01
Assessment & positioning
Deep analysis of revenue composition and recurring revenue quality (SaaS subscriptions vs. implementation vs. transaction fees vs. percentage-of-collections), gross margin architecture (the single most scrutinized metric in healthcare IT M&A), customer segmentation, reimbursement model exposure, EHR integration architecture across Epic, Oracle Health/Cerner, Meditech, athenahealth, eClinicalWorks and NextGen, HIPAA and security maturity (SOC 2 Type II, HITRUST), clinical workflow depth, AI and automation capabilities, and interoperability standards (HL7, FHIR). The output is a positioning thesis framing the company on the tech-enabled spectrum.
02
Buyer universe construction
Identification and qualification of 50–100+ buyers: PE-backed healthcare IT consolidators building integrated platforms (most active category), strategic platform companies filling product gaps (Waystar, athenahealth, AdvancedMD, NextGen, eClinicalWorks, Greenway, CareCloud, Veradigm), health system and payor technology arms, enterprise software companies entering healthcare (Salesforce Health Cloud, ServiceNow, Oracle Health), services companies productizing labor into software, and public healthcare IT companies seeking growth acquisitions. Each evaluated on platform architecture, specialty alignment, customer overlap, and acquisition thesis.
03
Controlled outreach
Direct, confidential outreach gated behind NDAs. Healthcare IT carries heightened confidentiality, provider customer lists involve HIPAA-covered organizations, and a provider client discovering its vendor is in a sale process raises data-security and compliance-continuity concerns that affect renewals. Information is released in stages protecting customer identity, pricing architecture, clinical workflow specifics, and PHI-handling details.
04
Indication collection & negotiation
Receipt and evaluation of indications. Healthcare IT-specific terms: whether valuation applies on ARR, revenue, or EBITDA basis (pure SaaS on ARR; blended on EBITDA; labor-intensive on lower EBITDA ranges), treatment of professional services and percentage-of-collections revenue, BAA assignment and HIPAA transfer, EHR integration maintenance commitments, clinical workflow team retention, and earnouts tied to ARR growth, retention, and AI deployment, calibrated to the healthcare procurement cycle (Q4 close for January implementation).
05
HIPAA, compliance & technical diligence
Coordination across financial, technical, regulatory, and compliance workstreams: HIPAA review (risk assessment, BAA inventory, breach history, safeguards, training), HITRUST or SOC 2 Type II review, product architecture (multi-tenant SaaS, EHR integration depth, FHIR/HL7 compliance, encryption), reimbursement exposure analysis, gross margin decomposition isolating software margins from services, contract review, ARR cohort retention by specialty and size, and AI validation (clinical accuracy, bias testing). The advisor resolves compliance findings before they become impediments.
06
Definitive agreement & close
Negotiation of the purchase agreement, including BAA assignment and HIPAA transfer, PHI continuity obligations, clinical workflow team retention, EHR integration maintenance commitments (Epic, Cerner and other certifications and APIs), customer assignment and provider notification, AI model documentation and responsible-AI representations, regulatory certification maintenance (ONC), payor contract portability, and breach-history representations. Coordination through signing and close, sequenced so healthcare IT transitions do not disrupt clinical operations or patient data security.