Select a topic tab to view descriptions of our requirements and guidelines.
General
Clinical Technology
Privacy & Security Technology
Kaiser Permanente HealthConnect® Access
Contingent Workers
General
These Kaiser Permanente® Terms and Conditions for the Purchase of Goods and Services (“Terms and Conditions”) apply to Purchase Orders which incorporate by reference the Terms and Conditions - unless the parties have agreed in writing to use other terms and conditions. The Terms and Conditions also apply to written agreements which incorporate by reference the Terms and Conditions.
Kaiser Permanente requires suppliers to procure and maintain insurance coverage. These Insurance Requirements contain the minimum insurance coverage levels.
This downloadable Kaiser Permanente® Business Associate Agreement (“BAA”) applies to any supplier that has a business relationship with Kaiser Permanente that involves the receipt, creation, maintenance, access, transmission, use and/or disclosure of Protected Health Information to the extent the supplier qualifies as a business associate under HIPAA regulations and unless the supplier has entered into a separately signed BAA with Kaiser Permanente that covers this business relationship.
These downloadable Kaiser Permanente® Mutual Non-Disclosure Terms and Conditions (“NDA”) apply to transactions or interactions between a supplier/contractor and a Kaiser Permanente entity which involve the disclosure of confidential or proprietary information, unless the parties have agreed in writing to use other terms and conditions. The NDA also applies to written agreements which incorporate by reference the NDA, including, without limitation, a Mutual Non-Disclosure Letter Agreement.
Kaiser Permanente upholds high ethical standards in its business practices, and our vendors play an integral role in making this happen. The Vendor Code of Conduct contains the minimum standards by which a supplier is expected to conduct itself when providing services to Kaiser Permanente.
Each region of has their own established policies regarding interface with any pharmaceutical manufacturing representatives and/or their contracted vendors.
KAISER PERMANENTE WASHINGTON ONLY.
*For all other regions, please consult the KP National Pharmaceutical Contracting Team.
Kaiser Permanente requires suppliers to maintain and routinely test comprehensive Business Continuity Plans to ensure appropriate and timely recovery of services to Kaiser Permanente during times of business interruption. All suppliers in contract with Kaiser Permanente must provide a 24/7 contact.
If a supplier is unable to provide a Business Continuity Plan, the supplier will complete a Kaiser Permanente Business Continuity Planning and Resiliency Survey to confirm evidence of a Business Continuity Plan and understanding of their Business Continuity Program.
If Kaiser Permanente has agreed in the agreement or Statement of Work ("SOW"), as applicable, to reimburse supplier’s travel and associated expenses, then the supplier must comply with the Travel and Expense Guidelines.
Kaiser Permanente’s trademarks, service marks, trade names and logos are valuable assets, which are actively managed and protected by Kaiser Permanente. Suppliers and other third parties are not permitted to use Kaiser Permanente marks or logos without written authorization. These Non-Endorsement Guidelines contain the minimum requirements for a supplier’s use of any Kaiser Permanente marks or logos and the process by which a supplier may request this authorization.
If the supplier is providing goods or services to Kaiser Permanente that are used in a licensed or accredited health care facility, the supplier shall participate in the Kaiser Permanente Quality Assurance Program.
Supplier will comply with Kaiser Permanente’s Vendor Financial Risk Assessment Program Requirements. Supplier is responsible for responding to a request for financial information within ten business days of receipt of request.
Invoicing
In order to facilitate timely and accurate payment of invoices, Kaiser Permanente requires vendors, contractors and suppliers to comply with the Kaiser Permanente Invoice and Accounts Payable Requirements. Failure to follow these requirements may lead to processing delays or the non-payment of invoices.
Kaiser Permanente recently implemented company-wide, eInvoicing submission and is discontinuing paper-based invoicing. All suppliers transacting with Kaiser Permanente will be required to submit invoices electronically. Electronic invoice submission is the ONLY authorized channel for invoice submission to receive timely payment(s).
Clinical Technology
Clinical Technology Services include: Preventative Maintenance, Corrective Maintenance, and other related services on the medical equipment used in the monitoring, diagnosis, and treatment of the Kaiser Permanente members and patients.
Federal/CMS
Kaiser Foundation Health Plan, Inc. and its health plan subsidiaries have entered into contracts with the U.S. Government Office of Personnel Management and The Centers for Medicare and Medicaid Services that require certain federal contract provisions be made a part of any subsequent agreement with vendors, contractors and suppliers who provide services to support these Federal contracts. Each supplier providing services is required to review and, where applicable, comply with the Kaiser Permanente Federal Flow-Down Requirements
Suppliers, vendors, contractors, and subcontractors who provide services in connection with Kaiser Permanente's Medicare Part C and D plans might qualify as first-tier, downstream, or related entities (FDRs) and must follow certain compliance requirements.
