Health Information Compliance Alert

Published on Fri Nov 04, 2016 PDF

Beware the ‘kill switch.’

Think you have what it takes to negotiate a contract that holds an EHR vendor’s feet to fire — and not get burned yourself? Think again.

The EHR contract that your vendor wants you to sign may be downright Byzantine. Worse, it may contain clauses that result in data blocking and other practices that limit your opportunities to use your EHR to deliver safer and more efficient care.

If you carefully negotiate your contract, you can avoid problems implementing and using your EHR. Careful negotiation also sets the stage for a more informed and balanced relationship between you and your EHR vendor.

Help Is Here

More often than not, the most frustrating problems with EHR systems sometimes arise not from the software itself but from bugs in the sales contract that may allow a vendor to remain unaccountable for excessive system downtime, lock physicians out of their patient data during a payment dispute, and prevent physicians from sharing information about any software troubles with a patient safety group.

So what’s a busy physician or harried health care administrator to do?

Rest easy: A handy new guide from HHS’ Office of the National Coordinator for Health Information Technology has arrived to help physicians and hospitals cut the best EHR systems deal possible — and to avoid pitfalls like the ones listed above. ONC’s EHR Contracts Untangled: Selecting Wisely, Negotiating Terms, and Understanding the Fine Print [https://www.healthit.gov/sites/default/files/EHR_Contracts_Untangled.pdf) aims to help practices understand and communicate their EHR requirements to potential software vendors, facilitate effective negotiation of contract terms, and better manage potential risks.

Avoid the Standard Runaround

As they move to seal the deal, some EHR vendors present providers with a “standard-form” contract. Now, “standard” may sound reassuring and simple, but these forms can be full of provisions that give physicians — not to mention their patients — the raw end of the deal. ONC’s guide identifies problematic boilerplate and offers replacement terms that physicians should seek to include in the final contract.

Example: Look out for any language that allows an EHR vendor to use a so-called “kill switch” to block patient data or even terminate the service over nonpayment or other contract issue.

Careful: While some contracts may omit this language, some vendors may feel free to trigger the kill switch anyway. A well-negotiated contract will protect you — and your patients’ health information records.

Don’t Get Gagged

Beware of “gag clauses” tucked inside a standard-form contract. Provisions of this sort prevent physicians from sharing EHR usability or safety issues with third parties or criticizing the product among their peers.

To sidestep instances like this, ONC recommends rewriting the standard-form contract to allow disclosures about software problems for the sake of patient safety, quality improvement, and public health, including “the reporting of EHR-related adverse events, hazards, and other unsafe conditions” to government agencies, patient safety organizations, and the like.

OCR and ONC have for some time been concerned with “information blocking,” says attorney Brenda N. Laigaie of Wade, Goldstein, Landau & Abruzzo.

“Information blocking is the practice whereby entities or individuals impede the exchange or use of electronic health information, contrary to the goals of the HIPAA and HITECH Acts,” Laigaie tells Health Information Compliance Alert. To address this issue, OCR has published guidance on the relationship between covered entities and business associates to help ensure that covered entities maintain access to protected health information, Laigaie explains.

Bottom Line: The OCR has put the onus on covered entities to understand fully the terms and conditions of the agreements that they enter into, not only with business associates, but with electronic health record vendors as well. This step supports the goals of the ONC under the HITECH Act, Laigaie says.

By Hell or High Water

It should go without saying, but good contracts also should hold vendors accountable when it comes to their responsibilities toward the customer.

For example, providers should insist on a warranty that commits the vendor to limit the amount of scheduled and unscheduled downtime. That is, you should have access to your EHR when you need them. Likewise, vendors — particularly cloud-based EHR vendors — should agree to maintain a disaster recovery plan that provides for data backup when a natural disaster such as a flood or tornado destroys a main server.

Ensuring patient data is available to clinicians — and patients — when and where it is needed can improve coordination among providers, prevent duplicative appointments or diagnostic tests, and decrease costs to patients and the overall health care system.

In addition to the contract guide, ONC has also released another new resource. The Health IT Playbook is an online tool that features user-friendly resources that can help providers use HIT in a way that best serves them and their patients, including supporting transitions to alternative payment models. To read the playbook, go to https://www.healthit.gov/playbook/.