In the first part of this blog, we talked about who should be involved in the contract review process — and when, and used a real-life example to illustrate how important a proper review is for an organization, both from a legal and financial standpoint. Now, we’ll get into specifics.
If you find yourself in a contract review process, here are five key things you must understand — and address — before signing any contract.
- Organizational name – If you are a larger organization, it’s likely the contract may be with one of the business units. If so, make sure the contract is actually for them, and not for the larger organization. Getting this wrong could end up making you obligated on a scale larger than you anticipated. I have seen vendors try to slip this by in hopes that if you just “sign for the whole organization”, you can avoid the paperwork if you want to expand later. Enter that path at your own risk!
- Contract Term – Vendors would ideally like to set up a longer contract with an organization, than a shorter one. The longer they can have the contract go, the more they can accrue in sales, and the harder it is to break from them if things aren’t going well. If this is an untested product and an unproven relationship, always opt for shorter contracts. If you can get a one year contract to start, it allows you to really get to know the organization and product before you commit for more time. Of course, the vendor will bring lower prices based on the length of the contract, that this typically doesn’t pay off unless it’s an absolutely core service/application. You will want to minimize the ‘churn’ if it’s critical, so you might consider a longer contract, but never more than three years.
- Termination Conditions – Every contract needs an out. This is to protect both you and the vendor. It can turn out that a product just isn’t for you, or that the vendor isn’t going to be able to meet your requirements. In that case, walking away amicably is the best for both sides. However, this is where I tend to see things become more one-sided. A vendor will want to have as long as possible of a timeframe for you to cancel should things not go as planned. Of course, sometimes this makes sense since they will have to invest costs up front to implement their service or product. However, my experience has shown me that that longer the ‘out’ is, the more likely they aren’t confident in their ability to deliver, or have had issues in the past. I have actually seen contracts that had a six month termination clause, which only indicated to me as a CIO that they were more concerned with locking me in than delivering great service. I typically never sign a contract that has more than a 90 day termination, and prefer 30 days if at all possible.
- Liability – In the IT world, especially in healthcare IT, liability is everything. When you are dealing with confidential patient information (called Personal Health Information or PHI), losing control of this data is a tragedy, not only for the patient, but for the organization that lost it. But, in many cases, the contracts are written in such a way that the vendor isn’t liable for a breach or loss of the data. With the expansion of HIPAA Privacy Rules legislation in 2013, if you are sharing sensitive patient information with a vendor, they can be held just as liable as you. Unless, of course, you sign that liability away. Never approve a contract where the liability is completely, or mostly, one-sided, and the vendor can excuse their liability in the case of a loss. This is one area, if you aren’t clear on what wording means, you need to lean on your legal counsel to help make sure you understand the liability. (Lean on those relationships you’ve already developed as suggested above!)
- Deliverables – This is where you will really earn your keep in the contracting process. While not typically intentional, vendors have the tendency to move fast, and end up forgetting some key deliverables, interfaces, hardware or other important items. Spend the majority of your time here, and make sure you understand what they are, and are not, delivering with this contract. If in doubt, talk with the vendor and hammer out the details. Nothing hurts worse than having to go back and ask for more money when key items weren’t included in the first contract. It’s easy to let this slide, especially when the business unit is breathing down your back to approve the contract, but move fast at your own peril.
I know there are likely some of you from the vendor side reading this thinking that it’s all one-sided, and gives the impression that vendors aren’t honest, only wanting to make a sale. Please don’t read that in this post. However, any time two people, or organizations, come together, there are opportunities to have misunderstandings, missed expectations, and disagreements. This is only made worse when money is changing hands. As a CIO, or any leader who has to be involved in the contracting process, it’s critical you take your time and do what you can to make sure your organization is protected.
What other key items have you found to be important to review when entering the contracting process?