Interview with a Health IT Legal Counsel

Best Practices for Legal Health IT

Scott Parker
Digital Marketing Analyst, CureMD

The following are excerpts from my interview with Sean Williams, the Legal Counsel at CureMD, a web-based EHR vendor. Health IT vendors rely on their legal counsel for understanding the policies and regulations as they develop and become law. The Health Information Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health (HITECH) Act are examples of laws that directly affect the development of EHR products and their compliance.

The role of a legal team for a Health IT vendor includes:

  • Contract Administration – Management of contracts regarding current and new clients.
  • Collections of bad debts – The legal team also ensures that collections are taken care of , in view of the agreements signed between the vendor and the client.
  • Patent infringement – In light of the stringent competition and patent laws, It Is imperative for the legal team to make sure that there are no patent infringements made by the company.
  • Proposals for new and transitioning clients – The legal team also makes proposals for clients who are transitioning from other vendors to the company.
  • Intellectual Property Rights – Properly safeguard company’s intellectual property rights.

Sean states that “First and foremost, the software should be developed according to healthcare. We also need to ensure that patient health information is stored in a HIPAA friendly and compliant environment and that there are no data breaches. If there are any breaches, then our duty is to notify those clients.”

When discussing a good contract, it should be iron clad and there should be a guarantee that there are service level provisions and non-solicitation/compete clauses. This ensures the entities do not take away the company’s clients or go to the competitors. Furthermore, the termination clause should also be properly drafted, including remedial measures.

When asked about best legal practices that Health IT vendors should adopt, this list was compiled.

  1. Data security protection provision.
  2. Term and termination clauses should be properly defined. You should ensure early termination penalties to make sure that the client fulfills his contractual obligation.
  3. SLAs: Service Level Agreements and Warranties. In consideration of server interruptions, network failures and downtime, you should compensate clients who face such issues.
  4. Level of support should be properly defined and categorized. e.g. L1, L2 and L3.
  5. Avoid Litigation. If there is a dispute; it should be resolved through mediation and arbitration. Litigation should be avoided.
  6. Patent Research. Before developing and launching any new product or technology, it is imperative to ensure that thorough patent research is conducted to determine if a similar technology is not already patented. If something like this actually happens, then you will need to redevelop and redesign or modify that technology or product to ensure that there is no patent or copyright infringement.  It is very important to patent products as soon as possible before a competitor does.

About the Author: Scott Parker is a Digital Marketing Analyst for CureMD where he is responsible for the content and writes blogs and articles related to the Health IT industry. He has developed and published white papers and worked on e-books. Contact him at