Fillable Form 1.: iiX, A Verisk Analytics Business Sub-Vendor (IntelliCorp)

Fill Online, Printable, Fillable, Blank Form 1.: iiX, A Verisk Analytics Business Sub-Vendor (IntelliCorp) Form

Use Fill to complete blank online INTELLICORP pdf forms for free. Once completed you can sign your fillable form or send for signing. All forms are printable and downloadable.

Form 1.: iiX, A Verisk Analytics Business Sub-Vendor (IntelliCorp)

On average this form takes 7 minutes to complete

The Form 1.: iiX, A Verisk Analytics Business Sub-Vendor (IntelliCorp) form is 6 pages long and contains:

  • 0 signatures
  • 2 check-boxes
  • 29 other fields

Country of origin: US
File type: PDF

Use our library of forms to quickly fill and sign your IntelliCorp forms online.

BROWSE INTELLICORP FORMS

Related forms
Fill has a huge library of thousands of forms all set up to be filled in easily and signed.
Fill in your chosen form
Sign the form using our drawing tool
Send to someone else to fill in and sign.
find another form
 
Insurance Information Exchange, a unit of ISO Claims Services, Inc.
1716 Briarcrest, Suite 200 Bryan, TX 77802
800-683-8553 FAX 979-846-7169
Created 3-18-15
Version S2015.1
iiX, A Verisk Analytics Business
Sub-Vendor Subscription Agreement
Please provide all requested information below.
1.
The agreement must be signed by an owner, officer, director, partner, principal, or other person legally authorized to bind the
company.
2.
Initial each page of agreement acknowledging acceptance of conditions and restrictions.
3.
Make copies for your files, sign, and return a copy to iiX to address or fax listed at bottom of page.
ONE OF THE FOLLOWING MUST ACCOMPANY THIS AGREEMENT: A CURRENT AND VALID BUSINESS LICENSE, OR A COPY OF ONE
OF THE FOLLOWING dated within the last 24 months: CURRENT STATE SALES AND USE TAX CERTIFICATE, OFFICIAL FEDERAL
DOCUMENTS - 940, 941, OR FEDERAL TAX RETURN.
A
COMPANY NAME
PHONE
MAILING ADDRESS
FAX #
MAILING ADDRESS
FEIN
CITY
STATE
ZIP
PHYSICAL ADDRESS
(REQUIRED)
PHYSICAL ADDRESS
(REQUIRED)
CITY
STATE
ZIP
SEND INVOICE ATTN OF
PRIMARY CONTACT
WEBSITE (URL) ADDRESS
CALIFORNIA REQUESTER ID: include CALIFORNIA COMMERCIAL REQUESTER ACCOUNT APPROVAL from state with agreement
(Required for California MVRs)
B
TYPE OF BUSINESS (check one)
C
REASON FOR ORDERING SERVICES (check all that apply)
Sub-vendor of services, including MVR data
Sub-vendor for insurance underwriting purposes
Other, please describe below:
Sub-vendor for employment purposes
iiX USE ONLY
DATE
SOURCE
ACCOUNT ID
PASSWORD
DETAIL PG
ACCESS FEE
SPONSOR ACCT TO BILL
DIRECT BILL CODES
VERIFIED Date: Initials:
SET UP FEE
TERMS OF AGREEMENT
On-site visit Initials:
Insurance Information Exchange, a unit of ISO Claims Services, Inc.
1716 Briarcrest, Suite 200 Bryan, TX 77802
800-683-8553 FAX 979-846-7169
Created 3-19-15
Version S2015.1
Subscription Agreement (Sub-Vendor) Terms and Conditions
This subscription agreement s (“the Agreement”) is entered into as of the date of execution (the “Effective Date”), by and between ISO Claims
Services, Inc., a Delaware corporation, through its Insurance Information Exchange unit (“iiX”) with offices at 1716 Briarcrest, Suite 200 Bryan, TX
77802, and , (Customer Name) a (State) corporation/other
entity with offices at _ (City, State).
1.
SERVICES AND RATES. iiX agrees to provide certain reports, records, products and/or services (collectively, “Information Services”), including
Motor Vehicle Reports (“MVRs”) for Customer, under the terms and rates specified in this Agreement. The applicable Service Fee Schedules shall
be attached and made a part of this Agreement as Exhibit A. MVR iiX state record fees and processing schedules are set forth in the MVR
Turnaround Schedule, attached to and made a part of this Agreement as Exhibit B. iiX state record fees are subject to change at any time. ALL iiX
service fees are subject to change at any time and become effective during the billing period following notification. The Information
Services and other requests may be initiated and delivered by various client software packages as designated from time to time by iiX and will be
billed on an iiX invoice.
2.
SOLE USE AND AUTHORIZATION. Subject to the restrictions in this Agreement, Information Services provided by or through iiX may be
disseminated by Customer to its End Users for the sole purpose defined in this Agreement and in the End User Agreement. Customer warrants and
agrees that Information Services will be disseminated to (i) insurance companies, insurance agents and other companies for use as a factor in
establishing a consumer’s eligibility for new or continued insurance or (ii) to entities for use in employment decisions solely with respect to the
continued employment of current employees or offers of employment to prospective employees, unless further restricted by Specific State Forms (as
defined below). The entities described above will be known individually as an End User for purposes of this Agreement. Customer must take all
steps necessary to ensure that the End User uses the Information Services in compliance with this Agreement and that the End User does not resell
or otherwise provide or transfer any of the Information Services in whole or in part to any other person or entity.
2.1
Authorization: Customer may deliver the Information Services to Customer’s and End User’s employees and authorized users solely as
needed to perform functions consistent with this Agreement’s purpose. Customer warrants and agrees that to the extent required by applicable
federal, state and local statutes, rules, codes and regulations, it has in place an agreement with the End User that authorizes the Customer as
its agent to obtain and process the Information Services solely on the End User’s behalf.
2.2
Prohibitions Customer acknowledges that certain state and/or iiX data providers may prohibit access to their information by offshore
users. Customer agrees not to permit offshore access by any of its employees, authorized users, or Outsourcer in violation of any prohibition
against offshore access to records, and agrees to be responsible for the use of the Information Services by its employees, authorized users, or
Outsourcer in violation of this section.
Failure of Customer and/or End User to comply in all respects with the requirements of this Section is a material breach of this Agreement. In such
event, iiX may immediately terminate this Agreement and the delivery of any of the Information Services to Customer and/or End User without notice
or delay.
3.
END USER AGREEMENT. Customer shall communicate directly with End User and shall provide iiX an End User Agreement executed by End
User as well as any applicable Specific State Forms. The End User Agreement shall contain all of the requested information, terms and restrictions
applicable to the End Users use of iiX’s Information Services. iiX reserves the right to reject an End User Agreement that has been altered without
iiX’s review and written approval. iiX shall not use the End User Agreement or the information contained in it to directly solicit or market to End Users
records, reports, products or services that are the same as or substantially similar to those provided to such End User by Customer.
4.
RESTRICTIONS.
4.1
Confidentiality Customer acknowledges that in connection with this Agreement, it may receive Personal Information, defined below, and
nonpublic Personal Information from state agencies and service bureaus. Personal Information is information that identifies an individual and
includes, but is not limited to: (a) first and last name or first initial and last name; (b) a home or other physical address, which includes at least
street name and name of city or town; (c) an email address; (d) a telephone number; (e) a Social Security number; (f) credit and/or debit card
information, including credit and/or debit card number with expiration date; (g) date of birth; (h) a driver’s license number; or (i) any other
information from or about an individual consumer that is combined with (a) through (h) above. Customer agrees to treat as confidential all
Personal Information received from or through iiX and to disclose consumer information to only those of its employees who have a need to
know such information to accomplish their duties. Customer shall not use Personal Information for any purpose except those purposes
permitted by this Agreement.
4.2
Compliance with Laws Customer certifies that it shall order, receive, disseminate and otherwise use the Information Services in
compliance with all applicable federal, state and local statutes, rules, codes and regulations, including but not limited to, the Fair Credit
Reporting Act (“FCRA”), the Driver's Privacy Protection Act, 18 U.S.C. §2721 et seq. (“DPPA”), the Gramm-Leach-Bliley Act (“GLB”) and their
state equivalents, including any changes, supplements or amendments to such statutes, rules, codes and regulations (collectively, “The Laws”).
The Customer understands that violators of the FCRA, the DPPA, and other federal and state laws governing protection of Personal Information
are potentially subject to civil actions and penalties, including fines. Customer shall be responsible for understanding and for staying current
Insurance Information Exchange, a unit of ISO Claims Services, Inc.
1716 Briarcrest, Suite 200 Bryan, TX 77802
800-683-8553 FAX 979-846-7169
Created 3-19-15
Version S2015.1
with all of The Laws. Customer further represents and warrants that it shall ensure the security and confidentiality of Personal Information in
compliance with The Laws. iiX has appropriate administrative, technical and physical safeguards, including data security safeguards, in place
to protect personal information consistent with federal and state requirements applicable to it.
4.2.1
