Terms of Service

1. Acceptance of Terms

By accessing or using Layera ("the Platform"), you agree to be bound by these Terms of Service. If you are using the Platform on behalf of a healthcare organization, you represent that you have the authority to bind that organization to these terms.

2. HIPAA Compliance Responsibilities

Both parties acknowledge their respective responsibilities under HIPAA:

• Layera (Business Associate): Maintains technical and administrative safeguards, provides audit trails, encrypts PHI, and reports breaches per the BAA.
• You (Covered Entity): Responsible for obtaining appropriate consents, ensuring authorized users, and maintaining your own HIPAA compliance program.

3. Acceptable Use

• Use the Platform only for lawful healthcare compliance purposes
• Maintain the confidentiality of your account credentials
• Do not share login credentials between users
• Report any suspected security incidents immediately
• Do not attempt to circumvent security controls
• Do not upload malicious files or content

4. Data Ownership

You retain full ownership of all data you upload to the Platform. Layera does not claim ownership of your compliance documents, training records, or any other data. We use your data solely to provide the compliance management services described herein.

5. AI-Generated Content Disclaimer

The AI compliance agents provide guidance based on regulatory databases and built-in knowledge. This guidance is for informational purposes only and does not constitute legal advice. Always consult with qualified legal and compliance professionals for definitive compliance decisions.

6. Service Availability

We strive for high availability but do not guarantee uninterrupted service. Scheduled maintenance windows will be communicated in advance. In the event of data loss, we will restore from the most recent backup available.

7. Termination

Either party may terminate this agreement with 30 days written notice. Upon termination, you may export your data within 60 days. After this period, data will be securely destroyed in accordance with HIPAA requirements.