Kristy Boldt

How to Choose the Right Hospital IT Outsourcing Firm: Vetting Vendors

August 19, 2020

Healthcare IT, IT Outsourcing 14 Minute Read

With hospitals forced to layoff or furlough workers during these turbulent times, some are turning to healthcare IT outsourcing to fill the gaps. When done right, outsourcing IT can help provide greater business scalability, agility and resilience.

According to a 2017 Black Book Survey, most hospitals are already outsourcing one or more IT functions. Yet only 10 percent of hospitals say their outsourcing vendors have exceeded expectations; and nearly 40 percent are flat out dissatisfied.

What is abundantly clear from the Black Book survey is that inadequate vetting was a key factor in hospitals’ dissatisfaction with their outsourcing vendors’ performance. 

Vetting vendors is vastly different than vetting new software: you will have no demos to review, and complex factors must be explored that may strongly impact costs and returns.

Here we detail best practices in vetting vendors to prevent expensive, erroneous decisions. 

Factors that contribute to hospitals’ dissatisfaction with their outsourcing vendors

Many Black Book survey respondents said the following mistakes contributed to rocky and even poor outsourcing experiences:

hospital IT outsourcing award
  • A strategic mistake in the choice of outsourced services.  Some hospitals outsourced functions they could have managed just as cost-effectively (or more so) with better internal leadership and perhaps some temporary external consulting guidance.
  • Unrealistic expectations about the services they were actually purchasing and misunderstanding of the full costs. This was exacerbated by poorly defined scope of work and consequent insufficient documentation of contract scope, including concrete standards (e.g. SLAs, objectives and reporting). In the end, some hospitals have had to pay extra for essential services that contracts didn’t address.
  • Mistakes in vetting that resulted in selection of the wrong vendor for the job. Some hospitals have chosen vendors on the basis of personal relationships, discounted “deals” offered by their EHR vendors (who have moved aggressively into the outsourcing market), and/or flawed vendor evaluation.
  • Mistakes in not managing the vendor effectively.  In some situations, the vendor may not have delivered the quality and quantity of service expected, or the work (and billing) expanded beyond the original scope. In other situations, hospital leadership didn’t implement effective reporting procedures, or provide a strong, involved oversight executive.

8 Tips: How to Do Healthcare IT Outsourcing Right

If you are thinking of joining the 75% to 80% of hospitals doing some form of IT outsourcing, here are some tips on how to do it right.

1. Resist automatically bundling your outsourcing solution with your EHR solution. 

An EHR vendor-based outsourcing team answers primarily to its vendor employer because the EHR is the big money maker here. When the EHR vendor throws IT department outsourcing into the deal it can can be very enticing.

Some hospitals have been satisfied with such an arrangement, but in our experience those who have not have often been the victim of a conflict of interest. If your hospital is locked into a five or seven year contract with an EHR vendor, its on-the-ground outsourcing team may prefer addressing the hospital’s EHR issues, while neglecting your other systems. The team’s incentives to provide superlative overall IT services are few; while the incentives to meet the EHR vendor’s profit objectives are many. 

Unless your executive procurement team assembles a very strict contract including SLAs that address all the IT functions to be outsourced, an EHR vendor-based outsourcing team may provide only basic service delivery (e.g. general IT oversight, solving relatively minor issues, answering your service desk calls for X dollars), and little leadership related to the hospital’s long-term strategic issues (especially if they don’t relate to the EHR).

2. Undertake the necessary research to identify vendors with strong, successful experience in hospital IT outsourcing. 

Assign one knowledgeable staff member with good judgment to do a diligent job and report specifics back to your leadership.

This is a good time to value the internet: search for “hospital IT outsourcing,” “hospital IT outsourcing reviews”, and/or “hospital IT outsourcing awards”. We are not affiliated with nor do we advertise on Black Book but it is an excellent resource to utilize, because its reports are unbiased, current, and unlike some ratings firms, vendors do not have to pay to be reviewed. Black Book awards are based on a variety of specific criteria, used in reference-oriented interviews with numerous hospital clients of outsourcing vendors who qualify for the study.

Talk to consultants you know and hospital leaders who have used IT outsourcing solutions. Seek out potential candidates on LinkedIn. Look for press releases on recent signed contracts; typically the bottom few lines will indicate the firm’s capabilities and experience. You may also want to consider the RFP route if your hospital can afford the time and extra costs.

The industry is filled with consultants and local IT service firms who want to get on the hospital IT outsourcing bandwagon, but they either don’t understand how much more demanding outsourcing is than consulting or consider it a body-shop contract, i.e. a few (unsupervised) FTEs for 5 years.

The riskiest scenario is outsourcing a hospital function to a company that has little or no hospital experience and has not kept up with new technologies or industry issues such as compliance, security, value-based revenue changes, and healthcare-focused technology solutions. Knowledge of the interconnections between IT, clinical care and business workflows is essential for a successful outsourcing relationship.

The above point holds true whether you are outsourcing just one function or many. Service desk and security firms are a great example: despite how many clients they have in other industries, they should be experienced with hospital patient care and revenue cycle environments, and their unique privacy and security considerations. In a full IT department outsourcing arrangement, the leadership of an accomplished hospital IT Director or CIO who is assigned by the vendor to be the site executive is critical. The best firms also offer a backup team of support specialists (e.g. security experts), when needed, who can come in to resolve new issues or develop strategies for new technology initiatives.

3. Once you’ve identified potential candidates who at least pass the telephone call test, vetting them will require intensive onsite meetings that include hospital leaders and stakeholders

The potential candidates will view the visit as a sales presentation, but you can mitigate this approach by authoring an agenda that approximates a job interview. Providing a list of questions in advance will help you cut to the chase. While this suggestion may sound obvious and basic, most hospitals do not take this extra step and get water-logged by lengthy, aggressive vendor presentations that focus primarily on the vendor’s interests and generic services.

vetting vendors

4. Determine if potential candidates have demonstrated high performance standards, and will work with you to develop a clear scope of work and strong SLAs.

Such firms will proactively help you improve your IT environment and systems performance.  In a complex engagement, e.g. outsourcing of the entire IT department, it may be difficult to identify 100% of key performance indicators upfront. If the project is simpler, e.g. outsourcing one IT function such as service desk, an experienced hospital service desk outsourcer should easily be able to agree on SLA specifics. Regardless, SLAs and stringent reporting should be a foundation of any final agreement and intrinsic to a documented scope of work. If some of those needed standards are initially illusive, insist on certain best practices such as strong change management and project management methodologies.

Outsourcers who are committed to industry best practices like ITIL (Information Technology Infrastructure Library) standards and PMI project management standards are best positioned to meet quality results that your hospital needs. Once the vendor has worked with you for a few months and is well acquainted with its environment, SLAs should be revisited, updated, and perhaps expanded. Your original contract agreement should provide for such necessary revisions.

5. Be forthcoming about your hospital’s IT challenges, and then determine if the outsourcer has solutions that will offer ROI.

We’ve seen hospitals initially downplay communication about the challenges they face in an attempt to keep costs down (or even save face). Part of defining the scope of any outsourcing engagement is identifying all of the hospital’s IT challenges and expectation of customized strategies throughout the outsourcing engagement.

Being as transparent as possible upfront will directly impact the effectiveness of the short- and long-term planning that the outsourcer will undertake in coordination with your hospital’s leaders. It also will clarify your potential cost-savings and other ROI objectives to the outsourcer. You may not get every saving you dream of, but an ROI-sensitive outsourcer will work with you. Be wary of any “up playing” of the challenges by vendors you are interviewing, who may be looking to add an extra service or FTE here or there to push up revenues.

A special note: Always include discussions of potential security issues in your discussions. If a vendor cannot detail its preventative and response capabilities to security risks in its area of expertise, contracting with the firm could increase your hospital’s vulnerability to the many varieties of cyber crime that are proliferating today. Poor security risk mitigation could interfere with patient care or even cause an organizational shutdown.

6. Do multiple reference checks of the outsourcing vendor candidates that make it to your top three front runners.

Of the hospital clients your vendors offer as references, make sure you talk with senior executives (CFOs, COOs, CEOs, CMOs) of three or four hospitals. Take care not to limit your discussion to the CIO; even if he or she works for the hospital (not the outsourcing vendor); a potential conflict of interest may influence responses. After all is said and done, the in-house CIO may be seen by management as the party responsible for their current outsourcers’ performance and may be defensive.

