Close this search box.
Close this search box.

Standard Description of Hosting and Maintenance Services


Within3 continues to invest in product development to improve the quantity and quality of features with the Within3 Connect Platform. As part of the license agreement, Within3 customers gain the right to access these upgrades as they become available over the course of the license term. To the extent that any professional services are required to configure new features for a specific community (as opposed to those upgrades which can simply be applied as-is to the existing community implementation), they are priced separately on an as-needed basis.  


Within3 will work to correct bugs or errors are identified in its software. Within3 customers gain access to all maintenance patches as they are released. These are applied during maintenance windows. Within3 reserves the right to apply emergency maintenance fixes as needed outside pre-set maintenance windows. 


Within3 maintains an enterprise-class hosting environment and provides global access to its software to all customers over the Internet during the license term. These standard services include 99.9% uptime availability for all communities, customer data backup, retention, and restoration, use of standard security protection infrastructure, and a standard disaster recovery service.  


Technical support service terms include access to Within3 technical support staff via phone and email for the purposes of error handling, administrative support, and user assistance. Up to 10 hours per month of technical support is provided per software license, beyond which additional services fees will be negotiated. 


Within3, subject to customer consent, may make use of generative artificial intelligence systems to summarize information, which in some instances may include personally identifiable information received from consenting customers. Within3 does not warrant or guarantee the accuracy and completeness of processing results. Accordingly, you acknowledge and agree that Within3 shall not be liable for any errors or omissions resulting from processing conducted by Generative AI. Customers that consent to Within3’s use of Generative AI do so at their own risk.

Approach to Industry Compliance

The three most common compliance discussion areas we encounter are concerned with health care professional (HCP) and patient finances (FMV; member contracting; Sunshine Act), improper discussion (off-label; AE reporting; discoverability) and security/privacy (member privacy; information and security; GDPR; data retention).  

Risk Avoidance

Our approach in dealing with these areas of concern begins with risk avoidance whereby as part of the onboarding process our Client Success team ensures that every member is trained and comprehends what is expected of them during the duration of the session, in terms of nature of participation and behavior. Standard practices include: 

  • Training for members via in-person/web conferencing sessions 
  • Training for monitors/moderators via in-person/web conferencing sessions 
  • Careful framing of site content and purpose 
  • Careful framing of user communications 
  • Site terms-of-use 
  • Guideline checkboxes 
  • Posted guidelines within environment 
  • Links to systems (AE, etc.) as warranted within the site 
  • Exposure to Privacy Policy 
  • Reminders in questions, moderator posts, or emails as needed 

HCP & Patient Finances

Although the contracting process with external stakeholders is the same as a real-time event, the contracts themselves are typically altered in an over-time event from time spent in a meeting to payment by milestone: 

Within3 has FMV guidelines and templates to help guide you through the process of contracting with HCPs and other important external stakeholders. 

Continuous Monitoring

After risk avoidance, there is continuous monitoring. It is worth noting here that over-time venues, such as ours, do not behave like same-time venues. Over-time venues have highly structured questions and content, which provide participants with the time to reflect on responses and consult relevant materials. This structure results in deliberate thoughts and comments rather than the spontaneous discussion typically associated with same-time venues. Because of the inherent nature of the over-time venue, non-compliant discussion behavior occurs far less frequently than in real-time venues. 

 Questions related to advisory boards versus broader social media are primarily concerned with the closed and controlled, versus open and uncontrolled environments. By way of context baseline, a virtual advisory board meeting on the Within3 platform has: 

Typically, 8-12 identified participants 

  • All participants under contract 
  • All participants oriented on proper behavior and conduct 
  • Environment enforces compliance safeguards 
  • Environment available only for specified number of days (average is 14) 
  • Typically, 10-20 comments per advisor, not thousands

Ensuring Compliant Discussion

The Within3 Connect platform has four levels of discussion filtering to ensure that participation is always compliant: 

  • Open: members post comments that are immediately added to discussions 
  • Preventive: members are prompted to edit comments when excluded keywords or phrases are detected 
  • Reactive: comments containing excluded keywords or phrases are held for moderator review 
  • Controlled: all comments are held for moderator review

As a safeguard, any posted comment may be removed from the community. 

“The virtual format reduces the burden on the advisors and on my team, at a significantly reduced cost.”