Skip to content Skip to navigation

Looking Under the Hood

January 25, 2011
by Mark Hagland
| Reprints
An attorney expert examines some of the current legal issues around vendor contracts

Jeff Ganiban is a partner in the Washington, D.C. law firm Drinker Biddle and Reath LLP, specializing in healthcare technology, including information technology, and working with hospitals and physicians in the healthcare IT area. He has been consulting extensively with healthcare IT leaders regarding their preparations to meet the meaningful use requirements under the American Reinvestment and Recovery Act-Health Information Technology for Economic and Clinical Health Act (ARRA-HITECH). Ganiban spoke recently with HCI Editor-in-Chief Mark Hagland regarding some of the legal challenges that provider organizations are facing in the HITECH/meaningful use arena.

Healthcare Informatics: Where does attorney involvement come in, with regard to meeting meaningful use? Is it primarily around vendor contracts?

Jeff Ganiban: Yes, that’s correct; in fact, there is a whole slew of pieces around the HITECH Act, and around how I negotiate some protection around the incentive payments—the warranties and guarantees under the contract around vendor performance, related to the incentive payments under meaningful use. The other thing is, we get a lot of questions from our clients about meaningful use, including around the certification requirements, and around the attestation requirements. There’s a lot of misunderstanding around what the requirements are for providers and for vendors. So we spend a lot of time just answering those questions.

And there’s another piece of it, which was the preexisting piece around the relaxations around the safe harbors under the Stark regulations, in terms of physician subsidization, and the issues around physicians who are and aren’t employed by the hospital, and the different challenges they face.

Jeff Ganiban

HCI: What is the latest around guarantees in contracts with vendors?

Ganiban: There are a lot of things people are doing. And there’s a distinction between the adoption aspects of meaningful use, versus using certified vendor products. And of course, most vendors don’t want to be on the hook for adoption issues, but they’re promising to become certified, within a timeframe that would allow hospitals to get implemented. That seems to be less of a struggle; what seems to be more of a struggle is issues around stages two and three, and the consequences of not meeting elements of meaningful use at those later stages.

And for physicians, an additional issue is, what happens if you fall out of compliance as a physician, because of your vendor? For a hospital, if you fall out of compliance for one year, you can make up that loss of compliance, but for physicians, they have to be in compliance in successive years. Because what came out of the certification rule was this issue of, if you’re a meaningful user in your first year, you’ll be [a meaningful user] in Stage 1. But if you’re a later adopter, and you’re a Stage 1 user in 2013, you still have to implement technology that meets the stage 2 requirements, assuming the stage 2 requirements come out in time. The software must be certified under the most current certification requirements. And they’re doing this for two reasons: one, they don’t want to have two different standards for certification happening at the same time; and the second reason is that there may be changes over time. So that what you have to do to meet Stage 1 in 2013 could be different from what you have to do in 2011. So a lot of people are saying, OK, we got past Stage 1. But a lot of significant changes could occur during this process.

HCI: Can hospitals and medical groups put clauses into contracts requiring that their vendors become certified?

Ganiban: Yes, but it becomes complicated, because there are a lot of things that could happen over the course of certification over which they might not have control. They can guarantee certification, but getting them to guarantee the timeliness of implementation, that’s different. And then there’s the timeframe for rolling it out and adoption, and hitting that requirement for 90 consecutive days of adoption for Stage 1. The first part is easy: you can say, I will commit and covenant that I will have the product certified by a certain date.