Notification in Event of Breach or Misuse of Information. Customer will immediately notify iiX of any inadvertent or unauthorized
release of any Information Services obtained under this contract or other security breach of Personal Information contained in Information
Services when the Customer knows of such unauthorized or inadvertent release. Customer agrees to notify all affected consumers in
writing that their Personal Information has been potentially compromised in the event of the Customer’s inadvertent or unauthorized
release, misuse, or other security breach of Personal Information contained in the Information Services supplied to Customer. Customer
shall retain documentation of such notification and provide it to iiX and governmental representatives immediately upon request.
4.2.2
Monitoring Services To the extent that Customer and/or End User monitors driver activity by access to services offered by iiX,
Customer and End User agree to comply with all applicable state and federal requirements and restrictions. These may include possible
required confidentiality agreements from and background screening of employees and/or Outsourcers accessing the monitoring services
and system and data security procedures to protect against misuse and unauthorized disclosure. Customer and End User acknowledge
that iiX relies on various data sources (i.e., state licensing agencies, courts, municipalities, etc.) to provide monitoring services and the
quality, timeliness, and population coverage of these services may vary. iiX solely supplies a delivery platform for such monitoring services
and has no control over the information provided by the data source. Customer and End User agree that iiX shall have no liability of any
kind in connection with the information returned by data sources, including but not limited to any false positives or improperly updated,
incomplete, or erroneous information regarding driver activity.
4.3
Customer Account Number and Passwords iiX shall provide Customer with an account number and a password. Customer (a) hereby
acknowledges that it bears sole responsibility for protecting the account number, and account password granted in connection with this
Agreement; (b) shall not provide any such information to any third party; and (c) shall remain fully responsible and liable for any unauthorized
use of any password or account number.
4.3.1
ExpressNet Customer Requirements When applicable, iiX shall provide Customer with an account number and a password that
Customer must use when registering the account for internet access to order Information Services through ExpressNet. The iiX Password
Policy requires that each individual who will be requesting services through ExpressNet be issued a unique user sign-on/password. One
individual will function as the Administrator of the account. This person will be charged with creating, deleting, and maintaining user sign-
on information in compliance with this Agreement’s terms. The Administrator must provide iiX with a valid e-mail address and
administrative password during registration of the account for ExpressNet. Specific details and requirements should be accessed on the
iiX.com website.
4.3.2
Information Updates It is the Customer’s responsibility to keep all Customer and End User account information current and to
promptly notify iiX of any changes.
4.4
Use of the Internet Customer may disseminate Information Services, including MVRs, over the Internet to its End Users upon iiX’s written
approval of Customer’s documented plan (“Security Plan”), outlining the steps or methods the Customer will take to secure and to prevent
unauthorized access to Information Services provided by or through iiX. The Security Plan must address the following issues: URL where End
Users will access the data, data security (SSL encryption), authentication measures (user name and password scheme), firewall protection
(security of files), proposed management controls over access and dissemination and other items that iiX may from time to time require.
Customer agrees to notify iiX immediately in writing of any changes to the Security Plan. iiX may perform an on-site audit or, at iiX’s option,
obtain documents from Customer and/or End Users at any time to verify compliance with this Section.
4.4.1
End User Use of the Internet Customer agrees that it will not permit End Users to disseminate any unsecured or unencrypted
Information Services over the Internet. Internet dissemination includes e-mail, World Wide Web access, FTP and all other mechanisms
where data is transmitted across the Internet. This shall not prohibit End User from transmitting such information over a secure network to
End User’s authorized agents with a legitimate need to receive the information, provided that such actions comply with The Laws as well
as any other state and federal statutes and regulations governing the confidentiality, security and transmission of the Information Services.
4.5