Insist on talking to hospitals that have had multi-year experience with the vendor. Often the first year of an outsourcing partnership is a “honeymoon” period that will prevent the hospital from offering a balanced report. A relationship of years will be a more reliable measure of performance. Time should not have taken a toll on the outsourcer’s performance; in fact the opposite should be true. Outsourcers should have created, maintained and grown a stable, more productive IT departmental environment. They should have improved user satisfaction, increased the efficiency and success of systems implementations, saved the hospital money, reduced IT security incidents, offered value-added via offering new solutions, and fit seamlessly into the hospital’s culture. Take the time to ask for examples of successes and failures.

It is critical to determine if the hospital’s outsourcer has consistently met or exceeded the terms of its SLAs. We have frequently observed that SLA performance may be a top priority early in an engagement, but if vendor site executives are replaced in succeeding years, and as hospital leaders focus on other operational areas, SLAs lose attention. The outsourcer should have provided detailed regular SLA performance reports and be able to provide you examples. Your contract should include SLA reporting requirements.

7. As you get closer to a final decision, make sure you have buy-in from the hospital’s leadership and major stakeholders.

Plan to answer difficult questions on how the outsourcing plan and the favored vendor will specifically benefit the organization, minimize transitional disruption, and strategically partner with leadership to support the hospital’s long term objectives. Arrange face to face meetings between your executives and key vendor representatives.  Your organization needs to be prepared and, ideally, enthusiastic about the plan before you move into contract negotiations.

8. Choose a partner, not just a vendor — a firm you trust, with leadership that you trust, and that shares your hospital’s culture and values.

What’s the difference?   A vendor provides basic service delivery, e.g. answering your service desk calls for X dollars. A genuine partner is committed to achieving much more — to proactively help you improve your IT operation and its organizational impact. It looks for new and better ways to continuously improve your users’ experience, the overall quality of performance, and cost-effectiveness. The genuine partner is committed to the hospital’s successes, and experiences the hospital’s successes as its own — and will work with your leaders you at this strategic level. These folks are not nine-to-fivers; this is a group that cares, and goes two or three extra miles if needed. A successful outsourcing partnership is built on trust. 

Make sure you meet the potential site executive, IT Director or CIO who is being offered and see his or her credentials. Do you feel comfortable with this person? You should.

Insist on a clear and detailed transition-in plan including a well-timed employee communication strategy and schedule; hospital employees typically feel threatened or worried about how an outsourcing plan will affect their jobs. An experienced outsourcing firm will understand this, and will be able to ensure a smooth transition.

Watch for nickel and diming. No matter how thorough you are in defining services, unexpected problems will arise, and your outsourcing contract should accommodate most if not all of them. The healthcare operating environment is too complex, and the future too fluid to lay out every potential situation in advance.  It’s critical that both parties know they can work together amicably to define how new factors will fit into the scope of the relationship.

If you’re considering a long and expensive contractual agreement, take the face-to-face time needed to establish trust and determine the potential for a synergistic long-term relationship. Buying software or hardware through email and telephone may work well enough, but a multi-year IT services contract involves people — yours and the vendors’ — everyday. You must be able to get along well and benefit from mutual respect.


If you’d like to discuss your hospital’s IT challenges, have any questions answered, or request a proposal, please contact us.

Request Consultation ⇒

About Phoenix HealthA division of Medsphere, Phoenix is a vendor-independent hospital IT outsourcing company. specializing in hospital IT outsourcing for over 25 years. We have worked with over 100 hospital clients, large and small. Phoenix’ greatest outsourcing accomplishments have been with clients where we took over entire IT departments with a myriad of failing projects, and turned them around. Many clients have regularly renewed their relationships with us. We also have many clients to whom we provide excellent remote and onsite network and PC support, as well as world-class onshore hospital IT service desk that includes clinical systems support to clinicians.

One brief note: why is Phoenix qualified to offer you IT outsourcing “best vetting practices?” Very simply, Phoenix Health was rated #1 by Black Book, among non-EHR-centric IT outsourcers,  as a result of its poll of 1,600 IT outsourcing users and its reference discussion with hospital clients. In over 25 years, we’ve enjoyed successful outsourcing partnerships with hundreds of hospitals.

Related Posts