Certified Products (including, but not limited to, all intellectual property rights therein), shall remain the property of NDCHealth. NDCHealth shall acquire no right, title or interest in or to the Purchased Data except as otherwise expressly provided in this Section 2. Nothing in this Agreement shall be deemed to confer upon Provider or any other Person any right, title or interest in or to the NDC Data, the ownership of which is governed in all respects by the terms of the Data Supply Agreement. 3. NDCHEALTH CERTIFICATIONS (a) Security Certification. NDCHealth shall provide Provider with an annual Level II Certification and an annual Security Certification in accordance with the Data Security Requirements. (b) Level II Certifications. Prior to any offer for sale, sale, license, delivery or other conveyance by NDCHealth, or by any Person acting on NDCHealth's behalf or at Provider's direction, of an RI Data Product, NDCHealth shall provide Provider with Level II Certifications for such RI Data Product in accordance with the Data Security Requirements. (c) Level III Certifications. Any material change or modification to a Certified Product or to the permitted or prohibited uses of a Certified Product must be preceded by a Level III Certification delivered to and approved by Provider pursuant to this Section 3(b). The implementation of any material change or modification to a Certified Product or to the permitted or prohibited uses thereof that has not been preceded by a Level III Certification delivered to Provider in accordance with the Data Security Requirements and this Section 3(b) shall result in the affected RI Data Product(s) no longer constituting Certified Products for purposes of this Agreement. For purposes of this Agreement, any modification to 6 a Certified Product or to its permitted or prohibited uses shall be deemed material if, in Provider's reasonable discretion exercised in accordance with Provider's policies and procedures (applied in a non-discriminatory manner with respect to similar circumstances), such modification could reasonably be expected to adversely impact the validity of the Level II Certification or Level III Certification applicable to such Certified Product. (d) Form of Certifications. Each NDCHealth Certification shall be signed by a Qualified Statistician reasonably acceptable to Provider. All fees and expenses incurred by NDCHealth in obtaining such certifications shall be borne by NDCHealth. (e) Additional Certifications. If any third party from which Provider obtains data that is included within the Purchased Data is entitled, pursuant to a Provider Data Agreement governing the provision of such data, to receive certifications, in addition to those set forth in this Section 3, NDCHealth shall provide such certifications as a condition to the inclusion within the Purchased Data of the data provided by such third party. NDCHealth may at any time at NDCHealth's reasonable discretion, upon ninety (90) days' prior written notice to Provider, alter any aspects of the policies and procedures relating to NDCHealth's determination of whether to issue a particular NDCHealth Certification; provided that, if at any time during the 90-day notice period set forth in this paragraph, Provider determines, in its reasonable discretion, that a proposed alteration would not be consistent with this Agreement (including the Data Security Requirements) the Act, Applicable Laws or the Provider Data Agreements, NDCHealth will refrain from effecting the proposed alteration until such time as Provider has consented in writing to the proposed alteration. 4. AUDIT RIGHTS AND DATA SUSPENSION (a) Audit Rights. Subject to the provisions of this Section 4, Provider may, at any time upon reasonable notice to NDCHealth, engage a third party auditor reasonably acceptable to NDCHealth to inspect and audit the systems, operations, processes, records and leased and owned premises of NDCHealth (or of any Person performing services on behalf of or at the direction of NDCHealth, that relate to or impact in any material respect the transmission, processing or storage of the RI Data or the sale, license, delivery, distribution or other conveyance of any RI Data Product for purposes of confirming NDCHealth's compliance with the terms, conditions and requirements of this Agreement. NDCHealth shall include in its contracts with Persons performing functions on behalf of or at the direction of NDCHealth, which functions are within the scope of the audit rights afforded Provider pursuant to this Section 4(a), terms requiring such Persons to grant Provider sufficient access to such Persons' systems, processes, operations, records and premises to enable Provider to exercise fully its rights hereunder; provided that NDCHealth shall not be required to include in its leases such terms 7 if NDCHealth otherwise has the right to allow Provider access to such premises. Provider may engage a third party, reasonably acceptable to NDCHealth, to perform audits in accordance with this Section 4(a) on behalf of Provider, provided (i) such third party is not engaged in a business that is competitive with the business engaged in by NDCHealth and (ii) such third party enters into a confidentiality or similar agreement placing reasonable restrictions on such third party's use of any confidential information of Provider obtained by the third party during its performance of the audit. For purposes of this Section 4(a), "reasonable notice" means notice of at least five (5) calendar days, or such shorter period that Provider demonstrates it reasonably requires; provided, however that Provider shall be permitted to exercise its audit rights under this Section 4(a) immediately and without advance notice if the audit pertains to a suspected breach of the terms of Section 2(a), 2(b) or 2(c) of this Agreement or a suspected violation of the Act or other Applicable Laws. Provider may perform an audit under this Section 4(a) no more often than twice in any (12) month period, except that Provider may perform such audits more often if the audit pertains to a suspected breach of the terms of Section 2(a), 2(b) or 2(c) of this Agreement or a suspected violation of the Act or other Applicable Laws, or if otherwise required under the Act or any other Applicable Laws or if required by a court or another Governmental Body. NDCHealth shall cooperate, as reasonably requested by Provider, in any audits performed on behalf of Provider or by any third party engaged by Provider pursuant to this Section 4(a). Any audits performed by Provider (or a third party engaged by Provider) pursuant to this Section 4(a) shall be conducted at the expense of Provider. During the Term and for a period of six (6) years thereafter, or for such longer period as may be required by the Act or other Applicable Laws, NDCHealth shall retain sufficient historical business records, for a period of at least six (6) years, to evidence compliance with its obligations under this Agreement, the Act and all other Applicable Laws. Any notice of Provider's intent to conduct an audit pursuant to this Section 4(a) shall be provided in writing to an individual designated by NDCHealth to receive such notice, and to NDCHealth at the address specified in Section 12(d) of this Agreement. Any audit conducted pursuant to this Section 4(a) shall be conducted so as to minimize any disruption to the conduct of NDCHealth's day-to-day operations to the extent reasonably possible in light of the circumstances, and otherwise in a commercially reasonable manner. (b) Data Suspension. If Provider's auditor determines, in its reasonable discretion after completing any audit arising pursuant to Section 4(a), a Data Alteration Event has occurred or that any change in NDCHealth's transmission, use or storage of the RI Data or any