Specific State Forms Customer shall be responsible for understanding and for staying current with all specific state forms, certificates of
use or other documents or agreements including any changes, supplements or amendments thereto imposed by the states (collectively,
“Specific State Forms”) from which it will order Information Services. Customer certifies that it has filed all applicable Specific State Forms
required by individual states. Customer further certifies that the End Users have obtained and filed all applicable Specific State Forms. If
Customer orders Information Services from a state requiring a Specific State Form, Customer agrees that a copy of the appropriate Specific
State Form shall be signed by Customer and an additional form by the End User, and returned to iiX. Customer’s access to Information
Services from states not allowing sub-vendors will be restricted. If additional states restrict access to sub-vendors, iiX will immediately restrict
Customer’s access to these states.
4.6
Publications Customer agrees that all solicitations, advertising copy and other communications used in connection with Information
Services shall be devoid of any reference to any selection criteria or presumed knowledge concerning the intended recipient of such solicitation,
or the source of the recipient's name and address. Customer further warrants that telephone numbers submitted to iiX for reverse telephone
Insurance Information Exchange, a unit of ISO Claims Services, Inc.
1716 Briarcrest, Suite 200 Bryan, TX 77802
800-683-8553 FAX 979-846-7169
Created 3-19-15
Version S2015.1
append matching services will not be randomly generated or obtained by an automatic number identification system, except where a prior
business relationship exists between Customer and the owner of such telephone number.
4.7
Archiving Customer shall not use Information Services or data derived from them, including any MVR data, supplied by or through iiX to
directly or indirectly compile, store, or maintain the Information Services or derivative data (independent of or commingled with other databases)
to develop its own source or database of such services or data.
4.8
Interpretation In the event that Customer and iiX disagree with the intent, effect, necessity to comply with or the interpretation and/or
compliance requirement of any of The Laws or Specific State Forms, Customer shall conform to iiX’s interpretation.
4.9
Other Restrictions iiX may from time to time impose additional restrictions, procedures or processes upon the use and/or delivery of the
Information Services that it believes to be prudent to ensure compliance with The Laws, the Specific State Forms and/or the security, privacy or
confidentiality of the Information Services.
Failure of Customer or End User to fully comply with the requirements of all of Section 4 shall be a material breach of this Agreement and shall
permit iiX to immediately terminate this Agreement and the delivery of any Information Services without notice or delay.
5.
WARRANTY AND INDEMNIFICATION. Customer represents and warrants that any data, content or other materials provided by Customer to iiX
are in compliance with all applicable laws and will not, when used by iiX, defame any person or infringe the trademarks, service marks, copyrights or
other intellectual property rights of any third party. Customer agrees to indemnify and hold harmless iiX, its affiliated companies and their officers,
directors, employees and shareholders from any and all damages, costs, judgments and expenses (including reasonable attorney’s fees) as well as
any and all fines, interest, penalties or any other liabilities: (i) incurred by iiX, (ii) imposed by local, state or federal authorities or (iii) claimed by any
third party which result from or arise out of Customer’s or End User’s failure to fully comply with the provisions of Sections 2, 3, 4, and 5 or the use
by Customer or End User of the Information Services provided under this Agreement.
6.
PAYMENT. Customer agrees to pay for all Information Services ordered and processed by or through iiX under the Customer's account number.
iiX will invoice Customer monthly. Terms are DUE ON RECEIPT. Payment must be RECEIVED by the 15th of the month following date of
invoice. Access privileges to the system will be suspended if invoices are not paid when due. Past Due accounts will incur a finance charge of
1.5% monthly until paid. In addition to all other charges specified in this Agreement, Customer will assume responsibility for and pay all applicable
state, local, federal and/or other taxes (exclusive of taxes based on iiX's net income) that result from this Agreement or the Information Services
provided under it.
7.
TERMINATION. This Agreement may be terminated by Customer at any time with thirty (30) days prior written notice of termination. Customer
agrees, however, to pay for all requests received by iiX prior to termination. Except as provided in Sections 2 and 4, iiX may terminate this
