HB Ad Slot
HB Mobile Ad Slot
Buying Cloud-Based Health IT Systems in 2012
Sunday, February 12, 2012

If you are in the market in 2012 to purchase a cloud-based Health IT system, protect your investment with these contracting tips.

Top 10 Contracting Tips

1. Promises, Promises – Get Them in Writing

Whatever aspects of the vendor’s product offering were the basis of your procurement decision – promised features or functions, scalability, 24 by 7 support, on-site training – make sure all of those commitments are clearly memorialized in the contract.

2. Good Planning Means Implementation Success

Take the time and engage the resources to scope the implementation with the vendor before signing the contract. Set clear timelines and clear deliverables and incorporate the detailed implementation plan into the contract.

3. Payment Terms that Reflect a Commitment to Success

Structure the payment terms so that payment for the system occurs after successful implementation and launch of the system has been achieved in your organization.

4. Protect Against Obsolescence

Select a vendor that will agree to provide updates to the offering to keep pace with regulatory changes as well as with innovations in technology. Make sure that the vendor will continue to support the product for a long enough period of time to justify your investment.

5. Know Your Vendor

Conduct due diligence on the quality, integrity, and financial stability of the vendor. Protect yourself against a vendor delegating its responsibilities to a less reliable party by requiring the vendor to get your consent before using a subcontractor. Require the vendor to conduct background checks on its personnel, including any approved subcontractors.

6. Know Where Your Data Resides

Require the vendor to maintain the data in a location that you have the right (and reasonable ability) to inspect. Restrict the vendor from relocating the data without your prior consent.

7. Your Data – A Valuable Asset

Restrict the vendor from using your data for any purpose other than to provide the services under the contract. Ensure that you will always have the ability to retrieve your data from the vendor promptly, in a user-friendly format, with no exorbitant fee for such return.

8. Protect Your Data – It’s the Law

Require the vendor to comply at all times with applicable privacy law and the vendor’s written security policy (the adequacy of which you have confirmed). Require the vendor to perform best practices backup procedures and maintain a best practices disaster recovery plan (the adequacy of which you have confirmed).

9. SOC 2 Report

Verify that the vendor undergoes an annual audit of its service organization controls (SOC) and require the vendor to provide you with a copy of its annual SOC 2 report. The SOC 2 report will attest to the vendor’s controls over its systems relative to security, availability, processing integrity, confidentiality and privacy.

10. Plan for Termination Now

Negotiate now for a transition period that gives you ample time to transition away from the vendor’s solution no matter what the reason for termination. Require the vendor to assist with your transition at a reasonable hourly rate.

HB Ad Slot
HB Ad Slot
HB Mobile Ad Slot
HB Ad Slot
HB Mobile Ad Slot
 
NLR Logo
We collaborate with the world's leading lawyers to deliver news tailored for you. Sign Up to receive our free e-Newsbulletins

 

Sign Up for e-NewsBulletins