Certified Product (i) constitutes a breach of the terms of Section 2(a), 2(b) or 2(c) of this Agreement, (ii) is not in compliance with the Act, other Applicable Laws or the terms of any Provider Data Agreement or (iii) poses greater than a Very Small risk that RI Data in a particular RI Data Category could be used or disclosed in a manner to identify individuals, Provider shall immediately notify NDCHealth of such determination, and Provider may, upon delivery of such notice, suspend transmission of the RI Data included in 8 each RI Data Category which Provider's auditor determines, in its reasonable, good faith discretion, should be suspended in response to such Data Alteration Event or in order to eliminate such breach, non-compliance or greater risk. In such event (a "Data Suspension Event"), Provider shall (i) continue to produce, but deny NDCHealth access to, the RI Data contained in each suspended RI Data Category, (ii) store all RI Data produced during such Data Suspension Event and included in the suspended RI Data Category, and (iii) upon a joint determination by the parties that delivery of the RI Data included in a suspended RI Data Category may be resumed in compliance with the Act, other Applicable Laws and the terms of this Agreement and the Provider Data Agreements, transmit such stored RI Data to NDCHealth and resume ongoing delivery of the RI Data included in such RI Data Category. 5. SERVICES; USE OF PROVIDER PREMISES (a) Data Support Services. During the Term, Provider shall provide reasonable data support services in accordance with the Service Level Commitments, and shall make available to NDCHealth employees of Provider with sufficient experience and expertise in the operational matters related to the collection, aggregation and transmission of the RI Data and access to and use of the RI Data Repository to provide the data support services to Client. The parties anticipate that the data support services shall be provided primarily by telephone and email communications. Notwithstanding the foregoing, if requested by NDCHealth, Provider shall provide the data support services on-site at NDCHealth facilities; provided that NDCHealth must provide Provider with reasonable advance notice of a request for on-site support. Provider shall cause any of its employees providing data support services at NDCHealth facilities to comply with all rules and guidelines of NDCHealth applicable to conduct in its premises, including security protocols. Provider shall be responsible for the conduct of its employees while present in NDCHealth facilities and shall take all reasonable precautions to prevent the occurrence of any injury to persons or property or any interference with the operations of NDCHealth. (b) Provider Systems; NDCHealth Materials. Provider hereby grants to NDCHealth a non-exclusive, non-transferable license to use the IM Systems during the Term in connection with the development, production and servicing of Retail Informatics Products. (c) Select Client Databases. The parties agree that from and after the relocation of the Select Client Databases from Provider's Data Center to NDCHealth's facilities, for the remainder of the Term, Provider shall continue to populate the Select Client Databases with RI Data in accordance with the terms of this Agreement notwithstanding their relocation and shall be responsible for transmission of the RI Data to the Select Client Databases after their relocation to an NDCHealth facility and all costs associated with such transmission. 9 (d) PPE Data Feed. During the Term, Provider shall provide data files supporting the NDCHealth pre- and post-editing product, and the NDCHealth Intelligent Network product in accordance with the Service Level Commitments. Such data files shall include both market information regarding usual and customary pricing, as well as physician DEA identification files in the formats identified in, and provided in accordance with, the Service Level Commitments. Additionally, Provider shall provide monthly prescription counts and total associated dollars segregated by retail and mail order segments on a national basis in order to allow NDCHealth to continue marketshare calculations. Provider shall be responsible for license fees associated with the provision of such data files. (e) New Services. NDCHealth may request from time to time during the Term that Provider provide to NDCHealth New Services in addition to those described in this Section 5 as required to be provided to NDCHealth as of the Effective Date. Provider shall cooperate in good faith regarding any requests by NDCHealth that Provider perform New Services. The terms and conditions pursuant to which Provider would provide New Services, including any fees that would be payable by NDCHealth to Provider in consideration of its performance thereof, shall be agreed upon by the parties in writing prior to the commencement of the performance of any New Services by Provider; provided, however, that if the parties are unable to agree on the terms and conditions pursuant to which Provider would provide any New Services, Provider shall not be required to provide such New Services. 10 (f) Use of Provider Premises by NDCHealth Employees. The parties acknowledge that as of the Effective Date six (6) employees of NDCHealth that are engaged in NDCHealth's retail informatics business are provided with office space at Provider's offices located at 2394 East Camelback Road, Phoenix, Arizona. During the Term, Provider shall continue to allow such NDCHealth employees (or new employees who replace such employees) to occupy and utilize, without charge, similar office space and facilities at such premises (or any similar premises to which Provider may relocate during the Term). NDCHealth shall cause its employees occupying such premises to comply with all rules and guidelines of Provider applicable to conduct in its premises, including security protocols. NDCHealth shall be responsible for the conduct of its employees while present in Provider facilities and shall take all reasonable precautions to prevent the occurrence of any injury to persons or property or any interference with the operations of Provider. (g) During the Term, Provider shall (i) provide NDCHealth access to Provider's Delivery Tracking System for use in connection with the license by Provider to NDCHealth of the RI Data and the access by NDCHealth to the RI Data Repository and the RI Data; (ii) support and maintain the Delivery Tracking System, including, without limitation, appropriate network connectivity, at levels and in a manner consistent with practices on the Effective Date, and (iii) provide on a periodic basis such reports containing such information and in a format, in each case, as reasonably requested by NDCHealth, to allow NDCHealth to meet its financial reporting obligations. 6. PAYMENTS AND INVOICING (a) Data Fees. In consideration of the performance by Provider of its obligations under this Agreement and the license to the RI Data granted to Provider hereunder, NDCHealth shall pay to Client the Data Fees. (b) Reimbursement of Costs. To the extent Provider agrees, in its discretion, to provide any modified data or modified services hereunder or any modifications in the manner in which data or services are provided hereunder, such modifications shall be agreed upon in writing in advance by the parties. In addition to the payment to Provider of any fees that may be agreed upon by the parties in connection with such modifications, NDCHealth shall reimburse Provider for any actual additional costs incurred by Provider as a result of such modifications, and shall reimburse Provider for the actual cost of all travel, travel-related (including food, lodging and incidental) and out-of-pocket expenses incurred by Provider employees in performing the Data Support Services at NDCHealth sites, provided in each case that such expenses are reasonable and evidenced by sufficient documentation provided to NDCHealth. 