Agreement or amend this service by providing ten (10) days prior notice to Customer. iiX may amend this Agreement or terminate without notice if
the availability of an MVR to iiX changes for any reason during the term of this Agreement.
8.
DISCLAIMERS.
CUSTOMER UNDERSTANDS AND AGREES THAT THE FOLLOWING LIMITATIONS ARE AN ESSENTIAL PART OF THE CONSIDERATION TO
iiX FOR ENTERING INTO THIS AGREEMENT. THE LIMITATIONS ARE SPECIFICALLY DESIGNED AND AGREED TO BY THE PARTIES TO
ALLOCATE AND LIMIT RISKS BETWEEN THE PARTIES IN LIGHT OF THE PRICES CHARGED AND THE OTHER BUSINESS TERMS OF THIS
AGREEMENT.
CERTAIN OF THE INFORMATION SERVICES PROVIDED UNDER THIS AGREEMENT ARE FROM INFORMATION SUPPLIED BY VARIOUS
STATE AGENCIES, SERVICE PROVIDERS, AND OTHER SERVICE BUREAUS (COLLECTIVELY, “DATA PROVIDERS”). THE INFORMATION
SERVICES ARE PROVIDED "AS IS" AND NEITHER iiX NOR ITS DATA PROVIDERS IN ANY WAY WARRANTS OR ASSUMES ANY LIABILITY
FOR THE ACCURACY, TIMELINESS, MERCHANTABILITY, FITNESS FOR PARTICULAR PURPOSE AND/OR COMPLETENESS OF ANY
INFORMATION SERVICE PROVIDED UNDER THIS AGREEMENT.
AT THE DIRECTION OF THE CUSTOMER, WHERE PERMITTED, MOTOR VEHICLE REPORTS MAY BE SUPPLIED FROM DATABASE OR
HISTORY FILES. THESE DATABASE REPORTS MAY NOT CONTAIN THE SAME DATA AS A CURRENT STATE REPORT. THE REPORT
WILL BE NOTED AS A DATABASE REPORT AND WILL SHOW THE ORIGINAL REPORT DATE.
NEITHER iiX NOR ITS DATA PROVIDERS ASSUMES RESPONSIBILITY FOR CHARGES INCURRED, LOST REVENUE, OR INCIDENTAL,
SPECIAL, PUNITIVE OR CONSEQUENTIAL DAMAGES OF ANY KIND OR NATURE DUE TO ANY CAUSE WHATSOEVER, INCLUDING, BUT
NOT LIMITED TO, ERRORS IN CUSTOMER INPUT, DUPLICATE REQUESTS, ERRORS IN TRANSMISSION, PROGRAM OR EQUIPMENT
FAILURES, COMMUNICATION PROBLEMS, PROCESS DELAYS, OR SCHEDULE CHANGES. IN NO EVENT SHALL iiX'S OR THE
APPLICABLE DATA PROVIDER’S LIABILITY EXCEED THE CHARGES ACTUALLY PAID TO iiX BY CUSTOMER IN THE THREE (3) MONTHS
IMMEDIATELY PRECEDING ANY SUCH CLAIM.
Insurance Information Exchange, a unit of ISO Claims Services, Inc.
1716 Briarcrest, Suite 200 Bryan, TX 77802
800-683-8553 FAX 979-846-7169
Created 3-19-15
Version S2015.1
9.
CREDENTIALING. Credentialing is the process for verifying that entities are legitimate and their purpose for the use of the Personal Information
is authorized.
9.1
Pre-Service Review iiX will verify Customer’s identity and permissible purpose to request Information Services through a certification or
pre-service review. This review may include but not be limited to a verification of the type of business, confirmation that the stated permissible
purpose for obtaining the product or service is compatible with the type of business conducted, conducting a physical inspection of the premises
to assure that it is a legitimate business facility, verification of specified credentials, and verification of business phone and address records and
web pages through the use of recognized third parties. Customer agrees to cooperate fully with any certification process or pre-service review
prior to iiX permitting access to Information Services.
9.2
Credential Monitoring Customer further agrees to cooperate fully with continued monitoring of Customer credentials. Monitoring includes
the recertification of credentials and update of this Agreement. iiX reserves the right to make such requests as it deems necessary. Failure to
comply could result in restriction or termination of access to iiX Information Services.
10.
AUDIT. Upon receipt of iiX audit requests, Customer agrees to respond within the time period specified in the audit notice or request for
information. Customer shall provide all documentation as requested. This information shall be made available to iiX for review and copying upon
iiX’s request or to any governmental authority upon request. Access privileges to the Information Services will be suspended upon failure to comply
with such requests. Customer agrees that it will not obstruct a governmental authority’s audit at the Customer’s site in connection with the ordering
or use of Information Services.
11.
RETENTION OF INFORMATION
11.1.
Retention of Information Services Customer and its authorized users, including any Outsourcer, shall promptly and adequately
destroy the Information Services (including MVRs) in its/their possession when they are no longer required for the purpose as stated in this
Agreement.
11.2.
Retention of Requestor Information Customer must maintain records identifying each person or entity that receives the Personal
Information and the permitted purpose for which the Personal Information will be used. These records must be retained for a period of (5) five
years and shall include, but not be limited to, the: request date, requested individual, requestor, permissible purpose for each Information
Service, and, as appropriate, signed disclosure/authorization forms from affected consumer(s)..
