Negotiating Dental Cloud Contracts

Choosing to go with cloud storage offers a number of benefits and time-savings for dental, hospital and ambulatory groups. However, it come with an added negotiation, that of the contract for cloud storage. Pam Baker provides an article assessing common “gotchas” in those contracts, things to avoid. Her article is summarized here, and referenced below. As she puts it,

“A clause can reach out and seize the savings. A phrase can rob you of anything beyond the faintest resemblance of agility and versatility.”

These contracts are given to the customer by the service provider, as a condition of service. However, they are written specifically to protect the service provider–not the dental practice. It takes attention to detail and an eye for legal language to pick apart and understand a cloud contract, to make sure data are accessible, protected and transferable. One big tip Pam Baker provides is to never sign an NDA to look at a contract. Contracts should be transparent, available for all potential customers–which means the public. If they aren’t, that means the company is concerned that all is not as it should be. Dental practices should be concerned, too.

Another key language tip that Pam Baker provides is to consider the contract in terms of what it means for your usability. A 99.9% server uptime on the cloud side doesn’t mean anything if your dentists and doctors can’t rapidly access data. Server uptime does not correlate directly to speed of access, so adding clauses about delivery and customer use guarantees are vital: “end-user performance is the only meaningful measure of the overall system health.”

For healthcare, two of the recommendations of things to avoid in the article are especially critical:

“[Avoid contracts where] anything allowing the cloud service provider to disclaim any and all liability for violations of state or federal privacy laws…Provisions that shift the responsibility to compliance with applicable law to the customer.”

The legal and financial ramifications of those statements are obvious to healthcare professionals, so avoid any contract that shifts all responsibility for legal protection back on your organization.

Pam discusses general cloud contracts, calling out the very poorly written Amazon contracts–which customers may not modify. However, healthcare cannot afford such looseness in legal liability. Negotiating and expecting that service provisions will guarantee usability, transparency and access is essential to using the cloud for healthcare.

Lessons Learned:

  • Service Level Agreements (SLAs) for cloud computing are written to protect the provider, not the customer.
  • Reframe and consider contract terms for your usability and needs–get guarantees for the kind of service you need.
  • Cloud computing is still an emerging field, and many of the contracts are poorly written, so do not accept them without thorough review.
  • Never sign an NDA to look at a contract; contracts should be transparent to all potential customers.

Baker, Pam. (2011) “How to Avoid SLA ‘Gotchas’ in the Cloud.” CIO Update.