11 (c) Fees for New Services. Any fees payable by NDCHealth to Provider in connection with Provider's performance of New Services shall be agreed upon by the parties in writing pursuant to Section 5(e). (d) Payment and Invoice. Within fifteen (15) days after the end of each calendar month during the Term, Provider shall deliver an invoice to NDCHealth for one-twelfth (1/12) of the applicable year's Data Fees and any amounts that may be payable pursuant to Section 6(b) and Section 6(c) of this Agreement with respect to such calendar month. Each invoice shall provide in reasonable detail a breakdown of the amounts invoiced among Data Fees, expenses and fees for New Services, as applicable. Each invoice shall be accompanied by a Provider certification setting forth, with respect to such calendar month, (a) the percentage of the Retail Prescription Data of which the RI Data consists and (b) the percentage of the IM Prescription Data of which the RI Data consists. NDCHealth shall pay to Provider all invoiced amounts not in dispute within thirty (30) days of NDCHealth's receipt of each invoice. (e) Withholding of Disputed Amounts. NDCHealth shall have the right to dispute in good faith any amount included in any invoice delivered pursuant to this Agreement and to withhold from payment of any such invoice the amount in dispute. If any invoice is disputed, the undisputed amount shall be timely paid and the parties shall negotiate in good faith a resolution for the remainder; provided, however, that if the parties cannot reach agreement on any disputed amount, the matter shall be resolved in accordance with Section 10 of this Agreement. If NDCHealth disputes the amount of any invoice, it shall provide Provider with a written notice setting forth the disputed amount and the reasons therefor. Any deduction of a disputed amount of an invoice that is not specifically agreed to by Provider in writing and that finally is determined to have been improperly withheld shall be paid promptly by NDCHealth, plus interest thereon computed at a rate equal to one-half percent (0.5%) per month of the improperly withheld amount accruing from the date when payment was due until the date paid. (f) Late Fees. Provider may assess NDCHealth a late payment charge on any amount not in dispute that remains unpaid by NDCHealth after it is due, computed at a rate equal to one-half percent (0.5%) per month of the unpaid amount accruing from the date when payment was due until the date paid. (g) Taxes. NDCHealth shall be responsible for all sales, use, transfer, privilege, excise, charges; surcharges; or other taxes, however designated, which are levied or imposed by a Governmental Body by reason of the transactions contemplated hereby, excluding income taxes which may be levied against Provider. (h) Audit Rights. NDCHealth may, at any time upon reasonable notice to Provider, inspect and audit the books and records of Provider for purposes of confirming the accuracy of amounts invoiced to NDCHealth by Provider and the percentage of 12 the Retail Prescription Data and the IM Prescription Data of which the RI Data consists as certified by Provider (but not more than once in any six month period) pursuant to this Agreement. NDCHealth may engage a third party to perform audits in accordance with this Section 6(h) on behalf of NDCHealth, provided (i) such third party is not engaged in a business that is competitive with the business engaged in by Provider and (ii) such third party enters into a confidentiality or similar agreement placing reasonable restrictions on such third party's use of any confidential information of Provider obtained by the third party during its performance of the audit. Audits conducted pursuant to this Section 6(h) shall be conducted in a manner that does not unreasonably disrupt or delay Provider's business operations and in compliance with the reasonable security procedures of Provider. Provider shall cooperate, as reasonably requested by NDCHealth, in any audits performed by NDCHealth (or by any third party engaged by NDCHealth) pursuant to this Section 6(h). For purposes of this Section 6(h), "reasonable notice" means notice of at least five (5) calendar days or such shorter period that Client demonstrates it reasonably requires. Any audits performed by NDCHealth (or a third party engaged by NDCHealth) pursuant to this Section 6(h) shall be conducted at the expense of NDCHealth. Provider shall retain sufficient historical business records, for a period of at least three (3) years, to evidence the accuracy of the amounts invoiced to NDCHealth pursuant to this Agreement during the Term and for a period of three (3) years thereafter. 7. TERM AND TERMINATION (a) Term. The term of this Agreement (the "Term") shall begin on the Effective Date and, unless terminated earlier pursuant to Section 7(c) or Section 7(d) or extended pursuant to Section 7(b), shall continue until 12:01 a.m. Atlanta, Georgia time on the twentieth (20th) anniversary thereof. (b) Extension of Term. Unless Provider provides written notice to NDCHealth no less than six (6) months prior to the end of the Term that Provider will not extend the Term, the parties shall negotiate in good faith the terms and conditions applicable to, and the duration of, an extension of the Term. If the parties have not agreed upon the terms and conditions applicable to an extension of the Term by the date two (2) months prior to the expiration of the Term, this Agreement shall expire at the end of the Term. (c) NDCHealth Rights to Terminate. NDCHealth may terminate this Agreement immediately upon the occurrence of any one or more of the following events: i. upon the fifth anniversary of the Effective Date, pursuant to written notice delivered to Provider not less than thirty (30) days prior to the fifth anniversary of the Effective Date; or ii. upon (A) the adjudication of Provider to be bankrupt or insolvent, (B) the filing of a petition in bankruptcy or insolvency by or against Provider, or 13 the filing of a petition seeking the appointment of a receiver with respect to all or a substantial part of the property of Provider, (C) the filing by Provider of a petition seeking reorganization of its debts or financial structure under a law relating to insolvency or bankruptcy, or (D) the institution by Provider of any proceedings for liquidation or winding up of its business (other than for purposes of reorganization, consolidation or merger), provided that Provider shall have sixty (60) days to obtain a stay from or dismiss any filings under this Section 7(c)(ii) that are commenced by third-parties. (d) Provider Rights to Terminate. Provider may terminate this Agreement immediately upon the occurrence of any one or more of the following events: i. subject to the provisions of Section 6(e), upon NDCHealth's non-payment of amounts owed to NDCHealth within five (5) days following an arbitrator's final award in NDCHealth's favor in accordance with Section 10; or ii. upon (A) the adjudication of NDCHealth to be bankrupt or insolvent, (B) the filing of a petition in bankruptcy or insolvency by or against NDCHealth, or the filing of a petition seeking the appointment of a receiver with respect to all or a substantial part of the property of NDCHealth, (C) the filing by NDCHealth of a petition seeking reorganization of its debts or financial structure under a law relating to insolvency or bankruptcy, or (D) the institution by NDCHealth of any proceedings for liquidation or winding up of its business (other than for purposes of reorganization, consolidation or merger), provided that NDCHealth shall have sixty (60) days to obtain a stay from or dismiss