From the Provider/Licensee Perspective

The landscape is clear – electronic health records (EHR) and health information technology are a mainstay. In 2004, then-President George W. Bush called for a national push towards greater health information technology and created by executive order the Office of National Coordinator for Health Information Technology.  In 2009, the Congress passed the HITECH Act, which exponentially increased government spending, and regulation related to the adoption of a national EHR system.  In December of 2013 the Office of Inspector General and the Centers for Medicare and Medicaid Services extended regulatory protections under the federal Anti-Kickback Statute and physician self-referral law for the donation of items or services such as software, information technology and training services that are necessary and used predominantly to support EHR systems through 2021.

Although many practices may take advantage of donated EHR systems, most healthcare providers will find it necessary to contract directly with information technology vendors to upgrade their computer systems and to take advantage of financial incentives available to implement and use EHR systems. 

The healthcare software vendor often presents a preprinted form license and services agreement (usually in small typeface) for execution by the provider. Many times a provider will focus only on the various license and service fees, and terms for payment, to the exclusion of other, often-time, critical business and operational issues. We find that the preprinted form agreements, by inclusion of certain objectionable non-price terms and by omission of other terms, are almost always one-sided in favor of the vendor. This article provides suggestions for negotiating some of these common provisions.

Implementation

Most vendor form agreements will omit any detailed discussion of the implementation services – including installation of the software on the customer’s computer hardware, infrastructure implementation on the customer’s operating and database software systems, data conversion and configuration for end-users. Customers should insist that implementation services be specified; that a schedule be established for achievement of milestones, that testing is performed prior to a “go-live” date and acceptance criteria is developed. These concerns apply as well to “software as a service” (SAAS) systems. The expected “functionality” of the software, and each module being purchased, should also be specified in detail in the license agreement. This can be done by incorporating by reference the software specifications and/or vendor documentation as schedules to the contract. The vendor should also be obligated to repair errors/defects identified in preliminary testing within a specified period of time.

Financial Terms

Most vendors will seek to “front load” the fee structure, so that a large license fee, perhaps a separate implementation fee and an annual support fee are payable in lump sums upon execution of the agreement. However, depending on the vendor’s market power, we recommend negotiating a license fee payable in installments as milestones are achieved, with the bulk of the fee payable after the software is implemented and a “final acceptance” certificate is executed by the provider in accordance with the testing/acceptance procedures. Alternatively, if successful implementation is not achieved, a prepaid license fee should be refundable.

Software Warranties

Typically, a vendor will attempt to disclaim all warranties with respect to the software in its form agreement. If the vendor provides a warranty, it is typically for a short period of time and the customer’s remedy for a breach is typically limited – for example; fees paid in the prior six months or a remedy limited to repair or replacement of the software. Limitations on remedies often do not provide adequate protection for the customer. A provider should negotiate that a vendor warrants the software and complies with certain standards. For example, the software should (1) provide the functionality as described in whatever detailed description and/or specifications are incorporated by reference; (2) be free of material defects; (3) comply with HIPAA and all applicable privacy laws; and (4) be free of “lock-up” devices.

Maintenance and Support; Hosting Services

A provider should always keep in mind that successful and continuous operation of its information technology systems is critical to its business and the welfare of its patients. The agreement should address the vendor’s obligations to provide support after implementation. For example, are the error classification protocols and response times for correction adequate for the provider’s needs? Are support services available 24/7, or limited to weekday business hours (on Central Time, Eastern Time or otherwise)? Are emergency technical support services included within the support services, or are they subject to additional charges?

Default by Vendor; Access to Source Code

The agreement should also address what happens if the vendor defaults with respect to its support obligations, or goes out of business. In such instances, the agreement should allow the customer access to the source code for the software. The agreement could obligate the vendor to deposit a copy of the source code with an escrow agent, with a continuing obligation to update the source code held in escrow with the most current version and a provision requiring release of the source code upon specific conditions such as material breach by the vendor. Alternatively, upon the occurrence of specified “release conditions” the provider could be given an enforceable contract right, against the vendor for delivery of the source code. However, the disadvantage of this alternative is that the vendor may fail to comply – and enforcement takes time.

Most contract terms are subject to negotiation with the vendor and can be changed to be more fair to the provider.