The paperwork your procurement team has seen before, in the order they'll need it.
Healthcare procurement is process-driven for good reason — your CFO has signed contracts that landed on the wall of shame at the OCR breach portal. We treat the diligence walk-through with the same care your team does. Standard purchase order, contract-vehicle reseller, twelve to thirty-six month terms, BAA executed before any production data flow. We don't accept credit cards, we don't dual-source the legal terms, and we don't ask for revisions to your standard agreement unless there's a genuine conflict. The follow-up email from our team includes the few clauses we sometimes flag, in writing.
Contracting path.
Direct via standard purchase order, or via a contract-vehicle reseller. Both paths are routine. We do not accept credit cards.
Term length.
Typical contracts are twelve to thirty-six months. Multi-year terms are not required; they are a customer preference, often driven by budget-cycle alignment.
BAA.
Available on request, executed before any production deployment. The BAA exists for procurement symmetry rather than because our switch-side processing requires it.
Data-handling memorandum and subprocessor list.
Both available before signature. The memorandum specifies telemetry residency, encryption posture, retention, and the scope of what is and is not observed.
Termination and data portability.
Customer telemetry is exported on request and erased on the schedule the master services agreement specifies. The cloud-instance decommission is on CybrIQ; on-prem decommission is on the customer, with our written support.
Insurance.
Standard commercial general liability, professional liability, and cyber insurance carried at industry-typical levels. Certificates of insurance available on request.