any filings under this Section 7(d)(ii) that are commenced by third-parties. (e) Rights and Obligations upon Expiration or Termination. Following the expiration or termination of this Agreement, neither party shall have any further rights, privileges or obligations hereunder except that such expiration or termination shall not (i) relieve either party of any liability accrued or liability for any breach occurring prior to the effective date of such expiration or termination and (ii) affect the continued operation or enforcement of any provision of this Agreement which by its express terms or reasonable implication is to survive any expiration or termination of this Agreement, including (A) Sections 2, 3 and 4, in each case solely with respect to RI Data made available to NDCHealth prior to the expiration or termination of this Agreement, (B) Section 6, solely with respect to payment obligations arising out of periods prior to the expiration or termination of this Agreement, (C) this Section 7(e), and (D) Sections 8, 9, 10 and 11. In addition to the foregoing, to the extent this Agreement expires or is terminated for any reason, but in spite of such expiration or termination Provider continues to make RI Data available to NDCHealth subsequent to such expiration or termination, then the terms and conditions of this Agreement shall continue to 14 govern such RI Data access until such time as another Agreement is executed by the parties which is meant to supersede this Agreement or until Provider discontinues the provision of RI Data to Client. 8. CONFIDENTIALITY (a) Definition of Confidential Information. As used herein, the term "Confidential Information" means information in the possession or under the control of a party relating to a party's technical, marketing, product and business affairs, including customer, prospect, price, and other proprietary and trade secret information, whether oral, graphic, written, electronic or in machine readable form, and includes all computer programs (and source code therefor), all amounts paid or payable to Provider under Section 6 hereof, all information relating to the payment of such amounts, all proposals, plans, programs, analyses, compilations, forecasts, studies or other documents prepared by a party or by them jointly relating to the subject matter of this Agreement, including the terms of this Agreement. Confidential Information does not include information which (i) was in the public domain before disclosure, (ii) becomes part of the public domain after disclosure by a publication or other means except by a breach of this Agreement by the receiving party, (iii) was received from a third party under no duty or obligation of confidentiality to the disclosing party, or (iv) was independently developed by the receiving party without reference to Confidential Information. (b) Use of Confidential Information. Each party acknowledges that it and its affiliates, and its or their respective employees, agents and/or subcontractors, has had prior to the Effective Date, and/or may have in performing its obligations and/or exercising rights under this Agreement, access to or be directly or indirectly exposed to Confidential Information of the other party. Except as may be required to: (i) facilitate either party's performance of its obligations and/or exercise of its rights under this Agreement; or (ii) comply with any applicable law, court order or Exchange Rule, each party covenants and agrees that it shall hold confidential all Confidential Information of the other party and shall not use or disclose such Confidential Information without the express consent of the disclosing party. Each party shall take reasonable measures and efforts to provide protection for the disclosing party's Confidential Information, including measures at least as strict as those the receiving party uses to protect its own Confidential Information. A party may disclose Confidential Information of the other party only with such other party's prior written consent or as otherwise required by law, court order or Exchange Rule; provided that in each case the parties shall use all reasonable efforts to limit the disclosure and maintain confidentiality of such Confidential Information to the extent reasonably possible. If a party is served with a court or administrative order requiring any disclosure of the other party's Confidential Information, or determines that it is obligated to disclose the other party's Confidential Information pursuant to an Exchange Rule, the party receiving such order or bound by such Exchange Rule shall immediately notify 15 the other party in writing of such service or determination and fully comply with the provisions of Section 8(c) of this Agreement. Upon termination or other expiration of this Agreement, all Confidential Information disclosed by a party to a receiving party shall be returned to the disclosing party or, upon the request of the disclosing party, shall be promptly destroyed and certified as destroyed by the receiving party; provided, however, that any RI Data shall not be returned or destroyed, but shall be maintained in accordance with this Agreement. The obligations of the parties under this Section 8 shall survive the expiration or termination of this Agreement. (c) Notice of Orders Requiring Disclosure of Confidential Information. Each party shall immediately notify the other party in writing of any subpoena, order (judicial or administrative) or Exchange Rule requiring disclosure of Confidential Information obtained from the other party. The party whose Confidential Information is sought to be disclosed may, at such party's cost, attempt to prevent or limit the disclosure by appropriate legal means prior to any such disclosure being made. Each party shall cooperate fully with the other party in challenging any subpoena, order or Exchange Rule requiring disclosure of Confidential Information. (d) Equitable Remedies. The parties acknowledge and agree that irreparable harm would result to a party upon any breach of the covenants contained in this Section 8 by the other party and that damages arising out of such breach may be difficult to ascertain. Therefore, the parties agree that, in addition to all other remedies provided at law or in equity, the non-breaching party may seek, without bond, from a court of law or equity both temporary and permanent injunctive relief to prevent a breach of any of such covenants. 9. INDEMNIFICATION AND REMEDIES (a) Obligation to Indemnify. Each party (the "Indemnifying Party") shall hold harmless, indemnify and defend the other party (the "Indemnified Party") against all third party claims and shall pay all costs, damages and attorneys' fees, arising out of or resulting from (i) any breach by the Indemnifying Party of any of its representations, warranties, covenants or agreements contained in this Agreement, or (ii) any breach by the Indemnifying Party of the Act or other Applicable Laws. Each party agrees that the provisions contained in this Section 9 shall survive the termination or expiration of this Agreement. (b) Indemnification Procedures. i. Promptly after receipt by any Indemnified Party under this Section 9 of notice of the commencement or threatened commencement of any action, proceeding or other claim by a third party involving a claim in respect of which the Indemnified Party will seek indemnification, the Indemnified Party shall notify the Indemnifying Party of such claim in writing and 16 provide to the Indemnifying Party all reasonably available information requested. Subject to the provisions of Section 9(c)(iv), no failure to so notify an Indemnifying Party shall relieve it of its obligations under this Agreement except to the extent that it can demonstrate damages attributable to such failure. Within thirty (30) days following receipt of notice and such reasonably available information from the Indemnified Party relating to any claim, but no later than ten (10) days before the date on which any response to a complaint or summons is due (the applicable period referred to herein as the "Notice Period"), the Indemnifying Party shall notify the Indemnified Party in writing if the Indemnifying Party assumes full responsibility to indemnify, defend and hold harmless the Indemnified Party and elects to assume control of the defense and settlement of that claim (a "Notice of Election"). During the Notice Period, the Indemnified Party shall use commercially reasonable efforts to extend the date on which a response to the claim is due until the Indemnifying Party has provided its Notice of Election. The Indemnifying Party shall be responsible for all costs and expenses related to such claim (including reasonable legal fees and disbursements and reasonable out-of-pocket costs of investigation and litigation) incurred by the Indemnified Party ("Costs and Expenses") during the Notice Period if the Indemnifying Party is obligated to indemnify the Indemnified Party. ii. If the Indemnifying Party delivers a Notice of Election relating to any claim within the required Notice Period, the Indemnifying Party shall be entitled to have sole control over the defense and settlement of such claim; provided, however, that (i) the Indemnified Party shall be entitled to participate in the defense of such claim and to employ counsel at its own expense to assist in the handling of such claim, and (ii) the Indemnifying Party shall obtain the prior written approval of the Indemnified Party before entering into any settlement of such claim or ceasing to defend against such claim. The Indemnified Party shall not unreasonably withhold its consent to any such settlement, provided that it shall be deemed reasonable to withhold consent if the settlement would cause harm to the reputation of the Indemnified Party. After the Indemnifying Party has delivered a Notice of Election relating to any claim in accordance with the preceding paragraph, the Indemnifying Party shall not be liable to the Indemnified Party for any legal expenses incurred by such Indemnified Party in connection with the defense of that claim. In addition, the Indemnifying Party shall not be required to indemnify the Indemnified Party for any amount paid or payable by such Indemnified Party in the settlement of any claim for which the Indemnifying Party has delivered a timely Notice of Election if such amount was agreed to without the written consent of the Indemnifying Party. iii. If the Indemnifying Party does not deliver a Notice of Election relating to any claim within the Notice Period, or otherwise fails to acknowledge its 17 indemnification obligations, the Indemnified Party shall have the right to defend the claim in such manner as it may deem appropriate, at the cost and expense of the Indemnifying Party. The Indemnifying Party shall promptly reimburse the Indemnified Party for all Costs and Expenses related to such claim. If no Notice of Election is delivered, the Indemnified Party may settle any such claim without the consent of the Indemnifying Party, except that the Indemnified Party must use reasonable commercial efforts to reduce the amount of any such settlement. If it is determined that the Indemnifying Party failed to defend a claim for which it was liable, the Indemnifying Party shall not be entitled to challenge the amount of any settlement or compromise paid by the Indemnified Party. (c) Liability Limitations. i. In no event shall Provider have any liability, whether based on contract, tort (including, without limitation, negligence), warranty or any other legal or equitable grounds, for any punitive, special, or exemplary loss or damage suffered by NDCHealth arising from or related to this Agreement even if Provider is advised of the possibility of such losses or damages, provided that these limitations shall not apply to consequential damages or lost profits. Notwithstanding anything in this Agreement to the contrary, in no event (1) shall Provider's aggregate liability with respect to a single event or circumstance giving rise to a claim for damages by NDCHealth exceed $100,000 and (2) shall Provider's aggregate liability pursuant to this Section 9 exceed $2,000,000. ii. Without limiting NDCHealth's rights more specifically set forth in Section 9(a) above, Provider acknowledges that any breach of this Agreement by Provider will cause NDCHealth irreparable harm the nature of which cannot be measured or remedied by monetary damages alone and, accordingly, in the event of any breach of this Agreement by Provider, NDCHealth shall be entitled to seek equitable relief including, without limitation, specific performance and injunctive relief. iii. Without limiting Provider's rights more specifically set forth in Section 9(a) above, NDCHealth acknowledges that any breach of this Agreement by NDCHealth will cause Provider irreparable harm the nature of which cannot be measured or remedied by monetary damages alone and, accordingly, in the event of any breach of this Agreement by NDCHealth, Provider shall be entitled to seek equitable relief including, without limitation, specific performance and injunctive relief. iv. Notwithstanding anything contained herein, in no event shall the Indemnifying Party be liable for indemnification pursuant to this Section 9 if the Indemnified Party fails to provide notice to the Indemnifying Party pursuant to Section 9(b)(i) within two (2) years after the Indemnified Party 18 obtains knowledge of the event, act, fact or circumstances giving rise to such claim. 10. DISPUTE RESOLUTION All disputes arising under this Agreement that the parties' designated representatives cannot first resolve by negotiating in good faith shall be resolved by arbitration in accordance with the Commercial Arbitration Rules (collectively, the "AAA Rules") of the American Arbitration Association. Arbitration shall be by a panel of three arbitrators experienced in the matters at issue and selected jointly by Provider and NDCHealth in accordance with the AAA Rules. The arbitration shall be held in such place in Charlotte, North Carolina as may be specified by the arbitrators (or any place agreed to by Provider, NDCHealth, and the arbitrators). The decision of the arbitrators shall be final and binding as to any matters submitted under this Agreement and shall not be subject to judicial review. Judgment on the arbitration award may be entered and enforced in any court having jurisdiction over the parties or their assets. It is the intent of the parties that the arbitration provisions hereof be enforced to the fullest extent permitted by Applicable Laws. All costs and expenses incurred in connection with any such arbitration proceeding (including reasonable attorneys' fees) shall be borne by the party against which the decision is rendered, or, if no decision is rendered, such costs and expenses (including reasonable attorneys' fees) shall be borne by the party incurring such costs and expenses. If the arbitrators' decision is a compromise, the determination of which party bears the costs and expenses incurred in connection with any such arbitration proceeding shall be made by the arbitrators on the basis of the arbitrators' assessment of the relative merits of the parties' positions. Nothing contained in this Section 10 or elsewhere in this Agreement shall prevent or delay a party from seeking injunctive relief of any issue for which injunctive relief is sought by either party hereto. 11. NON-SOLICITATION For a period of five (5) years after the Effective Date, NDCHealth shall not solicit (other than through the use of general employment advertising where such solicitation is not targeted at Provider's employees) or hire any employees of Provider without the prior written consent of Provider; provided, however, that (i) if Provider terminates an employee's employment with Provider, with or without cause, the foregoing restrictions shall not apply from and after the date of such employee's termination, and (ii) if an employee of Provider terminates his or her employment with Provider, NDCHealth may solicit and hire the former employee without the consent of Provider at any time after twelve (12) months following such employee's termination from Provider. 12. MISCELLANEOUS (a) No waiver, modification or alteration of any of the provisions of this Agreement shall be binding unless approved in writing by a duly authorized representative of 19 the party to be so bound. Notwithstanding any provision of this Agreement to the contrary, the parties agree to take such action as is necessary to amend this Agreement from time to time as is necessary for either party to comply with the requirements of the Act, including the Privacy and Security Rules thereof, as amended from time to time, and any privacy, security, or other administrative simplification regulations promulgated pursuant thereto. (b) This Agreement may not be assigned (by operation of law or otherwise) by either party in whole or in part without the prior written consent of the other party, which consent shall not be unreasonably withheld, conditioned or delayed. Neither the merger of NDCHealth with Royal Merger Co., nor the merger of WKHI with Provider, shall be deemed an assignment of this Agreement or any right hereunder. Any assignment in violation of this Section 12(b) shall be null and void. (c) This Agreement shall be construed in accordance with the laws of the State of Delaware, without regard to conflicts of laws provisions. (d) All notices hereunder shall be in writing and shall be conclusively deemed to have been received and shall be effective (i) on the day on which delivered if delivered personally or transmitted by facsimile transmission, (ii) one business day after the date on which the same is delivered to a nationally recognized overnight courier service, or (iii) three business days after being sent by registered or certified United States mail, return receipt requested, and shall be addressed: i. If to Provider, to: NDC Health Information Services (Arizona) Inc. c/o Wolters Kluwer Health, Inc. 530 Walnut Street, 7th Floor Philadelphia, PA 19106 Attn: Jeffery A. McCaulley Telephone: 215 ###-###-#### Facsimile: 215 ###-###-#### ii. If to NDCHealth, to: NDCHealth Corporation c/o Per-Se Technologies, Inc. 1145 Sanctuary Parkway, Suite 200 Alpharetta, Georgia 30004 Facsimile: (770) 237-4323 Attn: General Counsel Either party may change its address for notices upon written notice to the other party. 20 (e) Nothing in this Agreement shall be construed so as to constitute Provider and NDCHealth as joint venturers, partners, or agents of each other, and neither Provider nor Provider shall have the power to obligate or bind the other in any way whatsoever. (f) Neither party shall be deemed in default of this Agreement to the extent that performance of its obligations or attempts to cure any breach are delayed, restricted, or prevented by reason of any act of God or Governmental Body, fire, natural disaster, labor stoppage, the failure of necessary power systems or connections, or any other act or condition beyond the reasonable control of the parties, provided that the party so affected suspends performance only to the extent and for the duration that is reasonably required by the force majeure event and uses its commercially reasonable efforts to avoid or remove the causes of non-performance and continues performance promptly after those causes are avoided or removed. (g) Headings and captions throughout this Agreement are inserted only as a matter of convenience and for reference and they in no way define, limit, or describe the scope of this Agreement or the intent of any provision hereof. (h) While the parties have used their best efforts to ensure that this Agreement accurately reflects the commitments and undertakings required of each in order to ensure an orderly transition of the intercompany relationship of the parties without material disruption to their respective businesses, they agree to cooperate in good faith if after the Effective Date either party believes that it is appropriate for the parties to take further actions or provide further assurances, as may be reasonably required and agreed upon by the parties to implement and give effect to the understandings of the parties set forth herein. Without limiting the generality of the foregoing, each party shall, at any time and from time to time, execute, acknowledge and deliver or cause to be done, executed, acknowledged and delivered, all such further documents, assurances or things, and secure all necessary consents, as may be reasonably required for the more perfect observance and performance by the parties of the terms of this Agreement. (i) Time is of the essence with respect the obligations of each of the parties to this Agreement. (j) This Agreement may be executed in two or more counterparts, each of which shall be deemed an original and all of which together shall constitute one and the same document. (k) This Agreement constitutes the entire agreement between the parties and supersedes all prior agreements, promises, proposals, representations, understandings and negotiations, whether written or oral, between the parties respecting the subject matter hereof. 21 (l) This Agreement shall be binding upon, and inure to the benefit of, each party's authorized successors and assigns including any successors or assigns to such party's business and assets. (m) This Agreement shall not become effective unless and until the Data Supply Agreement is duly executed and delivered by the parties. 13. CERTAIN DEFINITIONS As used in this Agreement, the following terms shall have the following meanings: "AAA Rules" shall have the meaning ascribed to such term in Section 10 of this Agreement. "Act" shall mean the Health Insurance Portability and Accountability Act of 1996, as amended, and any regulations issued thereunder. "Agreement" shall mean this Retail Informatics Data and Services Agreement and all Exhibits and Schedules hereto. "Applicable Laws" shall mean all applicable laws (including those arising under common law), statutes, codes, rules, regulations, reporting or licensing requirements, ordinances and other pronouncements having the effect of law of the United States, any foreign country or any domestic or foreign state, county, city or other political subdivision, including those promulgated, interpreted or enforced by any Governmental Body. "Biotechnology Firm" means an entity applying scientific techniques utilizing living organisms, or substances from such organisms, to manufacture or modify products for pharmaceutical use or to develop micro-organisms for specific medical treatments. "Certification" shall mean any RI Data Certification, Level I Certification, Level II Certification, Level III Certification or Security Certification. "Certified Product" shall mean a RI Data Product for which a Level II or Level III Certification has been issued, and has not been revoked, pursuant to the Data Security Requirements. "Change in Control" shall mean any of the following, whether in a single transaction or a series of related transactions: (a) (i) the merger, consolidation or other business combination of a party with or into another Person; (ii) the merger, consolidation or other business combination of another Person with or into a party; or (iii) the acquisition by any Person of any equity interests in a party, in each case with the effect that, immediately after such transaction, the