Nondisclosure Agreements
Checklist
Overview
Key Considerations
Essential Terms
Additional Considerations
Summary
Professional Services Agreements
Checklist
Overview
Preliminary Considerations
Key Provision
Term and Termination
Acceptance Testing
Personnel
Subcontracting
Warranties
Indemnification
Limitation of Liability
Intellectual Property Ownership
Change Order
Confidentiality and Information Security
Force Majeure
Nonsolicitation
Insurance
Fees and Costs
Relationship to Other Agreements
Summary
Statements of Work
Checklist
Overview
Scope of Work and Business Requirements
Technical Environment
Acceptance Testing
Deliverables
Documentation
Roles and Responsibilities of the Parties
Project Management Processes
Issue Resolution and Escalation Procedures
Risks
Pricing and Cost
Service Level Agreements
Change Orders
Summary
Idea Submission Agreements
Checklist
Overview
Key Risks of Submissions
Key Provisions for Idea Submission Agreements
Beware Reverse Submissions
Summary
Cloud Computing Agreements
Checklist
Key Considerations
Service Levels
Uptime Service Level
Response Time Service Level
Problem Resolution Service Level
Remedies for Service Level Failure
Data
Data Security
Disaster Recovery and Business Continuity
Data Redundancy
Use of Customer Information, Data Conversion, and Transition
Insurance
Indemnification
Limitation of Liability
The Limitation of Liability Should Apply to Both Parties
License/Access Grant and Fees
Term
Warranties
Publicity and Use of the Customer Trademarks
Notification for Security Issues
Assignment
Pre-Agreement Vendor Due Diligence
Conclusion
Joint Marketing Agreements
Checklist
Overview
Key Issues and Guiding Principles
Determine the Scope of the Engagement
Marketing Obligations
Referral Arrangements
Confidentiality
Intellectual Property Issues
Warranties and Disclaimers
Term and Termination
Summary
Software Development Kit (SDK) Agreements
Checklist
Overview
Key Issues and Guiding Principles
Determine What Should Be Included in the SDK
Scope of License
Ownership
Confidentiality
Compatibility Testing
Support
Warranty Disclaimers
Limitations on Liability
Indemnification
Export/Import
Acquisition by Federal Government
Term and Termination
Summary
Original Equipment Manufacturer (OEM) Development Agreements
Checklist
Overview
Key Issues and Guiding Principles
Joint Development Agreements
Development and Professional Services Agreements
Exchange of IP
Confidentiality
Compensation/Fees/Revenue Share
Change of Control
Assumptions/OEM Customer Obligations
Marketing
End User License Agreement
Audit Rights
Warranties
Support and Maintenance
Limitations of Liability
Indemnification
Termination
Contract Negotiations
Summary
Health Insurance Portability and Accountability Act (HIPAA) Compliance
Checklist
Overview
Key Issues and Guiding Principles
Who Are BAs?
What Can Happen to BAs That Fail to Comply with HIPAA?
BA Requirements Under the New Security Breach Notification Requirements
BA Requirements for Compliance with HIPAA Security Rule
Statutory Liability for Business Associate Agreement Terms
BAA Compliance with HITECH Act Requirements
Other New HIPAA Requirements
Steps for Compliance for Breach Notification
Steps for Compliance with HIPAA Security Rule
Amendment of BAAs
Considerations for Inventory HIPAA-Related Policies
Summary
Key Issues and Guiding Principles for Negotiating a Software License or OEM Agreement
Checklist
Key Issues and Guiding Principles
Initial Matters
Scope of License/Ownership
Pricing
Audit Rights
Limitations of Liability
Warranties
Support and Maintenance; Professional Service Rates
Payment
Term and Termination
Infringement Indemnification
Summary
Drafting OEM Agreements (When the Company is the OEM)
Checklist
Key Issues and Guiding Principles
Determine the Scope of the Engagement
Customer Terms
Territory
Hardware Products
Exclusivity
Supplier Product Changes
Support and Training
Confidentiality
Intellectual Property Issues
Warranties and Disclaimers
Limitations of Liability
Indemnification
Term and Termination
Summary
Collecting Basic Deal Information
Checklist
Overview
Key Considerations
Performance
Intellectual Property Issues
Personal Information Privacy and Security
Information Security
Other Unique Issues
Summary
Reducing Security Risks in Information Technology Contracts
Checklist
Best Practices and Guiding Principles
Trade Secret Considerations
Copyright Considerations
Joint IP Considerations
Policy on Embedded Open Source
Internal Procedures
Policies Following Infringement
Employees
Employee Training and Communication
Contractual Protections
Nonemployees and Subcontractors
Software Distribution
Object Code vs. Source Code
Language for License Agreements
Nondisclosure Agreements
Audit Rights
Foreign Jurisdictions
Source Code Licenses
Escrow the Source Code
Language for Source Code License Agreements
Summary
Website Assessment Audits
Checklist
Overview
Key Issues and Guiding Principles
Evaluate Your Website
Domain Names
Use of Third Party Trademarks
Hyperlinks
Content
Visitor Uploads?
Applicable Internet Specific Laws
Terms and Conditions
Data Security and Privacy
Insurance
General Considerations
Summary
Critical Considerations for Protecting IP in a Software Development Environment
Checklist
Overview
Key Issues and Guiding Principles
Vendor Due Diligence
Treatment of Data
Physical Security
Administrative Security
Technical Security
Personnel Security
Subcontractors
Scan for Threats
Back-up and Disaster Recovery
Confidentiality
Security Audits
Warranties
Limitation of Liability
Destruction of Data
Additional Considerations
Summary
Click-Wrap, Shrink-Wrap, and Web-Wrap Agreements
Checklist
Overview
What Is a Shrink-Wrap License?
Products Purchased Under Shrink-Wrap Agreements-Common Elements
Methods of Purchasing Shrink-Wrap Products
Typical Shrink-Wrap Terms and Conditions
Key Risks of Shrink-Wrap Products
Mitigating Risk
Conclusion
Transactions Involving Financial Services Companies as the Customer
Checklist
Overview
Three Tools for Better Contracts
Key Considerations
Summary
Maintenance and Support Agreements
Checklist
Overview
Scope of Support and Maintenance
Predictability of Fees
Support Not to be Withheld
Term
Partial Termination/Termination and Resumption of Support
Specifications
Availability
Support Escalation
Service Levels
Summary
Source Code Escrow Agreements
Checklist
Overview
What Does It Mean to Escrow Source Code?
Types of Escrow Agreements
Release Conditions
Key Issues for Escrow Agreements
Conclusion
Integrating Information Security into the Contracting Life Cycle
Checklist
Overview
Due Diligence: The First Tool
Key Contractual Protections: The Second Tool
Information Security Requirements Exhibit: The Third Tool
Conclusion
Software Development Kit (DSDK) Agreements
Checklist
Overview
Key Contracting Concerns From the Perspectives of Both Parties
Licensor Concerns
Licensee Concerns
Conclusion
Distribution Agreements
Checklist
Overview
Key Issues for Distribution Agreements
License Grant
End User License Agreement
Development of the Product
End User Data
Obligations of the Parties
Product Pricing
Additional Considerations
Summary
Data Agreements
Checklist
Overview
Key Contractual Protections
Conclusion
Service Level Agreements
Checklist
Overview
Service Level Provisions Commonly Found in the Terms and Conditions
Root Cause Analysis, Corrective Actions Plans, and Resolution
Cost and Efficiency Reviews
Continuous Improvements to Service Levels
Termination for Failure to Meet Service Levels
Cooperation
Service Level Provisions Commonly Found in a Service Level Agreement or Attachment
Measurement Window and Reporting Requirements
Maximum Monthly at-Risk Amount
Performance Credits
Presumptive Service Levels
Exceptions to Service Levels
Supplier Responsibilities with Respect to Service Levels
Additions, Deletions, and Modifications to Service Levels
Earn-back
Form of Service Levels
Conclusion
Critical Considerations for Records Management and Retention Checklist
Introduction
Avoiding Spoliation Claims
Impact on Litigation/Discovery Costs
Developing the Policy
Litigation Discovery Procedures
Developing The Retention Schedule
The E-Mail Problem
Authorized Storage Locations
Confidentiality and Security
Third-party Vendors
Proper Destruction
Website Development Agreements
Checklist
Overview
Initial Issues to Think About
What Are the Basic Objectives of the Website and the Development Agreement?
Intellectual Property Ownership
Software Requirements
Schedules and Timetables
Term and Termination
Fees and Charges
Project Management
Acceptance Testing
Warranties
Indemnifications
Content of the Website
Linking Issues
Insurance
Reports, Records, and Audits
Training/Education/Troubleshooting
Additional Provisions to Consider
Summary
Social Media Policies
Checklist
Introduction
Policy Scope and Disclaimers
No Expectation of Privacy
Right, But No Duty, to Monitor
Conduct in Social Media
Social Networking and Weblogs
Employee Questions and Signature
Conclusion
Software License Agreements
Checklist
Introduction
Four Critical Questions
License and Restrictions
Acceptance Testing
Third-party Software
Fees
Warranties
Indemnification
Limitation of Liability
Specifications
Confidentiality and Security
Maintenance and Support
Announcements and Publicity
Term and Termination
Additional Contract Terms
Conclusion
Glossary
FFIEC Booklet
Index