The operational and financial role of health information technology (“HIT”) is rapidly increasing. The provision of HIT services and products is generally governed by lengthy and complex agreements. Unless you are directly and actively involved in the negotiation process for each product or service, reviewing, understanding and evaluating these agreements can be a daunting task. While there are many details to each of these transactions that should be analyzed, before the agreement is signed the authorized signatory should consider the following:
Is the product and/or service adequately described?
Does the agreement provide a delivery date and/or acceptance process?
Does the agreement provide an exit plan, and is the purchaser aware of the total cost of termination?
Does the vendor have meaningful liability exposure such that the vendor is encouraged to mitigate risk and the purchaser can be made whole?
Defining the Product or Service
HIT agreements are notorious for poorly defining the product or service being provided. The agreement should contain a descriptive explanation of the product rather than a reference to the product brand name (e.g., “vendor is licensing a universal EHR interface that will connect between hospital’s x brand clinical system and accept data feeds from physician office EHR systems, including, but not limited to, those licensed by vendor 1, 2 and 3,” rather than “vendor is licensing to hospital its TalkToAnything software”). With respect to services, the agreement should identify the result of the efforts of the services to be experienced by purchaser, not merely the description of services (e.g., “an operating x brand clinical system, inclusive of migrated data,” rather than “100 hours of senior analyst time”).
It is often the case that the IT business owner and vendor salesperson have had extensive conversations regarding how the product or service will perform and the purpose for which the product or service is being acquired. If the product or service is being used to fulfill a regulatory obligation, the regulatory obligation and the vendor’s obligation to provide a product or service that fulfills that regulatory obligation should be expressly stated in the agreement. Conversations and sales literature that are not incorporated into the agreement will not be binding on the vendor in the event of a later dispute; therefore, the reader should be able to understand what is being provided under the agreement from its four corners and without the need for background or industry knowledge.
Delivery Date and Acceptance
After defining the product or service, consideration should be given to understanding how the purchaser will know that the product has been delivered or services have been completed. Many IT vendors will provide a “delivery date” but will not state how the purchaser will know that the item or service has been delivered. If the product is software, the agreement should provide an opportunity for the purchaser to validate that the software performs in accordance with the technical documentation provided as part of the sales process (e.g., delivery of a CD without the ability to verify the content of the CD is not sufficient). With respect to services, the purchaser should have an opportunity to validate the functionality or quality of the work product or deliverable.
Most importantly, the agreement should expressly provide a mechanism for the vendor to fix any defects in the product or service and define the remedy if the defect is not corrected within a specified period of time. A warranty that the vendor will fix the product or service if it fails to perform in accordance with documentation or the work order is not a substitute for an acceptance process.
HIT projects fail, user preferences change and the best product today may fall out of favor tomorrow. The total cost of terminating an agreement (whether for cause or for convenience) should be understood prior to signing the agreement. The total cost is not limited to the termination fees in the agreement and may include the cost of associated hardware, loss of productivity as a result of training and operational costs due to workflow revisions. The exit plan should include not only financial consideration but, where appropriate, transition assistance.
The limitation of liability provision of an agreement is a key provision in evaluating the adequacy of the exit plan. When an agreement is terminated for cause as a result of breach by the vendor, the vendor’s liability should be more than simply releasing purchaser from future payment obligations. Generally, vendor liability should be unlimited for disclosure of confidential information, intentional acts and indemnification obligations and otherwise, if limited, should be limited to a multiple of the fees to be paid under the agreement.
Avoid getting caught in “warranty purgatory” by ensuring that when a material defect is reported to the vendor, the vendor has a clearly defined window to correct the deficiency. If the defect is not cured within such window, purchaser has a right to terminate the agreement for cause. If the vendor merely has an obligation to use commercially reasonable efforts to fix a defect, the customer may not have a right to terminate the agreement when the priorities of the vendor are not in line with those of the customer (e.g., if a change must be made to software in order for a hospital to bill in a specific state and the vendor has a low customer base in that state, the vendor may have little incentive to assign enough resources to make the change in a timely manner).
Meaningful Vendor Liability
Risk should be carried by the party in the best position to mitigate the risk. If the agreement includes a limitation of liability clause, it should be reciprocal and should exclude certain acts for which the vendor should not limit its liability, such as a breach of the business associate agreement (HIPAA obligation), breach of confidential information, indemnification obligations, acts of gross negligence and willful misconduct. Consideration should also be given to whether vendor liability is sufficient to cover the costs of exiting the agreement in the event of a termination resulting from vendor breach. Finally, the capacity of the vendor to bear the cost of performing its contractual obligations in the event of a breach affecting all customers (e.g., data breach) should be considered, and where appropriate, additional insurance should be acquired either by the vendor or purchaser.
Analysis and negotiation of HIT agreements requires substantial focus and analysis. Hall Render’s HIT practice has 20 attorneys with experience in representing health care providers in the acquisition of HIT and resolution of disputes with HIT vendors. If you have any questions regarding an HIT agreement or wish to discuss the above considerations, please contact Michael Batt at email@example.com or (317) 977-1417 or your regular Hall Render attorney.