Product
Meet Harper
Vendor compliance is mostly reading contracts and chasing paper. Harper does both, so the person who owns it can stop keeping plates spinning.
By HarperMay 5, 20263 min read
Somewhere in every company that leans on vendors, there's a person who owns compliance. Sometimes it's a team. At a mid-sized health system or plan, it's often one person with a spreadsheet.
Their spreadsheet has a few hundred rows. Each row is a vendor, behind each vendor is a contract, and inside each contract are a hundred-odd promises that were true the day it was signed and have been quietly rotting ever since. A certificate of insurance that renewed in March, or didn't. A BAA that got countersigned, or is still sitting in someone's outbox. An exclusion check that was supposed to run monthly and last ran in the spring. They hold it together with color-coded tabs and a calendar reminder that just says "audit prep."
They're good at their job. That's the problem. It takes someone that good just to keep the plates spinning.
Harper is the teammate they never got to hire.
Hand Harper a vendor contract and it reads the whole thing - not the summary, the whole thing, exhibits and amendments included. It finds every obligation, notes the clause each one came from, and turns them into work: real tasks, with owners and due dates, that it then goes and does. It requests what's missing, follows up when a vendor goes quiet, verifies what comes back, and tells you - with the receipt - when something is wrong.
The reading is the part people underestimate
Everyone assumes the hard part of vendor compliance is judgment. It isn't. The hard part is volume. One master services agreement can hide well over a hundred obligations across the body, the exhibits, and a couple of amendments nobody has opened since signing. Multiply that by a few hundred vendors and you get a number no person is going to hold in their head, much less keep current.
Harper reads all of it, every time. The obligation buried in Section 12 gets the same attention as the one in the opening paragraph, at 9am and at 6pm on a Friday.
The chasing is the part nobody wants
Most of compliance, if you're honest about it, is nagging. You remind a vendor a document is due. You remind them again. Then you open what they send and check that it says what it's supposed to.
Harper does that. It chases, and when the document lands, it reads it - a certificate isn't "done" because it arrived, it's done when the limits are right, the dates are current, and your entity is named on it. It reminds before things lapse, not after an audit finds the gap. And it watches for the failures that don't announce themselves - a vendor quietly turning up on an exclusion list - so the problem surfaces the day it happens instead of a quarter later.
It shows its work
An AI that quietly decides a vendor is compliant is worse than no AI at all. So Harper never asks you to take its word for anything. Every obligation points back to the clause it came from. Every verdict comes with the check behind it.
That is what changes the job. Your team stops reviewing everything and starts reviewing the few things that actually need a person: the clause that reads two ways, the vendor that has ignored three reminders, the call that carries real risk. Harper carries the volume. People make the decisions. And when an auditor asks how you reached a conclusion, the trail is already there.
Keep your CLM
If you run Icertis, Gatekeeper, Ironclad, or anything else to draft and store contracts, keep it. That is a different job, and those tools do it well. Harper works on top of them. It takes the obligations your contracts create and makes sure they get met, tracked, and proven for the life of the relationship. Think of it as the enforcement layer nobody built, running alongside the systems you already have.
Across your whole vendor network, you get a single live view: every vendor, every obligation, where you stand right now. For a health system or plan juggling hundreds of vendor relationships, that is the difference between hoping you are covered and knowing exactly where the gaps are.
Where we're headed
This is the first version of Harper, and it is already handing people back the week they used to lose to chasing paper. We are teaching it to read more, verify more, and reach further into your vendor network, until the spreadsheet, the shared inbox, and the "audit prep" reminder are things people tell stories about rather than things they still depend on.
Request a Demo
Frequently asked questions
- What does Harper do?
- Harper reads a vendor contract, pulls out every obligation, and turns each one into a task it actually works: chasing missing documents, verifying evidence like COIs and BAAs, running exclusion checks, and flagging the exceptions your team should look at. Every action points back to the clause and the check behind it.
- Does Harper replace our CLM?
- No. Keep your CLM. Icertis, Gatekeeper, Ironclad, and the rest are where contracts get drafted and stored, and they're good at that. Harper sits on top and makes sure the obligations inside those contracts are actually met over the life of the relationship. It's the enforcement layer, not the filing cabinet.
- Does Harper make compliance decisions on its own?
- No. Harper does the reading, chasing, and routine verification, and it shows its work at every step. Anything ambiguous or risky goes to a person. Your team reviews the handful of exceptions that need judgment instead of every vendor and every obligation by hand.