11.3 Destruction of Information All documents containing Personal Information that have been obtained from or through iiX must be
properly disposed of by taking reasonable measures to protect against unauthorized access to or use of the information in connection with its
disposal. This would include, but not be limited to, implementing and monitoring compliance with policies and procedures that require the
burning, pulverizing, erasing, or shredding of papers or records containing such information so that the information cannot practicably be read
or reconstructed. Electronic files or media containing Personal Information must be destroyed or erased so that the information cannot be
read or reconstructed.
12.
INDEPENDENT CONTRACTING PARTIES. The relationship of the parties shall be that of independently contracting parties. Nothing in this
Agreement shall be construed to create any partnership, joint venture, agency or other similar relationship. Neither party shall have the right or
authority to create, assume or imply any obligation or responsibility on behalf or in the name of the other party or bind the other party in any manner.
13.
NOTICES. Notices sent to either party shall be effective when delivered in person, one day after being sent by overnight courier, or five (5) days
after being sent by certified mail postage prepaid to the address set forth above for such party, or to such other address as the party to which such
notice is being sent may from time to time have specified in an earlier notice to the party sending such notice. In addition, notices to Customer sent
by e-mail to the Customer’s e-mail address identified in this Agreement shall be effective when sent. Customer shall notify iiX of any changes in
Customer’s e-mail address.
14.
CHOICE OF LAW. This Agreement shall be governed by and construed in accordance with the substantive laws of the state of New York. The
state or federal courts of the State of New York shall have exclusive jurisdiction over any claims arising out of or in any way related to this
Agreement.
15.
FORCE MAJEURE. Except for payment obligation, neither party shall be liable for any failure or delay in performance directly or indirectly
caused by acts or omissions beyond the reasonable control of the party required to perform. In the event that a party is asserting force majeure as
its reason for failing to perform timely, such party shall immediately notify the other party of the situation and shall use every reasonable effort to
remove the condition of force majeure and begin performance.
16.
MISCELLANEOUS. This document and any amendments as well as the Exhibits referenced in it and all documents referred to in the attached
Exhibits constitute the entire agreement between the parties with respect to the subject matter of this Agreement and supersede all other
communications, whether written or oral. Except as set forth in Section 4.9, this Agreement may be modified or amended only in a writing signed by
both parties. Waiver of any provision in this Agreement in one instance shall not preclude its enforcement in the future. Headings are for reference
purposes only and have no substantive effect.
17.
SEVERABILITY. The provisions of this Agreement shall be severable, and if any provision of this Agreement shall be held or declared to be
illegal, invalid or unenforceable, such illegality, invalidity, or unenforceability shall not affect any other provision, and the remainder of this
Insurance Information Exchange, a unit of ISO Claims Services, Inc.
1716 Briarcrest, Suite 200 Bryan, TX 77802
800-683-8553 FAX 979-846-7169
Created 3-19-15
Version S2015.1
Agreement, disregarding such invalid portion, shall continue in full force and effect as though such invalid provision had not been contained in the
Agreement.
18.
SURVIVAL. The provisions of Sections 2, 3, 4, 5, 6, 8, 10, 11, 13, 14, 15, 16, and 17 of this Agreement shall survive the expiration, cancellation,
termination or non-renewal of this Agreement.
19.
COUNTERPARTS. This Agreement may be executed in two or more counterparts, each of which shall take effect as an original and all of which
together shall evidence one agreement.
20.
ASSIGNMENT. Customer may not assign or subcontract this Agreement without the prior written permission of iiX and any such assignment or
delegation, either full or partial, to any third party is void and of no effect. A merger, consolidation, reorganization or other change of control shall be
considered an assignment for the purposes of this Agreement. All terms and provisions of this Agreement shall be binding upon and inure to the
benefit of the parties to this Agreement and their respective permitted transferees, successors and assigns.
THE UNDERSIGNED CERTIFIES THAT HE/SHE HAS READ, UNDERSTANDS, AND AGREES TO THE TERMS AND CONDITIONS
DESCRIBED IN THIS SUBSCRIPTION AGREEMENT, AND ANY APPLICABLE STATE AGREEMENTS. THE UNDERSIGNED FURTHER
