Software License Compliance: Is Your Health Organization at Risk?

Updated on September 26, 2016

Many large healthcare institutions are now offering smaller, unaffiliated clinics access to their EMR system and other third-party applications. This allows the smaller clinics to use software that they otherwise would not have access to and makes both the patients and doctors lives a little easier.

Because healthcare organizations have increased their use of technology and software applications, it is important to be aware of the changing landscape of license compliance to avoid software license audits and other financial penalties.

The Real Cost of an Audit

Sharing access to EMR systems and other third-party applications with small, unaffiliated clinics has become a popular trend among larger healthcare organizations. Because access is extended, healthcare facilities are no longer using Microsoft products for their own internal use exclusively. This changes the licensing structure without the organization knowing and can put them at risk of an audit.

Software audits are generally expensive, resource-intensive and stressful. Organizations often find themselves paying six figures to vendors alongside court fees and other unforeseen expenses.

Audits also cost an organization more than unbudgeted cash. IT staff are derailed from their usual tasks and forced to handle the ramifications of an audit.

How Healthcare Organizations Get Violations

As stated earlier, once an organization allows external users to access their IT environment, it changes the licensing requirements. For example, Microsoft traditional volume licensing agreements have a clause that state users cannot lend, lease, loan, or use to provide a service to external customers. More specifically, when healthcare facilities offer unaffiliated access to their EMR solution, even though no changes were made to the infrastructure, the original volume license agreement is no longer intact and valid.

When an organization misrepresents what type of user or how many users are accessing the systems (i.e. internal vs. external), it can invalidate the software license agreement. Because a software license agreement is a statement or statements that define how and by whom the software is used, an overage in users can lead to what is called a “true up”—where an organization pays to the additional software usage.

What Happens When an Organization Gets Audited

There are many ways companies and organizations can misuse or otherwise break the license agreement. In the cloud era, publishers are keen on noticing if licenses are being misused, particularly if monthly license usage reporting doesn’t add up to the original software license terms and conditions. Other times, public news of a certain company’s growth can trigger an investigation into whether software license scale is happening appropriately at an end-user environment. Sometime companies violate license agreements by attempting to activate a completely different software than the one they have purchased.

What Does an Audit Look Like?

Violations of software licenses come in all shapes and sizes. Depending on size of the violation, the size of the company and whether or not it was intentional, an audit can range from minor fees to a six-figure settlement paid to the publisher in court. Typically, if the organization was noncompliant due to a poor job of managing their licenses, publishers will only seek payment of proper or additional use of their software. But in the case of copyright violations, breach of contract and negligence, a company or organization can expect to pay a larger sum of money to the software publisher.

Proper Management is Key

Licensing requirements are constantly changing, especially as publishers turn their products into cloud-based offerings. That being said, the best way to avoid audits is to properly manage software license agreements. Although this may sound like a simple task, trusted licensing experts, such as HPE SLMS, understand the ins and outs much more thoroughly than a basic user. These professionals can guide organizations through the whole process from the initial purchase of a license to the ongoing monthly reporting, to the proper scale needs and renewal opportunities.

Understanding Compliance

In large healthcare organizations and other companies it is important to know how the different products are licensed. In the case of Microsoft, users need to leverage and utilize a service provider use rights (SPUR) document.

Depending on organizational and client scale, this can be difficult to keep track of, which is why it’s important to work with a trusted licensing expert such as HPE SLMS. Organizations rely on these experts for guidance and information on licensing of products, keeping track of new versions of software as well as timely changes to the licensing structures. To learn more about software licensing compliance for healthcare organizations, download this educational white paper today.


The HPE SLMS Hosting team provides a variety of services to offer software licensing expertise and guidance. First and foremost, the group works with organizations to understand the software environment, how they are using the software, and who has access to it. Understanding the environment and the goals of their partners allows their cloud solution specialists to identify the best programs and applications to meet an organization’s needs. The team also works with organizations for access to the SLMS Cloud & Licensing Solutions program, including training on using Online Services (OLS), the proprietary SLMS tool for ordering SKUs and reporting software usage. For ongoing support, the group broadcasts SPLA, CSP and CXSP program updates and other helpful information to its member communities, and works individually with organizations to determine any subscription changes and assist with compliance inquiries, as well as to provide timely answers and critical issue resolutions related to each organization’s license aggregation, usage, and reporting.

As cloud-based hosted software services continue to reshape and expand the principles of modern IT, the future of any hosting services provider depends on the quality of its partnerships. Through its range of full-service hosted software licensing capabilities and its detailed knowledge of the latest licensing programs from Microsoft and elsewhere, HPE SLMS Hosting team offers the expertise organizations need to capitalize on cloud services and solutions. HPE SLMS Hosting professionals are resourceful, trusted advocates who consult with organizations to enable the delivery of powerful hosted solutions.

Follow HPE SLMS Hosting on Twitter, Google+ and LinkedIn for additional insight and conversation, and visit the HPE SPaRC resource community at

The Editorial Team at Healthcare Business Today is made up of skilled healthcare writers and experts, led by our managing editor, Daniel Casciato, who has over 25 years of experience in healthcare writing. Since 1998, we have produced compelling and informative content for numerous publications, establishing ourselves as a trusted resource for health and wellness information. We offer readers access to fresh health, medicine, science, and technology developments and the latest in patient news, emphasizing how these developments affect our lives.