shareholders of such party immediately prior to such transaction hold none of, or less than a majority in interest of, the total voting power entitled to vote in the election of directors, managers or trustees of the Person surviving such transaction or less than fifty percent of the economic interests in such Person, or (b) the acquisition by any Person or related group of Persons, by way of merger, sale, transfer, consolidation or other business combination or acquisition of all or substantially all 22 of the assets, business or properties of a party. Notwithstanding the foregoing, neither the merger of NDCHealth with Royal Merger Co., nor the merger of WKHI with Provider, shall be deemed to be a "Change in Control" hereunder. "Confidential Information" shall have the meaning ascribed to such term in Section 8(a) of this Agreement. "Costs and Expenses" shall have the meaning ascribed to such term in Section 9(b)(i) of this Agreement. "Data Alteration Event" shall have the meaning ascribed to such term in Section 1(c)(ii) of this Agreement. "Data Fees" shall mean the amounts set forth in Exhibit C attached hereto, subject to the terms and limitations set forth in Exhibit C. "Data Security Requirements" shall mean the procedures, certifications and methods for processing, handling, storing and disclosing PHI Data Sets and RI Data set forth in Exhibit B attached hereto. "Data Supply Agreement" shall have the meaning ascribed to such term in the Recitals of this Agreement. "Data Suspension Event" shall have the meaning ascribed to such term in Section 4(b) of this Agreement. "Effective Date" shall have the meaning ascribed to such term in the Preamble of this Agreement. "Encryption Engine" shall have the meaning ascribed to it in the Data Supply Agreement. "Exchange Rule" shall mean any rules of any exchange or other trading environment in which the securities of a party are publicly traded. "Governmental Body" means any government or governmental or regulatory body thereof, or political subdivision thereof, whether federal, state, local or foreign, or any agency, instrumentality or authority thereof, or any court or arbitrator (public or private). "Health Care Provider" shall have the meaning ascribed to such term in the Act. "IM Business" shall have the meaning ascribed to such term in the Recitals of this Agreement. "IM Business Agreements" shall mean agreements between Provider and any other Person entered into after the Effective Date which provide for the delivery to Provider of PHI Data Sets; provided that the term IM Business Agreements shall not include any agreement between 23 Provider and any other Person if such Person does not allow the use of such Person's PHI Data Sets for retail pharmacy purposes. "IM Field" shall mean the provision of IM Products to Pharmaceutical Companies, Biotechnology Firms, Medical Device Manufacturers and Wall Street investment analysts. "IM Prescription Data" shall mean the retail prescription data that Provider receives pursuant to IM Business Agreements. "IM Products" shall mean the types of Products set forth on Exhibit D. "IM Systems" shall mean the platforms and applications owned or otherwise controlled by Provider, in their current or enhanced states, as set forth in Exhibit E to this Agreement. "Indemnified Party" shall have the meaning ascribed to such term in Section 9(a) of this Agreement. "Indemnifying Party" shall have the meaning ascribed to such term in Section 9(a) of this Agreement. "Legacy RI Data" shall mean RI Data to which NDCHealth was afforded access on or before the Effective Date. "Legacy Product" shall mean an RI Data Product which contains Legacy RI Data and which Provider had obtained Level III Certification on or before the Effective Date, which certification remains valid. "Level I Certification" shall mean a certification, made in accordance with Level I of the Data Security Requirements, including all applicable Privacy and Security Rules, that Purchased Data stored in the RI Data Repository and to which NDCHealth is afforded access is de-identified in accordance with the Act, including the Privacy and Security Rules. "Level II Certification" in respect of any RI Data Product, shall mean a certification, made in accordance with Level II of the Data Security Requirements, including all applicable Privacy and Security Rules, that applying generally accepted statistical and scientific methods for rendering information not individually identifiable, the risk is Very Small that the RI Data included in the RI Data Product could be used, alone or in combination with other reasonably available information, by an anticipated recipient to identify an individual who is a subject of the information. "Level III Certification" in respect of any RI Data Product, shall mean a certification, made in accordance with Level III of the Data Security Requirements, including all applicable Privacy and Security Rules, that applying generally accepted statistical and scientific methods for rendering information not individually identifiable, the risk is Very Small that the RI Data included in the RI Data Product could be used, alone or in combination with other reasonably 24 available information, by an anticipated recipient to identify an individual who is a subject of the information. "Merger" shall have the meaning ascribed to such term in the Recitals of this Agreement. "NDC Data" shall mean the independent pharmacy data licensed from and supplied by NDCHealth to Provider pursuant to the Data Supply Agreement. "NDC Field" shall mean the (A) provision of network services to the Retail Pharmacy Industry, Health Care Providers, non-governmental third party payers and consumers and (B) provision or delivery of the types of products listed in: (i) the Network Services Category, Provider Applications Category, and Financial Services Transaction Processing Category set forth on Exhibit F to the Retail Pharmacy Industry, Health Care Providers, non-governmental third party payers and consumers; (ii) the Patient Safety and Compliance Category and Other Messaging, Fraud and Abuse Category, Key Account Agreements, Wall Street and Private Equity Firms set forth on Exhibit F to Health Care Providers, non-governmental third party payers and consumers. (iii) the Information Management Category set forth on Exhibit F to the Retail Pharmacy Industry and non-governmental third party payers; (iv) the Longitudinal Record Category set forth on Exhibit F to non-governmental third party payers and Health Care Providers. (v) the Private Label PBM, Mail Order and Rebate Capture Category set forth on Exhibit F to the Retail Pharmacy Industry. "NDCHealth" shall have the meaning ascribed to such term in Preamble of this Agreement. "NDCHealth Certification" shall mean any Security Certification, Level II Certification or Level III Certification. "NDC Products" shall mean the types of products set forth on Exhibit F hereto. "New Services" shall mean services provided by Provider to NDCHealth which services either (i) were not provided prior to the Effective Date, but are agreed upon by Provider and NDCHealth during the Term and thereafter provided by Provider to NDCHealth, or (ii) constitute a modification of services to be provided by Provider to NDCHealth as of the Effective Date pursuant to Sections 5(a) through 5(d). "Notice of Election" shall have the meaning ascribed to such term in Section 9(b)(i) of this Agreement. 