AFFIRMS THAT THE STATEMENTS MADE IN THIS AGREEMENT ARE TRUE AND CORRECT, THAT HE/SHE HAS DIRECT KNOWLEDGE OF
THE FACTS CERTIFIED IN THIS AGREEMENT, AND THAT HE/SHE HAS AUTHORITY TO MAKE THE ABOVE REPRESENTATIONS AND TO
ENTER INTO THIS AGREEMENT AS A PERSON LEGALLY AUTHORIZED TO BIND THE COMPANY (OWNER, OFFICER, DIRECTOR,
PARTNER, PRINCIPAL, OR OTHER REPRESENTATIVE WHO IS LEGALLY AUTHORIZED TO BIND THE BUSINESS).
SIGNATURE: DATE:
Owner or Officer or Legally Authorized Representative
NAME (Printed): TITLE:
EMAIL ADDRESS OF SIGNEE_
Insurance Information Exchange, a unit of ISO Claims Services, Inc.
1716 Briarcrest, Suite 200 Bryan, TX 77802
800-683-8553 FAX 979-846-7169
Created 3-18-15
Version S2015.1
ADDENDUM - SECURITY QUESTIONAIRE - Please attach answers on separate page if needed
1.
Does your Company have a documented Security Plan regarding dissemination of information?
Yes No If yes, please attach a copy of this plan.
2.
Regarding steps taken by you to secure data and prevent unauthorized access to Information Services provided by iiX please answer the
following:
a.
Is there a URL where End Users will access the MVR data? Yes _ No
If Yes, what is the address?
b.
Please explain data security methods (physical, technical, encryption, etc.).
c.
Describe authentication measures for your End Users.
d.
If leveraging passwords, do they expire? Yes No If yes, how often?
e.
If information is maintained on a server, or provided via the internet, what hardware / software is in use to prevent unauthorized
access of your data center? (such as firewall, VPN, etc)
f.
What management controls are in place to monitor access and dissemination which include the delivery mechanism?
3.
Internet dissemination includes public e-mail, World Wide Web access, FTP and all other mechanisms where data is transmitted across
the Internet. Are your End Users permitted to disseminate any MVRs over the Internet?
Yes No
If yes, please explain the process including security measures in place.
Insurance Information Exchange, a unit of ISO Claims Services, Inc.
1716 Briarcrest, Suite 200 Bryan, TX 77802
800-683-8553 FAX 979-846-7169
Created 3-19-15
Version S2015.1
Customer Name
iiX Account Number
Customer Requirements for Access to iiX Information Services
1. Requirements apply to ALL customers that will order and/or access any Information Services provided through iiX.
Please place your initials next to each item to affirm your agreement and sign below.
a. Physical Security - All Customer Information technology assets that house or process records provided through iiX Information
Services will be physically secured from unauthorized access and physical access must be tightly controlled.
b. iiX Information Services Audit Logs - All access of iiX Information Services data, no matter where it exists, will be logged, with the
following: name of individual accessing, date/time of access, reason for access, and Identity of End User to whom the information was
provided. These logs will be maintained as long as the data is accessible, and then for five (5) years after the record is deleted. Audit
logs should be reviewed regularly for suspicious activity.
c. Limited Retention of Data - After records provided through iiX Information Services are received from iiX, and used for the purpose
stated in your iiX subscription agreement, the record must be deleted once the permitted purpose for which it was ordered ceases to
exist, unless longer retention is required by Federal or State law.
d. Protection from Attack - Adequate measures such as IPS and IDS devices, and system log monitoring will be employed to insure
that unauthorized users cannot successfully attack Customer information technology assets in a manner that allows iiX provided
records to be compromised.
e. Periodic Vulnerability Scanning and Penetration Testing Customer information technology hosts and networks that hold or
process records provided though iiX Information Services will be periodically scanned for known vulnerabilities to see if vulnerabilities
could be exploited. Periodic vulnerability scanning and penetration testing must be in place to protect the provided records.
f. Customer Audits Internal and independent audits to review the protection and access of iiX Information Services will be conducted
by iiX at random or when suspicious activity is suspected regarding a Customer’s account.
g. Process in Place to Apply Vendor Patches - Customer will have a formal procedure in place to install vendor recommended
security patches in a timely manner for all information technology assets, hosts and networks, which process records provided
through iiX Information Services.
h. Confidentiality and Security Awareness - The Customer will provide annual security training to educate their employees on best
security practices, and have a Confidentiality Agreement signed by each individual who accesses iiX Information Services.
