Vendor management begins in contracting, which establishes ground-rules, ownership and accountability. If anything is unclear or not fully understood and agreed upon by both parties, you can expect conflict and greater than anticipated time allocated to righting the partnership.

The governance model I espouse is one in which the CIO is actively involved in all contracts that require IT resources or equipment to be stored in the data center’s secure and conditioned space.


From my experience, non-IT leadership read vendor contracts and sample work plans differently. For example, when the vendor presents a sample work plan that delineates task ownership, between “hospital” and ‘vendor,” non-IT leaders read this as “IT” and the “vendor.” Therefore, it is in everyone’s best interest to determine resource availablity before software delivery.

Contracting is also an opportunity to outline points of contact and escalation protocols for both sides.

An important question to answer at the outset is who owns the vendor relationship. This requires internal conversations that exclude the vendor. Criteria used in some organizations is to ask which functional business unit (FBU) will use the software. The quick test to determine is to ask who would know that the system is down and whether this system could affect workflow in other functional business units. If the answers are only this FBU, then in this model, the functional business unit manages the niche vendor partnership, whereas an enterprise system used by many would be managed by IT.

Payment leverage is an important component of vendor management, so it is important to be clear on who authorizes payment from the outset of the partnership. Because payment terms and conditions tied to vendor responsibilities are outlined during contracting, niche vendor costs are managed by the functional business unit.

From my experience, absent a model, there is unnecessary delay in remedy when vendor support is required. Unfortunately, many times, it becomes a finger-pointing exercise that damages partnerships. For example, someone in the FBU, not an identified point of contact, will call the niche vendor directly and hear that IT should address the situation, even though IT has had no prior indication for involvement. Likewise, the FBU may call the IT support center to call the niche vendor on their behalf to tell vendor support the details of the end user experience because IT owns the vendor, so no one else should have to talk to the vendor.

However, even worse than these scenarios is when the FBU just quits using the system and continues to pay out the contract and may even be unaware of automatic renew provisions.

Given IT’s familiarity and experience with contracting with multiple vendors, I would highly recommend that CIOs offer contract review support, whether or not there is any indication that the system will require IT support. Often times, IT support is implied by the vendor but overlooked by the FBU.

For example, if the system requires an interface, internet access, or a server, IT resources are required. Regardless of indicated IT involvement, the CIO can point out common clauses such as the automatic renew provisions, recommend outage escalation protocols, and help clarify ownership and accountability between the vendor and FBU.

Register or login for access to this item and much more

All Health Data Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access