abouttechinfo spending for hardware, software and consulting services accounts for a significant portion of most health care providers budgets today, especially since the Obama Stimulus Plan and HITECH Act are incentivizing providers to implement electronic health records. In a perfect world, technology works perfectly, improves efficiency and the quality of care and makes life easier for the provider. However, the real world is not perfect and things can, and do, go wrong with technology products and services after you purchase and/or license them from third party vendors. Technology contracts generally are written by the vendors and consultants. Unfortunately, many technology contracts fall short of giving providers adequate protection and often contain hidden pitfalls and costs. Despite this fact, many providers never give these contracts to experienced health lawyers to help them negotiate better terms and protections for their high-tech investments BEFORE signing. This is a potentially costly practice. Every health care provider should be concerned with at least the following FOUR KEY ISSUES, which should be addressed in any technology contract:
Warranties and Limitations of Liability: Despite elaborate sales presentations, technology contracts typically disclaim most, if not all, warranties and limit the liability of vendors to only refunding all or part of the purchase or license price paid for the technology. Such refunds are inadequate to protect the average provider when problems arise. A technology vendor should be required to give a written warranty in the contract that its product will perform in accordance with documented standards and for a reasonable period of time. At a minimum, this time period should be long enough for the provider to evaluate the technology in its operations. A better solution is to require a warranty for the useful life of the technology, or as long as there is a support and maintenance service agreement in place. A vendor also should not be allowed contractually to limit its liability on default only to return of the purchase price. If a provider suffers actual damages caused by the technology, the vendor should be required, in writing, to stand behind its product and services and reimburse such damages. A reasonable compromise is to require the vendor at least to tender the limits of its insurance coverage, which creates minimal additional risk to the vendor while better protecting the provider.
Payments & Performance: A provider should not agree to pay the full purchase price up front, as is often a contract requirement, leaving the vendor with little incentive to complete its responsibilities. The parties should mutually agree in advance upon a project timetable with milestone targets for delivery and implementation of the technology. Payments should be made in installments conditioned upon reaching the targets. In addition, providers should build in testing rights, in order to evaluate whether the technology is performing as promised. The provider always should have the final say in whether a test provides a successful outcome and whether the final payment should be made to the vendor.
Support and Maintenance: A technology hardware purchase or software license is only as good as the support and maintenance that goes along with it. The vendor should be willing to provide support for at least a defined useful life of the technology. Several questions should be answered in a written support agreement. Are updates or upgrades provided without additional charge? Will the vendor perform on-site or off-site support and maintenance? Will the provider pay a monthly fee plus an hourly charge or is there only an hourly charge? Does the hourly charge differ depending on when or what level of support is needed? Do the charges increase over the term of the support agreement? What is the vendor agreeing to support? Will changes made to the technology by the provider automatically terminate the warranty or support obligations? Unless the contract is specific regarding essential issues, a provider may find itself paying for less or different support and/or maintenance services than needed or expected.
Confidentiality: Confidentiality of patient health information is a critical issue. Federal HIPAA law has a variety of privacy and security rules providers and their business associates must follow. In addition, some states, including Florida, have enacted legislation that requires entities that conduct business in the state and which maintain computerized data that contains personal information to provide notice to any resident if there is a breach of security. A technology contract should specify if the vendor will have access to any of the confidential patient information. A health care provider must require the vendor and its employees to maintain the confidentiality of such information under federal and many state laws. The technology contract also should expressly protect the confidentiality of provider trade secrets and other proprietary information to which a vendor or consultant may have access.