The California Department of Managed Health Care Regulatory Program Requirements for vendors, contractors and suppliers contains the additional contractual provisions required by the California Department of Managed Health Care (DMHC) to be included in certain agreements between Kaiser Foundation Health Plan, Inc. and its suppliers. Each supplier providing services is required to review and, where applicable, comply with the California Department of Managed Health Care Regulatory Program Requirements.
Kaiser Permanente, as a Medi-Cal managed care contractor of the California Department of Health Care Services, must require its suppliers with access to Medi-Cal member information, to comply, with certain HIPAA Requirements. If supplier will create, receive, maintain transmit, use or disclose Medi-Cal member information, then supplier must review, and if applicable, comply with the provisions applicable to contractors in the Medi-Cal HIPAA Flow-Down Requirements.
Onboarding
If a supplier is providing services to customer, the supplier shall comply with the Background Check Requirements.
Upon request, supplier will comply with Kaiser Permanente's Drug Screening Requirements.
If a supplier is providing services at a facility in which in-person patient care is provided to Kaiser Permanente patients, then supplier will comply with Kaiser Permanente’s Health Screening Requirements.
Supplier will comply with Kaiser Permanente’s Vendor Portal Registration Program Requirements. Supplier is responsible for entering and maintaining the accuracy of their company information residing on the Vendor Portal.
Privacy & Security Technology
If a supplier will have access to Kaiser Permanente's computer system to perform services, then the supplier shall comply with the Computer System Access Requirements.
Kaiser Permanente is committed to providing access to its healthcare services, programs, and activities free from discrimination on any basis, including disability. This commitment includes ensuring the digital products and services we provide to our members, patients, and other users are accessible. The Digital Products and Services Accessibility Requirements contain the minimum accessibility requirements for suppliers of digital products and services.
Suppliers must comply with Kaiser Permanente's Data Security Requirements if supplier will be accessing, generating, processing, hosting, or storing* personally identifiable information, data, or records relating to any patient, member, employee, or contractor of any Kaiser Permanente entity. (*Examples include application management, data processing, hosting, or system integration services.)
Suppliers must comply with Kaiser Permanente's Edge Security Requirements if supplier will be supplying or supporting a device that falls into the governance of Kaiser Permanente’s Edge Cybersecurity Program, which includes medical, lab, clinical research and imaging devices, pharmacy devices, facilities automation and security systems, and IoT devices.
If supplier’s services include processing, storing, using or transmitting payment cardholder data, then supplier will comply with the Kaiser Permanente’s Payment Card Industry Data Security Requirements.
All Kaiser Permanente IT vendors, contractors and suppliers who provide IT solutions are required to comply with Kaiser Permanente's standard for quality IT solution delivery, based on the Solution Delivery Life Cycle defined framework and affiliated sub-processes.
Supply Chain
Learn more about the distribution, transportation, and packaging requirements for doing business with Kaiser Permanente.
Kaiser Permanente supports the implementation of the GS1® Device Identification System in the health care industry as the standardized system for marking medical devices with unique device identifiers. Each supplier of medical devices to Kaiser Permanente shall comply with the GS1® Healthcare Requirements for vendors, contractors, and suppliers.
This document provides suppliers with Kaiser Permanente’s requirements for submission of their medical products for clinical evaluation.
Total Health
Kaiser Permanente requires that all prospective suppliers meet certain minimum qualifications, which may vary by product and service type. All prospective diverse suppliers/service providers are required to register on our portal.
Consistent with Kaiser Permanente’s goal to improve the health of our members and the communities we serve. Kaiser Permanente requires each supplier to review and comply with the applicable provisions of the Kaiser Permanente's Environmentally Preferable Purchasing Principles and Standards.
The Healthy Picks Program defines healthy food options in food venues throughout Kaiser Permanente, including patient menus, cafeteria, vending machines, catering, conferences, smart markets, food kiosks, coffee carts, gift shops and farmers markets.
Site Access and Visitation
These updated requirements shall apply to all vendor representatives visiting any Kaiser Permanente facility within all regions. Some facilities and departments may also have their own additional requirements.
This brochure is a focused summary highlighting the key business and procurement practices supporting and enabling vendors to work effectively with Kaiser Permanente.
Kaiser Permanente HealthConnect® Access
Third party entities, including third party providers, must enter into this agreement to access Kaiser Permanente HealthConnect® through Kaiser Permanente’s Affiliate Link program. This agreement provides the terms and conditions under which Kaiser Permanente will grant such access to certain third parties.
Contingent Workers
Contingent Worker Access Termination
Vendors providing Contingent Workers, (Temporary Contractors, Independent Contractors, Consultants, Offshore Workers, Offsite Service Workers, and On-Premises Service Workers etc.) with…
Attention – Please Read
The below document(s) have been updated. To ensure compliance, please click below to view the document(s).
UPDATED – 12/4/24: Distribution and Transportation Guide