General

Business Associate Agreement
This downloadable Kaiser Permanente Business Associate Agreement (“BAA”) applies to any supplier that has a business relationship with Kaiser Permanente that involves the receipt, creation, maintenance, access, transmission, use and/or disclosure of Protected Health Information to the extent the supplier qualifies as a business associate under HIPAA regulations and unless the supplier has entered into a separately signed BAA with Kaiser Permanente that covers this business relationship.
Learn more »
Mutual Non-Disclosure Terms and Conditions
These downloadable Kaiser Permanente Mutual Non-Disclosure Terms and Conditions (“NDA”) apply to transactions or interactions between a supplier/contractor and a Kaiser Permanente entity which involve the disclosure of confidential or proprietary information, unless the parties have agreed in writing to use other terms and conditions. The NDA also applies to written agreements which incorporate by reference the NDA, including, without limitation, a Mutual Non-Disclosure Letter Agreement.
Learn more »
Vendor Code of Conduct
Kaiser Permanente upholds high ethical standards in its business practices, and our vendors play an integral role in making this happen. The Vendor Code of Conduct contains the minimum standards by which a supplier is expected to conduct itself when providing services to Kaiser Permanente.
Learn more »
Kaiser Permanente Washington Pharmaceutical Vendor Information
Each region of has their own established policies regarding interface with any pharmaceutical manufacturing representatives and/or their contracted vendors. KAISER PERMANENTE WASHINGTON ONLY. *For all other regions, please consult the KP National Pharmaceutical Contracting Team.
Learn more »
Business Continuity Plan
Kaiser Permanente requires Suppliers to maintain and routinely test comprehensive Business Continuity Plans to ensure appropriate and timely recovery of services to KP during times of business interruption. All Suppliers in contract with KP must provide a 24/7 contact.
Learn more »
Business Continuity Planning and Resiliency Survey
If a Supplier is unable to provide a Business Continuity Plan, the Supplier will complete a KP Business Continuity Planning and Resiliency Survey to confirm evidence of a Business Continuity Plan and understanding of their Business Continuity Program.
Learn more »
Travel and Expense Guidelines
If Kaiser Permanente has agreed in the agreement or Statement of Work (SOW), as applicable, to reimburse supplier’s travel and associated expenses, then the supplier must comply with the Travel and Expense Guidelines.
Learn more »
Non-Endorsement Guidelines
Kaiser Permanente’s trademarks, service marks, trade names and logos are valuable assets, which are actively managed and protected by Kaiser Permanente. Vendors and other third parties are not permitted to use Kaiser Permanente marks or logos without written authorization. These Non-Endorsement Guidelines contain the minimum requirements for a vendor’s use of any Kaiser Permanente marks or logos and the process by which a vendor may request this authorization.
Learn more »
Quality Assurance Program
If the supplier is providing goods or services to Kaiser Permanente that are used in a licensed or accredited health care facility, the supplier shall participate in the Kaiser Permanente Quality Assurance Program.
Learn more »

Invoicing

Invoice and Accounts Payable Requirements
In order to facilitate timely and accurate payment of invoices, Kaiser Permanente requires vendors, contractors and suppliers to comply with the Kaiser Permanente Invoice and Accounts Payable Requirements. Failure to follow these requirements may lead to processing delays or the non-payment of invoices.
Learn more »
Electronic Invoicing (eInvoicing)
Kaiser Permanente recently implemented company-wide, eInvoicing submission and is discontinuing paper-based invoicing. All suppliers transacting with KP will be required to submit invoices electronically. Electronic invoice submission is the ONLY authorized channel for invoice submission to receive timely payment(s).
Learn more »

Clinical Technology

Clinical Technology Services
Clinical Technology Services include: Preventative Maintenance, Corrective Maintenance, and other related services on the medical equipment used in the monitoring, diagnosis, and treatment of the Kaiser Permanente members and patients.
Learn more »

Federal/CMS

Federal Flow-Down Requirements
Kaiser Foundation Health Plan, Inc. and its health plan subsidiaries have entered into contracts with the U.S. Government Office of Personnel Management and The Centers for Medicare and Medicaid Services that require certain federal contract provisions be made a part of any subsequent agreement with vendors, contractors and suppliers who provide services to support these Federal contracts. Each supplier providing services is required to review and, where applicable, comply with the Kaiser Permanente Federal Flow-Down Requirements
Learn more »
FDR Requirements
Suppliers, vendors, contractors, and subcontractors who provide services in connection with Kaiser Permanente's Medicare Part C and D plans might qualify as first-tier, downstream, or related entities (FDRs) and must follow certain compliance requirements.
Learn more »
CA Department of Managed Health Care Regulatory Program Requirements
The California Department of Managed Health Care Regulatory Program Requirements for Vendors, Contractors and Suppliers contains the additional contractual provisions required by the California Department of Managed Health Care (DMHC) to be included in certain agreements between Kaiser Foundation Health Plan, Inc. and its suppliers. Each supplier providing services is required to review and, where applicable, comply with the California Department of Managed Health Care Regulatory Program Requirements.
Learn more »
Medi-Cal HIPAA Flow-Down Requirements
Kaiser Permanente, as a Medi-Cal managed care contractor of the California Department of Health Care Services, must require its suppliers with access to Medi-Cal member information, to comply, with certain HIPAA Requirements. If supplier will create, receive, maintain transmit, use or disclose Medi-Cal member information, then supplier must review, and if applicable, comply with the provisions applicable to contractors in the Medi-Cal HIPAA Flow-Down Requirements.
Learn more »

