General Consultant Discussion

I'm being asked again to sign a Business Associate Agreement by a company which is subject to HIPAA compliance. While I don't have a problem with such requests I am increasingly feeling that: a. High security / HIPAA customers must have a separate higher fee for annual support to account for the agreements, as well as the inevitable security lockdowns (the top creator of support problems for installs) and delays in getting someone with administrative rights to assist in support matters. As I discussed previously I had a banking customer at the 11th hour ask for a criminal background check before they would look at the 5th proposal that they'd asked me to submit for a tiny 4.3 to 2013 upgrade. No problem whatsoever with any of these requests. My main issue is that they must all carry additional fees. Some of what I'm starting to see happening (partly because I've let it) is akin to a passenger booking the cheapest airfare possible then getting on the plane and demanding that they be the only one in the row, be served a hot meal and get their own private bathroom. Those things can all happen - but you have to fly first class not get on the plane with a cheap ticket and then demand them... b. I'm not all that sure remote support for GLAP falls under ""protected health information"". I'm increasingly wary about signing legal agreements - some of which include hospitals or other large corporate entities without being somehow compensated for the additional risk involved - no matter how small.

I can tell you our Disaster Recovery provider has a separate price list for HIPAA customers. They had to spend millions getting certified (I know that's the wrong legal word) and it costs them a lot more to do business in that environment. Just like if you want to buy a plumbing part that's used in nuclear power plant it costs way more than the identical part for your sink. Did you know airlines pay $15,000 for EACH seat video system due to all the FAA requirements and certifications?

How are you considering approaching this? Adding a flat line item price (and specifically calling it out) or building it in to the fixed price?

I'm thinking of having a separate annual support fee for high security customers - mainly banks and HIPAA. My experience is they do require a lot more wait time, planning and the bugs that appear are often the result of rights issues. Seems reasonable for them to pay a higher rate.

We have an additional line detailing the additional expense for the number of integrations, enhancements, etc. Are you thinking about adding an additional line or creating an entirely separate agreement?

Yes it sounds as if I have a similar line. I've found that many of the people who were ""really eager"" to join a support plan had configurations (# of users, # of companies, enhancements) which they knew were more expensive to support and required more resources. Here's what I use as a standard support agreement. I JUST added the high security/HIPAA portion. Of people who randomly contact me via the web - easily 95% will walk away when they learn they can't pay per minute (or ask a free quick question). I find supplying them with a link to our plan is a good way to let them self-qualify. I'll usually stop them on the phone (if I even pick up) and tell them that I should first send them our plan. https://docs.google.com/a/s-consult.com/document/d/1U8kubJ1HIrVUTl-RjJ8OTAosdwKmuusUxoy5POwe79w/edit?hl=en_US