25 "Notice Period" shall have the meaning ascribed to such term in Section 9(b)(i) of this Agreement. "Patient" shall have meaning ascribed to such term in the Act. "Patriot" shall have the meaning ascribed to such term in the Recitals of this Agreement. "Person" shall mean an individual, corporation, limited liability company, partnership, trust, association, joint venture, unincorporated organization or entity of any kind or nature, or a Governmental Body. "PHI" shall mean protected health information, as that phrase is defined in the Act. "PHI Data Set" shall mean an original electronic record of a single transaction or interaction (including, among other things, reject and reversal transactions, hospital transaction data and physician claim data) between one Patient and one Health Care Provider, or between two Health Care Providers, which record, immediately prior to encryption and delivery to Provider, contains PHI or, if associated with one or more other PHI Data Sets, could be used to determine PHI. "Privacy and Security Rules" shall mean the Standards for Privacy of Individually Identifiable Health Information at 45 C.F.R. part 160 and part 164, subparts A and E, and the regulations promulgated thereunder; and the Security Standards at 45 C.F.R. parts 160, 162 and 164, and the regulations promulgated thereunder, in all cases, as in effect or amended from time to time. "Prohibited Use" shall mean: i. any offer for sale, sale, license, delivery, distribution or other conveyance of any RI Data Product that does not constitute a Certified Product at the time of such offer for sale, sale, license, delivery, distribution or other conveyance; ii. any use of the Purchased Data (whether alone or in combination with any other data) to identify any pharmacy, hospital, payer or individual; provided, however, that NDCHealth may use Purchased Data to identify to a pharmacy or to a payer data that was provided by such pharmacy or payer, respectively; iii. any attempt, directly or indirectly, to derive PHI from any RI Data; and iv. any offer for sale, sale, license, delivery, distribution, other conveyance or use of the Covered Data in a manner that violates this Agreement, the Act or any other Applicable Laws. "Provider" shall have the meaning ascribed to such term in the Preamble of this Agreement. "Provider Data Agreements" shall mean agreements between Provider and any other Person which provides for the delivery to Provider of PHI Data Sets and the terms of which Provider has determined, in its reasonable discretion, permit Provider to license to NDCHealth the retail 26 prescription data provided pursuant to such agreement in the manner contemplated by this Agreement. "Provider's Data Center" shall mean the facility owned or otherwise controlled by or on behalf of Provider and dedicated to receiving and processing RI Data in connection with the conduct of the IM Business, which facility is, as of the Effective Date, located at 2394 East Camelback Road, Phoenix, Arizona. Provider shall notify NDCHealth in writing of any change in the physical location of Provider's Data Center. "Purchased Data" shall mean data that is obtained by Provider pursuant to Provider Data Agreements. "Purchaser" shall have the meaning ascribed to such term in the Recitals of this Agreement. "Qualified Statistician" shall mean a person with appropriate knowledge of and experience with generally accepted statistical and scientific methods for rendering information not individually identifiable. "Retail Informatics Products" shall mean informatics products intended for use in the Retail Pharmacy Industry or by any Health Care Provider, non-governmental third party payer or consumer. "Retail Pharmacy Industry" shall mean the business of owning or operating establishments or operations where prescriptions are filled for consumers, including without limitation, pharmacies, general merchandise stores, hospitals, long-term care facilities, mail order and specialty operations and future locations where prescription fulfillment and drug sales to consumers occur. "Retail Prescription Data" shall mean the universe of all PHI Data Sets generated in the Retail Pharmacy Industry. "RI Data" shall mean pharmacy transaction data consisting of NDC Data and Purchased Data that has been cleansed, aggregated, de-identified and presented in a format more fully described and set forth in the Service Level Commitments. "RI Data Access Protocol" shall mean the remote access to RI Data stored on the RI Database Repository in accordance with the Service Level Commitments. "RI Data Category" shall mean a particular type of RI Data sharing one or more common attributes such as the identity of the entity from whom the RI Data is received, a particular discrete item of PHI (e.g., date of birth) or other identifiable characteristic. "RI Data Certification" shall mean an annual written certification from a Qualified Statistician that, provided the RI Data is used in accordance with the terms and conditions of this Agreement, the risk is Very Small that the RI Data could be used, alone or in combination with other reasonably available information, by an anticipated recipient to identify an individual who is a subject of the information. 27 "RI Data Product" shall mean any data, report, study, analysis, service or product that includes, is based upon or derived from (whether alone or in combination with any other data) any portion of the RI Data or any Legacy RI Data. "RI Data Repository" shall mean the databases, hosted on servers owned and maintained by Provider or a third party on behalf of Provider, populated by Provider with RI Data and Purchased Data pursuant to the terms of this Agreement. "Sale Transaction" shall have the meaning ascribed to such term in the Recitals of this Agreement. "Security Certification" shall mean a certification, made in accordance with the Data Security Requirements, that all access, extraction, compilation, assimilation, manipulation, analysis and other processing of the RI Data by the party making such Certification, or by any Person acting on behalf of or at the direction of, such party, is being conducted in compliance with the Act, including the Privacy and Security Rules. "Select Client Databases" shall mean those databases located, as of the Effective Date, in Provider's Data Center, that both (i) will be relocated to NDCHealth's facilities and (ii) pursuant to the terms of the Transition Services Agreement, receive, as of the Effective Date, direct feeds of RI Data purchased by Provider pursuant to data supply agreements between Provider and retail pharmacies, which RI Data is used in connection with NDCHealth's "Retail Insight" products. "Service Level Commitments" shall mean the technical, qualitative, quantitative and other standards and commitments, consistent with the standards and commitments on the date hereof, examples of which are set forth and including those set forth on Exhibit A attached hereto. "Term" shall have the meaning ascribed to such term in Section 7(a) of this Agreement. "Very Small" shall have the meaning given it by the National Institute of Standards and Technology, or such other standard as may be required from time-to-time by the Act. [Signatures on next page] 28 SIGNATURE PAGE TO RETAIL INFORMATICS DATA AND SERVICES AGREEMENT IN WITNESS WHEREOF, the parties hereto, each acting under due and proper authority, have executed and delivered this Agreement as of the Effective Date. Joinder for Purposes of Section 11. By execution below Per-Se Technologies, Inc. does hereby agree that it and its Affiliates are, and shall be bound by the provisions of Section 11 hereof and shall be liable to Provider and WKHI for any breach of section 11 by Per-Se Technologies, Inc., NDCHealth or any of their respective Affiliates NDCHEALTH: NDCHealth Corporation By: /s/ Randolph L.M. Hutto ------------------------------------ Name: Randolph L.M. Hutto Title: EVP PER-SE TECHNOLOGIES, INC.: PROVIDER: NDC Health Information Services By: /s/ Philip M. Pead (Arizona) Inc. --------------------------------- Name: Philip M. Pead Title: President By: /s/ Randolph L.M. Hutto ------------------------------------ Name: Randolph L.M. Hutto Title: EVP