Onboarding

Background Check
If a supplier is providing services to customer, the supplier shall comply with the background check requirements.
Learn more »
Drug Screening
Upon request, supplier will comply with Kaiser Permanente's drug screening requirements.
Learn more »
Health Screening Requirements
If a supplier is providing services at a facility in which in-person patient care is provided to Kaiser Permanente patients, then supplier will comply with the Kaiser Permanente health screening requirements.
Learn more »

Privacy & Security Technology

Computer System Access
If a supplier will have access to Kaiser Permanente's computer system to perform services, then the supplier shall comply with the computer system access requirements.
Learn more »
Web-Based Products and Services Accessibility Requirements
Kaiser Permanente is committed to providing access to its healthcare services, programs, and activities free from discrimination on any basis, including disability. This commitment includes ensuring the web-based products and services we provide to our members, patients, and other users are accessible. The Web-Based Products and Services Accessibility Requirements contain the minimum accessibility requirements for Suppliers of web-based products and services.
Learn more »
Data Security Requirements
Suppliers must comply with Kaiser Permanente's Data Security Requirements if supplier will be accessing, generating, processing, hosting, or storing* personally identifiable information, data, or records relating to any patient, member, employee, or contractor of any Kaiser Permanente entity. (* Examples include application management, data processing, hosting, or system integration services.)
Learn more »
Edge Security Requirements
Suppliers must comply with Kaiser Permanente's Edge Security Requirements if supplier will be supplying or supporting a device that falls into the governance of Kaiser Permanente’s Edge Cybersecurity Program, which includes medical, lab, clinical research and imaging devices, pharmacy devices, facilities automation and security systems, and IoT devices.
Learn more »
Payment Card Industry Data Security
If supplier’s services include processing, storing, using or transmitting payment cardholder data, then supplier will comply with the Kaiser Permanente Payment Card Industry Data Security Requirements.
Learn more »
Solution Delivery Life Cycle Requirements
All Kaiser Permanente IT vendors, contractors and suppliers who provide IT solutions are required to comply with Kaiser Permanente's standard for quality IT solution delivery, based on the Solution Delivery Life Cycle (SDLC) defined framework and affiliated sub-processes.
Learn more »

Supply Chain

Distribution and Transportation Guide
Learn more about the distribution, transportation, and packaging requirements for doing business with Kaiser Permanente.
Learn more »
GS1® Healthcare Requirements for Vendors, Contractors and Suppliers
Kaiser Permanente supports the implementation of the GS1® Device Identification System in the health care industry as the standardized system for marking medical devices with unique device identifiers. Each supplier of medical devices to Kaiser Permanente shall comply with the GS1® Healthcare Requirements for vendors, contractors, and suppliers. Learn More.
Learn more »
Rules of Engagement for Product Evaluation
This document provides Kaiser Permanente requirements for vendor submission of their medical products for clinical evaluation.
Learn more »

Total Health

Impact Spending / Supplier Diversity
Kaiser Permanente requires that all prospective suppliers meet certain minimum qualifications, which may vary by product and service type.  All prospective diverse suppliers/service providers are required to register on our portal.
Learn more »
Sustainable Procurement
Consistent with Kaiser Permanente’s goal to improve the health of our members and the communities we serve. Kaiser Permanente requires each supplier to review and comply with the applicable provisions of the Kaiser Permanente Environmentally Preferable Purchasing Principles and Standards (EPP).
Learn more »
Healthy Picks
The Healthy Picks Program defines healthy food options in food venues throughout Kaiser Permanente, including patient menus, cafeteria, vending machines, catering, conferences, smart markets, food kiosks, coffee carts, gift shops and farmers markets.
Learn more »

Site Access and Visitation

Vendor Visitation Requirements (replaces National Supplier Visitation Policy)
These updated requirements shall apply to all vendor representatives visiting any Kaiser Permanente facility within all regions. Some facilities and departments may also have their own additional requirements. Please Note: Kaiser has implemented additional provisions during COVID-19 which augment these requirements.
Learn more »
Doing Business with Kaiser Permanente Brochure
This brochure is a focused summary highlighting the key business and procurement practices supporting and enabling vendors to work effectively with Kaiser Permanente.
Learn more »