Prepare and Prevent Common Due Diligence Issues in Health IT Transactions: Legal Considerations (Part 2 of 6)November 29, 2017
Over the next few months, HGP is publishing a 6-part research series covering a range of due diligence issues that are common to Health IT and Services transactions. The 6 sections cover: Accounting and Tax, Legal, Human Resources, Operations, Intellectual Property, and Technology. In today’s edition, we are covering the Legal topics.
Prior to entering into a potential transaction, sellers should confirm the legal validity of all organizational documents (by-laws, operating agreements, shareholder agreements, etc.) as well as ensure business qualifications are valid for each jurisdiction of the operation. The corporate structure, such as a C-corp versus a partnership (LLC or S-corp), may have significant tax implications on a transaction. Buyers often prefer to acquire a partnership (or assets of a partnership) due to the tax benefits from such a transaction (for example, an S-corp taking the 338(h)(10) election), although many sellers are quick to setup as a C-corp. The tax benefit of a partnership structure may be so advantageous to a buyer that the purchase price may be 20% or more higher than an equivalent C-corp. Companies are encouraged to consult a tax advisor to ensure the most efficient tax structure. Finally, providing notice (e.g., information memorandums) and collecting signatures from shareholders may delay transactions or even force certain structures on a transaction. Taken together, the governing documents of a business should be understood well before entering into a potential transaction process.
Special contracts come in many forms, but two common pitfalls include the following: 1) reseller agreements with exclusivity, and 2) customer agreements with joint IP. Regarding the former, sellers should avoid boxing themselves into reseller agreements with a form of exclusivity that, when assigned to a buyer as part of a transaction, may limit a buyer’s ability to operate or create ambiguous IP rights. With regards to the latter, if a seller develops joint IP with a potential partner, the title and rights to that IP must be explicit for each party.
Sellers should have a form customer contract that is airtight, and whenever possible, work off that form agreement. When certain clients (government entities, large payers, or health systems) force a vendor on to their terms and conditions, sellers should try to mirror those terms as much as possible to their form contract. When forced off a form contract, companies should try to remain true to the terms and conditions of their form agreement as much as practically possible. Furthermore, all client contracts, amendments, statements of work, and business associates agreements should be well documented and archived to ensure easy and organized access to these files for due diligence. Service-level agreements and special indemnities need to be carefully considered with drafting customer contracts.
Many contracts have change of control or assignment provisions. A change of control provision requires a counterparty to provide written consent that the contract may be transferred to the buyer when the seller undergoes a change of control transaction. A facility lease is the most common example of a contract with a change of control requirement. Certain customer contracts may require a change of control provision. Assignment comes into play during an asset purchase transaction, and in these situations, all contracts must be assigned from seller to buyer. A form client contract should explicitly state that consent is not required for change of control or assignment. Contract consents often slow a transaction and sometimes add additional risk because a consent may require approaching a large customer or partner about a transaction before the transaction has actually closed.
FDA issues are somewhat minimal in the health IT market due to lack of general FDA oversight. However, clinical monitoring vendors and clinical decision support vendors should be acutely aware of FDA regulations to ensure compliance.
The majority of HIPAA non-compliance violations come in the form of covered entities that are missing business associate agreements. However, bigger issues may arise when vendors are selling demographic and clinical data. Explicit and contracted data rights are a must when vendors are monetizing customer data and protected health information (PHI). Scrubbing PHI to make sure it is de-identifiable is also a requirement. Cybersecurity and encryption methods should be implemented to de-risk HIPAA violations, and to the extent HIPAA violations have been made, full disclosure should be reported.
Shareholder disputes come in all forms. Outside of legal disputes, shareholders may also be misaligned due to the value and form of their respective securities and simply disagree about objectives. We encourage shareholders to be open and clear about their objectives prior to entering into a transaction process to address shareholder disputes before they arise and before putting too many resources into a transaction process.