Terms of Service

Last updated: January 20, 2025

1. Service Overview

Nox Security provides compliance assessment and consulting services, including:

• Compliance Gap Reports: 48–72 hour analysis of SOC 2, HIPAA, and ISO 27001 posture
• PreCheckMD: Healthcare-specific security assessments for PACS/RIS and medical systems
• Consulting Services: Expert guidance on remediation and implementation

2. Service Terms

Engagement Process

• Services begin upon signed agreement and payment
• Standard turnaround: 48–72 hours for initial assessments
• Pricing: From $2,500 for compliance checks, from $2,500 for PreCheckMD
• Payment terms: Due upon engagement unless otherwise agreed

Deliverables

• Written reports in PDF format
• Follow-up consultation call included
• Remediation guidance and priority recommendations
• Control mapping to relevant frameworks

3. Client Responsibilities

To ensure effective service delivery, clients must:

• Provide accurate and complete information about systems and processes
• Grant necessary access to documentation and personnel
• Respond promptly to information requests
• Maintain confidentiality of assessment methodologies

4. Limitations and Disclaimers

Service Scope

• Assessments are point-in-time evaluations based on provided information
• Reports identify potential gaps but do not guarantee compliance
• Recommendations require client implementation and ongoing maintenance
• No warranty of audit outcomes or regulatory approval

Limitation of Liability

Our liability is limited to the fees paid for services. We are not liable for:

• Indirect, consequential, or punitive damages
• Business interruption or lost profits
• Third-party audit outcomes
• Regulatory actions or penalties

5. Confidentiality

We maintain strict confidentiality regarding:

• All client information and assessment findings
• System architectures and security configurations
• Business processes and operational details
• Proprietary methodologies and tools

6. Intellectual Property

• Assessment reports and recommendations become client property upon payment
• Nox Security retains rights to methodologies, templates, and general knowledge
• Clients may not redistribute or resell assessment tools or methodologies

7. Data Protection

We implement appropriate security measures for client data, including:

• Encryption of data in transit and at rest
• Access controls and authentication
• Secure data destruction after retention period
• Compliance with applicable privacy laws

8. Cancellation and Refunds

• Cancellation must be requested within 24 hours of engagement
• Refunds available if services have not commenced
• No refunds once assessment work has begun
• Disputes resolved through good faith negotiation

9. Professional Standards

Our services are provided in accordance with:

• Industry best practices and standards
• Professional ethics and conduct guidelines
• Applicable laws and regulations
• Client confidentiality requirements

10. Modifications

These terms may be updated periodically. Continued use of services constitutes acceptance of updated terms. Significant changes will be communicated via email.

11. Governing Law

These terms are governed by the laws of Ontario, Canada. Disputes will be resolved in Ontario courts.

12. Contact Information

For questions about these terms or our services:

Email: legal@noxsecurity.io
Business Email: hello@noxsecurity.io