Gaining Contract Advantage with EHR Vendors

WARRANTIES

Most vendors provide minimal to nonexistent warranties in their form contracts. It is crucial for providers to include these kinds of warranties: system compliance with functional and performance specifications; compatibility of components; viruses and disabling devices; prevention of unauthorized access or usage of system; sunset protection; availability of support/maintenance; vendor replacement of third party software; regulatory compliance; interoperability; service levels; personnel qualifications; transition, along with many other important issues.

If the vendor's product is essential to achieving meaningful use, then it should also warrant to fully cooperate with the provider to enable it to achieve meaningful use. The vendor should warrant that its product is and will remain certified by one of the Office of the National Coordinator for Health Information Technology (ONC) Authorized Testing and Certification Bodies.

Considering the compressed timelines for qualifying for the maximum incentive payments, a vendor's breach of these warranties would have a significant negative financial impact on the customer. Therefore, if a healthcare provider fails to qualify for the HITECH incentive payments because of its vendor's failure to obtain certification, inability to deliver products that enable the provider to achieve the necessary measures and objectives, remain certified or cooperate fully with its customer, the provider should be entitled to a refund of all fees paid to the vendor under the agreement and possibly additional damages as well. This will represent one of the most difficult areas to negotiate.

IF THE VENDOR'S PRODUCT IS ESSENTIAL TO ACHIEVING MEANINGFUL USE, THEN IT SHOULD ALSO WARRANT TO FULLY COOPERATE WITH THE PROVIDER TO ENABLE IT TO ACHIEVE MEANINGFUL USE.

LIMITATION OF LIABILITY AND INDEMNIFICATION

The limitation of liability (LoL) clause is often the most contentious areas of negotiation. However, failure to adequately address this may result in the inability to recover or even claim damages for actual losses suffered as a result of breach of contract or negligence by the vendor. It is essential to “carve out” a number of areas from the LoL's operation, including breach of confidentiality and privacy (including breach notification expenses under HIPAA); personal injury, death and property damage; intellectual property infringement; and, if possible, the vendor's breach resulting in the provider's failure to achieve meaningful use in a timely manner.

THE LIMITATION OF LIABILITY CLAUSE IS OFTEN THE MOST CONTENTIOUS AREAS OF NEGOTIATION. HOWEVER, FAILURE TO ADEQUATELY ADDRESS THIS MAY RESULT IN THE INABILITY TO RECOVER OR EVEN CLAIM DAMAGES FOR ACTUAL LOSSES SUFFERED AS A RESULT OF BREACH OF CONTRACT OR NEGLIGENCE BY THE VENDOR.

A good contract should also contain strong indemnification provisions and warranties. The indemnification should protect the purchaser from HIPAA and privacy/confidentiality violations by the vendor; third party claims for bodily harm, injury or death caused by the vendor's personnel or software; as well as claims that the software infringes on third party patents, trademarks or copyrights, or misappropriates trade secrets.

Most troubling, perhaps, are the indemnification obligations imposed by vendors on provider-customers. It is not uncommon for vendors to require customers to indemnify them for any third-party claims brought against the vendor as a result of the vendor-provider relationship, even when the claims arise from the vendor's own fault or negligence. Agreeing to such a provision could be disastrous for providers whose existing contracts with malpractice insurance carriers may exclude such indemnifying arrangements from coverage. In other words, if a provider agrees to indemnify one's EHR vendor, and incurs damages as a result of this obligation, that provider's malpractice insurance company may refuse to cover such damages.

TESTING AND ACCEPTANCE

The agreement for implementation of an EHR system or other technology required for achieving meaningful use and qualifying for the ARRA incentive payments should include comprehensive acceptance testing procedures, a methodology and remedies for failure to achieve successful acceptance testing, including but not limited to a refund of all monies paid. However, such a refund remedy will leave the customer without a means of achieving meaningful use, and, therefore, unable to collect the incentive payments. Thus, a healthcare provider should consider whether a vendor's failure in this context should warrant additional or alternative damages, as described above.

PRICING AND PAYMENT TERMS

In reference to payment terms, it is best to negotiate objectively measurable performance milestones that the vendor must achieve before payment is required, rather than the standard calendar or time-based milestones common in vendor contracts. These milestones should be coordinated with detailed acceptance testing criteria. For example, 10 percent of the contract price may be paid upon execution, 20 percent upon delivery, 30 percent upon completion of installation, and the remaining 40 percent upon final acceptance.