i. Off-Site Information Services Data - Best industry practices require business data to be backed up and stored off-site, so the same
security protection standards listed in this Section will apply to records provided through iiX Information Services where ever it is
stored. If stored in a third party facility, then the applicable data must be transmitted and stored in an encrypted format for data
protection.
j. Annual Report of Data Protection Standards - iiX may annually request that a detailed description of the Customer's data
protection practices, covering each bullet item within this Requirement document, be provided to iiX. This information may be
compiled in a confidential and proprietary report provided to a State provider upon request. Customer will be notified of such request
in advance of iiX providing the information to the applicable State.
Insurance Information Exchange, a unit of ISO Claims Services, Inc.
1716 Briarcrest, Suite 200 Bryan, TX 77802
800-683-8553 FAX 979-846-7169
Created 3-19-15
Version S2015.1
No
Customer Name
iiX Account Number
k. Customer IT Security Policies and Procedures - If requested by iiX, the Customer will provide an electronic copy of their IT
Security Policies and Procedures. This information will be treated as confidential and proprietary by iiX and the State provider. This
information may be compiled in a confidential and proprietary report provided to a State provider upon request. Customer will be
notified of such request in advance of iiX providing the information to the applicable State.
l. Computer Incident Response - The Customer will have a Computer Incident Policy and Procedure program in place. If the
Customer or an End User experiences a Computer Incident iiX will be notified immediately upon the Customer’s or End User’s
discovery of the incident. Depending on the severity of the incident, Customer may be required to notify the potentially affected
citizens of the incident and what protective measures are being taken to contain it in compliance with State or Federal law.
2. All customer applications on the Internet that are utilized in any way for the dissemination of records received from iiX Information
Services must utilize the following minimum security requirements. Internet dissemination is defined as the delivery or display of
any data received from iiX to any third party or user via the internet.
Do you disseminate iiX data as defined above? Yes
If Yes, please review the information below and place your initials next to each item.
a. Identification and Authorization of Users
Each unique individual End User with online access to iiX data will be identified.
Access to iiX data will be authenticated with individual accounts that adhere to the unique identifier and password rules described in
Section b. Password and Web Application Requirements.
Only users with a legally permitted permissible purpose for accessing iiX data will be allowed to view reports provided by iiX.
b. Password and Web Application Requirements
Passwords must be 8 to 20 characters in length.
Passwords must contain 3 out of 4 of the following:
upper case letters
lower case letters
numbers
special characters such as: ! @ # $ % ^ : & * - + = ? ( ) [ ]
Passwords may not contain the User SignOn. For example, user ABC may not have a password of AbC123456, or 09876Abc.
Passwords must expire every 60 days.
Passwords may not be reused within a 24 month period.
Applications must be encrypted with at minimum 128 bit technology
THE UNDERSIGNED CERTIFIES THAT HE/SHE HAS READ, UNDERSTANDS, AND AGREES TO THE TERMS AND CONDITIONS
DESCRIBED IN THIS DOCUMENT. THE UNDERSIGNED FURTHER AFFIRMS THAT CUSTOMER ASSUMES ALL LIABILITY FOR ANY AND
ALL DAMAGES ARISING FROM OR IN CONNECTION WITH CUSTOMER’S FAILURE TO COMPLY WITH THE SECURITY REQUIREMENTS
CONTAINED HEREIN, AND THAT HE/SHE HAS AUTHORITY TO MAKE THE ABOVE REPRESENTATIONS AND TO ENTER INTO THIS
AGREEMENT AS A PERSON LEGALLY AUTHORIZED TO BIND THE COMPANY (OWNER, OFFICER, DIRECTOR, PARTNER, PRINCIPAL,
OR OTHER REPRESENTATIVE WHO IS LEGALLY AUTHORIZED TO BIND THE BUSINESS).
SIGNATURE: DATE:
Owner or Officer
NAME (Printed): TITLE
Download
Save PDF to desktop
Email
Email completed PDF
Send for Signing
Email for others to sign
Print
Print document
Choose a Field
Click on a field and
select the person that should complete it
Want to add a signature?
You can add a signature field
and assign it to someone else
to sign
Choose a Field
Click on a field and
select the person that should complete it

Form 1.: iiX, A Verisk Analytics Business Sub-Vendor (IntelliCorp)

This document is locked as it has been sent for signing.

You have successfully completed this document.

Other parties need to complete fields in the document. You will recieve an email notification when the document has been completed by all parties.

This document has been signed by all parties.

Completed 29 July 2020

Message

View Audit Log
Print With Audit Log
Duplicate Document