RSS

Tag Archives: self Hosted

Epic Community Connect and SPLA

The healthcare community has increased concerns with the way they have deployed (and licensed) their electronic medical record (EMR) software such as Epic Community Connect and others.  As a reader of this blog, you know that when you deploy software for the benefit of a third party (non employee) SPLA must be part of the conversation.  The only exception to this rule is if you actually own the code to the software you are hosting.  In other words, if you developed the software, you can use your own volume licenses to host your software.  If you host a third party software (such as Epic) you must license this in SPLA.   In most cases, many healthcare companies do not own the application, but lease it from the EMR vendor.

Rewind a few years and let’s pretend you are a large hospital who partnered with Epic to provide best in class patient record management for your clients, doctors, and other clinics. Your Epic deployment resides on a Windows Server, SQL Server, and RDS.  As the IT director, you purchased several server licenses and hundreds of Client Access Licenses (CAL) to cover all the external users.  You think you are covered; no one mentions you need to license this via SPLA.  Your reseller didn’t tell you, Microsoft didn’t tell you, and for that matter the vendor didn’t tell you.  You think all is well based off the information you received.  Fast forward 3 years and your volume licensing agreement is up for renewal.  Someone on the licensing side informs you that you shouldn’t true-up licenses or renew your agreement under volume licensing, you need to license SPLA.  You think that’s fine, if you must license under a different program who are you to argue. But what about all those license you already purchased and own?  Unfortunately, you cannot return them, you must allocate those internally.  You think to yourself that’s fine, except for one minor detail…. you purchased hundreds of CALs and you do not have hundreds of employees; those license you own are essentially worthless.  On top of everything else, you just received an audit notification.

Why would they receive an audit notification?  Once a vendor recognizes you have been under-licensed, the vendor might want to dig in deeper to see how long you have been out of compliant and if you purchased enough licenses to cover all the users.  In 90% of all audits, the customer is under-licensed.  Now you own licenses you don’t need, but should’ve purchased more because you don’t own enough licenses to cover all external users initially.  The vendor will want you to pay the delta of what you should’ve paid under SPLA and what you purchased under volume licensing (plus an audit fee).

If you are a healthcare provider and have been notified by Microsoft or any other vendor, please contact us.  We have found that in many cases the licenses report is not always 100% accurate.

Thanks for reading,

SPLA Man

 
Leave a comment

Posted by on October 12, 2016 in Compliance, EMR Software, Self Hosted

 

Tags: , , , , , , , , , , , , , , , ,

Self Hosted Rights and Office

The other day I was on a call with a customer who developed a financial application that takes a customer’s information and then reports it back from Excel.  The goal would be to have it deployed via a web browser, possibly using SharePoint.  Immediately I thought of Office Web App.  Browser based, users could not only read it but edit it as well, sounds like a perfect fit  What about the licensing?  Since this is their own Intellectual Property (IP) I thought of the self hosted rights for volume licensing.  SPLA might be too expensive since users could not be tracked. This is where we got stuck. 

Self hosted is a software assurance benefit. It allows volume licensing customers to host their application that runs on Microsoft technology to third parties. I included the terms and conditions directly from the Product Use Rights (PUR) at the bottom of this post (in case you are really bored) but in my opinion this will allow developers to continue to build their applications and utilize volume licensing that offers the greater discount.

As a SAM manager, I was engaged by the customer to review both past and current licensing.  Since this was a new offering, nothing was licensed or even deployed yet.   Whew…Rule #1 – before building a datacenter make sure the solution fits the licensing. Secondly, this is being provided as a service, not simply allowing external users to access.

What did we advise? In order for a solution to qualify as “self-hosted” all applications must be self hosted eligible. Unfortunately, Office does not qualify. Ugh. There goes that option. Now we must look at SPLA for everything (one unified solution as defined in the PUR). The problem with SPLA is you must license Office STD or PRO to enable Office Web Apps. To add more complexity, Office in a server environment is licensed by user (SPLA) Since user count is expected to be very high, this does not seem to be an economical solution. What I proposed was to get rid of Office. That’s right, I recommended they remove it from the solution and use Open Office. The solution worked and met the compliance guidelines set forth by Microsoft.

In conclusion, I hated my recommendation but went with it in order to be compliant. Microsoft Office is a superior product to “Open Office” If only Microsoft would allow Office to be self hosted eligible, I think it would benefit the service provider, Microsoft, and more importantly the end customer.

Bottom line- make sure if you have your OWN application (not license someone else’s) and you decide to use volume licensing to host, make sure all software is eligible or risk BIG compliance risk.

Thanks for reading.

SPLA Man

From the PUR
You must have the required Microsoft licenses and maintain Software Assurance coverage for:
• the Self-Hosted Applications run as part of the Unified Solution; and
• all access licenses used to make the Unified Solution available to external users (See Universal License Terms, Definitions).
All Microsoft software used to create and deliver the Unified Solution must:
• be licensed through a Volume Licensing program that is subject to these license terms (e.g., Enterprise Agreement, Select Plus Agreement, Open License Agreement) and not any other (e.g., Services Provider License Agreement, Independent Software Vendor Royalty License and Distribution Agreement); and
• be marked as ‘Yes’ for ‘Self Hosting of Applications Allowed’ in these license terms
Your software must:
• add significant and primary functionality to the Self-Hosted Applications that are part of the Unified Solution (dashboards, HTML editors, utilities, and similar technologies are not a primary service and/or application of a Unified Solution);
• be the principal service and/or application, and sole point of access, to the Unified Solution;
• be delivered over the Internet or a private network from your datacenter to end users. The Self-Hosted Applications component may not be loaded onto the end user’s device; and
• be owned, not licensed, by you, except that your software may include non-substantive third party software that is embedded in, and operates in support of, your software.

 
Leave a comment

Posted by on February 4, 2014 in Compliance, Self Hosted

 

Tags: , , , , , ,

 
%d bloggers like this: