IT Contracting Tips and Considerations

W W W. D I N S L A W. C O M IT Contracting Tips and Considerations July 16, 2009 Harvey Jay Cohen, Esq. Geoffrey L. Oberhaus, Esq. Dinsmore & Shohl LLP 255 East Fifth Street Ste. 1900 Cincinnati, Ohio 45202

Contracting Procedures Legal Department involvement IT Steering Committee Proactive Strategic Use of IT Professionals Long-Term Planning Scaleability Interface with Security Function Managing Access Software and Systems Performance

RFP/SOWs Generally RFP should be as detailed as possible as to all software (programs, versions and configuration), services, specifications and pricing (milestones). Less detail = provider advantage RFP should focus on Implementation (scope and timing), Training, Support and Maintenance and Post-Termination Transition and fees for all of these Response to RFP should carry little weight as a contract document, except for specified portions excerpted and attached to the contract as part of the SOW, i.e., promised specs, time frames, etc. SOWs attached to the contract should not include language affecting provisions in the body of the contract; i.e. - Warranties - Exceptions to warranties or indemnities, limitations on liability, credits Integrated Agreements without SOW attachments also work well

RFP Provisions (For Later Contract) - Reporting - Provider vs. Customer responsibilities - Limitations on liability - IP Ownership - What is in scope, out-of-scope? - Change orders - Travel expenses

RFP Provisions (For Later Contract) Cont d - Turnaround process on acceptance - Contact references after understanding the proposal in detail

RFP Provisions (For Later Contract) Cont d Services to be performed Cost Deviation from Estimates or Response to RFP discussed in Agreement Make the initial cost estimates submitted part of the Agreement. Set max cost cap

RFPs/Responses Other required third party licenses or hardware required? Require in RFP that these items be listed explicitly in the response. Can be a significant expense Identify every configuration, software, hardware, training, installation, support and maintenance cost Does the software provider get a preferred license discount? Detail, detail, detail carried through from RFP, to Response to Agreement and SOW, if any

RFPs/Responses Cont d Cost Containment If prices decline? The CPI might decline. Which CPI? MFN Change Orders Require to be written and signed by CIO or other person in charge of project Changes are inevitable but written change orders at least help keep management informed. Number sequentially. Detail, detail, detail Travel Expenses Set policy. Consider cap that requires written approval in advance for any estimated expense greater than x

RFPs/Responses Cont d Deliverables Timeline and milestones Tie payments to milestones. Limit up front payments (10-15%) without milestone acceptance. Go-Live Sign-Off Hold back % for x days post acceptance/go-live is key. 10% 90 days after Go-Live

RFPs/Responses Cont d Timeline of Deliverables Cont d Testing and Acceptance Who is responsible for testing and reporting errors. How test? Which Environment? What Data? No deemed acceptance if do not reject in x days Turn around time frames Maintenance and down time around financial reporting periods? Slower on holidays, in August?

RFPs/Implementation/SOWs Installation and Training Who will perform? Where? Is it included in the license fee? Train the trainer? Delineate which party is responsible for each key task

Post RFP Contracting Process, Example ASP Projects, Learnings Ensure that the Schedules and Specifications are specific enough to enforce what is bargained for, including operations and services Minimize upfront payment; payment for acceptance of milestones, maximize holdback and holdback period IP Ownership, particularly of improvements/developed materials; Interfaces Termination for cause (SLAs and warranties) and convenience Transition the ability to exit if the arrangement is not working, while assuring that services will be provided during any transition. Are you wedded to the vendor? Indemnification and Limitations on liabilities including, what to indemnify for/against (i.e. limiting patent/trademark/copyright to U.S. or insisting on worldwide). Often the last point agreed Confidentiality what is covered and how long does it last? Perpetual until an exception is satisfied. Delete independent development. See ownership of developments above

Post RFP Contracting Process, Example Cont d ASP Project Learnings Safe maintenance of data; return of data, data loss Approved subcontractors and subcontractor Confidentiality Agreement Information Security Standards/Audit (SAS 70, etc.)/disaster Recovery. ISO standard Use by Affiliates, divested entities. Need for a Transition Services Agreement Timely information necessary to meet reporting obligations Consistent Provider-trained personnel Relationship Management. Who on each side can commit the entity?

IP Ownership in General Everything we do (improvements, developments) Interfaces Everything done specifically for us (subject to some Licensor residual rights exceptions)

IP Ownership Services & Custom Developments You hire software company to develop certain functionality, interfaces; consultants and contractors May want to prevent software company from offering same functionality to your competitors

IP Indemnification Include at least patent and copyright indemnification Should be excepted out of any limitation of liabilities Average patent litigation cost is between $1-3 Million!! Consider right to participate at Licensee cost Current Version vs. Past Version

IP Indemnification Narrow Licensor s ability to remedy infringement or to refund a small portion of license fees Supplier may at its sole option and expense: (i) procure the right to continue using such Product as provided hereunder; (ii) modify such Product so that it is no longer infringing; or (iii) replace the Product with another product with equal or superior functional capability. If none of the foregoing is in Supplier s determination commercially reasonable, Supplier shall have the right to terminate any and all licenses and sublicenses to such Products granted hereunder. If Supplier terminates any of the licenses as described above, (x) Supplier shall refund the applicable license fees paid therefor, prorated over a straight-line three year period and (y) Licensee shall immediately deliver to Supplier all copies of the Products in its possession or control

Confidentiality Protect any confidential information that Licensor may learn especially when the Licensor or their subcontractors will be present at your facility for installation, service or repair Privacy Concerns HIPAA, EU Data Directive, etc. Competition

Confidentiality Employees and Contractors Exhibit IP Ownership, confidentiality and competition protection, among other things

No Copy Provision: Back-up/Disaster Recovery License Consider including language which allows software to run on back-up server for testing environments, disaster recovery and training Complex software and systems can impact other software and systems running on the network

SLAs/Warranties The more detail the better The broader the better: Functionality, Scaleability/Capacity/Stress Tests, Laws, Professional and Workmanlike Manner, Defects in Material and Workmanship, Operate to Specifications, Configuration, No interference with rest of systems, Industry Standards; No viruses The fewer exceptions the better What is the remedy and is it commercially realistic? Time is of the Essence

SLAs/Warranties Standards of Performance Can the software deliver what was in the brochure or RFP response? To specifications? Attach specs Services rendered to what standards? Industry standard? Other specifications? Comply with Federal and State laws See exceptions on handout

SLAs/Warranties Viruses Could potentially infect your entire network

SLAs/Warranties Service Levels Maintenance Agreements Severity Levels and Response Times What happens when the software or hardware fails? How long to respond, fix? What does fix mean? When must vendor physically come on site? Test with what data? Source Code Ramifications; Need to operate/modify? Re-performance as sole remedy is unacceptable. Almost every damage is consequential so do NOT permit this standard clause. Agree on a liability cap Do Not permit re-performance or a small refund to be the Sole and Exclusive Remedy Credits/penalties

SLAs/Warranties The Stick! Penalties for missing response times Exclusive Remedy? A breach? X failures in Y months is a breach Include as trigger for source code escrow release/updates/updated documentation/production environment? More penalties than other customers? Get the A team to fix problems

SLAs/Warranties Severity Levels

SLAs/Warranties Severity Levels Cont d

SLAs/Warranties Response Times (Calendar Sensitive)

SLAs/Warranties Response Steps

SLAs/Warranties Warranty Disclaimers Narrow them Need real warranties and effective remedies Infringement Warranty? Or rely on Infringement Indemnity? Market = indemnity only. Indemnification narrowed to Registered IP? US Registered IP? Patents? Why not all third-party IP? Except as warranted by the preceding three sentences, the software is licensed as is, and no warranty of any kind, express, implied or statutory, whether in relation to merchantability, hidden defects, fitness for particular purpose, course of performance, course of dealing, usage of trade, non-infringement, that the software s operation shall be error free or uninterrupted, or otherwise is given by licensor to licensee or any other party

SLAs/Warranties Data Loss Disclaimed? Its own liability cap? 2x regular cap? Backup tapes to protect Licensee practical solutions to data loss

Enhancements/Updates/Upgrades What do you get Is a Maintenance Service Agreement required? All within fee or are there additional fees for certain releases? Releases vs. Upgrades vs. Enhancements Definitions?

Enhancements/Updates/Upgrades Timing Window to install before losing support Your IT department may not be able to immediately install the Update need to test before going live on network. Warrant Support back only 2 versions?

Enhancements/Updates/Upgrades Renewal & Maintenance Fees Especially important in Support and Maintenance Fees Tie to CPI or define for entire agreement term. Renewals? If CPI goes down? MFN?

Transition Time Upon Termination Due to complexity of software, you may not be able to immediately switch to new software Need time to test new software while still relying on old software Costs and fees for support during transition. Licensee breach distinguished from Licensor breach or expiration? Licensee should pay so get good service?

Damages Consequentials. Refuse and address early to obtain Licensor escalated approvals Permit or disallow the waiver of consequentials? Punitive damages? Cap on liability is Licensor s true protection Which party is responsible for data loss? Liquidated damages Licensor shall not under any circumstances be responsible for any losses or damages, direct, indirect, special, ordinary, exemplary, consequential or otherwise (including, but not limited to, loss of data, loss of revenue, profit or use or cost of capital or of substitute use of performance), arising out of or related in any way to the transactions contemplated hereunder, even if advised of the possibility of such damages

Damages Liability Cap Licensor s true protection Exceptions for confidentiality, IP Infringement, Breach of Laws Indemnity an exception?

