Stedi Connected App Terms
These Connected App Terms apply when you enable, authorize, or use a third-party application or service to connect to your Stedi account through Stedi’s OAuth flow or any similar authorization mechanism. Each such application or service is a “Connected App”.
By enabling or using a Connected App, you authorize and direct Stedi to allow the Connected App to access, receive, submit, create, modify, transmit, or otherwise process data through your Stedi account based on the permissions, scopes, settings, and instructions for the connection. Data may flow from Stedi to the Connected App, from the Connected App to Stedi, or both, and may include protected health information.
Connected Apps are not Stedi services, and Connected App providers are not Stedi subcontractors unless Stedi expressly agrees otherwise in writing. Stedi does not control and is not responsible for any Connected App, including its availability, security, data handling, functionality, outputs, acts, omissions, or downstream use. Your use of a Connected App is governed by your relationship with the Connected App provider, including its terms, privacy policy, security practices, account settings, and data-processing terms.
You are responsible for (i) selecting and authorizing each Connected App, (ii) granting only the permissions appropriate for your use case, (iii) managing user access, account settings, and revocation of access, (iv) reviewing data submitted to, received from, or modified by a Connected App, (v) complying with the Connected App provider’s terms and policies, and (vi) obtaining and maintaining all rights, licenses, permissions, consents, authorizations, notices, and agreements required for Stedi to interact with the Connected App at your direction.
If a Connected App accesses, receives, submits, creates, modifies, transmits, or otherwise processes protected health information through your Stedi account, you represent and warrant that (i) you have authorized Stedi to disclose protected health information to the Connected App at your direction, (ii) you have any Business Associate Agreement or other agreement or arrangement required under HIPAA in place directly with the Connected App provider, (iii) the Connected App is configured to receive and process protected health information for your intended use, and (iv) Stedi is acting at your direction in enabling the Connected App to access, receive, submit, create, modify, transmit, or otherwise process that information. Stedi may rely on your authorization, configuration, and representations without independently verifying your relationship with the Connected App provider.
When you enable or use a Connected App, Stedi may collect, use, disclose, transmit, receive, and otherwise process information needed to provide, secure, support, and troubleshoot the connection. This may include account information, user identifiers, authentication and authorization information, permissions and scopes, configuration settings, usage logs, technical logs, transaction data, and data exchanged through the connection, including eligibility, claims, enrollment, payment, remittance, operational, administrative, or other healthcare transaction data, and protected health information.
Stedi uses this information to provide the connection, enforce permissions, maintain security, troubleshoot errors, support customers, comply with law, and operate and improve Stedi services. Stedi shares data with the Connected App at your direction. The Connected App provider’s use of data is governed by your relationship with that provider, including its terms, privacy policy, account settings, and data-processing terms.
You may revoke a Connected App’s access through available account settings or by contacting Stedi support. Revocation stops future access but does not affect data already transmitted to or from the Connected App. Stedi retains Connected App information as described in Stedi’s Privacy Notice, your agreement with Stedi, and Stedi’s applicable retention practices.
These Connected App Terms supplement your agreement with Stedi. If Stedi’s Service Terms apply to your use of Stedi, Connected Apps are Third Party Integrations under Section 11 of the Service Terms. If your agreement with Stedi does not incorporate the Service Terms, the same allocation applies to Connected Apps: you are responsible for the Connected App, the rights and permissions needed to use it, and compliance with the Connected App provider’s terms and policies.
These Connected App Terms in no way expand Stedi’s obligations or liability under your agreement with Stedi. The disclaimers, indemnities, exclusions, and limitations of liability in your agreement with Stedi apply in full to Connected Apps and these Connected App Terms.
You may revoke a Connected App’s access through available account settings or by contacting Stedi support. Revoking or disabling a Connected App stops future access through that connection but does not affect data already transmitted to or from the Connected App.
Stedi may suspend, disable, limit, or revoke any Connected App connection if Stedi reasonably believes the connection creates legal, privacy, security, operational, platform, payer, intermediary, or third-party terms risk. Stedi may add, remove, suspend, or modify Connected Apps or available permissions at any time, and does not endorse, certify, or warrant any Connected App by making it available, supporting an authorization flow, or allowing it to connect to a Stedi account.