Damages Liability Cap Cont d 1x, 2x contract cost? Last 12 months? 12 months before an event or breach? Under no circumstances shall licensor s total liability of all kinds arising out of or related to this agreement (including but not limited to any warranty or support-related claims hereunder), regardless of whether any action or claim is based on contract, strict liability, tort or otherwise, exceed the total amount paid by licensee to licensor under the applicable work order (determined as of the date of any final judgment in such action)

Escrow of Source Code Vital to have What if the licensor goes out of business, fails to support the program in the future or can t remedy a Critical error. Not Licensor s safe deposit box. Documentation too. Tape for what production environment? Audit? Escrow Agents Fees Typically around $500-900/yr. Paid by either Licensor or Licensee

Escrow Clause

Escrow Triggers for release of source code Licensor ceases doing business and no successor assumes Licensor s support obligations Licensor declares or is forced into bankruptcy Licensor no longer offers support for the particular Licensed Program Licensor fails to provide a reasonable workaround within X days of receipt of a Severity 1 (Critical) error

Escrow Release event

Other Clauses Insurance What types, limits, etc. are acceptable? $2M per claim/$5m aggregate, occurrence-based commercial general liability Professional Liability/generally E&O Electronic Data Processors E&O Employee Dishonesty and Computer Fraud Employer s Liability Workers Compensation Claims made insurance/tail issues Police certificates over time; Additional named insured? Notice of changes?

Other Clauses Change in Control Do you care? Consequences? If a competitor becomes your Licensor?

Other Clauses Competition Ensure other party with access to Know How and Trade Secrets cannot compete

Other Clauses Sub-Contracting IP Ownership and Confidentiality Indemnity for them Flow down of prime contract provisions Direct rights against them Attach agreement or specify terms it must contain

Other Clauses Contract Precedence Among Agreement and attachments RFP > Response to RFP?

Other Clauses Dispute Resolution Develop a procedure that will resolve disputes quickly - Operational level review - First escalation to executive level - Provide sufficient time for resolution of the dispute - If can t resolve at executive level escalate to formal mediation, arbitration or litigation Provide opportunity for injunctive relief (confidentiality, competition and ownership issues) Identify location for dispute resolution Quantify authority of arbitrators See handout

Other Clauses Transferability / Assignability Often overlooked clause but can avoid many headaches. The Agreement should not be silent on this issue Need ability to assign/transfer if ownership structure changes, join or leave consortium etc. Software companies love to charge a transfer fee or they may raise your rates as they have you over the barrel

Other Clauses Transferability Clause

Thank You WARNING: This seminar is meant for educational purposes only. Property of Dinsmore & Shohl LLP. No use permitted without consent. For office use only. Reproduction strictly prohibited. Any resemblance to real persons living or dead is purely coincidental. No other warranty expressed or implied. Not responsible for direct, indirect, incidental or consequential damages resulting from any defect, error or failure to perform. Void where prohibited. Some assembly may be required. Batteries not included. Contents may settle during shipment. Use only as directed. Do not use while operating a motor vehicle or heavy equipment. This is not an offer to sell securities. Apply only to affected area. May be too intense for some viewers. Do not stamp. Use other side for additional listings. For recreational use only. If condition persists, consult your physician. No user-serviceable parts included. Subject to change without notice. Times approximate. Simulated pictures. No postage necessary if mailed in the United States. Please remain seated until the ride has come to a complete stop. Breaking seal constitutes acceptance of agreement. Contains a substantial amount of non-tobacco ingredients. Colors may fade. Not affiliated with the American Red Cross. Drop in any mailbox. Edited for television. Keep cool and process promptly. Post office will not deliver without postage. List was current at time of printing. Return to sender, no forwarding order on file, unable to forward. At participating locations only. Penalty for private use. Substantial penalty for early withdrawal. Do not write below this line. Lost ticket pays maximum rate. Your canceled check is your receipt. Place stamp here. Avoid contact with skin. Sanitized for your protection. Be sure each item is properly endorsed. Sign here without admitting guilt. Employees and their families are not eligible. Beware of dog. Limited time offer, call now to ensure prompt delivery. You must be present to win. No passes accepted for this engagement. No purchase necessary. Use only in a well-ventilated area. Keep away from fire or flames. Check here if tax deductible. Some equipment shown is optional. Price does not include taxes. Not recommended for children. No solicitors. Driver does not carry cash. Some of the trademarks mentioned in this product appear for identification purposes only. Objects in mirror may be closer than they appear. Record additional transactions on back of previous stub. Do not fold, spindle or mutilate. No transfers issued until the bus comes to a complete stop. Package sold by weight, not volume. Your mileage may vary. This supersedes all previous notices. All rights reserved. No Duplication without express written permission. Take two aspirin and consult physician immediately.

W W W. D I N S L A W. C O M Harvey Jay Cohen, Esq. Geoffrey L. Oberhaus, Esq. Dinsmore & Shohl LLP 255 East Fifth Street, Ste. 1900 Cincinnati, Ohio 45202 513-977-8200 800-934-3477